|
Plagegeister aller Art und deren Bekämpfung: Windows will Dateien löschen, Virenscanner deaktiviert sichWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
26.06.2016, 09:22 | #1 |
| Windows will Dateien löschen, Virenscanner deaktiviert sich Hallo und guten Morgen, als ich gestern meinen Lapotop (Win 10) angeschaltet habe, kam kurz nach dem Start eine Meldung, dass ca 700 Dateien gelöscht würden. Kurz danach die Warnung, der Virenscanner hätte sich deaktiviert. Ich habe den Laptop danach "hart" ausgeschaltet. Gerade läuft desinfect 2016 von der Live-DVD. Ich befürchte, wenn ich meinen PC normal anschalte, geht das Löschen weiter. Wer kann mir helfen? Vielen Dank schon einmal! Christian Ach so, ich vermute grob einen Verschlüsselungs-Trojaner. Vielleicht ist es da noch wichtig zu erwähnen, dass ich an der Fritzbos eine HDD habe, die als Laufwerk in Windows eingebunden ist. Und einen Online-Speicher bei 1&1. Der ist in der Netzwerkumgebung erreichbar. |
26.06.2016, 14:04 | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows will Dateien löschen, Virenscanner deaktiviert sich Hallo und
__________________Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten! Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht! Zudem bitte auch ein Log mit Farbars Tool machen: Scan mit Farbar's Recovery Scan Tool (FRST) Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Lesestoff: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
26.06.2016, 14:44 | #3 |
| Scannen, ohne PC hochzufahren? Hallo und vielen Dank schon einmal.
__________________Ich würde den PC nicht so gerne komplett hochfahren, weil ich befürchte, die (mutmaßliche) Verschlüsselung geht dann weiter. Kann ich auch die Festplatte ausbauen, an einem anderen System (Win 7) anschließen und dann FRST starten? Ach ja, und noch eine Frage. Der PC wurde nicht komplett heruntergefahren, sondern befindet sich im Hibernate-Modus. Desinfect brachte deswegen eine Fehlermeldung. Ich hoffe, das ist kein Problem. Viele Grüße Christian |
26.06.2016, 14:56 | #4 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows will Dateien löschen, Virenscanner deaktiviert sich Dann starte diesen Rechner erst von einem Live-System wie zB Ubuntu MATE im Ausprobiermodus. Aus diesem Modus heraus alle Daten sichern auf eine externe Platte. Wenn alles gesichert ist, den Rechner normal neu starten und meine erste AW durchackern.
__________________ Logfiles bitte immer in CODE-Tags posten |
27.06.2016, 07:50 | #5 |
| Logs FRST Hallo, hier die Logs: FRST.txt: [CODE] FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 26-06-2016 02 durchgeführt von CM (Administrator) auf CMS-PC (27-06-2016 06:00:31) Gestartet von C:\Users\CM\Desktop Geladene Profile: CM (Verfügbare Profile: CM & DefaultAppPool) Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Lenovo.) C:\Windows\System32\ibmpmsvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (PFU LIMITED) C:\Windows\twain_32\Fjicube\FJTWSVIC.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (EMC Corporation) C:\Program Files (x86)\EMC Captiva\Captiva Cloud Runtime\Emc.Captiva.WebCaptureService.exe (Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe (Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe (PFU LIMITED) C:\Windows\twain_64\Fjicube\FJTWSVIC2.exe (AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe (Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe () C:\ProgramData\DatacardService\HWDeviceService64.exe (AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe (UltraVNC) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe (Ericsson AB) C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe (Sirrix AG) C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe (© pdfforge GmbH.) C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe (Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe (DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (UltraVNC) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (eVenture Limited) C:\Program Files (x86)\hide.me VPN\vpnsvc.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe () C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe () C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe (EMC Corporation) C:\Program Files (x86)\EMC Captiva\Captiva Cloud Runtime\Emc.Captiva.WebToolkitHost.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe (Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SRORest.exe (Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe (Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe (Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe (Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe (Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe (Spotify Ltd) C:\Users\CM\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (HexaD) C:\Program Files\Duplicati\Duplicati.exe (Dropbox, Inc.) C:\Users\CM\AppData\Roaming\Dropbox\bin\Dropbox.exe (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (PFU LIMITED) C:\Windows\twain_32\fjscan32\SOP\FtLnSOP.exe (CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe (Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [63832 2014-03-14] (Lenovo) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-10-14] (Adobe Systems Incorporated) HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] () HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-06-01] (Apple Inc.) HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [113656 2013-01-17] (Intel Corporation) HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation) HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-15] (Adobe Systems Incorporated) HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [73216 2015-12-23] () HKLM-x32\...\Run: [FJTWAINIC Setup] => C:\Windows\twain_32\Fjicube\FJTWMKIC.exe /Station HKLM-x32\...\Run: [IcWIA Service Checker] => C:\Windows\twain_32\Fjicube\IcWiaChecker.exe HKLM-x32\...\Run: [FJTWAINIC2 Setup] => C:\Windows\twain_64\Fjicube\FJTWMKIC2.exe /Station HKLM-x32\...\Run: [IcWIA Service Checker (x64)] => C:\Windows\twain_64\Fjicube\IcWiaChecker.exe HKLM-x32\...\Run: [IcWIA Service CheckerISIS] => C:\Windows\pixtran\fujitsu\twud_common\IcWiaChecker.exe HKLM-x32\...\Run: [FtLnSOP_setup] => C:\Windows\Twain_32\Fjscan32\SOP\FtLnSOP.exe HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.) HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1298456 2015-04-20] (CANON INC.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7405752 2016-06-16] (AVAST Software) Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-793156834-983140082-329161430-1000\...\Run: [Spotify Web Helper] => C:\Users\CM\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-28] (Spotify Ltd) HKU\S-1-5-21-793156834-983140082-329161430-1000\...\Run: [Mobile Partner] => C:\Program Files (x86)\MobileWiFi\MobileWiFi HKU\S-1-5-21-793156834-983140082-329161430-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-04-22] (Apple Inc.) HKU\S-1-5-21-793156834-983140082-329161430-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-04-22] (Apple Inc.) HKU\S-1-5-21-793156834-983140082-329161430-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2016-04-22] (Apple Inc.) HKU\S-1-5-21-793156834-983140082-329161430-1000\...\Run: [Dropbox Update] => C:\Users\CM\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.) HKU\S-1-5-21-793156834-983140082-329161430-1000\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2016-04-22] (Apple Inc.) HKU\S-1-5-21-793156834-983140082-329161430-1000\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-793156834-983140082-329161430-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-21-793156834-983140082-329161430-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [31744 2015-10-30] (Microsoft Corporation) Lsa: [Notification Packages] scecli C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] () ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-05-23] (AVAST Software) ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-05-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-31] (Dropbox, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Duplicati.lnk [2016-05-16] ShortcutTarget: Duplicati.lnk -> C:\Program Files\Duplicati\Duplicati.exe (HexaD) Startup: C:\Users\CM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-06-03] ShortcutTarget: Dropbox.lnk -> C:\Users\CM\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\..\Interfaces\{00e1e9c8-8533-4d74-9448-d238d95247dd}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{04d0d235-f33b-4ca3-b95f-a82fa580c275}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{0d9e854c-5b04-44b9-a689-41addd6e68c8}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{B146913E-43E2-4BA7-8CDF-B7630D395F65}: [DhcpNameServer] 95.211.101.200 95.211.101.201 Tcpip\..\Interfaces\{f1ba2504-ad94-4808-9169-c7b7017939b2}: [NameServer] 77.234.40.79 Internet Explorer: ================== BHO-x32: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [2016-05-04] (pdfforge GmbH) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-29] (Oracle Corporation) BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\WINDOWS\system32\mscoree.dll [2015-10-30] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-29] (Oracle Corporation) Toolbar: HKLM-x32 - PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll [2016-05-04] (pdfforge GmbH) DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\WINDOWS\system32\mscoree.dll [2015-10-30] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\CM\AppData\Roaming\Mozilla\Firefox\Profiles\7kvrv9r7.default FF Homepage: about:home FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-10-15] (Adobe Systems) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] () FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2014-07-28] (CANON INC.) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll [2013-01-11] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll [2013-01-11] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-29] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-29] (Oracle Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-12] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-12] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-10-15] (Adobe Systems) FF Plugin HKU\S-1-5-21-793156834-983140082-329161430-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\CM\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2016-03-24] (Zoom Video Communications, Inc.) FF SearchPlugin: C:\Users\CM\AppData\Roaming\Mozilla\Firefox\Profiles\7kvrv9r7.default\searchplugins\metager.xml [2016-02-03] FF SearchPlugin: C:\Users\CM\AppData\Roaming\Mozilla\Firefox\Profiles\7kvrv9r7.default\searchplugins\metager2de.xml [2016-02-12] FF Extension: NoScript - C:\Users\CM\AppData\Roaming\Mozilla\Firefox\Profiles\7kvrv9r7.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-04-07] FF Extension: BetterPrivacy - C:\Users\CM\AppData\Roaming\Mozilla\Firefox\Profiles\7kvrv9r7.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2016-05-08] FF Extension: Tile Tabs - C:\Users\CM\AppData\Roaming\Mozilla\Firefox\Profiles\7kvrv9r7.default\extensions\tiletabs@DW-dev.xpi [2016-05-22] FF Extension: Ghostery - C:\Users\CM\AppData\Roaming\Mozilla\Firefox\Profiles\7kvrv9r7.default\Extensions\firefox@ghostery.com.xpi [2016-05-03] FF Extension: Todoist: To-Do list and Task Manager - C:\Users\CM\AppData\Roaming\Mozilla\Firefox\Profiles\7kvrv9r7.default\Extensions\support@todoist.com.xpi [2016-03-02] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-05-23] FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-05-23] FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension FF Extension: PDF Architect 4 Creator - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2016-06-07] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF Chrome: ======= CHR HomePage: Default -> hxxp://www.google.com/ CHR StartupUrls: Default -> "hxxp://www.n-tv.de/" CHR DefaultSearchKeyword: Default -> google.com_ CHR Profile: C:\Users\CM\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Präsentationen) - C:\Users\CM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-11] CHR Extension: (Google Docs) - C:\Users\CM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-11] CHR Extension: (Google Drive) - C:\Users\CM\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-14] CHR Extension: (YouTube) - C:\Users\CM\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28] CHR Extension: (Facebook) - C:\Users\CM\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2014-10-29] CHR Extension: (Google-Suche) - C:\Users\CM\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-14] CHR Extension: (Dropbox für Gmail) - C:\Users\CM\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2016-05-08] CHR Extension: (ARC Welder) - C:\Users\CM\AppData\Local\Google\Chrome\User Data\Default\Extensions\emfinbmielocnlhgmfkkmkngdoccbadn [2016-04-01] CHR Extension: (Google Tabellen) - C:\Users\CM\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-11] CHR Extension: (CalcuNow) - C:\Users\CM\AppData\Local\Google\Chrome\User Data\Default\Extensions\fknmadebinekaklkambdfphgjpomcehm [2014-10-29] CHR Extension: (Avira Browserschutz) - C:\Users\CM\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-05-16] CHR Extension: (Google Docs Offline) - C:\Users\CM\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-01] CHR Extension: (Autodesk Homestyler) - C:\Users\CM\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmmkfaghgcicheaimnpffeeekheafkb [2014-10-29] CHR Extension: (Evernote Web) - C:\Users\CM\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2014-10-29] CHR Extension: (Google Maps) - C:\Users\CM\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-09-28] CHR Extension: (ARC Welder) - C:\Users\CM\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfaihdlpglflfgpfjcifdjdjcckigekc [2016-04-01] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\CM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-07] CHR Extension: (Picasa) - C:\Users\CM\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2014-10-29] CHR Extension: (Google Mail) - C:\Users\CM\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-04] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2016-05-23] CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-05-23] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] () R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-23] (AVAST Software) R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [337824 2012-11-28] (AVM Berlin) R2 BitBoxService; C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe [738304 2015-11-13] (Sirrix AG) [Datei ist nicht signiert] R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [143776 2012-11-28] (AVM Berlin) R2 Emc.Captiva.WebCaptureService; C:\Program Files (x86)\EMC Captiva\Captiva Cloud Runtime\Emc.Captiva.WebCaptureService.exe [46400 2013-03-25] (EMC Corporation) R2 FJTWSVIC; C:\Windows\twain_32\Fjicube\FJTWSVIC.exe [49152 2014-02-03] (PFU LIMITED) [Datei ist nicht signiert] R2 FJTWSVIC2; C:\Windows\twain_64\Fjicube\FJTWSVIC2.exe [49152 2014-02-03] (PFU LIMITED) [Datei ist nicht signiert] R2 hmevpnsvc; C:\Program Files (x86)\hide.me VPN\vpnsvc.exe [191184 2016-04-29] (eVenture Limited) R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-02-06] () R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [56144 2016-05-26] (Lenovo Group Limited) S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-04-20] (Lenovo) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [191328 2013-06-10] (AVM Berlin) S3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2438368 2016-05-04] (pdfforge GmbH) S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2016-05-04] (pdfforge GmbH) R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2016-05-04] (pdfforge GmbH) R2 PDF Architect 4 Manager; C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe [972056 2016-05-18] (© pdfforge GmbH.) S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1570520 2016-02-02] (Secunia) R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [837848 2016-02-02] (Secunia) S3 ShareItSvc; C:\Program Files (x86)\SHAREit\SHAREit\Shareit.Service.exe [31176 2016-01-20] (SHAREit Technologies Co.Ltd) R2 SROSVC; C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe [446800 2012-03-05] (Lenovo Group Limited) S3 SSSvc; C:\Program Files (x86)\SmartSense\SSSvc.exe [124752 2016-03-15] (Lenovo) R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.) S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [21536 2016-01-13] () R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255096 2015-10-25] (Synaptics Incorporated) R2 uvnc_service; C:\Program Files\uvnc bvba\UltraVNC\WinVNC.exe [1940248 2013-12-05] (UltraVNC) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) R2 WMCoreService; C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe [648744 2011-08-12] (Ericsson AB) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-05-23] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-05-23] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-05-23] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-05-23] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-05-23] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-05-23] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-05-23] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-05-23] (AVAST Software) S3 aswTap; C:\Windows\System32\drivers\aswTap.sys [44640 2016-05-23] (The OpenVPN Project) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2016-05-23] (AVAST Software) R3 e1cexpress; C:\Windows\system32\DRIVERS\e1c64x64.sys [468752 2014-06-27] (Intel Corporation) R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2011-06-13] (Ericsson AB) R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [30248 2011-06-13] (Ericsson AB) R3 l36wgps; C:\Windows\system32\DRIVERS\l36wgps64.sys [101416 2011-07-01] (Ericsson AB) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation) R3 Mbm3CBus; C:\Windows\System32\drivers\Mbm3CBus.sys [419400 2011-04-29] (MCCI Corporation) R3 Mbm3DevMt; C:\Windows\system32\DRIVERS\Mbm3DevMt.sys [430664 2011-04-29] (MCCI Corporation) R3 Mbm3mdfl; C:\Windows\system32\DRIVERS\Mbm3mdfl.sys [19528 2011-04-29] (MCCI Corporation) R3 Mbm3Mdm; C:\Windows\system32\DRIVERS\Mbm3Mdm.sys [483400 2011-04-29] (MCCI Corporation) R3 NETwNe64; C:\Windows\System32\drivers\NETwew01.sys [3343872 2015-10-30] (Intel Corporation) R2 ParagonLDM; C:\Windows\system32\drivers\biont_bs.sys [19208 2014-04-11] () S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2016-02-02] (Secunia) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [52912 2015-08-07] (Synaptics Incorporated) R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [194816 2015-11-11] (Oracle Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) S3 WirelessKeyboardFilter; C:\Windows\System32\drivers\WirelessKeyboardFilter.sys [49384 2016-03-29] (Microsoft Corporation) R3 WwanUsbServ; C:\Windows\System32\drivers\WwanUsbMp64.sys [268840 2011-08-12] (Ericsson AB) S2 Dokan; system32\DRIVERS\dokan.sys [X] U3 idsvc; kein ImagePath U3 wpcsvc; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-06-27 06:00 - 2016-06-27 06:01 - 00032442 _____ C:\Users\CM\Desktop\FRST.txt 2016-06-27 05:58 - 2016-06-27 07:42 - 02389504 _____ (Farbar) C:\Users\CM\Desktop\FRST64.exe 2016-06-27 05:58 - 2016-06-27 06:00 - 00000000 ____D C:\FRST 2016-06-20 23:10 - 2016-06-20 23:10 - 00000000 ____D C:\Users\CM\AppData\Roaming\PDF Producer 2016-06-20 16:18 - 2016-06-20 16:18 - 00728356 _____ C:\Users\CM\Downloads\2015-12_Rundbrief-39.pdf 2016-06-20 16:16 - 2016-06-20 16:16 - 00406747 _____ C:\Users\CM\Downloads\2016-01_Rundbrief-40.pdf 2016-06-20 12:44 - 2016-06-20 12:44 - 00782205 _____ C:\Users\CM\Downloads\SCN_0001.pdf 2016-06-20 12:40 - 2016-06-20 12:40 - 00215007 _____ C:\Users\CM\Downloads\Send_20.06.16_12.36_Telefax.025148887781.pdf 2016-06-18 08:05 - 2016-06-18 08:09 - 00050944 _____ C:\Users\CM\Desktop\Widerruf Kredit.odt 2016-06-16 23:02 - 2016-06-16 23:02 - 00056454 _____ C:\Users\CM\Downloads\402443725_20160614(1).pdf 2016-06-16 17:01 - 2016-06-16 17:01 - 00002693 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Poster Printer.lnk 2016-06-16 17:01 - 2016-06-16 17:01 - 00002681 _____ C:\Users\Public\Desktop\Easy Poster Printer.lnk 2016-06-16 17:01 - 2016-06-16 17:01 - 00000000 ____D C:\Users\CM\Downloads\epp66 2016-06-16 17:01 - 2016-06-16 17:01 - 00000000 ____D C:\Program Files (x86)\GD Software 2016-06-16 17:00 - 2016-06-16 17:00 - 30040650 _____ C:\Users\CM\Downloads\epp66.zip 2016-06-16 16:59 - 2016-06-16 16:59 - 01473544 _____ C:\Users\CM\Downloads\Easy Poster Printer - CHIP-Installer.exe 2016-06-16 16:55 - 2016-06-16 17:02 - 00000000 ____D C:\Users\Public\Documents\RonyaSoft 2016-06-16 16:55 - 2016-06-16 16:55 - 00000000 ____D C:\Users\CM\Downloads\ronyasoft-poster-printer 2016-06-16 16:55 - 2016-06-16 16:55 - 00000000 ____D C:\ProgramData\RonyaSoft 2016-06-16 16:52 - 2016-06-16 16:54 - 05768802 _____ C:\Users\CM\Downloads\ronyasoft-poster-printer.zip 2016-06-16 16:47 - 2016-06-16 16:47 - 02728760 _____ (Sebastian Keseling Software ) C:\Users\CM\Downloads\keseling_poster-drucker_1.4.0_setup.exe 2016-06-16 16:47 - 2016-06-16 16:47 - 00000000 ____D C:\Users\CM\AppData\Roaming\Keseling 2016-06-16 12:48 - 2016-06-16 12:48 - 00398848 _____ C:\Users\CM\Desktop\kreditwiderruf_frei_19-04-2016.xls 2016-06-16 12:27 - 2016-06-16 12:27 - 00056454 _____ C:\Users\CM\Downloads\402443725_20160614.pdf 2016-06-14 21:09 - 2016-05-28 08:13 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-06-14 21:09 - 2016-05-28 08:13 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2016-06-14 21:09 - 2016-05-28 07:07 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2016-06-14 21:09 - 2016-05-28 06:35 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe 2016-06-14 21:09 - 2016-05-28 06:29 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-06-14 21:09 - 2016-05-28 06:19 - 24605696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-06-14 21:09 - 2016-05-28 06:18 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-06-14 21:09 - 2016-05-28 06:18 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2016-06-14 21:09 - 2016-05-28 06:18 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll 2016-06-14 21:09 - 2016-05-28 06:17 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-06-14 21:09 - 2016-05-28 06:16 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-06-14 21:09 - 2016-05-28 06:15 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2016-06-14 21:09 - 2016-05-28 06:14 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-06-14 21:09 - 2016-05-28 06:13 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll 2016-06-14 21:09 - 2016-05-28 06:08 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-06-14 21:09 - 2016-05-28 06:08 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2016-06-14 21:09 - 2016-05-28 06:06 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-06-14 21:09 - 2016-05-28 06:06 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2016-06-14 21:09 - 2016-05-28 06:05 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2016-06-14 21:09 - 2016-05-28 06:04 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2016-06-14 21:09 - 2016-05-28 06:03 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2016-06-14 21:09 - 2016-05-28 06:03 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2016-06-14 21:09 - 2016-05-28 06:02 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll 2016-06-14 21:09 - 2016-05-28 06:00 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-06-14 21:09 - 2016-05-28 06:00 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll 2016-06-14 21:09 - 2016-05-28 06:00 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2016-06-14 21:09 - 2016-05-28 06:00 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-06-14 21:09 - 2016-05-28 06:00 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2016-06-14 21:09 - 2016-05-28 05:58 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-06-14 21:09 - 2016-05-28 05:58 - 04896256 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-06-14 21:09 - 2016-05-28 05:58 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll 2016-06-14 21:08 - 2016-05-28 08:13 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-06-14 21:08 - 2016-05-28 08:13 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-06-14 21:08 - 2016-05-28 08:13 - 00290496 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-06-14 21:08 - 2016-05-28 08:13 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-06-14 21:08 - 2016-05-28 07:25 - 04268880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll 2016-06-14 21:08 - 2016-05-28 07:23 - 00388384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll 2016-06-14 21:08 - 2016-05-28 07:23 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll 2016-06-14 21:08 - 2016-05-28 07:22 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-06-14 21:08 - 2016-05-28 07:22 - 04387680 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll 2016-06-14 21:08 - 2016-05-28 07:22 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2016-06-14 21:08 - 2016-05-28 07:22 - 00211296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys 2016-06-14 21:08 - 2016-05-28 07:22 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys 2016-06-14 21:08 - 2016-05-28 07:20 - 00430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll 2016-06-14 21:08 - 2016-05-28 07:18 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll 2016-06-14 21:08 - 2016-05-28 07:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2016-06-14 21:08 - 2016-05-28 07:09 - 00501600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2016-06-14 21:08 - 2016-05-28 07:09 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe 2016-06-14 21:08 - 2016-05-28 07:09 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll 2016-06-14 21:08 - 2016-05-28 07:08 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll 2016-06-14 21:08 - 2016-05-28 07:08 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys 2016-06-14 21:08 - 2016-05-28 07:08 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll 2016-06-14 21:08 - 2016-05-28 07:07 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-06-14 21:08 - 2016-05-28 07:07 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-06-14 21:08 - 2016-05-28 07:07 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-06-14 21:08 - 2016-05-28 07:07 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2016-06-14 21:08 - 2016-05-28 07:07 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2016-06-14 21:08 - 2016-05-28 07:07 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2016-06-14 21:08 - 2016-05-28 07:06 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-06-14 21:08 - 2016-05-28 07:06 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2016-06-14 21:08 - 2016-05-28 07:06 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll 2016-06-14 21:08 - 2016-05-28 07:06 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe 2016-06-14 21:08 - 2016-05-28 07:06 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe 2016-06-14 21:08 - 2016-05-28 07:05 - 04515264 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2016-06-14 21:08 - 2016-05-28 07:04 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-06-14 21:08 - 2016-05-28 07:04 - 00431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll 2016-06-14 21:08 - 2016-05-28 07:04 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2016-06-14 21:08 - 2016-05-28 07:04 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2016-06-14 21:08 - 2016-05-28 07:04 - 00111064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll 2016-06-14 21:08 - 2016-05-28 07:04 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll 2016-06-14 21:08 - 2016-05-28 07:03 - 00131248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll 2016-06-14 21:08 - 2016-05-28 06:58 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-06-14 21:08 - 2016-05-28 06:58 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2016-06-14 21:08 - 2016-05-28 06:57 - 02548944 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll 2016-06-14 21:08 - 2016-05-28 06:57 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2016-06-14 21:08 - 2016-05-28 06:57 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2016-06-14 21:08 - 2016-05-28 06:57 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2016-06-14 21:08 - 2016-05-28 06:57 - 00649792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2016-06-14 21:08 - 2016-05-28 06:57 - 00636304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2016-06-14 21:08 - 2016-05-28 06:57 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-06-14 21:08 - 2016-05-28 06:57 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2016-06-14 21:08 - 2016-05-28 06:57 - 00521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2016-06-14 21:08 - 2016-05-28 06:57 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2016-06-14 21:08 - 2016-05-28 06:35 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll 2016-06-14 21:08 - 2016-05-28 06:35 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsdport.sys 2016-06-14 21:08 - 2016-05-28 06:31 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe 2016-06-14 21:08 - 2016-05-28 06:31 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2016-06-14 21:08 - 2016-05-28 06:31 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll 2016-06-14 21:08 - 2016-05-28 06:29 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll 2016-06-14 21:08 - 2016-05-28 06:29 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2016-06-14 21:08 - 2016-05-28 06:29 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll 2016-06-14 21:08 - 2016-05-28 06:28 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2016-06-14 21:08 - 2016-05-28 06:28 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2016-06-14 21:08 - 2016-05-28 06:28 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll 2016-06-14 21:08 - 2016-05-28 06:27 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll 2016-06-14 21:08 - 2016-05-28 06:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll 2016-06-14 21:08 - 2016-05-28 06:26 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2016-06-14 21:08 - 2016-05-28 06:26 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe 2016-06-14 21:08 - 2016-05-28 06:26 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe 2016-06-14 21:08 - 2016-05-28 06:26 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll 2016-06-14 21:08 - 2016-05-28 06:26 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll 2016-06-14 21:08 - 2016-05-28 06:25 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys 2016-06-14 21:08 - 2016-05-28 06:25 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpscript.dll 2016-06-14 21:08 - 2016-05-28 06:25 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2016-06-14 21:08 - 2016-05-28 06:24 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2016-06-14 21:08 - 2016-05-28 06:24 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys 2016-06-14 21:08 - 2016-05-28 06:24 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2016-06-14 21:08 - 2016-05-28 06:24 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2016-06-14 21:08 - 2016-05-28 06:24 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll 2016-06-14 21:08 - 2016-05-28 06:24 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll 2016-06-14 21:08 - 2016-05-28 06:24 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll 2016-06-14 21:08 - 2016-05-28 06:24 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll 2016-06-14 21:08 - 2016-05-28 06:23 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys 2016-06-14 21:08 - 2016-05-28 06:23 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll 2016-06-14 21:08 - 2016-05-28 06:22 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2016-06-14 21:08 - 2016-05-28 06:22 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2016-06-14 21:08 - 2016-05-28 06:22 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys 2016-06-14 21:08 - 2016-05-28 06:22 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll 2016-06-14 21:08 - 2016-05-28 06:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll 2016-06-14 21:08 - 2016-05-28 06:22 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2016-06-14 21:08 - 2016-05-28 06:22 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll 2016-06-14 21:08 - 2016-05-28 06:22 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll 2016-06-14 21:08 - 2016-05-28 06:22 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll 2016-06-14 21:08 - 2016-05-28 06:21 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2016-06-14 21:08 - 2016-05-28 06:21 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll 2016-06-14 21:08 - 2016-05-28 06:21 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2016-06-14 21:08 - 2016-05-28 06:21 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll 2016-06-14 21:08 - 2016-05-28 06:21 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpscript.dll 2016-06-14 21:08 - 2016-05-28 06:20 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2016-06-14 21:08 - 2016-05-28 06:20 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll 2016-06-14 21:08 - 2016-05-28 06:20 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll 2016-06-14 21:08 - 2016-05-28 06:20 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll 2016-06-14 21:08 - 2016-05-28 06:20 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll 2016-06-14 21:08 - 2016-05-28 06:20 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll 2016-06-14 21:08 - 2016-05-28 06:20 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll 2016-06-14 21:08 - 2016-05-28 06:19 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-06-14 21:08 - 2016-05-28 06:19 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll 2016-06-14 21:08 - 2016-05-28 06:19 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2016-06-14 21:08 - 2016-05-28 06:19 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll 2016-06-14 21:08 - 2016-05-28 06:19 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll 2016-06-14 21:08 - 2016-05-28 06:18 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll 2016-06-14 21:08 - 2016-05-28 06:18 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2016-06-14 21:08 - 2016-05-28 06:18 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll 2016-06-14 21:08 - 2016-05-28 06:18 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL 2016-06-14 21:08 - 2016-05-28 06:18 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll 2016-06-14 21:08 - 2016-05-28 06:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll 2016-06-14 21:08 - 2016-05-28 06:17 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll 2016-06-14 21:08 - 2016-05-28 06:17 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll 2016-06-14 21:08 - 2016-05-28 06:17 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll 2016-06-14 21:08 - 2016-05-28 06:17 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2016-06-14 21:08 - 2016-05-28 06:17 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll 2016-06-14 21:08 - 2016-05-28 06:17 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2016-06-14 21:08 - 2016-05-28 06:17 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll 2016-06-14 21:08 - 2016-05-28 06:16 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2016-06-14 21:08 - 2016-05-28 06:16 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll 2016-06-14 21:08 - 2016-05-28 06:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll 2016-06-14 21:08 - 2016-05-28 06:16 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll 2016-06-14 21:08 - 2016-05-28 06:16 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2016-06-14 21:08 - 2016-05-28 06:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll 2016-06-14 21:08 - 2016-05-28 06:16 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll 2016-06-14 21:08 - 2016-05-28 06:15 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll 2016-06-14 21:08 - 2016-05-28 06:15 - 00794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2016-06-14 21:08 - 2016-05-28 06:15 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll 2016-06-14 21:08 - 2016-05-28 06:15 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2016-06-14 21:08 - 2016-05-28 06:15 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll 2016-06-14 21:08 - 2016-05-28 06:15 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll 2016-06-14 21:08 - 2016-05-28 06:15 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys 2016-06-14 21:08 - 2016-05-28 06:14 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll 2016-06-14 21:08 - 2016-05-28 06:14 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll 2016-06-14 21:08 - 2016-05-28 06:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2016-06-14 21:08 - 2016-05-28 06:14 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-06-14 21:08 - 2016-05-28 06:14 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2016-06-14 21:08 - 2016-05-28 06:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll 2016-06-14 21:08 - 2016-05-28 06:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll 2016-06-14 21:08 - 2016-05-28 06:14 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2016-06-14 21:08 - 2016-05-28 06:13 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-06-14 21:08 - 2016-05-28 06:13 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll 2016-06-14 21:08 - 2016-05-28 06:13 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll 2016-06-14 21:08 - 2016-05-28 06:13 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2016-06-14 21:08 - 2016-05-28 06:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2016-06-14 21:08 - 2016-05-28 06:13 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll 2016-06-14 21:08 - 2016-05-28 06:13 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS 2016-06-14 21:08 - 2016-05-28 06:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll 2016-06-14 21:08 - 2016-05-28 06:12 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2016-06-14 21:08 - 2016-05-28 06:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll 2016-06-14 21:08 - 2016-05-28 06:11 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll 2016-06-14 21:08 - 2016-05-28 06:11 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll 2016-06-14 21:08 - 2016-05-28 06:11 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll 2016-06-14 21:08 - 2016-05-28 06:11 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll 2016-06-14 21:08 - 2016-05-28 06:11 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll 2016-06-14 21:08 - 2016-05-28 06:11 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-06-14 21:08 - 2016-05-28 06:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2016-06-14 21:08 - 2016-05-28 06:11 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll 2016-06-14 21:08 - 2016-05-28 06:09 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2016-06-14 21:08 - 2016-05-28 06:06 - 01339904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll 2016-06-14 21:08 - 2016-05-28 06:05 - 03664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-06-14 21:08 - 2016-05-28 06:05 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2016-06-14 21:08 - 2016-05-28 06:05 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2016-06-14 21:08 - 2016-05-28 06:04 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll 2016-06-14 21:08 - 2016-05-28 06:04 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll 2016-06-14 21:08 - 2016-05-28 06:03 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2016-06-14 21:08 - 2016-05-28 06:03 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFramework.dll 2016-06-14 21:08 - 2016-05-28 06:03 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll 2016-06-14 21:08 - 2016-05-28 06:03 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll 2016-06-14 21:08 - 2016-05-28 06:02 - 03590144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-06-14 21:08 - 2016-05-28 06:02 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2016-06-14 21:08 - 2016-05-28 06:02 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll 2016-06-14 21:08 - 2016-05-28 06:01 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2016-06-14 21:08 - 2016-05-28 06:01 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2016-06-14 21:08 - 2016-05-28 06:01 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-06-14 21:08 - 2016-05-28 06:01 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll 2016-06-14 21:08 - 2016-05-28 06:00 - 02230272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-06-14 21:08 - 2016-05-28 06:00 - 01730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-06-14 21:08 - 2016-05-28 06:00 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll 2016-06-14 21:08 - 2016-05-28 06:00 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll 2016-06-14 21:08 - 2016-05-28 06:00 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe 2016-06-14 21:08 - 2016-05-28 05:59 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2016-06-14 21:08 - 2016-05-28 05:58 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-06-14 21:08 - 2016-05-28 05:58 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2016-06-14 21:08 - 2016-05-28 05:57 - 02281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-06-14 21:08 - 2016-05-28 05:55 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll 2016-06-14 21:08 - 2016-05-28 05:53 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll 2016-06-13 22:40 - 2016-06-13 22:40 - 00940497 _____ C:\Users\CM\Downloads\'17766-Mini-Stand-for-iPad.pdf 2016-06-13 21:56 - 2016-06-13 21:56 - 02764741 _____ C:\Users\CM\Downloads\ACS_Tight_de-en-fr-cn_HW16.pdf 2016-06-12 22:05 - 2016-06-12 22:05 - 00946321 _____ C:\Users\CM\Downloads\PremiumVoucher.pdf 2016-06-09 14:08 - 2016-06-09 14:08 - 00065382 _____ C:\Users\CM\Downloads\20130415_AGB_DB_Rent_Fahrradvermietung_Deu.pdf 2016-06-09 13:42 - 2016-06-12 20:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-06-07 22:20 - 2016-06-07 22:20 - 00000000 ____D C:\Users\CM\AppData\LocalLow\Lenovo 2016-06-07 22:19 - 2016-06-07 22:19 - 08668468 _____ C:\Users\CM\Documents\Steckbriefe_4b_klein.pdf 2016-06-07 21:08 - 2016-06-16 16:33 - 00000000 ____D C:\Users\CM\AppData\Local\PDFCreator 2016-06-07 21:08 - 2016-06-07 21:15 - 00000000 ____D C:\Users\CM\AppData\Roaming\PDF Architect 4 2016-06-07 21:08 - 2016-06-07 21:08 - 00000000 ____D C:\ProgramData\pdfforge 2016-06-07 21:08 - 2016-06-07 21:08 - 00000000 ____D C:\Program Files (x86)\PDF Architect 4 2016-06-07 21:07 - 2016-06-07 21:08 - 00000000 ____D C:\Program Files\PDF Architect 4 2016-06-07 21:07 - 2016-06-07 21:07 - 00000000 ____D C:\Users\CM\Documents\PDF Architect 2016-06-07 21:07 - 2016-06-07 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 4 2016-06-07 21:06 - 2016-06-07 21:15 - 00000000 ____D C:\ProgramData\PDF Architect 4 2016-06-07 21:06 - 2016-06-07 21:10 - 00000000 ____D C:\Program Files\PDFCreator 2016-06-07 21:06 - 2016-06-07 21:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator 2016-06-07 21:04 - 2016-06-07 21:05 - 27650032 _____ (pdfforge GmbH ) C:\Users\CM\Downloads\PDFCreator-2_3_0-Setup.exe 2016-06-07 13:54 - 2016-06-07 13:54 - 00569732 _____ C:\Users\CM\Desktop\Mission_Impossible_30.m4r 2016-06-07 13:54 - 2016-06-07 13:54 - 00000000 ____D C:\Program Files (x86)\Ffmpeg For Audacity 2016-06-07 13:53 - 2016-06-07 13:53 - 03016826 _____ ( ) C:\Users\CM\Downloads\FFmpeg_v0.6.2_for_Audacity_on_Windows.exe 2016-06-07 13:24 - 2016-06-07 13:54 - 00000000 ____D C:\Users\CM\AppData\Roaming\Audacity 2016-06-07 13:04 - 2016-06-07 13:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2016-06-07 13:04 - 2016-06-07 13:04 - 00000000 ____D C:\Program Files\iTunes 2016-06-07 13:04 - 2016-06-07 13:04 - 00000000 ____D C:\Program Files\iPod 2016-06-07 12:54 - 2016-06-07 12:54 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2016-06-06 11:09 - 2016-06-06 11:10 - 69012904 _____ (Lenovo) C:\Users\CM\Downloads\lscsetup_x64_32004.exe 2016-06-06 10:40 - 2016-06-06 10:40 - 06296904 _____ C:\Users\CM\Downloads\x220_x220i_x220tablet_x220itablet_ug_de.pdf 2016-06-06 09:51 - 2016-06-06 09:51 - 02365304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WudfUpdate_01011.dll 2016-06-06 09:48 - 2016-06-06 09:50 - 130152456 _____ (Lenovo ) C:\Users\CM\Downloads\SystemInterfaceFoundation.exe 2016-06-06 09:30 - 2012-06-08 02:07 - 00201376 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CxAudMsg64.exe 2016-06-06 09:30 - 2011-09-01 15:23 - 00447104 _____ (Conexant Systems, Inc.) C:\WINDOWS\SysWOW64\SASrv.exe 2016-06-06 09:30 - 2011-02-09 02:00 - 00002024 _____ C:\WINDOWS\system32\Drivers\SamSfPa.dat 2016-06-06 09:29 - 2016-06-06 09:29 - 00000000 ____D C:\ProgramData\Conexant 2016-06-06 09:29 - 2016-06-06 09:29 - 00000000 ____D C:\Program Files (x86)\SmartSense 2016-06-06 09:29 - 2012-08-06 14:30 - 01780384 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64AP73.dll 2016-06-06 09:29 - 2012-07-12 12:37 - 02786464 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\UCI64A09.DLL 2016-06-06 09:29 - 2012-06-27 14:14 - 02535008 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll 2016-06-06 09:29 - 2012-06-21 14:59 - 01586848 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\Drivers\CHDRT64.sys 2016-06-06 09:29 - 2012-05-01 12:18 - 00002013 _____ C:\WINDOWS\system32\VoipUpdate.ini 2016-06-06 09:29 - 2011-01-18 08:35 - 00030893 _____ C:\WINDOWS\system32\Drivers\Mixer.ini 2016-06-06 09:29 - 2010-10-28 10:27 - 00001816 _____ C:\WINDOWS\system32\Drivers\Altmixer.ini 2016-06-06 09:28 - 2016-04-14 08:00 - 00029008 _____ (Lenovo Group Limited) C:\WINDOWS\system32\Drivers\TPPWR64V.SYS 2016-06-06 09:27 - 2016-06-06 09:27 - 00000000 ____D C:\Users\CM\Downloads\SHAREit 2016-06-06 09:27 - 2016-06-06 09:27 - 00000000 ____D C:\Users\CM\AppData\Local\SHAREit 2016-06-06 09:27 - 2016-06-06 09:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHAREit 2016-06-06 09:27 - 2016-06-06 09:27 - 00000000 ____D C:\Program Files (x86)\SHAREit 2016-06-06 09:22 - 2016-06-06 09:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo 2016-06-03 20:53 - 2016-06-03 20:53 - 00000000 ____D C:\Users\CM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-06-01 23:00 - 2016-06-01 23:00 - 00495302 _____ C:\Users\CM\Downloads\FLT_VUBKTM28282_0.pdf 2016-05-30 17:06 - 2016-05-30 17:06 - 00681980 _____ C:\Users\CM\Downloads\30.05.2016-14.24h Scanbot.pdf 2016-05-30 17:04 - 2016-05-30 17:04 - 00474816 _____ C:\Users\CM\Downloads\30.05.2016-14.23h Scanbot.pdf 2016-05-30 17:04 - 2016-05-30 17:04 - 00340205 _____ C:\Users\CM\Downloads\30.05.2016-14.24h Scanbot - 2.pdf 2016-05-30 17:04 - 2016-05-30 17:04 - 00339847 _____ C:\Users\CM\Downloads\30.05.2016-14.25h Scanbot.pdf 2016-05-30 17:04 - 2016-05-30 17:04 - 00301351 _____ C:\Users\CM\Downloads\30.05.2016-14.24h Scanbot - 1.pdf 2016-05-30 16:11 - 2016-05-30 16:11 - 00304360 _____ C:\Users\CM\Downloads\DruckenSP-BerichtSieber.pdf 2016-05-30 16:11 - 2016-05-30 16:11 - 00136885 _____ C:\Users\CM\Downloads\FBG_SieberHeft1-05.pdf 2016-05-30 16:10 - 2016-05-30 16:10 - 00215355 _____ C:\Users\CM\Downloads\Sortimentsübersicht_Sieber GmbH_alphabethisch 28.05.2016.pdf 2016-05-30 14:59 - 2016-05-30 14:59 - 00701154 _____ C:\Users\CM\Downloads\30.05.2016-14.22h Scanbot.pdf 2016-05-30 14:12 - 2016-05-30 14:12 - 00233027 _____ C:\Users\CM\Downloads\07.04.2016-21.12h.pdf 2016-05-30 11:10 - 2016-05-30 11:10 - 00000000 ____D C:\Users\CM\AppData\Local\PeerDistRepub 2016-05-30 11:01 - 2016-05-30 11:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud 2016-05-30 08:27 - 2016-05-30 08:27 - 00000000 ____D C:\WINDOWS\system32\SleepStudy ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-06-27 06:00 - 2016-05-22 22:54 - 02086308 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-06-27 06:00 - 2016-02-13 18:59 - 00889446 _____ C:\WINDOWS\system32\perfh007.dat 2016-06-27 06:00 - 2016-02-13 18:59 - 00197494 _____ C:\WINDOWS\system32\perfc007.dat 2016-06-27 06:00 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF 2016-06-27 05:57 - 2014-10-29 22:31 - 00001106 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-06-27 05:57 - 2014-04-14 21:44 - 00000000 ____D C:\Users\CM\AppData\Local\Lenovo 2016-06-27 05:55 - 2016-02-13 19:26 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-06-27 05:54 - 2016-05-22 22:54 - 00000000 ____D C:\Users\CM 2016-06-27 05:54 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2016-06-25 21:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-06-25 21:01 - 2016-05-23 09:05 - 00004280 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update 2016-06-21 20:25 - 2016-05-11 21:41 - 00000000 ____D C:\Users\CM\AppData\Roaming\WhatsApp 2016-06-21 20:16 - 2014-10-29 22:31 - 00001110 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-06-21 19:51 - 2015-06-17 19:41 - 00001212 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-793156834-983140082-329161430-1000UA.job 2016-06-21 19:41 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-06-21 19:39 - 2016-05-16 21:11 - 00000000 ____D C:\Users\CM\AppData\Roaming\Duplicati 2016-06-21 19:35 - 2014-04-15 16:29 - 00000000 ___RD C:\Users\CM\Dropbox 2016-06-20 23:00 - 2016-05-12 07:26 - 00000000 ____D C:\Users\CM\Desktop\Fotos Klasse 4b 2016-06-20 22:39 - 2016-02-21 15:05 - 00000000 ____D C:\Users\CM\Desktop\Lightroom-Export 2016-06-20 21:47 - 2016-05-23 10:26 - 00004142 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{35BA8017-2064-49C0-B360-DFE0EA965E06} 2016-06-20 12:21 - 2015-05-18 21:17 - 00000000 ____D C:\Users\CM\AppData\Local\FRITZ! 2016-06-20 11:41 - 2016-02-06 23:01 - 00000000 ____D C:\Users\CM\AppData\Roaming\Hide.me 2016-06-19 21:16 - 2014-10-29 22:31 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-06-16 22:35 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-06-16 21:26 - 2016-02-13 19:32 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-06-16 21:22 - 2016-02-13 10:22 - 00254368 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-06-16 19:03 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs 2016-06-16 19:03 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2016-06-16 19:03 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr 2016-06-16 17:51 - 2015-06-17 19:41 - 00001160 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-793156834-983140082-329161430-1000Core.job 2016-06-16 16:47 - 2014-04-14 20:11 - 00000000 ____D C:\Users\CM\AppData\Local\VirtualStore 2016-06-16 12:49 - 2014-04-15 10:10 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-06-16 12:42 - 2014-04-15 10:10 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-06-14 21:25 - 2016-03-09 22:49 - 00000000 ____D C:\Users\CM\AppData\Local\Canon Easy-PhotoPrint EX 2016-06-14 21:13 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\FxsTmp 2016-06-14 20:33 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-06-14 20:33 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-06-12 21:10 - 2016-05-11 21:41 - 00000000 ____D C:\Users\CM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp 2016-06-12 21:09 - 2016-05-11 21:41 - 00000000 ____D C:\Users\CM\AppData\Local\WhatsApp 2016-06-12 21:09 - 2016-05-11 21:40 - 00000000 ____D C:\Users\CM\AppData\Local\SquirrelTemp 2016-06-12 20:59 - 2014-04-15 09:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-06-07 22:20 - 2014-04-14 21:25 - 00000000 ____D C:\ProgramData\Lenovo 2016-06-07 21:06 - 2014-04-15 09:28 - 00120072 _____ (pdfforge GmbH) C:\WINDOWS\system32\pdfcmon.dll 2016-06-07 21:05 - 2014-04-15 09:28 - 00000000 ____D C:\Program Files (x86)\PDFCreator 2016-06-07 13:49 - 2014-04-25 22:07 - 00000000 ____D C:\Users\CM\Desktop\_kann_geloescht_werden 2016-06-07 13:24 - 2014-06-05 21:53 - 00000000 ____D C:\Users\CM\AppData\Roaming\WindSolutions 2016-06-07 13:24 - 2014-06-05 21:53 - 00000000 ____D C:\ProgramData\WindSolutions 2016-06-07 13:04 - 2014-06-05 22:04 - 00000000 ____D C:\Program Files (x86)\iTunes 2016-06-07 13:04 - 2014-06-05 22:03 - 00000000 ____D C:\Program Files\Common Files\Apple 2016-06-06 11:10 - 2014-06-12 21:18 - 00000000 ____D C:\WINDOWS\Downloaded Installations 2016-06-06 10:53 - 2016-05-22 23:23 - 00000000 ____D C:\Users\CM\AppData\Local\Packages 2016-06-06 09:51 - 2016-05-22 23:32 - 00000000 ___RD C:\Users\CM\OneDrive 2016-06-06 09:50 - 2014-06-27 17:37 - 00000000 ____D C:\ProgramData\Package Cache 2016-06-06 09:47 - 2014-06-12 21:19 - 00000000 ____D C:\Program Files\Lenovo 2016-06-06 09:47 - 2014-04-14 21:27 - 00000000 ____D C:\Program Files (x86)\Lenovo 2016-06-06 09:31 - 2014-04-15 10:16 - 00000000 ____D C:\Program Files\CONEXANT 2016-06-06 09:31 - 2014-04-14 21:27 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo 2016-06-06 09:28 - 2015-10-30 09:24 - 00000000 __RSD C:\WINDOWS\Media 2016-06-06 09:22 - 2014-06-12 21:27 - 00000000 ____D C:\WINDOWS\System32\Tasks\TVT 2016-06-06 09:22 - 2014-04-14 21:25 - 00000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools 2016-06-03 22:50 - 2014-04-15 09:41 - 00001160 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk 2016-06-03 22:50 - 2014-04-15 09:40 - 00000000 ____D C:\Program Files\Paint.NET 2016-06-03 22:08 - 2016-03-26 00:27 - 00000000 ____D C:\Users\CM\AppData\Roaming\Google 2016-06-03 20:53 - 2014-04-15 09:32 - 00000000 ____D C:\Users\CM\AppData\Roaming\Dropbox 2016-06-02 16:07 - 2015-11-09 13:09 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-05-31 20:58 - 2015-09-27 22:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung 2016 2016-05-30 13:53 - 2015-01-18 23:12 - 00000000 ___RD C:\Users\CM\iCloudDrive 2016-05-30 13:45 - 2016-02-13 19:03 - 00000000 ____D C:\WINDOWS\OCR 2016-05-30 11:39 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache 2016-05-30 11:35 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files 2016-05-29 21:45 - 2014-10-05 21:35 - 00097344 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2016-05-29 21:45 - 2014-10-05 21:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-05-29 21:45 - 2014-10-05 21:35 - 00000000 ____D C:\Program Files (x86)\Java 2016-05-28 07:55 - 2016-02-13 19:26 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-08-19 20:37 - 2014-08-27 22:40 - 0000211 ____H () C:\Users\CM\AppData\Roaming\eSReg.ini 2013-01-11 15:13 - 2013-01-11 15:13 - 0022464 _____ (Intel Corporation) C:\Users\CM\AppData\Roaming\JomCap.dll 2014-12-21 19:41 - 2016-01-02 01:06 - 0006144 _____ () C:\Users\CM\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-08-31 10:13 - 2015-08-31 10:13 - 0003726 _____ () C:\Users\CM\AppData\Local\recently-used.xbel 2015-12-22 22:15 - 2015-12-22 22:15 - 0000108 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc 2016-02-06 23:31 - 2016-02-06 23:31 - 0000036 ___SH () C:\ProgramData\Shrew Soft VPN.dat Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\ProgramData\Shrew Soft VPN.dat ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-06-16 12:39 ==================== Ende von FRST.txt ============================ |
27.06.2016, 07:51 | #6 |
| Windows will Dateien löschen, Virenscanner deaktiviert sich Addition.txt: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 26-06-2016 02 durchgeführt von CM (2016-06-27 06:02:11) Gestartet von C:\Users\CM\Desktop Windows 10 Pro Version 1511 (X64) (2016-05-22 21:22:02) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-793156834-983140082-329161430-500 - Administrator - Disabled) BitBox (S-1-5-21-793156834-983140082-329161430-1005 - Limited - Enabled) CM (S-1-5-21-793156834-983140082-329161430-1000 - Administrator - Enabled) => C:\Users\CM DefaultAccount (S-1-5-21-793156834-983140082-329161430-503 - Limited - Disabled) Gast (S-1-5-21-793156834-983140082-329161430-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-793156834-983140082-329161430-1002 - Limited - Enabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 7-Zip 15.14 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1514-000001000000}) (Version: 15.14.00.0 - Igor Pavlov) AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH) ABBYY FineReader for ScanSnap (TM) 5.0 (HKLM-x32\...\{FB500000-0010-0000-0000-074957833700}) (Version: 11.0.234 - ABBYY) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.8.1.451 - Adobe Systems Incorporated) Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated) Adobe Photoshop Lightroom 5.7 64-bit (HKLM\...\{1B77B02E-17E4-4B6D-B8A1-74B29AF3D8DD}) (Version: 5.7.0 - Adobe Systems Incorporated) Apple Application Support (32-Bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.2.2262 - AVAST Software) Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG) AVM FRITZ!fax für FRITZ!Box (HKLM-x32\...\FRITZ! 2.0) (Version: - AVM Berlin) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Browser in the Box (HKLM-x32\...\BitBox) (Version: 4.1.4-r150 - Sirrix AG) CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.5.0 - Canon Inc.) Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.) Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.) Canon Kurzwahlprogramm (HKLM-x32\...\Speed Dial Utility) (Version: 1.6.0 - Canon Inc.) Canon MX920 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX920_series) (Version: 1.00 - Canon Inc.) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.) Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.6.1 - Canon Inc.) CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.3.4643 - CDBurnerXP) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Cisco WebEx Meetings (HKU\S-1-5-21-793156834-983140082-329161430-1000\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC) Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.43.0 - Conexant) CopyTrans Control Center deinstallieren (HKU\S-1-5-21-793156834-983140082-329161430-1000\...\CopyTrans Suite) (Version: 4.008 - WindSolutions) Debugging Tools for Windows (x64) (HKLM\...\{7F2E5C3B-DBDF-469D-AD8D-F686D3B71176}) (Version: 6.11.1.404 - Microsoft Corporation) Dienstprogramm "ThinkPad UltraNav" (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo) dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 6.0.3 - CEWE Stiftung u Co. KGaA) DriveImage XML (Private Edition) (HKLM-x32\...\{F7E1CA14-B39D-452A-960B-39423DDDD933}) (Version: 2.50.000 - Runtime Software) Dropbox (HKU\S-1-5-21-793156834-983140082-329161430-1000\...\Dropbox) (Version: 4.4.29 - Dropbox, Inc.) Duplicati (x64) (HKLM\...\{77BA8977-0BA6-4A83-A741-1DFAD23A6B23}) (Version: 1.3.4 - HexaD) Easy Poster Printer (HKLM-x32\...\{BA0F9074-80B4-43D6-BADD-4EEEEE536F2A}) (Version: 6.6.0 - GD Software) erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden Error Recovery Guide for fi-7160/fi-7260/fi-7180/fi-7280 (HKLM-x32\...\{B8BCF795-5C64-49BB-8D43-2CFE3F03DF6E}) (Version: 4.3.0.2 - PFU LIMITED) Exact Audio Copy 1.0beta3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff) FFmpeg v0.6.2 for Audacity (HKLM-x32\...\FFmpeg for Audacity_is1) (Version: - ) fi Series manuals for fi-7160/7260/7180/7280 (HKLM-x32\...\{4990B5DB-7D59-4FEB-A118-BBE7C584381F}) (Version: 1.04.01 - PFU LIMITED) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.6.321 - Foxit Software Inc.) Freemake Video Converter Version 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation) FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 1.0.1 - ) FRITZ!Box-Fernzugang einrichten (HKLM-x32\...\{EFADD989-D9F2-49F6-A280-675951CC78D3}) (Version: 1.0.3 - AVM Berlin) FRITZ!Fernzugang (HKLM\...\{DD57CC22-8864-4CCA-94D4-600D024C1207}) (Version: 1.3.1 - AVM Berlin) Fronius Datalogger Finder (HKLM-x32\...\{6D8B3164-184D-4206-AA6D-72D58D310F6E}) (Version: 1.00.0001 - Fronius International) Fronius Solar.access (HKLM-x32\...\{FCE439E9-D6DC-44E7-B104-7B52F13F91C6}) (Version: 1.60.1 - Fronius International GmbH) Fronius Solar.service (HKLM-x32\...\{ff7137a1-7e14-4ff8-a4fa-abbfe3ded77e}) (Version: 1.2.32.1773 - Fronius International GmbH) Fronius Solar.service 1.2.32.1773 (x32 Version: 1.2.32.1773 - Fronius International GmbH) Hidden GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden Hardcopy (HKLM-x32\...\Hardcopy) (Version: 2016.03.01 - www.hardcopy.de) hide.me VPN 1.2.2 (HKLM-x32\...\{0E00BDA5-7998-4889-BE4B-39A4BBD2EDFB}_is1) (Version: 1.2.2 - eVenture Limited) iCloud (HKLM\...\{ADFDB647-35C0-4254-9EE6-2D9C3B7104BD}) (Version: 5.2.1.69 - Apple Inc.) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1010 - Intel Corporation) Intel(R) Identity Protection Technology 1.2.28.0 (HKLM-x32\...\{A87263E8-26CB-1016-8F2F-C04708B17CE2}) (Version: 1.2.28.0 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.1.70.1205 - Intel Corporation) Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 18.7 - Intel) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.) Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation) Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation) Juniper Networks Setup Client (HKU\S-1-5-21-793156834-983140082-329161430-1000\...\Juniper_Setup_Client) (Version: 8.0.7.50111 - Juniper Networks) Juniper Networks Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks) Juniper Networks Setup Client Activex Control (HKLM-x32\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks) Juniper Terminal Services Client (HKU\S-1-5-21-793156834-983140082-329161430-1000\...\Juniper_Term_Services) (Version: 8.0.7.32723 - Juniper Networks) K-Lite Codec Pack 9.3.0 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.3.0 - ) LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) Lenovo BatteryGauge (HKLM\...\{CBEDEC16-C4F5-4255-99E4-5884EFEDD1BC}) (Version: 1.0.045.00 - Lenovo) Lenovo Patch Utility (x32 Version: 1.4.0.4 - Lenovo Group Limited) Hidden Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited) Hidden Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.10.15 - Lenovo) Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.022.00 - Lenovo) Lenovo Screen Reading Optimizer (HKLM-x32\...\{91A29166-4E1B-4664-B70B-4C4A3B6B3372}) (Version: 1.16 - Lenovo) Lenovo Solution Center (HKLM\...\{AB46AC6D-3E9A-4484-8061-64FF10301B41}) (Version: 3.3.002.00 - Lenovo) Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - ) Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.059.01 - Lenovo) Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0022 - Lenovo) LibreOffice 4.2.3.3 (HKLM-x32\...\{4117DF3C-6677-4A22-90B7-FF06923417E9}) (Version: 4.2.3.3 - The Document Foundation) Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.) Luminance HDR 2.4.0 (HKLM\...\{7020FC34-6E04-4858-924D-354B28CB2402}_is1) (Version: - Luminance HDR Dev Team) Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) Manager (x32 Version: 4.1.4.27792 - 2015 pdfforge GmbH. All rights reserved) Hidden Meine CEWE FOTOWELT (HKLM-x32\...\Meine CEWE FOTOWELT) (Version: 6.0.3 - CEWE Stiftung u Co. KGaA) Metric Collection SDK (x32 Version: 1.1.0008.00 - Lenovo Group Limited) Hidden Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Mobile Broadband Drivers (HKLM-x32\...\{EA9640BE-414E-4195-B53B-7905BF1A5A09}) (Version: 6.5.1.5 - Ericsson AB) MobileWiFi (HKLM-x32\...\MobileWiFi) (Version: TOOL-ConnLaucher_WIN1.12.05.00 - Huawei Technologies Co.,Ltd) Mozilla Firefox 47.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 de)) (Version: 47.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla) Mozilla Thunderbird 45.1.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.1.0 (x86 de)) (Version: 45.1.0 - Mozilla) MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MyFreeCodec (HKU\S-1-5-21-793156834-983140082-329161430-1000\...\MyFreeCodec) (Version: - ) NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles) Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google) Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia) Oracle VM VirtualBox 5.0.10_Sirrix (HKLM\...\{15DB0BEC-4D4B-4471-9E37-2FB454965C05}) (Version: 5.0.10 - Sirrix AG) paint.net (HKLM\...\{DADC2AF6-DC9F-4BCF-BFCE-DCEC16EF507C}) (Version: 4.0.9 - dotPDN LLC) PaperStream Capture (HKLM-x32\...\PaperStream Capture) (Version: 1.0.4.8 - PFU LIMITED) PaperStream Capture (x32 Version: 1.04.00008 - PFU LIMITED) Hidden PaperStream Capture x64 (Version: 1.00.00003 - PFU LIMITED) Hidden PaperStream IP (ISIS) for fi-7160/7260/7180/7280 (HKLM-x32\...\{2A01B603-CD36-40A9-8547-AA90F639244B}) (Version: 1.7.01403.19001 - PFU LIMITED) PaperStream IP (TWAIN x64) (HKLM\...\{39FEF511-2EE6-4FF6-A37A-BDEA5E25FBD6}) (Version: 1.7.0.2846 - PFU LIMITED) PaperStream IP (TWAIN) (HKLM-x32\...\{51031295-61F0-4B88-B845-A43BECB93D8B}) (Version: 1.7.0.2846 - PFU LIMITED) PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia) PDF Architect 4 (HKLM-x32\...\PDF Architect 4) (Version: 4.0.34.26215 - pdfforge GmbH) PDF Architect 4 Create Module (Version: 4.1.4.27684 - pdfforge GmbH) Hidden PDF Architect 4 Edit Module (Version: 4.1.4.27684 - pdfforge GmbH) Hidden PDF Architect 4 View Module (Version: 4.1.4.27684 - pdfforge GmbH) Hidden PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.3.0 - pdfforge GmbH) Personal Backup 5.5 (HKLM\...\Personal Backup 5_is1) (Version: 5.3 - J. Rathlev) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.) Ravensburger tiptoi (HKLM-x32\...\Ravensburger tiptoi) (Version: - ) Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.36.0 - Renesas Electronics Corporation) Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.36.0 - Renesas Electronics Corporation) Hidden RICOH_Media_Driver_v2.22.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.22.18.01 - RICOH) SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Samsung Kies3 (x32 Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Hidden Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.) ScanSnap Manager for fi Series (HKLM-x32\...\ScanSnap Manager for fi Series) (Version: 1.0.2.6 - PFU LIMITED) ScanSnap Manager for fi Series (x32 Version: 1.02.00006 - PFU LIMITED) Hidden ScanSnap Manager for fi Series x64 (Version: 1.00.00002 - PFU LIMITED) Hidden Secunia PSI (3.0.0.11005) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.11005 - Secunia) SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 3.2.0.543 - Lenovo) Shrew Soft VPN Client (HKLM\...\Shrew Soft VPN Client) (Version: - ) Software Operation Panel (HKLM-x32\...\{CAD0FA19-A7E0-42E5-8EFB-07B2C8B78C88}) (Version: 3.7.16.0 - PFU LIMITED) Software Operation Panel (HKLM-x32\...\Software Operation Panel) (Version: - ) SPG-Verein 3.1 (HKLM-x32\...\{6738D11F-DF64-445B-80A4-B6B32F297059}) (Version: 3.1.19 - Software Peter Große) Spotify (HKU\S-1-5-21-793156834-983140082-329161430-1000\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB) SteuerSparErklärung 2014 (HKLM-x32\...\{A463EB06-22A6-47F5-9593-E52B291EF13E}) (Version: 19.14.99 - Akademische Arbeitsgemeinschaft) SteuerSparErklärung 2015 (HKLM-x32\...\{312C0E08-8F94-4536-AAF6-3413F784AC5F}) (Version: 20.37.167 - Akademische Arbeitsgemeinschaft) SteuerSparErklärung 2016 (HKLM-x32\...\{D331D50C-C578-423B-8BC7-94D3133CE315}) (Version: 21.36.103 - Akademische Arbeitsgemeinschaft) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.27 - Synaptics Incorporated) TAPI Services for FRITZ!Box (HKLM\...\{8505C641-422E-4E3C-B6B0-0F070E289FDD}) (Version: 1.0.6 - AVM Berlin) ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.4500 - Broadcom Corporation) ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.41 - ) ThinkPad Settings Dependency (HKLM\...\{08515684-CE49-47EF-B509-326A2E91BC5C}_is1) (Version: 3.0.1.29 - Lenovo) ThinkPad Wireless LAN Adapter Software (HKLM-x32\...\{9D3D2C60-A55F-4fed-B2B9-17311226DF01}) (Version: 1.00.0031.1 - ) ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 6.21 - Lenovo) UltraVnc (HKLM\...\Ultravnc2_is1) (Version: 1.1.9.6 - uvnc bvba) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.3 - VideoLAN) WatchMyCam - Live Video Streaming (HKLM-x32\...\WatchMyCam_is1) (Version: 1.17.35.370 - hepasoft oHG, Germany) WhatsApp (HKU\S-1-5-21-793156834-983140082-329161430-1000\...\WhatsApp) (Version: 0.2.936 - WhatsApp) WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.1 - Sysprogs) Windows-Treiberpaket - Fronius Fronius Driver Package (10/22/2009 2.06.00) (HKLM\...\3EC78FCD0C322EF4AC0C3C181305091AFC8A0730) (Version: 10/22/2009 2.06.00 - Fronius) Windows-Treiberpaket - Fronius Fronius Driver Package (10/22/2009 2.06.00) (HKLM\...\48407F45E4DA37FDCA298D385C66807894A0BB64) (Version: 10/22/2009 2.06.00 - Fronius) Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia) Zoom (HKU\S-1-5-21-793156834-983140082-329161430-1000\...\ZoomUMX) (Version: 3.5 - Zoom Video Communications, Inc.) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-793156834-983140082-329161430-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\CM\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-793156834-983140082-329161430-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\CM\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-793156834-983140082-329161430-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-793156834-983140082-329161430-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-793156834-983140082-329161430-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-793156834-983140082-329161430-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-793156834-983140082-329161430-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-793156834-983140082-329161430-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-793156834-983140082-329161430-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-793156834-983140082-329161430-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-793156834-983140082-329161430-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-793156834-983140082-329161430-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {0AFFC6A8-95F5-40F2-95A2-99B50CF4B2CD} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG Task: {1205AF88-0EAB-4040-A24E-4030B0247451} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.) Task: {131F43E4-2DEC-4226-852B-2CEFF065133C} - System32\Tasks\hcdll2_ex_Win32 => C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe [2016-02-03] () Task: {1A9E592B-5EF4-4DC4-9CAC-0C79274E5CD2} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe Task: {2037ED30-C1F2-46E9-A3E8-ABE8DB911C83} - System32\Tasks\Lenovo\SROptimizer => C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\\SRORest.exe [2012-03-05] (Lenovo Group Limited) Task: {297459DD-099E-4ACB-812E-A6CCEC9D7667} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {2F016879-E363-4DAD-ADA9-64DC89804473} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {309851CF-17B0-439C-9079-E30FBA0D47BA} - \PMTask -> Keine Datei <==== ACHTUNG Task: {32E6CD00-A218-472F-BED6-936E1462A629} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-04-20] (Lenovo) Task: {340081B2-A82D-4D97-931A-DDB4EAE2CE39} - System32\Tasks\SafeZone scheduled Autoupdate 1463987276 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-04-15] (Avast Software) Task: {3626A2AC-63EC-40D4-9B98-97EBDB4C940D} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {44BCF137-3D8F-4A7B-A394-446B6EA36B7D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG Task: {452F4BFA-0599-4F64-82E7-84A394845242} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {460094C9-2CCC-4653-8E3D-1078B32976DF} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG Task: {4717914A-824C-47CA-B7B4-151F0D0B9ED2} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe Task: {48A889BB-9412-4DAE-BCC6-23D842C8416B} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-01] (Lenovo) Task: {4B756987-2C31-4EEB-85C7-D42900761673} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG) Task: {4C039C50-4844-4649-92A8-047701CBAB43} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {532FF351-7E19-40AA-A1A2-E172DB5E7509} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-04-20] (Lenovo) Task: {58CFA369-1177-47C1-9296-FF751BA5E4FB} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-793156834-983140082-329161430-1000UA => C:\Users\CM\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.) Task: {609FA279-B880-43D1-8401-497A7B4DAAF5} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe Task: {68FA3477-8C30-4964-9A5A-31CA8E6F1F7D} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe Task: {6F2083C8-BC1B-488A-81C0-A1364C60F18A} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask => reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32 Task: {6F93A90B-B198-4643-A368-82CE9D62C004} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {7426682E-3D87-4CDA-94E1-9AA5B3DC3D57} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe Task: {774AF134-56F2-47A7-A5E3-B07E11DBD030} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {77856E9E-B527-4497-9B7E-772C530C50E3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated) Task: {7786D836-2ACE-4460-B193-FD3DDCC8D5E0} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe Task: {7CD208B4-47E8-4FCF-8A57-0B918B125025} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe Task: {82641876-661F-496C-A283-B8A8D2ABB5AF} - System32\Tasks\Lenovo\Lenovo Settings Power => Rundll32.exe "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor Task: {8DD07325-1C3D-4203-A9C9-1849A4A44321} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {91AC42B1-C546-46EF-9B48-F4CAACB7FB41} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-05-23] (AVAST Software) Task: {94D6A9A0-A9AB-42C6-9A09-C1D3B2A0FD68} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {9964A0AD-E262-41FE-90F9-CE7F612B024B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG Task: {9D8C603F-C41E-4C5F-A40D-66242759BC11} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG Task: {A2FECBE4-4BFC-4F6E-A159-FA10CD23D7FB} - System32\Tasks\hcdll2_ex_x64 => C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe [2016-02-03] () Task: {A4AA4CE4-9D95-4DDC-9A8E-7C4EC4C0E1BB} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2016-01-13] () Task: {A754DE5D-BF00-4518-9129-E6B683515A07} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {A8526303-FC6E-44C0-8513-97043944BA87} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe Task: {A999A966-2E0A-48EA-86B2-E523FBBE0831} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe Task: {AFE20754-C8D4-47DB-96D1-1DCEFE063A4F} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask_Weekly => reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32 Task: {B17DBDEA-2285-486D-B98F-4DC2F5DAC952} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe Task: {B54789B3-B992-4850-B646-E8C1E2B1237B} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG Task: {B5566B6F-5C58-4BF1-B04E-82EC7CF573B6} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2016-04-20] (Lenovo) Task: {BB58EED6-065E-420F-8BD6-8AC04D242023} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe Task: {BBD13D18-04CB-488F-866A-42249EDBABEC} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe Task: {C261BF3C-3ED2-40EF-ADAB-E393515BA0FE} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe Task: {C3DBFBCC-546D-4F02-B21F-6A95375F518D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG Task: {C6214654-A8B1-4AE0-AAFD-D8521F0A827A} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-04-20] (Lenovo) Task: {C69BDB39-F83B-4A6D-A41E-ADEBD4D4167A} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {C8959B7C-0E36-429A-9D5A-8B84EE075C31} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe Task: {C9DE4A14-B3F3-4827-B33E-67670AB3BF3F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe Task: {CBE99125-38C8-4891-9460-71201C92EF57} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [2016-04-20] () Task: {D1E732C0-B693-4570-BB28-0864EADA481C} - System32\Tasks\Java Update (PC-Welt) => C:\Users\CM\Dropbox\PortableApps\JavaUpdater_PC-Welt\pcwJavaUpdater.exe [2014-10-05] (IDG Tech Media GmbH) Task: {DA6F6C3C-42DC-42A5-9A28-1E08AA79A209} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG Task: {DB986784-A2EA-49FA-974C-D28A0822B5C9} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe Task: {E0ABC1C2-D1B2-4BBD-A327-D31A287A80E0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {E4C362CC-9CC3-4082-BAAC-C023689F1427} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe Task: {E5FC9CC5-2C87-45BC-BC18-F60E9DE04FFB} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe Task: {EAF556B8-2E9F-4615-9CBB-4C9B99B1F536} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {EE509B76-7E74-4DA2-BF2B-BA1D8970C460} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-793156834-983140082-329161430-1000Core => C:\Users\CM\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.) Task: {EFA597BB-962B-471B-8F80-543E65CEC89F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG Task: {F0D8FAC0-DAEC-41C2-B2D2-6CE8724AC615} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => Sc.exe control iMControllerService 128 Task: {FBDA95C9-3607-4DDA-82E6-043B8BBAACB9} - System32\Tasks\{BED1B1D4-0026-4AFB-AA05-5A87417A6E20} => pcalua.exe -a "C:\Users\CM\Desktop\Neuer Ordner\setup_vmc_lite.exe" -d "C:\Users\CM\Desktop\Neuer Ordner" (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-793156834-983140082-329161430-1000Core.job => C:\Users\CM\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-793156834-983140082-329161430-1000UA.job => C:\Users\CM\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2015-10-30 09:17 - 2015-10-30 09:17 - 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll 2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2015-05-18 21:16 - 2006-02-23 11:35 - 00020480 _____ () C:\WINDOWS\System32\FritzColorPort64.dll 2015-05-18 21:16 - 2006-02-22 10:39 - 00020480 _____ () C:\WINDOWS\System32\FritzPort64.dll 2016-04-22 01:07 - 2016-04-22 01:07 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2008-10-24 16:35 - 2008-10-24 16:35 - 00128296 _____ () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe 2013-02-06 08:10 - 2013-02-06 08:10 - 00351824 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe 2016-05-23 09:20 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-05-23 09:20 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2014-09-26 15:41 - 2014-09-26 15:41 - 01021088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2016-05-22 23:32 - 2016-05-22 23:32 - 00959168 _____ () C:\Users\CM\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll 2016-05-23 09:56 - 2016-05-23 09:57 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2016-03-09 21:20 - 2016-02-03 10:12 - 00077592 _____ () C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe 2016-03-09 21:20 - 2016-02-03 10:12 - 00062232 _____ () C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe 2014-04-14 21:25 - 2016-04-14 08:00 - 00119808 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL 2016-02-13 19:02 - 2016-02-13 19:02 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-05-23 09:20 - 2016-04-23 06:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-06-14 21:08 - 2016-05-28 05:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-06-14 21:08 - 2016-05-28 05:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-06-14 21:09 - 2016-05-28 05:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-06-14 21:09 - 2016-05-28 05:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-06-01 21:00 - 2015-06-01 21:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll 2016-06-06 09:30 - 2010-10-26 10:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe 2012-05-21 20:41 - 2012-05-21 20:41 - 00131072 _____ () C:\Program Files\Duplicati\LightDatamodel.dll 2012-05-21 20:41 - 2012-05-21 20:41 - 00931840 _____ () C:\Program Files\Duplicati\SQLite\win64\System.Data.SQLite.dll 2013-01-31 15:12 - 2013-01-31 15:12 - 00446464 _____ () C:\Program Files\Duplicati\de-DE\Duplicati.resources.dll 2016-05-23 09:05 - 2016-05-23 09:05 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2016-05-23 09:05 - 2016-05-23 09:05 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-06-21 19:26 - 2016-06-21 19:26 - 02939392 _____ () C:\Program Files\AVAST Software\Avast\defs\16062101\algo.dll 2016-05-23 09:05 - 2016-05-23 09:05 - 00479680 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2013-03-25 13:42 - 2013-03-25 13:42 - 00021824 _____ () C:\Program Files (x86)\EMC Captiva\Captiva Cloud Runtime\SSLSupport.dll 2014-03-14 17:46 - 2014-03-14 17:46 - 00065880 _____ () C:\Program Files (x86)\Lenovo\Access Connections\ACSonyEricssonHlpr.dll 2014-06-12 21:50 - 2011-05-26 17:17 - 00065576 ____R () C:\Program Files (x86)\Mobile Broadband drivers\WMCore\MBMDebug.dll 2014-03-14 17:47 - 2014-03-14 17:47 - 00092504 _____ () C:\Program Files (x86)\Lenovo\Access Connections\AcWrpc.dll 2010-12-23 12:06 - 2010-12-23 12:06 - 00028672 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\cx_Logging.pyd 2012-10-27 16:21 - 2012-10-27 16:21 - 00098816 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32api.pyd 2012-10-27 16:20 - 2012-10-27 16:20 - 00110080 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\pywintypes27.dll 2012-10-27 16:20 - 2012-10-27 16:20 - 00018432 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32event.pyd 2012-10-27 16:20 - 2012-10-27 16:20 - 00119808 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32file.pyd 2012-10-27 16:21 - 2012-10-27 16:21 - 00167936 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32gui.pyd 2012-10-27 16:20 - 2012-10-27 16:20 - 00024064 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32pipe.pyd 2012-10-27 16:20 - 2012-10-27 16:20 - 00035840 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32process.pyd 2012-10-27 16:20 - 2012-10-27 16:20 - 00017408 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32profile.pyd 2012-10-27 16:20 - 2012-10-27 16:20 - 00108544 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32security.pyd 2012-10-27 16:21 - 2012-10-27 16:21 - 00022528 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32ts.pyd 2012-10-27 16:22 - 2012-10-27 16:22 - 00364544 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\pythoncom27.dll 2012-10-27 16:23 - 2012-10-27 16:23 - 00320512 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32com.shell.shell.pyd 2014-06-30 17:04 - 2014-06-30 17:04 - 00087552 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_ctypes.pyd 2014-06-30 17:04 - 2014-06-30 17:04 - 00715264 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_hashlib.pyd 2014-06-30 17:03 - 2014-06-30 17:03 - 00046080 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_socket.pyd 2014-06-30 17:04 - 2014-06-30 17:04 - 01160704 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_ssl.pyd 2012-10-27 16:20 - 2012-10-27 16:20 - 00025600 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32cred.pyd 2012-10-27 16:20 - 2012-10-27 16:20 - 00011264 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32crypt.pyd 2012-10-27 16:20 - 2012-10-27 16:20 - 00064512 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32net.pyd 2016-05-23 09:56 - 2016-05-23 09:57 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-05-23 09:56 - 2016-05-23 09:57 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2016-03-09 21:20 - 2016-02-03 08:58 - 00072984 _____ () C:\Program Files (x86)\Hardcopy\hardcopy_06.dll 2016-06-19 21:06 - 2016-06-02 02:48 - 00161736 _____ () C:\ProgramData\Lenovo\iMController\Plugins\LenovoAudioPlugin\x86\QualityStatsRevInterop.dll 2015-12-11 21:46 - 2016-05-05 12:09 - 00034768 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd 2016-06-03 20:52 - 2016-05-05 12:10 - 00019408 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\faulthandler.pyd 2016-06-03 20:52 - 2016-05-05 12:09 - 00116688 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\pywintypes27.dll 2015-12-11 21:46 - 2016-05-05 12:09 - 00093640 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\_ctypes.pyd 2015-12-11 21:46 - 2016-05-05 12:09 - 00018376 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\select.pyd 2015-12-11 21:46 - 2016-05-31 20:34 - 00019760 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd 2015-12-11 21:46 - 2016-05-05 12:11 - 00105928 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\win32api.pyd 2016-06-03 20:52 - 2016-05-05 12:09 - 00392144 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\pythoncom27.dll 2015-12-11 21:46 - 2016-05-31 20:34 - 00381752 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd 2015-12-11 21:46 - 2016-05-05 12:09 - 00692688 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\unicodedata.pyd 2016-06-03 20:52 - 2016-05-31 20:34 - 00020816 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd 2015-12-11 21:46 - 2016-05-05 12:10 - 00123856 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd 2016-06-03 20:52 - 2016-05-31 20:34 - 01682760 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd 2016-06-03 20:52 - 2016-05-31 20:34 - 00020808 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd 2015-12-11 21:46 - 2016-05-31 20:34 - 00021840 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd 2016-06-03 20:52 - 2016-05-31 20:34 - 00038696 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\fastpath.pyd 2016-06-03 20:52 - 2016-05-05 12:11 - 00020936 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\mmapfile.pyd 2015-12-11 21:46 - 2016-05-05 12:11 - 00024528 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\win32event.pyd 2015-12-11 21:46 - 2016-05-05 12:11 - 00114640 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\win32security.pyd 2015-12-11 21:46 - 2016-05-05 12:11 - 00124880 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\win32file.pyd 2016-02-18 08:59 - 2016-05-31 20:34 - 00021832 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd 2015-12-11 21:46 - 2016-05-05 12:11 - 00024016 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\win32clipboard.pyd 2015-12-11 21:46 - 2016-05-05 12:11 - 00175560 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\win32gui.pyd 2015-12-11 21:46 - 2016-05-05 12:11 - 00030160 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\win32pipe.pyd 2015-12-11 21:46 - 2016-05-05 12:11 - 00043472 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\win32process.pyd 2015-12-11 21:46 - 2016-05-05 12:11 - 00048592 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\win32service.pyd 2016-02-18 08:59 - 2016-05-31 20:34 - 00023872 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd 2016-06-03 20:52 - 2016-05-05 12:09 - 00134088 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\pyexpat.pyd 2016-06-03 20:52 - 2016-05-31 20:34 - 00026456 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd 2015-12-11 21:46 - 2016-05-05 12:11 - 00057808 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\win32evtlog.pyd 2015-12-11 21:46 - 2016-05-05 12:11 - 00024016 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\win32profile.pyd 2016-06-03 20:52 - 2016-05-31 20:33 - 00246592 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd 2015-12-11 21:46 - 2016-05-05 12:11 - 00028616 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\win32ts.pyd 2016-06-03 20:52 - 2016-05-31 20:34 - 00052024 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd 2015-12-11 21:46 - 2016-05-05 12:09 - 00134608 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\_elementtree.pyd 2016-06-03 20:52 - 2016-05-05 12:10 - 00240584 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\jpegtran.pyd 2016-02-18 08:59 - 2016-05-31 20:34 - 00020800 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd 2016-02-18 08:59 - 2016-05-31 20:34 - 00019776 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd 2016-02-18 08:59 - 2016-05-31 20:34 - 00020800 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd 2016-06-03 20:52 - 2016-05-31 20:34 - 00020280 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd 2015-12-11 21:46 - 2016-05-31 20:34 - 00023376 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd 2015-12-11 21:46 - 2016-05-05 12:11 - 00350152 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\winxpgui.pyd 2016-02-18 08:59 - 2016-05-31 20:34 - 00022352 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd 2016-06-03 20:52 - 2016-05-31 20:34 - 00024392 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd 2016-06-03 20:52 - 2016-05-05 12:12 - 00036296 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\librsync.dll 2016-06-03 20:52 - 2016-05-31 20:34 - 00031568 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\enterprise_data.compiled._enterprise_data.pyd 2016-06-03 20:52 - 2016-03-12 02:46 - 00293392 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll 2016-06-03 20:52 - 2016-05-31 20:34 - 00084280 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL 2016-06-03 20:52 - 2016-05-31 20:34 - 01826096 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd 2015-12-11 21:46 - 2016-05-05 12:10 - 00083912 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\sip.pyd 2016-06-03 20:52 - 2016-05-31 20:34 - 03928880 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd 2016-06-03 20:52 - 2016-05-31 20:34 - 01971504 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd 2016-06-03 20:52 - 2016-05-31 20:34 - 00531248 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd 2016-06-03 20:52 - 2016-05-31 20:34 - 00132912 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd 2016-06-03 20:52 - 2016-05-31 20:34 - 00223544 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd 2016-06-03 20:52 - 2016-05-31 20:34 - 00207672 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd 2016-04-17 20:43 - 2016-05-31 20:34 - 00025928 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\windisplaytoast.compiled._DisplayToast.pyd 2015-12-11 21:46 - 2016-05-05 12:11 - 00060880 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\win32print.pyd 2016-05-23 09:05 - 2016-05-23 09:05 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\Users\CM\Desktop\Beitrittserklaerung_2015.pdf:com.dropbox.attributes [168] AlternateDataStreams: C:\Users\CM\Desktop\dum-sepa.001:com.dropbox.attributes [168] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 04:34 - 2016-06-20 11:42 - 00000822 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-793156834-983140082-329161430-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img3.jpg DNS Servers: Datenträger ist nicht mit dem Internet verbunden. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\...\StartupApproved\Run: => "AcWin7Hlpr" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKLM\...\StartupApproved\Run32: => "Avira SystrayStartTrigger" HKLM\...\StartupApproved\Run32: => "FJTWAINIC Setup" HKLM\...\StartupApproved\Run32: => "FJTWAINIC2 Setup" HKLM\...\StartupApproved\Run32: => "KiesTrayAgent" HKLM\...\StartupApproved\Run32: => "LWS" HKLM\...\StartupApproved\Run32: => "ProductUpdater" HKLM\...\StartupApproved\Run32: => "MobileConnect" HKU\S-1-5-21-793156834-983140082-329161430-1000\...\StartupApproved\Run: => "iCloudDrive" HKU\S-1-5-21-793156834-983140082-329161430-1000\...\StartupApproved\Run: => "iCloudPhotos" HKU\S-1-5-21-793156834-983140082-329161430-1000\...\StartupApproved\Run: => "ApplePhotoStreams" HKU\S-1-5-21-793156834-983140082-329161430-1000\...\StartupApproved\Run: => "iCloudServices" HKU\S-1-5-21-793156834-983140082-329161430-1000\...\StartupApproved\Run: => "Mobile Partner" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808 FirewallRules: [{DF5CC279-5B02-45D8-8916-DCE4D97E9310}] => (Allow) D:\Tobit Radio.fx\Client\rfx-client.exe FirewallRules: [{453F09E1-73C3-495F-9B04-1502DD4D9148}] => (Allow) D:\Tobit Radio.fx\Client\rfx-client.exe FirewallRules: [{81DD4446-3F52-4711-9774-379969B69474}] => (Allow) D:\Tobit Radio.fx\Server\rfx-server.exe FirewallRules: [{80285595-7B43-4C6E-B895-5202BF12C457}] => (Allow) D:\Tobit Radio.fx\Server\rfx-server.exe FirewallRules: [{AFF45F2E-A0AB-4847-A804-ED783E5C741D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{F8A4085B-D6FE-4E75-B079-FFEFF45A260C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{20DAEF1C-E124-4C4F-8590-EA8E2943BC05}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{DA2A2D4A-889A-4DA7-A961-71BCF7039F98}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{E756FEFA-1A2A-4DC5-B3DF-88C839C1A28E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{AE1F5198-781D-42E9-BDF5-148332B0E31D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{079FCBA7-CB2E-4C02-A80D-A532913AEC72}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{9B7A16A1-723E-4483-9EE1-36E2A1CCF068}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{C6464F89-0627-49CF-802F-040BFF19767C}] => (Allow) LPort=5031 FirewallRules: [{5F7411B0-B357-423D-A492-A9552DF62CBC}] => (Allow) C:\Users\CM\AppData\Local\Temp\_ISTMP1.DIR\_ISTMP0.DIR\igd_finder.exe FirewallRules: [{4DBACFE5-7FC5-453F-9F04-B8CC1CEAE30B}] => (Allow) C:\Users\CM\AppData\Local\Temp\_ISTMP1.DIR\_ISTMP0.DIR\igd_finder.exe FirewallRules: [UDP Query User{BE7ED1DD-6EB7-404B-AA99-00975DE0666F}C:\program files (x86)\fritz!\frifax32.exe] => (Allow) C:\program files (x86)\fritz!\frifax32.exe FirewallRules: [TCP Query User{1067C34E-6F0A-4B43-A1DE-5B0581193738}C:\program files (x86)\fritz!\frifax32.exe] => (Allow) C:\program files (x86)\fritz!\frifax32.exe FirewallRules: [UDP Query User{BA707499-B9B4-4325-83DD-B5FE9EDAA086}C:\users\cm\appdata\local\temp\_istmp1.dir\_ins5576._mp] => (Allow) C:\users\cm\appdata\local\temp\_istmp1.dir\_ins5576._mp FirewallRules: [TCP Query User{B93794C9-DB3B-4FBE-96D0-8067A2E603CC}C:\users\cm\appdata\local\temp\_istmp1.dir\_ins5576._mp] => (Allow) C:\users\cm\appdata\local\temp\_istmp1.dir\_ins5576._mp FirewallRules: [UDP Query User{D90D5E6F-4566-4CE1-AB17-FEE50CE504C9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [TCP Query User{F8E60A78-74CD-476D-9240-F072DD6AD338}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{C7BAA92D-49E0-4978-80C8-52E7653D8972}C:\users\cm\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\cm\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [TCP Query User{423829A0-E689-4D01-B6C1-D52DA6F5BB7B}C:\users\cm\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\cm\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{CCCA3860-3099-409F-8F27-AC16442372CD}] => (Allow) C:\Users\CM\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{337CAEF6-597F-4644-A994-AB082DCEB03C}] => (Allow) C:\Users\CM\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{980F22E8-A1D0-49D1-BDF5-47ACDDEC6A4F}] => (Block) C:\program files (x86)\common files\fronius\localnetv3\localnetserver.exe FirewallRules: [{C2E7AF8F-6B6F-4FB1-852F-C31A69DF6469}] => (Block) C:\program files (x86)\common files\fronius\localnetv3\localnetserver.exe FirewallRules: [UDP Query User{2AE11CD1-582F-4981-B55B-121048BB5BA4}C:\program files (x86)\common files\fronius\localnetv3\localnetserver.exe] => (Allow) C:\program files (x86)\common files\fronius\localnetv3\localnetserver.exe FirewallRules: [TCP Query User{E91966CD-93B1-4789-B9BE-8FDBF08938B0}C:\program files (x86)\common files\fronius\localnetv3\localnetserver.exe] => (Allow) C:\program files (x86)\common files\fronius\localnetv3\localnetserver.exe FirewallRules: [{B71A9DC2-4569-416D-BAD2-E9AF74D0D96D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{F76B1FA6-AB69-4B9A-9604-60C417DFA0F2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{85A5FF9D-328E-4CBA-93E2-5CCEFEA9EE15}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{12039348-373B-46BC-92C2-9B5E1411F759}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [UDP Query User{505CA4D8-AA4E-4ED9-A5F5-9147D5484D38}C:\program files (x86)\watchmycam\watchmycam.exe] => (Block) C:\program files (x86)\watchmycam\watchmycam.exe FirewallRules: [TCP Query User{4BA4E8D9-F933-406D-AD64-836F8E12EDB3}C:\program files (x86)\watchmycam\watchmycam.exe] => (Block) C:\program files (x86)\watchmycam\watchmycam.exe FirewallRules: [UDP Query User{91F399CB-AA53-49B0-9A74-13F6D338EA71}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe FirewallRules: [TCP Query User{C76A4E3F-B44D-4EBB-9FCE-A9F3832E0DEF}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe FirewallRules: [{F1EE4732-A988-4147-909D-5B18AD3651BF}] => (Block) C:\program files (x86)\fronius\fronius datalogger finder\fronius.solarweb.dataloggerfinder.exe FirewallRules: [{0889EFC3-4545-4B61-A73D-EEDA89477041}] => (Block) C:\program files (x86)\fronius\fronius datalogger finder\fronius.solarweb.dataloggerfinder.exe FirewallRules: [UDP Query User{CF38DE70-3B16-454C-8E97-FE0984521341}C:\program files (x86)\fronius\fronius datalogger finder\fronius.solarweb.dataloggerfinder.exe] => (Allow) C:\program files (x86)\fronius\fronius datalogger finder\fronius.solarweb.dataloggerfinder.exe FirewallRules: [TCP Query User{47C81BD2-32A5-4182-8C44-200FAFC6ABE8}C:\program files (x86)\fronius\fronius datalogger finder\fronius.solarweb.dataloggerfinder.exe] => (Allow) C:\program files (x86)\fronius\fronius datalogger finder\fronius.solarweb.dataloggerfinder.exe FirewallRules: [UDP Query User{1CD5063C-ADBE-4DB2-9F0A-0D7C98D1C2A5}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [TCP Query User{5314CC54-D4E3-4062-86AA-C4881F3B17AA}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [{0BBE6076-4EE1-4B2C-BB3A-8B8B1475FC1D}] => (Allow) LPort=1900 FirewallRules: [{1915AA6C-CCF6-4E29-9A50-2CE09F857064}] => (Allow) LPort=7900 FirewallRules: [{C15791FF-29B6-4DCC-A6F4-FB6F0C1719FD}] => (Allow) LPort=24234 FirewallRules: [{36829F92-3F69-4A52-BEF7-A1142B8667D0}] => (Allow) LPort=7679 FirewallRules: [{680C89D2-4B96-4D79-B68B-707574B8C37C}] => (Allow) LPort=7676 FirewallRules: [{AA538738-938C-4F75-840F-30A0B58A4810}] => (Allow) LPort=8643 FirewallRules: [{D98FD8E0-EC74-4F19-8F22-FDCE442D13DE}] => (Allow) LPort=8743 FirewallRules: [{EDC81176-1815-4FC6-A586-7B2867F08DF9}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe FirewallRules: [{EDAFA4ED-1385-4101-BFD6-26FCCEDEABAF}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe FirewallRules: [UDP Query User{D3F04CB5-A35A-49AD-ADF4-A752460469EE}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe FirewallRules: [TCP Query User{6745C786-D012-4C3A-BC8B-836914C7D92F}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe FirewallRules: [UDP Query User{447AC142-8D82-48CA-B188-7B7302208378}C:\program files (x86)\watchmycam\watchmycam.exe] => (Allow) C:\program files (x86)\watchmycam\watchmycam.exe FirewallRules: [TCP Query User{38137A09-DD5E-4A95-8D92-EA4037B9592E}C:\program files (x86)\watchmycam\watchmycam.exe] => (Allow) C:\program files (x86)\watchmycam\watchmycam.exe FirewallRules: [UDP Query User{ECE2BA50-6BF1-4FBB-B1ED-F4A516A797E6}C:\program files\ispy\ispy (64 bit)\ispy.exe] => (Allow) C:\program files\ispy\ispy (64 bit)\ispy.exe FirewallRules: [TCP Query User{A3D6508F-7D3D-4454-A423-4E4716359E7A}C:\program files\ispy\ispy (64 bit)\ispy.exe] => (Allow) C:\program files\ispy\ispy (64 bit)\ispy.exe FirewallRules: [UDP Query User{8423FAC8-3291-412B-BEC1-BAEF16071B4B}C:\program files (x86)\go1984\go1984.exe] => (Allow) C:\program files (x86)\go1984\go1984.exe FirewallRules: [TCP Query User{207D5E58-7892-455A-BD3D-418FD33C3A1D}C:\program files (x86)\go1984\go1984.exe] => (Allow) C:\program files (x86)\go1984\go1984.exe FirewallRules: [UDP Query User{7BF7347E-5A19-4D63-AE08-AE3AEB802E10}C:\users\cm\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\cm\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{0CABD201-DEB5-4923-BF31-50C3C168B212}C:\users\cm\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\cm\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{52A19F29-5A6B-4966-95F8-6FAED5B8BAEF}C:\users\cm\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\cm\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{C1364DCD-87C1-4ED5-87B6-ADA343A8468E}C:\users\cm\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\cm\appdata\roaming\spotify\spotify.exe FirewallRules: [{72E9B525-DE81-4061-B41A-46B79043BE7E}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\vncviewer.exe FirewallRules: [{F1EC1281-F8BD-4FEB-9D7E-B8855FC532B1}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\vncviewer.exe FirewallRules: [{72442C24-11B7-4903-ABB3-BB57C28D67C1}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe FirewallRules: [{7631BBB5-0561-42A3-B88D-8A868E7ACE5F}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe FirewallRules: [{8C6BAEB8-D900-47CF-BC59-A86472C5C6AB}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{FF6BE830-FB12-41F4-AA05-E756369CF059}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{82AF888A-84A7-4E68-891A-7855AE3ED4B8}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe FirewallRules: [{6C333028-43BB-4DF2-92A5-1E6B685BBDBD}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe FirewallRules: [{80266895-D733-4FEE-B5D1-ACCE2C545F94}] => (Allow) C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe FirewallRules: [{EC1A84CF-715B-438B-8A31-CC4001D8815F}] => (Allow) C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe FirewallRules: [{FEEEA9E5-F658-43B8-B897-339723751816}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{535A8B21-E9BF-4BA5-A53A-6AE8CD9233A9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Wiederherstellungspunkte ========================= 03-06-2016 22:49:37 paint.net v4.0.9 06-06-2016 09:28:12 Installiert Lenovo Settings - Power 07-06-2016 21:07:25 Installed PDF Architect 4 View Module 16-06-2016 12:39:43 Windows Update ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: avast! SecureLine TAP Adapter v3 Description: avast! SecureLine TAP Adapter v3 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: TAP-Windows Provider V9 Service: aswTap Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (06/27/2016 05:54:17 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CMS-PC) Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (06/25/2016 09:01:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CMS-PC) Description: Bei der Aktivierung der App „Microsoft.ZuneMusic_8wekyb3d8bbwe!Microsoft.ZuneMusic“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (06/25/2016 09:01:07 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm Music.UI.exe, Version 3.6.2205.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1278 Startzeit: 01d1cf13d9a40e03 Beendigungszeit: 4294967295 Anwendungspfad: C:\Program Files\WindowsApps\Microsoft.ZuneMusic_3.6.22051.0_x64__8wekyb3d8bbwe\Music.UI.exe Berichts-ID: 22cbfc8a-3b07-11e6-98fe-028037ec0200 Vollständiger Name des fehlerhaften Pakets: Microsoft.ZuneMusic_3.6.22051.0_x64__8wekyb3d8bbwe Auf das fehlerhafte Paket bezogene Anwendungs-ID: Microsoft.ZuneMusic Error: (06/21/2016 07:41:40 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CMS-PC) Description: Bei der Aktivierung der App „Microsoft.WindowsMaps_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (06/20/2016 10:44:23 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 10.0.10586.420, Zeitstempel: 0x574919b9 Name des fehlerhaften Moduls: support.dll_unloaded, Version: 4.1.4.27684, Zeitstempel: 0x572a0944 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000000053c0 ID des fehlerhaften Prozesses: 0x1448 Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0 Pfad der fehlerhaften Anwendung: Explorer.EXE1 Pfad des fehlerhaften Moduls: Explorer.EXE2 Berichtskennung: Explorer.EXE3 Vollständiger Name des fehlerhaften Pakets: Explorer.EXE4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Explorer.EXE5 Error: (06/20/2016 01:46:34 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 2547 Error: (06/20/2016 01:46:34 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 2547 Error: (06/20/2016 01:46:34 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (06/20/2016 01:46:33 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1219 Error: (06/20/2016 01:46:33 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1219 Systemfehler: ============= Error: (06/27/2016 05:56:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "FontCache3.0.0.0" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 = Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung. Error: (06/27/2016 05:56:19 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst FontCache3.0.0.0 erreicht. Error: (06/27/2016 05:55:49 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058 = Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. Error: (06/27/2016 05:55:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Dokan" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 = Das System kann die angegebene Datei nicht finden. Error: (06/27/2016 05:55:35 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT-AUTORITÄT) Description: Fehler "126" beim Laden der Kennwortbenachrichtigungs-DLL "C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll". Stellen Sie sicher, dass der in der Registrierung definierte DLL-Pfad "HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages" sich auf einen korrekten und absoluten Pfad (<Laufwerk>:\<Pfad>\<Dateiname>.<Erw.>) bezieht und nicht auf einen relativen oder ungültigen Pfad. Wenn der DLL-Pfad falsch ist, stellen Sie sicher, dass sich alle Hilfsdateien im gleichen Verzeichnis befinden und dass das Systemkonto sowohl auf den DLL-Pfad als auch die Hilfsdateien Lesezugriff hat. Wenden Sie sich an den Anbieter der Benachrichtigungs-DLL, um weitere Unterstützung zu erhalten. Weitere Informationen finden Sie im Internet unter "hxxp://go.microsoft.com/fwlink/?LinkId=245898". Error: (06/27/2016 05:54:29 AM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Der Dienst "Übermittlungsoptimierung" wurde mit dem folgenden dienstspezifischen Fehler beendet: %%2147500053 = Die Klasse wurde so konfiguriert, dass sie unter einer anderen Sicherheitskennung als der Aufrufer ausgeführt werden kann. Error: (06/27/2016 05:54:25 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Der Dienst "WWAN - automatische Konfiguration" wurde mit folgendem Fehler beendet: %%997 = Überlappender E/A-Vorgang wird verarbeitet. Error: (06/27/2016 05:54:17 AM) (Source: DCOM) (EventID: 10010) (User: CMS-PC) Description: CortanaUI.AppX360dyffbd5crx5cph6sy881bkkccrbr0.mca Error: (06/27/2016 05:54:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "MessagingService_4c8f6" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (06/27/2016 05:52:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "ImControllerService" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 = Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung. CodeIntegrity: =================================== Date: 2016-06-17 18:46:18.515 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-16 21:25:32.028 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-16 18:43:27.823 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-06 09:34:22.756 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\risdxc64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-05-30 13:50:20.992 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-30 10:56:44.372 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-23 10:46:03.845 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-23 09:36:02.281 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-23 08:03:19.117 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-22 23:12:15.162 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i7-2620M CPU @ 2.70GHz Prozentuale Nutzung des RAM: 23% Installierter physikalischer RAM: 8075.23 MB Verfügbarer physikalischer RAM: 6169.27 MB Summe virtueller Speicher: 16267.23 MB Verfügbarer virtueller Speicher: 14462.88 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:244.04 GB) (Free:43.82 GB) NTFS Drive d: (Daten) (Fixed) (Total:146.48 GB) (Free:97.26 GB) NTFS Drive e: (Image Win7) (Fixed) (Total:75.13 GB) (Free:10.5 GB) NTFS Drive f: (VIRUS) (Removable) (Total:0.95 GB) (Free:0.94 GB) FAT32 ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 353236AD) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=244 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=146.5 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=75.1 GB) - (Type=OF Extended) ======================================================== Disk: 1 (Size: 971 MB) (Disk ID: 0217934C) Partition 1: (Active) - (Size=971 MB) - (Type=0B) ==================== Ende von Addition.txt ============================ |
27.06.2016, 10:15 | #7 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows will Dateien löschen, Virenscanner deaktiviert sich Bitte Avast deinstallieren. Das Teil können wir einfach nicht mehr guten Gewissens empfehlen. => Antivirensoftware: Schutz Für Ihre Dateien, Aber Auf Kosten Ihrer Privatsphäre? | Emsisoft Blog Auch andere Freewareanbieter wie Avira, AVG oder Panda springen auf diesen oder ähnlichen Zügen rauf, basteln Junkware in die Setups, arbeiten mit ASK zusammen etc; so was ist bei Sicherheitssoftware einfach inakzeptabel. Gib Bescheid wenn Avast weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!
__________________ Logfiles bitte immer in CODE-Tags posten |
27.06.2016, 11:37 | #8 |
| Windows will Dateien löschen, Virenscanner deaktiviert sich Hallo, und mit endlosen Meldungen und Werbung bezahlt man Avast auch. Es ist jedenfalls jetzt deinstalliert. |
27.06.2016, 11:41 | #9 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows will Dateien löschen, Virenscanner deaktiviert sich Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Lesestoff: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten |
27.06.2016, 17:06 | #10 |
| Windows will Dateien löschen, Virenscanner deaktiviert sich Hallo, hier die Logs: 1. Durchgang Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001 www.malwarebytes.org Database version: main: v2016.06.27.03 rootkit: v2016.05.27.01 Windows 10 x64 NTFS Internet Explorer 11.420.10586.0 CM :: CMS-PC [administrator] 27.06.2016 13:14:25 mbar-log-2016-06-27 (13-14-25).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 419511 Time elapsed: 35 minute(s), 24 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 2 HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{B146913E-43E2-4BA7-8CDF-B7630D395F65}|DhcpNameServer (Trojan.DNSChanger) -> Bad: (95.211.101.200) Good: () -> Replace on reboot. [7679de234357c373f8c1b6c2aa5aeb15] HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{B146913E-43E2-4BA7-8CDF-B7630D395F65}|DhcpNameServer (Trojan.DNSChanger) -> Bad: (95.211.101.201) Good: () -> Replace on reboot. [da15fb06396185b119a190e8d2327c84] Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001 www.malwarebytes.org Database version: main: v2016.06.27.03 rootkit: v2016.05.27.01 Windows 10 x64 NTFS Internet Explorer 11.420.10586.0 CM :: CMS-PC [administrator] 27.06.2016 13:58:24 mbar-log-2016-06-27 (13-58-24).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 419514 Time elapsed: 35 minute(s), 41 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 1 HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{B146913E-43E2-4BA7-8CDF-B7630D395F65}|DhcpNameServer (Trojan.DNSChanger) -> Bad: (95.211.101.200) Good: () -> Replace on reboot. [41ae9e63a5f58fa7c4f5d4a403018c74] Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001 www.malwarebytes.org Database version: main: v2016.06.27.03 rootkit: v2016.05.27.01 Windows 10 x64 NTFS Internet Explorer 11.420.10586.0 CM :: CMS-PC [administrator] 27.06.2016 14:45:00 mbar-log-2016-06-27 (14-45-00).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 419131 Time elapsed: 35 minute(s), 4 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) |
28.06.2016, 11:13 | #11 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows will Dateien löschen, Virenscanner deaktiviert sich Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
__________________ Logfiles bitte immer in CODE-Tags posten |
28.06.2016, 20:45 | #12 |
| Windows will Dateien löschen, Virenscanner deaktiviert sich Hallo, hier das Log vom AdwCleaner: Code:
ATTFilter # AdwCleaner v5.200 - Bericht erstellt am 28/06/2016 um 19:31:48 # Aktualisiert am 14/06/2016 von ToolsLib # Datenbank : 2016-06-26.1 [Server] # Betriebssystem : Windows 10 Pro (X64) # Benutzername : CM - CMS-PC # Gestartet von : C:\Users\CM\Desktop\Virus\AdwCleaner_5.200.exe # Option : Löschen # Unterstützung : https://toolslib.net/forum ***** [ Dienste ] ***** ***** [ Ordner ] ***** [-] Ordner gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec [-] Ordner gelöscht : C:\Program Files (x86)\myfree codec [-] Ordner gelöscht : C:\Users\CM\AppData\Roaming\RPEng ***** [ Dateien ] ***** ***** [ DLLs ] ***** ***** [ WMI ] ***** ***** [ Verknüpfungen ] ***** ***** [ Aufgabenplanung ] ***** ***** [ Registrierungsdatenbank ] ***** [-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\s [-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36} [-] Schlüssel gelöscht : HKCU\Software\Myfree Codec [-] Schlüssel gelöscht : HKCU\Software\OCS [-] Schlüssel gelöscht : HKLM\SOFTWARE\Myfree Codec [-] Schlüssel gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec ***** [ Internetbrowser ] ***** [-] [C:\Users\CM\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] gelöscht : de.yhs4.search.yahoo.com [-] [C:\Users\CM\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] gelöscht : us.yhs4.search.yahoo.com [-] [C:\Users\CM\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] gelöscht : 1und1.de ************************* :: "Tracing" Schlüssel gelöscht :: Proxy Einstellungen zurückgesetzt :: Winsock Einstellungen zurückgesetzt :: Internet Explorer Richtlinien gelöscht :: Chrome Richtlinien gelöscht ************************* C:\AdwCleaner\AdwCleaner[C1].txt - [1877 Bytes] - [28/06/2016 19:31:48] C:\AdwCleaner\AdwCleaner[S1].txt - [2057 Bytes] - [28/06/2016 19:29:39] ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2023 Bytes] ########## ZWISCHENDURCH SCHON MAL VIELEN DANK! ! Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.0.6 (04.25.2016) Operating System: Windows 10 Pro x64 Ran by CM (Administrator) on 28.06.2016 at 19:40:13,95 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 5 Failed to delete: C:\ProgramData\pdfforge (Folder) Successfully deleted: C:\Users\CM\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol (Folder) Successfully deleted: C:\Users\CM\AppData\Roaming\Mozilla\Firefox\Profiles\7kvrv9r7.default\extensions\tiletabs@DW-dev.xpi (File) Successfully deleted: C:\WINDOWS\prefetch\AVAST_FREE_ANTIVIRUS_SETUP_ON-6F4AAEA4.pf (File) Successfully deleted: C:\WINDOWS\prefetch\QUICKOPTIMIZERICON.EXE-64BBC6BE.pf (File) Registry: 4 Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\SSSvc (Registry Key) Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{38279E1A-7019-40C1-B579-E99DFB3312E8} (Registry Key) Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{38279E1A-7019-40C1-B579-E99DFB3312E8} (Registry Key) Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} (Registry Value) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 28.06.2016 at 19:42:32,68 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
29.06.2016, 08:43 | #13 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows will Dateien löschen, Virenscanner deaktiviert sich Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken
__________________ Logfiles bitte immer in CODE-Tags posten |
30.06.2016, 14:40 | #14 |
| Windows will Dateien löschen, Virenscanner deaktiviert sich OK, FRST.txt: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 29-06-2016 durchgeführt von CM (Administrator) auf CMS-PC (30-06-2016 13:25:15) Gestartet von C:\Users\CM\Desktop\Virus Geladene Profile: CM (Verfügbare Profile: CM & DefaultAppPool) Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Lenovo.) C:\Windows\System32\ibmpmsvc.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe (PFU LIMITED) C:\Windows\twain_32\Fjicube\FJTWSVIC.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe () C:\ProgramData\DatacardService\HWDeviceService64.exe (PFU LIMITED) C:\Windows\twain_64\Fjicube\FJTWSVIC2.exe (Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe (Sirrix AG) C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe (AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (UltraVNC) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe (Ericsson AB) C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe (pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe (© pdfforge GmbH.) C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe (Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe (AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe (DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe (UltraVNC) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe (eVenture Limited) C:\Program Files (x86)\hide.me VPN\vpnsvc.exe () C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe () C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe (Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SRORest.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Spotify Ltd) C:\Users\CM\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (HexaD) C:\Program Files\Duplicati\Duplicati.exe (Dropbox, Inc.) C:\Users\CM\AppData\Roaming\Dropbox\bin\Dropbox.exe (Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (PFU LIMITED) C:\Windows\twain_32\fjscan32\SOP\FtLnSOP.exe (CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe (Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe (Microsoft Corporation) C:\Windows\System32\InstallAgent.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [63832 2014-03-14] (Lenovo) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-10-14] (Adobe Systems Incorporated) HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] () HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-06-01] (Apple Inc.) HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [113656 2013-01-17] (Intel Corporation) HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation) HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-15] (Adobe Systems Incorporated) HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [73216 2015-12-23] () HKLM-x32\...\Run: [FJTWAINIC Setup] => C:\Windows\twain_32\Fjicube\FJTWMKIC.exe /Station HKLM-x32\...\Run: [IcWIA Service Checker] => C:\Windows\twain_32\Fjicube\IcWiaChecker.exe HKLM-x32\...\Run: [FJTWAINIC2 Setup] => C:\Windows\twain_64\Fjicube\FJTWMKIC2.exe /Station HKLM-x32\...\Run: [IcWIA Service Checker (x64)] => C:\Windows\twain_64\Fjicube\IcWiaChecker.exe HKLM-x32\...\Run: [IcWIA Service CheckerISIS] => C:\Windows\pixtran\fujitsu\twud_common\IcWiaChecker.exe HKLM-x32\...\Run: [FtLnSOP_setup] => C:\Windows\Twain_32\Fjscan32\SOP\FtLnSOP.exe HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.) HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1298456 2015-04-20] (CANON INC.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-793156834-983140082-329161430-1000\...\Run: [Spotify Web Helper] => C:\Users\CM\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-28] (Spotify Ltd) HKU\S-1-5-21-793156834-983140082-329161430-1000\...\Run: [Mobile Partner] => C:\Program Files (x86)\MobileWiFi\MobileWiFi HKU\S-1-5-21-793156834-983140082-329161430-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-04-22] (Apple Inc.) HKU\S-1-5-21-793156834-983140082-329161430-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-04-22] (Apple Inc.) HKU\S-1-5-21-793156834-983140082-329161430-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2016-04-22] (Apple Inc.) HKU\S-1-5-21-793156834-983140082-329161430-1000\...\Run: [Dropbox Update] => C:\Users\CM\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.) HKU\S-1-5-21-793156834-983140082-329161430-1000\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2016-04-22] (Apple Inc.) HKU\S-1-5-21-793156834-983140082-329161430-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [31744 2015-10-30] (Microsoft Corporation) Lsa: [Notification Packages] scecli C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] () ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Keine Datei ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Duplicati.lnk [2016-05-16] ShortcutTarget: Duplicati.lnk -> C:\Program Files\Duplicati\Duplicati.exe (HexaD) Startup: C:\Users\CM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-06-27] ShortcutTarget: Dropbox.lnk -> C:\Users\CM\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.179.1 Tcpip\..\Interfaces\{00e1e9c8-8533-4d74-9448-d238d95247dd}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{04d0d235-f33b-4ca3-b95f-a82fa580c275}: [DhcpNameServer] 192.168.179.1 Tcpip\..\Interfaces\{0d9e854c-5b04-44b9-a689-41addd6e68c8}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{B146913E-43E2-4BA7-8CDF-B7630D395F65}: [DhcpNameServer] Internet Explorer: ================== BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-29] (Oracle Corporation) BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\WINDOWS\system32\mscoree.dll [2015-10-30] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-29] (Oracle Corporation) DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\WINDOWS\system32\mscoree.dll [2015-10-30] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\CM\AppData\Roaming\Mozilla\Firefox\Profiles\7kvrv9r7.default FF Homepage: about:home FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-10-15] (Adobe Systems) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] () FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2014-07-28] (CANON INC.) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll [2013-01-11] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll [2013-01-11] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-29] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-29] (Oracle Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-12] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-12] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-10-15] (Adobe Systems) FF Plugin HKU\S-1-5-21-793156834-983140082-329161430-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\CM\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2016-03-24] (Zoom Video Communications, Inc.) FF SearchPlugin: C:\Users\CM\AppData\Roaming\Mozilla\Firefox\Profiles\7kvrv9r7.default\searchplugins\metager.xml [2016-02-03] FF SearchPlugin: C:\Users\CM\AppData\Roaming\Mozilla\Firefox\Profiles\7kvrv9r7.default\searchplugins\metager2de.xml [2016-02-12] FF Extension: NoScript - C:\Users\CM\AppData\Roaming\Mozilla\Firefox\Profiles\7kvrv9r7.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-04-07] FF Extension: BetterPrivacy - C:\Users\CM\AppData\Roaming\Mozilla\Firefox\Profiles\7kvrv9r7.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2016-05-08] FF Extension: Ghostery - C:\Users\CM\AppData\Roaming\Mozilla\Firefox\Profiles\7kvrv9r7.default\Extensions\firefox@ghostery.com.xpi [2016-05-03] FF Extension: Todoist: To-Do list and Task Manager - C:\Users\CM\AppData\Roaming\Mozilla\Firefox\Profiles\7kvrv9r7.default\Extensions\support@todoist.com.xpi [2016-03-02] FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension FF Extension: PDF Architect 4 Creator - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2016-06-07] [ist nicht signiert] Chrome: ======= CHR HomePage: Default -> hxxp://www.google.com/ CHR StartupUrls: Default -> "hxxp://www.n-tv.de/" CHR DefaultSearchKeyword: Default -> google.com_ CHR Profile: C:\Users\CM\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Präsentationen) - C:\Users\CM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-11] CHR Extension: (Google Docs) - C:\Users\CM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-11] CHR Extension: (Google Drive) - C:\Users\CM\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-14] CHR Extension: (YouTube) - C:\Users\CM\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28] CHR Extension: (Facebook) - C:\Users\CM\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2014-10-29] CHR Extension: (Google-Suche) - C:\Users\CM\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-14] CHR Extension: (Dropbox für Gmail) - C:\Users\CM\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2016-05-08] CHR Extension: (ARC Welder) - C:\Users\CM\AppData\Local\Google\Chrome\User Data\Default\Extensions\emfinbmielocnlhgmfkkmkngdoccbadn [2016-04-01] CHR Extension: (Google Tabellen) - C:\Users\CM\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-11] CHR Extension: (CalcuNow) - C:\Users\CM\AppData\Local\Google\Chrome\User Data\Default\Extensions\fknmadebinekaklkambdfphgjpomcehm [2014-10-29] CHR Extension: (Avira Browserschutz) - C:\Users\CM\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-05-16] CHR Extension: (Google Docs Offline) - C:\Users\CM\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-01] CHR Extension: (Autodesk Homestyler) - C:\Users\CM\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmmkfaghgcicheaimnpffeeekheafkb [2014-10-29] CHR Extension: (Google Maps) - C:\Users\CM\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-09-28] CHR Extension: (ARC Welder) - C:\Users\CM\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfaihdlpglflfgpfjcifdjdjcckigekc [2016-04-01] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\CM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-07] CHR Extension: (Picasa) - C:\Users\CM\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2014-10-29] CHR Extension: (Google Mail) - C:\Users\CM\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-04] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] () R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.) R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [337824 2012-11-28] (AVM Berlin) R2 BitBoxService; C:\Program Files (x86)\Sirrix AG\BitBox\bin\BitBoxService.exe [738304 2015-11-13] (Sirrix AG) [Datei ist nicht signiert] R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [143776 2012-11-28] (AVM Berlin) S2 Emc.Captiva.WebCaptureService; C:\Program Files (x86)\EMC Captiva\Captiva Cloud Runtime\Emc.Captiva.WebCaptureService.exe [46400 2013-03-25] (EMC Corporation) R2 FJTWSVIC; C:\Windows\twain_32\Fjicube\FJTWSVIC.exe [49152 2014-02-03] (PFU LIMITED) [Datei ist nicht signiert] R2 FJTWSVIC2; C:\Windows\twain_64\Fjicube\FJTWSVIC2.exe [49152 2014-02-03] (PFU LIMITED) [Datei ist nicht signiert] R2 hmevpnsvc; C:\Program Files (x86)\hide.me VPN\vpnsvc.exe [191184 2016-04-29] (eVenture Limited) R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-02-06] () S2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [56144 2016-05-26] (Lenovo Group Limited) S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-04-20] (Lenovo) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [191328 2013-06-10] (AVM Berlin) S3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2438368 2016-05-04] (pdfforge GmbH) S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2016-05-04] (pdfforge GmbH) R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2016-05-04] (pdfforge GmbH) R2 PDF Architect 4 Manager; C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe [972056 2016-05-18] (© pdfforge GmbH.) S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1570520 2016-02-02] (Secunia) R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [837848 2016-02-02] (Secunia) S3 ShareItSvc; C:\Program Files (x86)\SHAREit\SHAREit\Shareit.Service.exe [31176 2016-01-20] (SHAREit Technologies Co.Ltd) R2 SROSVC; C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe [446800 2012-03-05] (Lenovo Group Limited) R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.) S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [21536 2016-01-13] () R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255096 2015-10-25] (Synaptics Incorporated) R2 uvnc_service; C:\Program Files\uvnc bvba\UltraVNC\WinVNC.exe [1940248 2013-12-05] (UltraVNC) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) R2 WMCoreService; C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe [648744 2011-08-12] (Ericsson AB) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 aswTap; C:\Windows\System32\drivers\aswTap.sys [44640 2016-05-23] (The OpenVPN Project) R3 e1cexpress; C:\Windows\system32\DRIVERS\e1c64x64.sys [468752 2014-06-27] (Intel Corporation) R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2011-06-13] (Ericsson AB) R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [30248 2011-06-13] (Ericsson AB) R3 l36wgps; C:\Windows\system32\DRIVERS\l36wgps64.sys [101416 2011-07-01] (Ericsson AB) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation) R3 Mbm3CBus; C:\Windows\System32\drivers\Mbm3CBus.sys [419400 2011-04-29] (MCCI Corporation) R3 Mbm3DevMt; C:\Windows\system32\DRIVERS\Mbm3DevMt.sys [430664 2011-04-29] (MCCI Corporation) R3 Mbm3mdfl; C:\Windows\system32\DRIVERS\Mbm3mdfl.sys [19528 2011-04-29] (MCCI Corporation) R3 Mbm3Mdm; C:\Windows\system32\DRIVERS\Mbm3Mdm.sys [483400 2011-04-29] (MCCI Corporation) R3 NETwNe64; C:\Windows\System32\drivers\NETwew01.sys [3343872 2015-10-30] (Intel Corporation) R2 ParagonLDM; C:\Windows\system32\drivers\biont_bs.sys [19208 2014-04-11] () S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2016-02-02] (Secunia) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [52912 2015-08-07] (Synaptics Incorporated) R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [194816 2015-11-11] (Oracle Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) S3 WirelessKeyboardFilter; C:\Windows\System32\drivers\WirelessKeyboardFilter.sys [49384 2016-03-29] (Microsoft Corporation) R3 WwanUsbServ; C:\Windows\System32\drivers\WwanUsbMp64.sys [268840 2011-08-12] (Ericsson AB) S2 Dokan; system32\DRIVERS\dokan.sys [X] U3 idsvc; kein ImagePath U3 wpcsvc; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-06-28 19:28 - 2016-06-28 19:31 - 00000000 ____D C:\AdwCleaner 2016-06-28 19:26 - 2016-06-30 13:25 - 00000000 ____D C:\Users\CM\Desktop\Virus 2016-06-27 13:14 - 2016-06-28 19:18 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2016-06-27 07:41 - 2016-06-27 07:41 - 00000000 ____D C:\Users\CM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-06-27 06:02 - 2016-06-27 06:11 - 00075662 _____ C:\Users\CM\Desktop\Addition.txt 2016-06-27 05:58 - 2016-06-30 13:25 - 00000000 ____D C:\FRST 2016-06-20 23:10 - 2016-06-20 23:10 - 00000000 ____D C:\Users\CM\AppData\Roaming\PDF Producer 2016-06-20 16:18 - 2016-06-20 16:18 - 00728356 _____ C:\Users\CM\Downloads\2015-12_Rundbrief-39.pdf 2016-06-20 16:16 - 2016-06-20 16:16 - 00406747 _____ C:\Users\CM\Downloads\2016-01_Rundbrief-40.pdf 2016-06-20 12:44 - 2016-06-20 12:44 - 00782205 _____ C:\Users\CM\Downloads\SCN_0001.pdf 2016-06-20 12:40 - 2016-06-20 12:40 - 00215007 _____ C:\Users\CM\Downloads\Send_20.06.16_12.36_Telefax.025148887781.pdf 2016-06-18 08:05 - 2016-06-18 08:09 - 00050944 _____ C:\Users\CM\Desktop\Widerruf Kredit.odt 2016-06-16 23:02 - 2016-06-16 23:02 - 00056454 _____ C:\Users\CM\Downloads\402443725_20160614(1).pdf 2016-06-16 17:01 - 2016-06-16 17:01 - 00002693 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Poster Printer.lnk 2016-06-16 17:01 - 2016-06-16 17:01 - 00002681 _____ C:\Users\Public\Desktop\Easy Poster Printer.lnk 2016-06-16 17:01 - 2016-06-16 17:01 - 00000000 ____D C:\Users\CM\Downloads\epp66 2016-06-16 17:01 - 2016-06-16 17:01 - 00000000 ____D C:\Program Files (x86)\GD Software 2016-06-16 17:00 - 2016-06-16 17:00 - 30040650 _____ C:\Users\CM\Downloads\epp66.zip 2016-06-16 16:59 - 2016-06-16 16:59 - 01473544 _____ C:\Users\CM\Downloads\Easy Poster Printer - CHIP-Installer.exe 2016-06-16 16:55 - 2016-06-16 17:02 - 00000000 ____D C:\Users\Public\Documents\RonyaSoft 2016-06-16 16:55 - 2016-06-16 16:55 - 00000000 ____D C:\Users\CM\Downloads\ronyasoft-poster-printer 2016-06-16 16:55 - 2016-06-16 16:55 - 00000000 ____D C:\ProgramData\RonyaSoft 2016-06-16 16:52 - 2016-06-16 16:54 - 05768802 _____ C:\Users\CM\Downloads\ronyasoft-poster-printer.zip 2016-06-16 16:47 - 2016-06-16 16:47 - 02728760 _____ (Sebastian Keseling Software ) C:\Users\CM\Downloads\keseling_poster-drucker_1.4.0_setup.exe 2016-06-16 16:47 - 2016-06-16 16:47 - 00000000 ____D C:\Users\CM\AppData\Roaming\Keseling 2016-06-16 12:48 - 2016-06-16 12:48 - 00398848 _____ C:\Users\CM\Desktop\kreditwiderruf_frei_19-04-2016.xls 2016-06-16 12:27 - 2016-06-16 12:27 - 00056454 _____ C:\Users\CM\Downloads\402443725_20160614.pdf 2016-06-14 21:09 - 2016-05-28 08:13 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-06-14 21:09 - 2016-05-28 08:13 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2016-06-14 21:09 - 2016-05-28 07:07 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2016-06-14 21:09 - 2016-05-28 06:35 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe 2016-06-14 21:09 - 2016-05-28 06:29 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-06-14 21:09 - 2016-05-28 06:19 - 24605696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-06-14 21:09 - 2016-05-28 06:18 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-06-14 21:09 - 2016-05-28 06:18 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2016-06-14 21:09 - 2016-05-28 06:18 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll 2016-06-14 21:09 - 2016-05-28 06:17 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-06-14 21:09 - 2016-05-28 06:16 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-06-14 21:09 - 2016-05-28 06:15 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2016-06-14 21:09 - 2016-05-28 06:14 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-06-14 21:09 - 2016-05-28 06:13 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll 2016-06-14 21:09 - 2016-05-28 06:08 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-06-14 21:09 - 2016-05-28 06:08 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2016-06-14 21:09 - 2016-05-28 06:06 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-06-14 21:09 - 2016-05-28 06:06 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2016-06-14 21:09 - 2016-05-28 06:05 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2016-06-14 21:09 - 2016-05-28 06:04 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2016-06-14 21:09 - 2016-05-28 06:03 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2016-06-14 21:09 - 2016-05-28 06:03 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2016-06-14 21:09 - 2016-05-28 06:02 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll 2016-06-14 21:09 - 2016-05-28 06:00 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-06-14 21:09 - 2016-05-28 06:00 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll 2016-06-14 21:09 - 2016-05-28 06:00 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2016-06-14 21:09 - 2016-05-28 06:00 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-06-14 21:09 - 2016-05-28 06:00 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2016-06-14 21:09 - 2016-05-28 05:58 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-06-14 21:09 - 2016-05-28 05:58 - 04896256 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-06-14 21:09 - 2016-05-28 05:58 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll 2016-06-14 21:08 - 2016-05-28 08:13 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-06-14 21:08 - 2016-05-28 08:13 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-06-14 21:08 - 2016-05-28 08:13 - 00290496 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-06-14 21:08 - 2016-05-28 08:13 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-06-14 21:08 - 2016-05-28 07:25 - 04268880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll 2016-06-14 21:08 - 2016-05-28 07:23 - 00388384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll 2016-06-14 21:08 - 2016-05-28 07:23 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll 2016-06-14 21:08 - 2016-05-28 07:22 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-06-14 21:08 - 2016-05-28 07:22 - 04387680 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll 2016-06-14 21:08 - 2016-05-28 07:22 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2016-06-14 21:08 - 2016-05-28 07:22 - 00211296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys 2016-06-14 21:08 - 2016-05-28 07:22 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys 2016-06-14 21:08 - 2016-05-28 07:20 - 00430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll 2016-06-14 21:08 - 2016-05-28 07:18 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll 2016-06-14 21:08 - 2016-05-28 07:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2016-06-14 21:08 - 2016-05-28 07:09 - 00501600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2016-06-14 21:08 - 2016-05-28 07:09 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe 2016-06-14 21:08 - 2016-05-28 07:09 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll 2016-06-14 21:08 - 2016-05-28 07:08 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll 2016-06-14 21:08 - 2016-05-28 07:08 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys 2016-06-14 21:08 - 2016-05-28 07:08 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll 2016-06-14 21:08 - 2016-05-28 07:07 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-06-14 21:08 - 2016-05-28 07:07 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-06-14 21:08 - 2016-05-28 07:07 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-06-14 21:08 - 2016-05-28 07:07 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2016-06-14 21:08 - 2016-05-28 07:07 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2016-06-14 21:08 - 2016-05-28 07:07 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2016-06-14 21:08 - 2016-05-28 07:06 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-06-14 21:08 - 2016-05-28 07:06 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2016-06-14 21:08 - 2016-05-28 07:06 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll 2016-06-14 21:08 - 2016-05-28 07:06 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe 2016-06-14 21:08 - 2016-05-28 07:06 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe 2016-06-14 21:08 - 2016-05-28 07:05 - 04515264 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2016-06-14 21:08 - 2016-05-28 07:04 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-06-14 21:08 - 2016-05-28 07:04 - 00431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll 2016-06-14 21:08 - 2016-05-28 07:04 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2016-06-14 21:08 - 2016-05-28 07:04 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2016-06-14 21:08 - 2016-05-28 07:04 - 00111064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll 2016-06-14 21:08 - 2016-05-28 07:04 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll 2016-06-14 21:08 - 2016-05-28 07:03 - 00131248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll 2016-06-14 21:08 - 2016-05-28 06:58 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-06-14 21:08 - 2016-05-28 06:58 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2016-06-14 21:08 - 2016-05-28 06:57 - 02548944 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll 2016-06-14 21:08 - 2016-05-28 06:57 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2016-06-14 21:08 - 2016-05-28 06:57 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2016-06-14 21:08 - 2016-05-28 06:57 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2016-06-14 21:08 - 2016-05-28 06:57 - 00649792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2016-06-14 21:08 - 2016-05-28 06:57 - 00636304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2016-06-14 21:08 - 2016-05-28 06:57 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-06-14 21:08 - 2016-05-28 06:57 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2016-06-14 21:08 - 2016-05-28 06:57 - 00521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2016-06-14 21:08 - 2016-05-28 06:57 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2016-06-14 21:08 - 2016-05-28 06:35 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll 2016-06-14 21:08 - 2016-05-28 06:35 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsdport.sys 2016-06-14 21:08 - 2016-05-28 06:31 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe 2016-06-14 21:08 - 2016-05-28 06:31 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2016-06-14 21:08 - 2016-05-28 06:31 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll 2016-06-14 21:08 - 2016-05-28 06:29 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll 2016-06-14 21:08 - 2016-05-28 06:29 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2016-06-14 21:08 - 2016-05-28 06:29 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll 2016-06-14 21:08 - 2016-05-28 06:28 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2016-06-14 21:08 - 2016-05-28 06:28 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2016-06-14 21:08 - 2016-05-28 06:28 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll 2016-06-14 21:08 - 2016-05-28 06:27 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll 2016-06-14 21:08 - 2016-05-28 06:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll 2016-06-14 21:08 - 2016-05-28 06:26 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2016-06-14 21:08 - 2016-05-28 06:26 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe 2016-06-14 21:08 - 2016-05-28 06:26 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe 2016-06-14 21:08 - 2016-05-28 06:26 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll 2016-06-14 21:08 - 2016-05-28 06:26 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll 2016-06-14 21:08 - 2016-05-28 06:25 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys 2016-06-14 21:08 - 2016-05-28 06:25 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpscript.dll 2016-06-14 21:08 - 2016-05-28 06:25 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2016-06-14 21:08 - 2016-05-28 06:24 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2016-06-14 21:08 - 2016-05-28 06:24 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys 2016-06-14 21:08 - 2016-05-28 06:24 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2016-06-14 21:08 - 2016-05-28 06:24 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2016-06-14 21:08 - 2016-05-28 06:24 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll 2016-06-14 21:08 - 2016-05-28 06:24 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll 2016-06-14 21:08 - 2016-05-28 06:24 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll 2016-06-14 21:08 - 2016-05-28 06:24 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll 2016-06-14 21:08 - 2016-05-28 06:23 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys 2016-06-14 21:08 - 2016-05-28 06:23 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll 2016-06-14 21:08 - 2016-05-28 06:22 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2016-06-14 21:08 - 2016-05-28 06:22 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2016-06-14 21:08 - 2016-05-28 06:22 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys 2016-06-14 21:08 - 2016-05-28 06:22 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll 2016-06-14 21:08 - 2016-05-28 06:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll 2016-06-14 21:08 - 2016-05-28 06:22 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2016-06-14 21:08 - 2016-05-28 06:22 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll 2016-06-14 21:08 - 2016-05-28 06:22 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll 2016-06-14 21:08 - 2016-05-28 06:22 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll 2016-06-14 21:08 - 2016-05-28 06:21 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2016-06-14 21:08 - 2016-05-28 06:21 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll 2016-06-14 21:08 - 2016-05-28 06:21 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2016-06-14 21:08 - 2016-05-28 06:21 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll 2016-06-14 21:08 - 2016-05-28 06:21 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpscript.dll 2016-06-14 21:08 - 2016-05-28 06:20 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2016-06-14 21:08 - 2016-05-28 06:20 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll 2016-06-14 21:08 - 2016-05-28 06:20 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll 2016-06-14 21:08 - 2016-05-28 06:20 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll 2016-06-14 21:08 - 2016-05-28 06:20 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll 2016-06-14 21:08 - 2016-05-28 06:20 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll 2016-06-14 21:08 - 2016-05-28 06:20 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll 2016-06-14 21:08 - 2016-05-28 06:19 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-06-14 21:08 - 2016-05-28 06:19 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll 2016-06-14 21:08 - 2016-05-28 06:19 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2016-06-14 21:08 - 2016-05-28 06:19 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll 2016-06-14 21:08 - 2016-05-28 06:19 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll 2016-06-14 21:08 - 2016-05-28 06:18 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll 2016-06-14 21:08 - 2016-05-28 06:18 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2016-06-14 21:08 - 2016-05-28 06:18 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll 2016-06-14 21:08 - 2016-05-28 06:18 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL 2016-06-14 21:08 - 2016-05-28 06:18 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll 2016-06-14 21:08 - 2016-05-28 06:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll 2016-06-14 21:08 - 2016-05-28 06:17 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll 2016-06-14 21:08 - 2016-05-28 06:17 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll 2016-06-14 21:08 - 2016-05-28 06:17 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll 2016-06-14 21:08 - 2016-05-28 06:17 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2016-06-14 21:08 - 2016-05-28 06:17 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll 2016-06-14 21:08 - 2016-05-28 06:17 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2016-06-14 21:08 - 2016-05-28 06:17 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll 2016-06-14 21:08 - 2016-05-28 06:16 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2016-06-14 21:08 - 2016-05-28 06:16 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll 2016-06-14 21:08 - 2016-05-28 06:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll 2016-06-14 21:08 - 2016-05-28 06:16 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll 2016-06-14 21:08 - 2016-05-28 06:16 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2016-06-14 21:08 - 2016-05-28 06:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll 2016-06-14 21:08 - 2016-05-28 06:16 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll 2016-06-14 21:08 - 2016-05-28 06:15 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll 2016-06-14 21:08 - 2016-05-28 06:15 - 00794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2016-06-14 21:08 - 2016-05-28 06:15 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll 2016-06-14 21:08 - 2016-05-28 06:15 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2016-06-14 21:08 - 2016-05-28 06:15 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll 2016-06-14 21:08 - 2016-05-28 06:15 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll 2016-06-14 21:08 - 2016-05-28 06:15 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys 2016-06-14 21:08 - 2016-05-28 06:14 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll 2016-06-14 21:08 - 2016-05-28 06:14 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll 2016-06-14 21:08 - 2016-05-28 06:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2016-06-14 21:08 - 2016-05-28 06:14 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-06-14 21:08 - 2016-05-28 06:14 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2016-06-14 21:08 - 2016-05-28 06:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll 2016-06-14 21:08 - 2016-05-28 06:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll 2016-06-14 21:08 - 2016-05-28 06:14 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2016-06-14 21:08 - 2016-05-28 06:13 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-06-14 21:08 - 2016-05-28 06:13 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll 2016-06-14 21:08 - 2016-05-28 06:13 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll 2016-06-14 21:08 - 2016-05-28 06:13 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2016-06-14 21:08 - 2016-05-28 06:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2016-06-14 21:08 - 2016-05-28 06:13 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll 2016-06-14 21:08 - 2016-05-28 06:13 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS 2016-06-14 21:08 - 2016-05-28 06:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll 2016-06-14 21:08 - 2016-05-28 06:12 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2016-06-14 21:08 - 2016-05-28 06:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll 2016-06-14 21:08 - 2016-05-28 06:11 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll 2016-06-14 21:08 - 2016-05-28 06:11 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll 2016-06-14 21:08 - 2016-05-28 06:11 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll 2016-06-14 21:08 - 2016-05-28 06:11 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll 2016-06-14 21:08 - 2016-05-28 06:11 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll 2016-06-14 21:08 - 2016-05-28 06:11 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-06-14 21:08 - 2016-05-28 06:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2016-06-14 21:08 - 2016-05-28 06:11 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll 2016-06-14 21:08 - 2016-05-28 06:09 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2016-06-14 21:08 - 2016-05-28 06:06 - 01339904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll 2016-06-14 21:08 - 2016-05-28 06:05 - 03664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-06-14 21:08 - 2016-05-28 06:05 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2016-06-14 21:08 - 2016-05-28 06:05 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2016-06-14 21:08 - 2016-05-28 06:04 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll 2016-06-14 21:08 - 2016-05-28 06:04 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll 2016-06-14 21:08 - 2016-05-28 06:03 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2016-06-14 21:08 - 2016-05-28 06:03 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFramework.dll 2016-06-14 21:08 - 2016-05-28 06:03 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll 2016-06-14 21:08 - 2016-05-28 06:03 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll 2016-06-14 21:08 - 2016-05-28 06:02 - 03590144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-06-14 21:08 - 2016-05-28 06:02 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2016-06-14 21:08 - 2016-05-28 06:02 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll 2016-06-14 21:08 - 2016-05-28 06:01 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2016-06-14 21:08 - 2016-05-28 06:01 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2016-06-14 21:08 - 2016-05-28 06:01 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-06-14 21:08 - 2016-05-28 06:01 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll 2016-06-14 21:08 - 2016-05-28 06:00 - 02230272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-06-14 21:08 - 2016-05-28 06:00 - 01730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-06-14 21:08 - 2016-05-28 06:00 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll 2016-06-14 21:08 - 2016-05-28 06:00 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll 2016-06-14 21:08 - 2016-05-28 06:00 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe 2016-06-14 21:08 - 2016-05-28 05:59 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2016-06-14 21:08 - 2016-05-28 05:58 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-06-14 21:08 - 2016-05-28 05:58 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2016-06-14 21:08 - 2016-05-28 05:57 - 02281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-06-14 21:08 - 2016-05-28 05:55 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll 2016-06-14 21:08 - 2016-05-28 05:53 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll 2016-06-13 22:40 - 2016-06-13 22:40 - 00940497 _____ C:\Users\CM\Downloads\'17766-Mini-Stand-for-iPad.pdf 2016-06-13 21:56 - 2016-06-13 21:56 - 02764741 _____ C:\Users\CM\Downloads\ACS_Tight_de-en-fr-cn_HW16.pdf 2016-06-12 22:05 - 2016-06-12 22:05 - 00946321 _____ C:\Users\CM\Downloads\PremiumVoucher.pdf 2016-06-09 14:08 - 2016-06-09 14:08 - 00065382 _____ C:\Users\CM\Downloads\20130415_AGB_DB_Rent_Fahrradvermietung_Deu.pdf 2016-06-09 13:42 - 2016-06-12 20:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-06-07 22:20 - 2016-06-07 22:20 - 00000000 ____D C:\Users\CM\AppData\LocalLow\Lenovo 2016-06-07 22:19 - 2016-06-07 22:19 - 08668468 _____ C:\Users\CM\Documents\Steckbriefe_4b_klein.pdf 2016-06-07 21:08 - 2016-06-16 16:33 - 00000000 ____D C:\Users\CM\AppData\Local\PDFCreator 2016-06-07 21:08 - 2016-06-07 21:15 - 00000000 ____D C:\Users\CM\AppData\Roaming\PDF Architect 4 2016-06-07 21:08 - 2016-06-07 21:08 - 00000000 ____D C:\ProgramData\pdfforge 2016-06-07 21:08 - 2016-06-07 21:08 - 00000000 ____D C:\Program Files (x86)\PDF Architect 4 2016-06-07 21:07 - 2016-06-07 21:08 - 00000000 ____D C:\Program Files\PDF Architect 4 2016-06-07 21:07 - 2016-06-07 21:07 - 00000000 ____D C:\Users\CM\Documents\PDF Architect 2016-06-07 21:07 - 2016-06-07 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 4 2016-06-07 21:06 - 2016-06-07 21:15 - 00000000 ____D C:\ProgramData\PDF Architect 4 2016-06-07 21:06 - 2016-06-07 21:10 - 00000000 ____D C:\Program Files\PDFCreator 2016-06-07 21:06 - 2016-06-07 21:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator 2016-06-07 21:04 - 2016-06-07 21:05 - 27650032 _____ (pdfforge GmbH ) C:\Users\CM\Downloads\PDFCreator-2_3_0-Setup.exe 2016-06-07 13:54 - 2016-06-07 13:54 - 00569732 _____ C:\Users\CM\Desktop\Mission_Impossible_30.m4r 2016-06-07 13:54 - 2016-06-07 13:54 - 00000000 ____D C:\Program Files (x86)\Ffmpeg For Audacity 2016-06-07 13:53 - 2016-06-07 13:53 - 03016826 _____ ( ) C:\Users\CM\Downloads\FFmpeg_v0.6.2_for_Audacity_on_Windows.exe 2016-06-07 13:24 - 2016-06-07 13:54 - 00000000 ____D C:\Users\CM\AppData\Roaming\Audacity 2016-06-07 13:04 - 2016-06-07 13:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2016-06-07 13:04 - 2016-06-07 13:04 - 00000000 ____D C:\Program Files\iTunes 2016-06-07 13:04 - 2016-06-07 13:04 - 00000000 ____D C:\Program Files\iPod 2016-06-07 12:54 - 2016-06-07 12:54 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2016-06-06 11:09 - 2016-06-06 11:10 - 69012904 _____ (Lenovo) C:\Users\CM\Downloads\lscsetup_x64_32004.exe 2016-06-06 10:40 - 2016-06-06 10:40 - 06296904 _____ C:\Users\CM\Downloads\x220_x220i_x220tablet_x220itablet_ug_de.pdf 2016-06-06 09:51 - 2016-06-06 09:51 - 02365304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WudfUpdate_01011.dll 2016-06-06 09:48 - 2016-06-06 09:50 - 130152456 _____ (Lenovo ) C:\Users\CM\Downloads\SystemInterfaceFoundation.exe 2016-06-06 09:30 - 2012-06-08 02:07 - 00201376 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CxAudMsg64.exe 2016-06-06 09:30 - 2011-09-01 15:23 - 00447104 _____ (Conexant Systems, Inc.) C:\WINDOWS\SysWOW64\SASrv.exe 2016-06-06 09:30 - 2011-02-09 02:00 - 00002024 _____ C:\WINDOWS\system32\Drivers\SamSfPa.dat 2016-06-06 09:29 - 2016-06-06 09:29 - 00000000 ____D C:\ProgramData\Conexant 2016-06-06 09:29 - 2016-06-06 09:29 - 00000000 ____D C:\Program Files (x86)\SmartSense 2016-06-06 09:29 - 2012-08-06 14:30 - 01780384 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64AP73.dll 2016-06-06 09:29 - 2012-07-12 12:37 - 02786464 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\UCI64A09.DLL 2016-06-06 09:29 - 2012-06-27 14:14 - 02535008 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll 2016-06-06 09:29 - 2012-06-21 14:59 - 01586848 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\Drivers\CHDRT64.sys 2016-06-06 09:29 - 2012-05-01 12:18 - 00002013 _____ C:\WINDOWS\system32\VoipUpdate.ini 2016-06-06 09:29 - 2011-01-18 08:35 - 00030893 _____ C:\WINDOWS\system32\Drivers\Mixer.ini 2016-06-06 09:29 - 2010-10-28 10:27 - 00001816 _____ C:\WINDOWS\system32\Drivers\Altmixer.ini 2016-06-06 09:28 - 2016-04-14 08:00 - 00029008 _____ (Lenovo Group Limited) C:\WINDOWS\system32\Drivers\TPPWR64V.SYS 2016-06-06 09:27 - 2016-06-06 09:27 - 00000000 ____D C:\Users\CM\Downloads\SHAREit 2016-06-06 09:27 - 2016-06-06 09:27 - 00000000 ____D C:\Users\CM\AppData\Local\SHAREit 2016-06-06 09:27 - 2016-06-06 09:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHAREit 2016-06-06 09:27 - 2016-06-06 09:27 - 00000000 ____D C:\Program Files (x86)\SHAREit 2016-06-06 09:22 - 2016-06-06 09:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo 2016-06-01 23:00 - 2016-06-01 23:00 - 00495302 _____ C:\Users\CM\Downloads\FLT_VUBKTM28282_0.pdf ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-06-30 13:26 - 2016-05-16 21:11 - 00000000 ____D C:\Users\CM\AppData\Roaming\Duplicati 2016-06-30 13:25 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-06-30 13:25 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-06-30 13:22 - 2014-04-15 16:29 - 00000000 ___RD C:\Users\CM\Dropbox 2016-06-30 13:21 - 2014-10-29 22:31 - 00001106 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-06-30 13:18 - 2016-02-13 19:26 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-06-28 21:29 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2016-06-28 21:16 - 2014-10-29 22:31 - 00001110 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-06-28 21:07 - 2016-05-11 21:41 - 00000000 ____D C:\Users\CM\AppData\Roaming\WhatsApp 2016-06-28 20:51 - 2015-06-17 19:41 - 00001212 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-793156834-983140082-329161430-1000UA.job 2016-06-28 19:48 - 2016-05-11 21:41 - 00000000 ____D C:\Users\CM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp 2016-06-28 19:48 - 2016-05-11 21:41 - 00000000 ____D C:\Users\CM\AppData\Local\WhatsApp 2016-06-28 19:48 - 2016-05-11 21:40 - 00000000 ____D C:\Users\CM\AppData\Local\SquirrelTemp 2016-06-28 19:31 - 2016-05-23 09:44 - 00000008 __RSH C:\ProgramData\ntuser.pol 2016-06-28 19:31 - 2016-05-22 23:22 - 00000008 __RSH C:\Users\CM\ntuser.pol 2016-06-28 19:31 - 2016-05-22 22:54 - 00000000 ____D C:\Users\CM 2016-06-28 19:29 - 2016-05-23 10:26 - 00004142 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{35BA8017-2064-49C0-B360-DFE0EA965E06} 2016-06-27 14:44 - 2015-10-29 10:41 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-06-27 14:43 - 2015-10-29 10:41 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2016-06-27 13:59 - 2016-05-22 22:54 - 02086308 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-06-27 13:59 - 2016-02-13 18:59 - 00889446 _____ C:\WINDOWS\system32\perfh007.dat 2016-06-27 13:59 - 2016-02-13 18:59 - 00197494 _____ C:\WINDOWS\system32\perfc007.dat 2016-06-27 13:59 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF 2016-06-27 13:56 - 2014-04-14 21:44 - 00000000 ____D C:\Users\CM\AppData\Local\Lenovo 2016-06-27 10:42 - 2016-05-23 09:01 - 00000000 ____D C:\ProgramData\AVAST Software 2016-06-27 07:42 - 2014-04-15 09:32 - 00000000 ____D C:\Users\CM\AppData\Roaming\Dropbox 2016-06-20 23:00 - 2016-05-12 07:26 - 00000000 ____D C:\Users\CM\Desktop\Fotos Klasse 4b 2016-06-20 22:39 - 2016-02-21 15:05 - 00000000 ____D C:\Users\CM\Desktop\Lightroom-Export 2016-06-20 12:21 - 2015-05-18 21:17 - 00000000 ____D C:\Users\CM\AppData\Local\FRITZ! 2016-06-20 11:41 - 2016-02-06 23:01 - 00000000 ____D C:\Users\CM\AppData\Roaming\Hide.me 2016-06-19 21:16 - 2014-10-29 22:31 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-06-16 22:35 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-06-16 21:26 - 2016-02-13 19:32 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-06-16 21:22 - 2016-02-13 10:22 - 00254368 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-06-16 19:03 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs 2016-06-16 19:03 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2016-06-16 19:03 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr 2016-06-16 17:51 - 2015-06-17 19:41 - 00001160 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-793156834-983140082-329161430-1000Core.job 2016-06-16 16:47 - 2014-04-14 20:11 - 00000000 ____D C:\Users\CM\AppData\Local\VirtualStore 2016-06-16 12:49 - 2014-04-15 10:10 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-06-16 12:42 - 2014-04-15 10:10 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-06-14 21:25 - 2016-03-09 22:49 - 00000000 ____D C:\Users\CM\AppData\Local\Canon Easy-PhotoPrint EX 2016-06-14 21:13 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\FxsTmp 2016-06-14 20:33 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-06-14 20:33 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-06-12 20:59 - 2014-04-15 09:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-06-07 22:20 - 2014-04-14 21:25 - 00000000 ____D C:\ProgramData\Lenovo 2016-06-07 21:06 - 2014-04-15 09:28 - 00120072 _____ (pdfforge GmbH) C:\WINDOWS\system32\pdfcmon.dll 2016-06-07 21:05 - 2014-04-15 09:28 - 00000000 ____D C:\Program Files (x86)\PDFCreator 2016-06-07 13:49 - 2014-04-25 22:07 - 00000000 ____D C:\Users\CM\Desktop\_kann_geloescht_werden 2016-06-07 13:24 - 2014-06-05 21:53 - 00000000 ____D C:\Users\CM\AppData\Roaming\WindSolutions 2016-06-07 13:24 - 2014-06-05 21:53 - 00000000 ____D C:\ProgramData\WindSolutions 2016-06-07 13:04 - 2014-06-05 22:04 - 00000000 ____D C:\Program Files (x86)\iTunes 2016-06-07 13:04 - 2014-06-05 22:03 - 00000000 ____D C:\Program Files\Common Files\Apple 2016-06-06 11:10 - 2014-06-12 21:18 - 00000000 ____D C:\WINDOWS\Downloaded Installations 2016-06-06 10:53 - 2016-05-22 23:23 - 00000000 ____D C:\Users\CM\AppData\Local\Packages 2016-06-06 09:51 - 2016-05-22 23:32 - 00000000 ___RD C:\Users\CM\OneDrive 2016-06-06 09:50 - 2014-06-27 17:37 - 00000000 ____D C:\ProgramData\Package Cache 2016-06-06 09:47 - 2014-06-12 21:19 - 00000000 ____D C:\Program Files\Lenovo 2016-06-06 09:47 - 2014-04-14 21:27 - 00000000 ____D C:\Program Files (x86)\Lenovo 2016-06-06 09:31 - 2014-04-15 10:16 - 00000000 ____D C:\Program Files\CONEXANT 2016-06-06 09:31 - 2014-04-14 21:27 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo 2016-06-06 09:28 - 2015-10-30 09:24 - 00000000 __RSD C:\WINDOWS\Media 2016-06-06 09:22 - 2014-06-12 21:27 - 00000000 ____D C:\WINDOWS\System32\Tasks\TVT 2016-06-06 09:22 - 2014-04-14 21:25 - 00000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools 2016-06-03 22:50 - 2014-04-15 09:41 - 00001160 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk 2016-06-03 22:50 - 2014-04-15 09:40 - 00000000 ____D C:\Program Files\Paint.NET 2016-06-03 22:08 - 2016-03-26 00:27 - 00000000 ____D C:\Users\CM\AppData\Roaming\Google 2016-06-02 16:07 - 2015-11-09 13:09 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-05-31 20:58 - 2015-09-27 22:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung 2016 ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-08-19 20:37 - 2014-08-27 22:40 - 0000211 ____H () C:\Users\CM\AppData\Roaming\eSReg.ini 2013-01-11 15:13 - 2013-01-11 15:13 - 0022464 _____ (Intel Corporation) C:\Users\CM\AppData\Roaming\JomCap.dll 2014-12-21 19:41 - 2016-01-02 01:06 - 0006144 _____ () C:\Users\CM\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-08-31 10:13 - 2015-08-31 10:13 - 0003726 _____ () C:\Users\CM\AppData\Local\recently-used.xbel 2015-12-22 22:15 - 2015-12-22 22:15 - 0000108 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc 2016-02-06 23:31 - 2016-02-06 23:31 - 0000036 ___SH () C:\ProgramData\Shrew Soft VPN.dat Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\ProgramData\Shrew Soft VPN.dat Einige Dateien in TEMP: ==================== C:\Users\CM\AppData\Local\Temp\libeay32.dll C:\Users\CM\AppData\Local\Temp\msvcr120.dll C:\Users\CM\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-06-16 12:39 ==================== Ende von FRST.txt ============================ |
30.06.2016, 14:40 | #15 |
| Windows will Dateien löschen, Virenscanner deaktiviert sich .... und Addition.txt: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 29-06-2016 durchgeführt von CM (2016-06-30 13:27:16) Gestartet von C:\Users\CM\Desktop\Virus Windows 10 Pro Version 1511 (X64) (2016-05-22 21:22:02) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-793156834-983140082-329161430-500 - Administrator - Disabled) BitBox (S-1-5-21-793156834-983140082-329161430-1005 - Limited - Enabled) CM (S-1-5-21-793156834-983140082-329161430-1000 - Administrator - Enabled) => C:\Users\CM DefaultAccount (S-1-5-21-793156834-983140082-329161430-503 - Limited - Disabled) Gast (S-1-5-21-793156834-983140082-329161430-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-793156834-983140082-329161430-1002 - Limited - Enabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 7-Zip 15.14 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1514-000001000000}) (Version: 15.14.00.0 - Igor Pavlov) AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH) ABBYY FineReader for ScanSnap (TM) 5.0 (HKLM-x32\...\{FB500000-0010-0000-0000-074957833700}) (Version: 11.0.234 - ABBYY) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.8.1.451 - Adobe Systems Incorporated) Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated) Adobe Photoshop Lightroom 5.7 64-bit (HKLM\...\{1B77B02E-17E4-4B6D-B8A1-74B29AF3D8DD}) (Version: 5.7.0 - Adobe Systems Incorporated) Apple Application Support (32-Bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG) AVM FRITZ!fax für FRITZ!Box (HKLM-x32\...\FRITZ! 2.0) (Version: - AVM Berlin) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Browser in the Box (HKLM-x32\...\BitBox) (Version: 4.1.4-r150 - Sirrix AG) CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.5.0 - Canon Inc.) Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.) Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.) Canon Kurzwahlprogramm (HKLM-x32\...\Speed Dial Utility) (Version: 1.6.0 - Canon Inc.) Canon MX920 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX920_series) (Version: 1.00 - Canon Inc.) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.) Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.6.1 - Canon Inc.) CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.3.4643 - CDBurnerXP) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Cisco WebEx Meetings (HKU\S-1-5-21-793156834-983140082-329161430-1000\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC) Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.43.0 - Conexant) CopyTrans Control Center deinstallieren (HKU\S-1-5-21-793156834-983140082-329161430-1000\...\CopyTrans Suite) (Version: 4.008 - WindSolutions) Debugging Tools for Windows (x64) (HKLM\...\{7F2E5C3B-DBDF-469D-AD8D-F686D3B71176}) (Version: 6.11.1.404 - Microsoft Corporation) Dienstprogramm "ThinkPad UltraNav" (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo) dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 6.0.3 - CEWE Stiftung u Co. KGaA) DriveImage XML (Private Edition) (HKLM-x32\...\{F7E1CA14-B39D-452A-960B-39423DDDD933}) (Version: 2.50.000 - Runtime Software) Dropbox (HKU\S-1-5-21-793156834-983140082-329161430-1000\...\Dropbox) (Version: 5.4.24 - Dropbox, Inc.) Duplicati (x64) (HKLM\...\{77BA8977-0BA6-4A83-A741-1DFAD23A6B23}) (Version: 1.3.4 - HexaD) Easy Poster Printer (HKLM-x32\...\{BA0F9074-80B4-43D6-BADD-4EEEEE536F2A}) (Version: 6.6.0 - GD Software) erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden Error Recovery Guide for fi-7160/fi-7260/fi-7180/fi-7280 (HKLM-x32\...\{B8BCF795-5C64-49BB-8D43-2CFE3F03DF6E}) (Version: 4.3.0.2 - PFU LIMITED) Exact Audio Copy 1.0beta3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff) FFmpeg v0.6.2 for Audacity (HKLM-x32\...\FFmpeg for Audacity_is1) (Version: - ) fi Series manuals for fi-7160/7260/7180/7280 (HKLM-x32\...\{4990B5DB-7D59-4FEB-A118-BBE7C584381F}) (Version: 1.04.01 - PFU LIMITED) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.6.321 - Foxit Software Inc.) Freemake Video Converter Version 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation) FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 1.0.1 - ) FRITZ!Box-Fernzugang einrichten (HKLM-x32\...\{EFADD989-D9F2-49F6-A280-675951CC78D3}) (Version: 1.0.3 - AVM Berlin) FRITZ!Fernzugang (HKLM\...\{DD57CC22-8864-4CCA-94D4-600D024C1207}) (Version: 1.3.1 - AVM Berlin) Fronius Datalogger Finder (HKLM-x32\...\{6D8B3164-184D-4206-AA6D-72D58D310F6E}) (Version: 1.00.0001 - Fronius International) Fronius Solar.access (HKLM-x32\...\{FCE439E9-D6DC-44E7-B104-7B52F13F91C6}) (Version: 1.60.1 - Fronius International GmbH) Fronius Solar.service (HKLM-x32\...\{ff7137a1-7e14-4ff8-a4fa-abbfe3ded77e}) (Version: 1.2.32.1773 - Fronius International GmbH) Fronius Solar.service 1.2.32.1773 (x32 Version: 1.2.32.1773 - Fronius International GmbH) Hidden GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden Hardcopy (HKLM-x32\...\Hardcopy) (Version: 2016.03.01 - www.hardcopy.de) hide.me VPN 1.2.2 (HKLM-x32\...\{0E00BDA5-7998-4889-BE4B-39A4BBD2EDFB}_is1) (Version: 1.2.2 - eVenture Limited) iCloud (HKLM\...\{ADFDB647-35C0-4254-9EE6-2D9C3B7104BD}) (Version: 5.2.1.69 - Apple Inc.) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1010 - Intel Corporation) Intel(R) Identity Protection Technology 1.2.28.0 (HKLM-x32\...\{A87263E8-26CB-1016-8F2F-C04708B17CE2}) (Version: 1.2.28.0 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.1.70.1205 - Intel Corporation) Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 18.7 - Intel) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.) Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation) Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation) Juniper Networks Setup Client (HKU\S-1-5-21-793156834-983140082-329161430-1000\...\Juniper_Setup_Client) (Version: 8.0.7.50111 - Juniper Networks) Juniper Networks Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks) Juniper Networks Setup Client Activex Control (HKLM-x32\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks) Juniper Terminal Services Client (HKU\S-1-5-21-793156834-983140082-329161430-1000\...\Juniper_Term_Services) (Version: 8.0.7.32723 - Juniper Networks) K-Lite Codec Pack 9.3.0 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.3.0 - ) LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) Lenovo BatteryGauge (HKLM\...\{CBEDEC16-C4F5-4255-99E4-5884EFEDD1BC}) (Version: 1.0.045.00 - Lenovo) Lenovo Patch Utility (x32 Version: 1.4.0.4 - Lenovo Group Limited) Hidden Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited) Hidden Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.10.15 - Lenovo) Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.022.00 - Lenovo) Lenovo Screen Reading Optimizer (HKLM-x32\...\{91A29166-4E1B-4664-B70B-4C4A3B6B3372}) (Version: 1.16 - Lenovo) Lenovo Solution Center (HKLM\...\{AB46AC6D-3E9A-4484-8061-64FF10301B41}) (Version: 3.3.002.00 - Lenovo) Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - ) Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.059.01 - Lenovo) Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0022 - Lenovo) LibreOffice 4.2.3.3 (HKLM-x32\...\{4117DF3C-6677-4A22-90B7-FF06923417E9}) (Version: 4.2.3.3 - The Document Foundation) Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.) Luminance HDR 2.4.0 (HKLM\...\{7020FC34-6E04-4858-924D-354B28CB2402}_is1) (Version: - Luminance HDR Dev Team) Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) Manager (x32 Version: 4.1.4.27792 - 2015 pdfforge GmbH. All rights reserved) Hidden Meine CEWE FOTOWELT (HKLM-x32\...\Meine CEWE FOTOWELT) (Version: 6.0.3 - CEWE Stiftung u Co. KGaA) Metric Collection SDK (x32 Version: 1.1.0008.00 - Lenovo Group Limited) Hidden Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Mobile Broadband Drivers (HKLM-x32\...\{EA9640BE-414E-4195-B53B-7905BF1A5A09}) (Version: 6.5.1.5 - Ericsson AB) MobileWiFi (HKLM-x32\...\MobileWiFi) (Version: TOOL-ConnLaucher_WIN1.12.05.00 - Huawei Technologies Co.,Ltd) Mozilla Firefox 47.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 de)) (Version: 47.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla) Mozilla Thunderbird 45.1.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.1.0 (x86 de)) (Version: 45.1.0 - Mozilla) MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles) Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google) Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia) Oracle VM VirtualBox 5.0.10_Sirrix (HKLM\...\{15DB0BEC-4D4B-4471-9E37-2FB454965C05}) (Version: 5.0.10 - Sirrix AG) paint.net (HKLM\...\{DADC2AF6-DC9F-4BCF-BFCE-DCEC16EF507C}) (Version: 4.0.9 - dotPDN LLC) PaperStream Capture (HKLM-x32\...\PaperStream Capture) (Version: 1.0.4.8 - PFU LIMITED) PaperStream Capture (x32 Version: 1.04.00008 - PFU LIMITED) Hidden PaperStream Capture x64 (Version: 1.00.00003 - PFU LIMITED) Hidden PaperStream IP (ISIS) for fi-7160/7260/7180/7280 (HKLM-x32\...\{2A01B603-CD36-40A9-8547-AA90F639244B}) (Version: 1.7.01403.19001 - PFU LIMITED) PaperStream IP (TWAIN x64) (HKLM\...\{39FEF511-2EE6-4FF6-A37A-BDEA5E25FBD6}) (Version: 1.7.0.2846 - PFU LIMITED) PaperStream IP (TWAIN) (HKLM-x32\...\{51031295-61F0-4B88-B845-A43BECB93D8B}) (Version: 1.7.0.2846 - PFU LIMITED) PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia) PDF Architect 4 (HKLM-x32\...\PDF Architect 4) (Version: 4.0.34.26215 - pdfforge GmbH) PDF Architect 4 Create Module (Version: 4.1.4.27684 - pdfforge GmbH) Hidden PDF Architect 4 Edit Module (Version: 4.1.4.27684 - pdfforge GmbH) Hidden PDF Architect 4 View Module (Version: 4.1.4.27684 - pdfforge GmbH) Hidden PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.3.0 - pdfforge GmbH) Personal Backup 5.5 (HKLM\...\Personal Backup 5_is1) (Version: 5.3 - J. Rathlev) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.) Ravensburger tiptoi (HKLM-x32\...\Ravensburger tiptoi) (Version: - ) Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.36.0 - Renesas Electronics Corporation) Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.36.0 - Renesas Electronics Corporation) Hidden RICOH_Media_Driver_v2.22.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.22.18.01 - RICOH) Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Samsung Kies3 (x32 Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Hidden Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.) ScanSnap Manager for fi Series (HKLM-x32\...\ScanSnap Manager for fi Series) (Version: 1.0.2.6 - PFU LIMITED) ScanSnap Manager for fi Series (x32 Version: 1.02.00006 - PFU LIMITED) Hidden ScanSnap Manager for fi Series x64 (Version: 1.00.00002 - PFU LIMITED) Hidden Secunia PSI (3.0.0.11005) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.11005 - Secunia) SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 3.2.0.543 - Lenovo) Shrew Soft VPN Client (HKLM\...\Shrew Soft VPN Client) (Version: - ) Software Operation Panel (HKLM-x32\...\{CAD0FA19-A7E0-42E5-8EFB-07B2C8B78C88}) (Version: 3.7.16.0 - PFU LIMITED) Software Operation Panel (HKLM-x32\...\Software Operation Panel) (Version: - ) SPG-Verein 3.1 (HKLM-x32\...\{6738D11F-DF64-445B-80A4-B6B32F297059}) (Version: 3.1.19 - Software Peter Große) Spotify (HKU\S-1-5-21-793156834-983140082-329161430-1000\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB) SteuerSparErklärung 2014 (HKLM-x32\...\{A463EB06-22A6-47F5-9593-E52B291EF13E}) (Version: 19.14.99 - Akademische Arbeitsgemeinschaft) SteuerSparErklärung 2015 (HKLM-x32\...\{312C0E08-8F94-4536-AAF6-3413F784AC5F}) (Version: 20.37.167 - Akademische Arbeitsgemeinschaft) SteuerSparErklärung 2016 (HKLM-x32\...\{D331D50C-C578-423B-8BC7-94D3133CE315}) (Version: 21.36.103 - Akademische Arbeitsgemeinschaft) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.27 - Synaptics Incorporated) TAPI Services for FRITZ!Box (HKLM\...\{8505C641-422E-4E3C-B6B0-0F070E289FDD}) (Version: 1.0.6 - AVM Berlin) ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.4500 - Broadcom Corporation) ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.41 - ) ThinkPad Settings Dependency (HKLM\...\{08515684-CE49-47EF-B509-326A2E91BC5C}_is1) (Version: 3.0.1.29 - Lenovo) ThinkPad Wireless LAN Adapter Software (HKLM-x32\...\{9D3D2C60-A55F-4fed-B2B9-17311226DF01}) (Version: 1.00.0031.1 - ) ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 6.21 - Lenovo) UltraVnc (HKLM\...\Ultravnc2_is1) (Version: 1.1.9.6 - uvnc bvba) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.3 - VideoLAN) WatchMyCam - Live Video Streaming (HKLM-x32\...\WatchMyCam_is1) (Version: 1.17.35.370 - hepasoft oHG, Germany) WhatsApp (HKU\S-1-5-21-793156834-983140082-329161430-1000\...\WhatsApp) (Version: 0.2.1061 - WhatsApp) WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.1 - Sysprogs) Windows-Treiberpaket - Fronius Fronius Driver Package (10/22/2009 2.06.00) (HKLM\...\3EC78FCD0C322EF4AC0C3C181305091AFC8A0730) (Version: 10/22/2009 2.06.00 - Fronius) Windows-Treiberpaket - Fronius Fronius Driver Package (10/22/2009 2.06.00) (HKLM\...\48407F45E4DA37FDCA298D385C66807894A0BB64) (Version: 10/22/2009 2.06.00 - Fronius) Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia) Zoom (HKU\S-1-5-21-793156834-983140082-329161430-1000\...\ZoomUMX) (Version: 3.5 - Zoom Video Communications, Inc.) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-793156834-983140082-329161430-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\CM\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-793156834-983140082-329161430-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\CM\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-793156834-983140082-329161430-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-793156834-983140082-329161430-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-793156834-983140082-329161430-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-793156834-983140082-329161430-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-793156834-983140082-329161430-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-793156834-983140082-329161430-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-793156834-983140082-329161430-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-793156834-983140082-329161430-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-793156834-983140082-329161430-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-793156834-983140082-329161430-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\CM\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {0AFFC6A8-95F5-40F2-95A2-99B50CF4B2CD} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG Task: {1205AF88-0EAB-4040-A24E-4030B0247451} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.) Task: {131F43E4-2DEC-4226-852B-2CEFF065133C} - System32\Tasks\hcdll2_ex_Win32 => C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe [2016-02-03] () Task: {1A9E592B-5EF4-4DC4-9CAC-0C79274E5CD2} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe Task: {2037ED30-C1F2-46E9-A3E8-ABE8DB911C83} - System32\Tasks\Lenovo\SROptimizer => C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\\SRORest.exe [2012-03-05] (Lenovo Group Limited) Task: {297459DD-099E-4ACB-812E-A6CCEC9D7667} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {2F016879-E363-4DAD-ADA9-64DC89804473} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {309851CF-17B0-439C-9079-E30FBA0D47BA} - \PMTask -> Keine Datei <==== ACHTUNG Task: {32E6CD00-A218-472F-BED6-936E1462A629} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-04-20] (Lenovo) Task: {3626A2AC-63EC-40D4-9B98-97EBDB4C940D} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {44BCF137-3D8F-4A7B-A394-446B6EA36B7D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG Task: {452F4BFA-0599-4F64-82E7-84A394845242} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {460094C9-2CCC-4653-8E3D-1078B32976DF} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG Task: {4717914A-824C-47CA-B7B4-151F0D0B9ED2} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe Task: {48A889BB-9412-4DAE-BCC6-23D842C8416B} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-01] (Lenovo) Task: {4B756987-2C31-4EEB-85C7-D42900761673} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG) Task: {4C039C50-4844-4649-92A8-047701CBAB43} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {532FF351-7E19-40AA-A1A2-E172DB5E7509} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-04-20] (Lenovo) Task: {58CFA369-1177-47C1-9296-FF751BA5E4FB} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-793156834-983140082-329161430-1000UA => C:\Users\CM\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.) Task: {609FA279-B880-43D1-8401-497A7B4DAAF5} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe Task: {68FA3477-8C30-4964-9A5A-31CA8E6F1F7D} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe Task: {6F2083C8-BC1B-488A-81C0-A1364C60F18A} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask => reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32 Task: {6F93A90B-B198-4643-A368-82CE9D62C004} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {7426682E-3D87-4CDA-94E1-9AA5B3DC3D57} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe Task: {774AF134-56F2-47A7-A5E3-B07E11DBD030} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {77856E9E-B527-4497-9B7E-772C530C50E3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated) Task: {7786D836-2ACE-4460-B193-FD3DDCC8D5E0} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe Task: {7CD208B4-47E8-4FCF-8A57-0B918B125025} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe Task: {82641876-661F-496C-A283-B8A8D2ABB5AF} - System32\Tasks\Lenovo\Lenovo Settings Power => Rundll32.exe "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor Task: {8DD07325-1C3D-4203-A9C9-1849A4A44321} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {94D6A9A0-A9AB-42C6-9A09-C1D3B2A0FD68} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {9964A0AD-E262-41FE-90F9-CE7F612B024B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG Task: {9D8C603F-C41E-4C5F-A40D-66242759BC11} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG Task: {A2FECBE4-4BFC-4F6E-A159-FA10CD23D7FB} - System32\Tasks\hcdll2_ex_x64 => C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe [2016-02-03] () Task: {A4AA4CE4-9D95-4DDC-9A8E-7C4EC4C0E1BB} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2016-01-13] () Task: {A754DE5D-BF00-4518-9129-E6B683515A07} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {A8526303-FC6E-44C0-8513-97043944BA87} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe Task: {A999A966-2E0A-48EA-86B2-E523FBBE0831} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe Task: {AFE20754-C8D4-47DB-96D1-1DCEFE063A4F} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask_Weekly => reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32 Task: {B17DBDEA-2285-486D-B98F-4DC2F5DAC952} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe Task: {B54789B3-B992-4850-B646-E8C1E2B1237B} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG Task: {B5566B6F-5C58-4BF1-B04E-82EC7CF573B6} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2016-04-20] (Lenovo) Task: {BB58EED6-065E-420F-8BD6-8AC04D242023} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe Task: {BBD13D18-04CB-488F-866A-42249EDBABEC} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe Task: {C261BF3C-3ED2-40EF-ADAB-E393515BA0FE} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe Task: {C3DBFBCC-546D-4F02-B21F-6A95375F518D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG Task: {C6214654-A8B1-4AE0-AAFD-D8521F0A827A} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-04-20] (Lenovo) Task: {C69BDB39-F83B-4A6D-A41E-ADEBD4D4167A} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {C8959B7C-0E36-429A-9D5A-8B84EE075C31} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe Task: {C9DE4A14-B3F3-4827-B33E-67670AB3BF3F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe Task: {CBE99125-38C8-4891-9460-71201C92EF57} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [2016-04-20] () Task: {D1E732C0-B693-4570-BB28-0864EADA481C} - System32\Tasks\Java Update (PC-Welt) => C:\Users\CM\Dropbox\PortableApps\JavaUpdater_PC-Welt\pcwJavaUpdater.exe [2014-10-05] (IDG Tech Media GmbH) Task: {DA6F6C3C-42DC-42A5-9A28-1E08AA79A209} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG Task: {DB986784-A2EA-49FA-974C-D28A0822B5C9} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe Task: {E0ABC1C2-D1B2-4BBD-A327-D31A287A80E0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {E4C362CC-9CC3-4082-BAAC-C023689F1427} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe Task: {E5FC9CC5-2C87-45BC-BC18-F60E9DE04FFB} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe Task: {EAF556B8-2E9F-4615-9CBB-4C9B99B1F536} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {EE509B76-7E74-4DA2-BF2B-BA1D8970C460} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-793156834-983140082-329161430-1000Core => C:\Users\CM\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.) Task: {EFA597BB-962B-471B-8F80-543E65CEC89F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG Task: {F0D8FAC0-DAEC-41C2-B2D2-6CE8724AC615} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => Sc.exe control iMControllerService 128 Task: {FBDA95C9-3607-4DDA-82E6-043B8BBAACB9} - System32\Tasks\{BED1B1D4-0026-4AFB-AA05-5A87417A6E20} => pcalua.exe -a "C:\Users\CM\Desktop\Neuer Ordner\setup_vmc_lite.exe" -d "C:\Users\CM\Desktop\Neuer Ordner" (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-793156834-983140082-329161430-1000Core.job => C:\Users\CM\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-793156834-983140082-329161430-1000UA.job => C:\Users\CM\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2015-10-30 09:17 - 2015-10-30 09:17 - 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll 2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2015-05-18 21:16 - 2006-02-23 11:35 - 00020480 _____ () C:\WINDOWS\System32\FritzColorPort64.dll 2015-05-18 21:16 - 2006-02-22 10:39 - 00020480 _____ () C:\WINDOWS\System32\FritzPort64.dll 2016-04-22 01:07 - 2016-04-22 01:07 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2008-10-24 16:35 - 2008-10-24 16:35 - 00128296 _____ () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe 2013-02-06 08:10 - 2013-02-06 08:10 - 00351824 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe 2016-03-09 21:20 - 2016-02-03 10:12 - 00062232 _____ () C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe 2016-03-09 21:20 - 2016-02-03 10:12 - 00077592 _____ () C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe 2016-05-23 09:20 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2014-04-14 21:25 - 2016-04-14 08:00 - 00119808 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL 2016-05-23 09:20 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2014-09-26 15:41 - 2014-09-26 15:41 - 01021088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2016-05-22 23:32 - 2016-05-22 23:32 - 00959168 _____ () C:\Users\CM\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll 2016-05-23 09:56 - 2016-05-23 09:57 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2016-02-13 19:02 - 2016-02-13 19:02 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-05-23 09:20 - 2016-04-23 06:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-06-14 21:08 - 2016-05-28 05:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-06-14 21:08 - 2016-05-28 05:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-06-14 21:09 - 2016-05-28 05:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-06-14 21:09 - 2016-05-28 05:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-06-01 21:00 - 2015-06-01 21:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll 2016-06-06 09:30 - 2010-10-26 10:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe 2012-05-21 20:41 - 2012-05-21 20:41 - 00131072 _____ () C:\Program Files\Duplicati\LightDatamodel.dll 2012-05-21 20:41 - 2012-05-21 20:41 - 00931840 _____ () C:\Program Files\Duplicati\SQLite\win64\System.Data.SQLite.dll 2013-01-31 15:12 - 2013-01-31 15:12 - 00446464 _____ () C:\Program Files\Duplicati\de-DE\Duplicati.resources.dll 2010-12-23 12:06 - 2010-12-23 12:06 - 00028672 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\cx_Logging.pyd 2012-10-27 16:21 - 2012-10-27 16:21 - 00098816 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32api.pyd 2012-10-27 16:20 - 2012-10-27 16:20 - 00110080 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\pywintypes27.dll 2012-10-27 16:20 - 2012-10-27 16:20 - 00018432 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32event.pyd 2012-10-27 16:20 - 2012-10-27 16:20 - 00119808 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32file.pyd 2012-10-27 16:21 - 2012-10-27 16:21 - 00167936 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32gui.pyd 2012-10-27 16:20 - 2012-10-27 16:20 - 00024064 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32pipe.pyd 2012-10-27 16:20 - 2012-10-27 16:20 - 00035840 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32process.pyd 2012-10-27 16:20 - 2012-10-27 16:20 - 00017408 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32profile.pyd 2012-10-27 16:20 - 2012-10-27 16:20 - 00108544 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32security.pyd 2012-10-27 16:21 - 2012-10-27 16:21 - 00022528 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32ts.pyd 2012-10-27 16:22 - 2012-10-27 16:22 - 00364544 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\pythoncom27.dll 2012-10-27 16:23 - 2012-10-27 16:23 - 00320512 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32com.shell.shell.pyd 2014-06-30 17:04 - 2014-06-30 17:04 - 00087552 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_ctypes.pyd 2014-06-30 17:04 - 2014-06-30 17:04 - 00715264 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_hashlib.pyd 2014-06-30 17:03 - 2014-06-30 17:03 - 00046080 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_socket.pyd 2014-06-30 17:04 - 2014-06-30 17:04 - 01160704 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\_ssl.pyd 2012-10-27 16:20 - 2012-10-27 16:20 - 00025600 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32cred.pyd 2012-10-27 16:20 - 2012-10-27 16:20 - 00011264 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32crypt.pyd 2012-10-27 16:20 - 2012-10-27 16:20 - 00064512 _____ () C:\Program Files (x86)\Sirrix AG\BitBox\bin\win32net.pyd 2014-06-12 21:50 - 2011-05-26 17:17 - 00065576 ____R () C:\Program Files (x86)\Mobile Broadband drivers\WMCore\MBMDebug.dll 2014-03-14 17:46 - 2014-03-14 17:46 - 00065880 _____ () C:\Program Files (x86)\Lenovo\Access Connections\ACSonyEricssonHlpr.dll 2014-03-14 17:47 - 2014-03-14 17:47 - 00092504 _____ () C:\Program Files (x86)\Lenovo\Access Connections\AcWrpc.dll 2016-03-09 21:20 - 2016-02-03 08:58 - 00072984 _____ () C:\Program Files (x86)\Hardcopy\hardcopy_06.dll 2016-05-23 09:56 - 2016-05-23 09:57 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-05-23 09:56 - 2016-05-23 09:57 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2015-12-11 21:46 - 2016-05-25 19:03 - 00034768 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd 2016-06-27 07:41 - 2016-05-25 19:03 - 00134088 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\pyexpat.pyd 2016-06-27 07:41 - 2016-05-25 19:04 - 00019408 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\faulthandler.pyd 2016-06-27 07:41 - 2016-05-25 19:03 - 00116688 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\pywintypes27.dll 2015-12-11 21:46 - 2016-05-25 19:03 - 00093640 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\_ctypes.pyd 2015-12-11 21:46 - 2016-05-25 19:03 - 00018376 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\select.pyd 2015-12-11 21:46 - 2016-06-13 22:13 - 00019760 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd 2015-12-11 21:46 - 2016-05-25 19:05 - 00105928 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\win32api.pyd 2016-06-27 07:41 - 2016-05-25 19:03 - 00392144 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\pythoncom27.dll 2015-12-11 21:46 - 2016-06-13 22:13 - 00381752 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd 2015-12-11 21:46 - 2016-05-25 19:03 - 00692688 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\unicodedata.pyd 2016-06-27 07:41 - 2016-06-13 22:13 - 00020816 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd 2015-12-11 21:46 - 2016-05-25 19:04 - 00123856 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd 2016-06-27 07:41 - 2016-06-13 22:13 - 01682760 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd 2016-06-27 07:41 - 2016-06-13 22:13 - 00020808 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd 2015-12-11 21:46 - 2016-06-13 22:13 - 00021840 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd 2016-06-27 07:41 - 2016-06-13 22:13 - 00052024 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd 2016-06-27 07:41 - 2016-06-13 22:13 - 00038696 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\fastpath.pyd 2016-06-27 07:41 - 2016-05-25 19:05 - 00020936 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\mmapfile.pyd 2015-12-11 21:46 - 2016-05-25 19:05 - 00024528 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\win32event.pyd 2015-12-11 21:46 - 2016-05-25 19:05 - 00114640 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\win32security.pyd 2015-12-11 21:46 - 2016-05-25 19:05 - 00124880 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\win32file.pyd 2016-02-18 08:59 - 2016-06-13 22:13 - 00021832 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd 2015-12-11 21:46 - 2016-05-25 19:05 - 00024016 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\win32clipboard.pyd 2015-12-11 21:46 - 2016-05-25 19:05 - 00175560 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\win32gui.pyd 2015-12-11 21:46 - 2016-05-25 19:05 - 00030160 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\win32pipe.pyd 2015-12-11 21:46 - 2016-05-25 19:05 - 00043472 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\win32process.pyd 2015-12-11 21:46 - 2016-05-25 19:05 - 00048592 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\win32service.pyd 2016-02-18 08:59 - 2016-06-13 22:13 - 00023872 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd 2016-06-27 07:41 - 2016-06-13 22:13 - 00026456 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd 2015-12-11 21:46 - 2016-05-25 19:05 - 00057808 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\win32evtlog.pyd 2015-12-11 21:46 - 2016-05-25 19:05 - 00024016 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\win32profile.pyd 2016-06-27 07:41 - 2016-06-13 22:13 - 00246592 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd 2015-12-11 21:46 - 2016-05-25 19:05 - 00028616 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\win32ts.pyd 2016-02-18 08:59 - 2016-06-13 22:13 - 00020800 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd 2016-02-18 08:59 - 2016-06-13 22:13 - 00019776 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd 2016-02-18 08:59 - 2016-06-13 22:13 - 00020800 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd 2015-12-11 21:46 - 2016-05-25 19:03 - 00134608 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\_elementtree.pyd 2016-06-27 07:41 - 2016-05-25 19:04 - 00240584 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\jpegtran.pyd 2016-06-27 07:41 - 2016-06-13 22:13 - 00020280 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd 2015-12-11 21:46 - 2016-06-13 22:13 - 00023376 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd 2015-12-11 21:46 - 2016-05-25 19:05 - 00350152 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\winxpgui.pyd 2016-02-18 08:59 - 2016-06-13 22:13 - 00022352 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd 2016-06-27 07:41 - 2016-06-13 22:13 - 00024392 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd 2016-06-27 07:41 - 2016-05-25 19:05 - 00036296 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\librsync.dll 2016-06-27 07:41 - 2016-06-13 22:13 - 00031568 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\enterprise_data.compiled._enterprise_data.pyd 2016-06-27 07:41 - 2016-03-12 02:46 - 00293392 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll 2016-06-27 07:41 - 2016-06-13 22:13 - 00084280 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL 2016-06-27 07:41 - 2016-06-13 22:13 - 01826096 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd 2015-12-11 21:46 - 2016-05-25 19:04 - 00083912 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\sip.pyd 2016-06-27 07:41 - 2016-06-13 22:13 - 03928880 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd 2016-06-27 07:41 - 2016-06-13 22:13 - 01971504 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd 2016-06-27 07:41 - 2016-06-13 22:13 - 00531248 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd 2016-06-27 07:41 - 2016-06-13 22:13 - 00132912 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd 2016-06-27 07:41 - 2016-06-13 22:13 - 00223544 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd 2016-06-27 07:41 - 2016-06-13 22:13 - 00207672 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd 2015-12-11 21:46 - 2016-05-25 19:05 - 00060880 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\win32print.pyd 2016-04-17 20:43 - 2016-06-13 22:13 - 00025928 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\windisplaytoast.compiled._DisplayToast.pyd 2016-06-27 07:41 - 2016-06-13 22:13 - 00546096 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd 2016-06-27 07:41 - 2016-06-13 22:13 - 00357680 _____ () C:\Users\CM\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\Users\CM\Desktop\Beitrittserklaerung_2015.pdf:com.dropbox.attributes [168] AlternateDataStreams: C:\Users\CM\Desktop\dum-sepa.001:com.dropbox.attributes [168] ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 04:34 - 2016-06-20 11:42 - 00000822 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-793156834-983140082-329161430-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img3.jpg DNS Servers: 192.168.179.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\...\StartupApproved\Run: => "AcWin7Hlpr" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKLM\...\StartupApproved\Run32: => "Avira SystrayStartTrigger" HKLM\...\StartupApproved\Run32: => "FJTWAINIC Setup" HKLM\...\StartupApproved\Run32: => "FJTWAINIC2 Setup" HKLM\...\StartupApproved\Run32: => "KiesTrayAgent" HKLM\...\StartupApproved\Run32: => "LWS" HKLM\...\StartupApproved\Run32: => "ProductUpdater" HKLM\...\StartupApproved\Run32: => "MobileConnect" HKU\S-1-5-21-793156834-983140082-329161430-1000\...\StartupApproved\Run: => "iCloudDrive" HKU\S-1-5-21-793156834-983140082-329161430-1000\...\StartupApproved\Run: => "iCloudPhotos" HKU\S-1-5-21-793156834-983140082-329161430-1000\...\StartupApproved\Run: => "ApplePhotoStreams" HKU\S-1-5-21-793156834-983140082-329161430-1000\...\StartupApproved\Run: => "iCloudServices" HKU\S-1-5-21-793156834-983140082-329161430-1000\...\StartupApproved\Run: => "Mobile Partner" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808 FirewallRules: [{DF5CC279-5B02-45D8-8916-DCE4D97E9310}] => (Allow) D:\Tobit Radio.fx\Client\rfx-client.exe FirewallRules: [{453F09E1-73C3-495F-9B04-1502DD4D9148}] => (Allow) D:\Tobit Radio.fx\Client\rfx-client.exe FirewallRules: [{81DD4446-3F52-4711-9774-379969B69474}] => (Allow) D:\Tobit Radio.fx\Server\rfx-server.exe FirewallRules: [{80285595-7B43-4C6E-B895-5202BF12C457}] => (Allow) D:\Tobit Radio.fx\Server\rfx-server.exe FirewallRules: [{AFF45F2E-A0AB-4847-A804-ED783E5C741D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{F8A4085B-D6FE-4E75-B079-FFEFF45A260C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{20DAEF1C-E124-4C4F-8590-EA8E2943BC05}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{DA2A2D4A-889A-4DA7-A961-71BCF7039F98}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{E756FEFA-1A2A-4DC5-B3DF-88C839C1A28E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{AE1F5198-781D-42E9-BDF5-148332B0E31D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{079FCBA7-CB2E-4C02-A80D-A532913AEC72}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{9B7A16A1-723E-4483-9EE1-36E2A1CCF068}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{C6464F89-0627-49CF-802F-040BFF19767C}] => (Allow) LPort=5031 FirewallRules: [{5F7411B0-B357-423D-A492-A9552DF62CBC}] => (Allow) C:\Users\CM\AppData\Local\Temp\_ISTMP1.DIR\_ISTMP0.DIR\igd_finder.exe FirewallRules: [{4DBACFE5-7FC5-453F-9F04-B8CC1CEAE30B}] => (Allow) C:\Users\CM\AppData\Local\Temp\_ISTMP1.DIR\_ISTMP0.DIR\igd_finder.exe FirewallRules: [UDP Query User{BE7ED1DD-6EB7-404B-AA99-00975DE0666F}C:\program files (x86)\fritz!\frifax32.exe] => (Allow) C:\program files (x86)\fritz!\frifax32.exe FirewallRules: [TCP Query User{1067C34E-6F0A-4B43-A1DE-5B0581193738}C:\program files (x86)\fritz!\frifax32.exe] => (Allow) C:\program files (x86)\fritz!\frifax32.exe FirewallRules: [UDP Query User{BA707499-B9B4-4325-83DD-B5FE9EDAA086}C:\users\cm\appdata\local\temp\_istmp1.dir\_ins5576._mp] => (Allow) C:\users\cm\appdata\local\temp\_istmp1.dir\_ins5576._mp FirewallRules: [TCP Query User{B93794C9-DB3B-4FBE-96D0-8067A2E603CC}C:\users\cm\appdata\local\temp\_istmp1.dir\_ins5576._mp] => (Allow) C:\users\cm\appdata\local\temp\_istmp1.dir\_ins5576._mp FirewallRules: [UDP Query User{D90D5E6F-4566-4CE1-AB17-FEE50CE504C9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [TCP Query User{F8E60A78-74CD-476D-9240-F072DD6AD338}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{C7BAA92D-49E0-4978-80C8-52E7653D8972}C:\users\cm\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\cm\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [TCP Query User{423829A0-E689-4D01-B6C1-D52DA6F5BB7B}C:\users\cm\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\cm\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{CCCA3860-3099-409F-8F27-AC16442372CD}] => (Allow) C:\Users\CM\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{337CAEF6-597F-4644-A994-AB082DCEB03C}] => (Allow) C:\Users\CM\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{980F22E8-A1D0-49D1-BDF5-47ACDDEC6A4F}] => (Block) C:\program files (x86)\common files\fronius\localnetv3\localnetserver.exe FirewallRules: [{C2E7AF8F-6B6F-4FB1-852F-C31A69DF6469}] => (Block) C:\program files (x86)\common files\fronius\localnetv3\localnetserver.exe FirewallRules: [UDP Query User{2AE11CD1-582F-4981-B55B-121048BB5BA4}C:\program files (x86)\common files\fronius\localnetv3\localnetserver.exe] => (Allow) C:\program files (x86)\common files\fronius\localnetv3\localnetserver.exe FirewallRules: [TCP Query User{E91966CD-93B1-4789-B9BE-8FDBF08938B0}C:\program files (x86)\common files\fronius\localnetv3\localnetserver.exe] => (Allow) C:\program files (x86)\common files\fronius\localnetv3\localnetserver.exe FirewallRules: [{B71A9DC2-4569-416D-BAD2-E9AF74D0D96D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{F76B1FA6-AB69-4B9A-9604-60C417DFA0F2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{85A5FF9D-328E-4CBA-93E2-5CCEFEA9EE15}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{12039348-373B-46BC-92C2-9B5E1411F759}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [UDP Query User{505CA4D8-AA4E-4ED9-A5F5-9147D5484D38}C:\program files (x86)\watchmycam\watchmycam.exe] => (Block) C:\program files (x86)\watchmycam\watchmycam.exe FirewallRules: [TCP Query User{4BA4E8D9-F933-406D-AD64-836F8E12EDB3}C:\program files (x86)\watchmycam\watchmycam.exe] => (Block) C:\program files (x86)\watchmycam\watchmycam.exe FirewallRules: [UDP Query User{91F399CB-AA53-49B0-9A74-13F6D338EA71}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe FirewallRules: [TCP Query User{C76A4E3F-B44D-4EBB-9FCE-A9F3832E0DEF}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe FirewallRules: [{F1EE4732-A988-4147-909D-5B18AD3651BF}] => (Block) C:\program files (x86)\fronius\fronius datalogger finder\fronius.solarweb.dataloggerfinder.exe FirewallRules: [{0889EFC3-4545-4B61-A73D-EEDA89477041}] => (Block) C:\program files (x86)\fronius\fronius datalogger finder\fronius.solarweb.dataloggerfinder.exe FirewallRules: [UDP Query User{CF38DE70-3B16-454C-8E97-FE0984521341}C:\program files (x86)\fronius\fronius datalogger finder\fronius.solarweb.dataloggerfinder.exe] => (Allow) C:\program files (x86)\fronius\fronius datalogger finder\fronius.solarweb.dataloggerfinder.exe FirewallRules: [TCP Query User{47C81BD2-32A5-4182-8C44-200FAFC6ABE8}C:\program files (x86)\fronius\fronius datalogger finder\fronius.solarweb.dataloggerfinder.exe] => (Allow) C:\program files (x86)\fronius\fronius datalogger finder\fronius.solarweb.dataloggerfinder.exe FirewallRules: [UDP Query User{1CD5063C-ADBE-4DB2-9F0A-0D7C98D1C2A5}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [TCP Query User{5314CC54-D4E3-4062-86AA-C4881F3B17AA}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [{0BBE6076-4EE1-4B2C-BB3A-8B8B1475FC1D}] => (Allow) LPort=1900 FirewallRules: [{1915AA6C-CCF6-4E29-9A50-2CE09F857064}] => (Allow) LPort=7900 FirewallRules: [{C15791FF-29B6-4DCC-A6F4-FB6F0C1719FD}] => (Allow) LPort=24234 FirewallRules: [{36829F92-3F69-4A52-BEF7-A1142B8667D0}] => (Allow) LPort=7679 FirewallRules: [{680C89D2-4B96-4D79-B68B-707574B8C37C}] => (Allow) LPort=7676 FirewallRules: [{AA538738-938C-4F75-840F-30A0B58A4810}] => (Allow) LPort=8643 FirewallRules: [{D98FD8E0-EC74-4F19-8F22-FDCE442D13DE}] => (Allow) LPort=8743 FirewallRules: [{EDC81176-1815-4FC6-A586-7B2867F08DF9}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe FirewallRules: [{EDAFA4ED-1385-4101-BFD6-26FCCEDEABAF}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe FirewallRules: [UDP Query User{D3F04CB5-A35A-49AD-ADF4-A752460469EE}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe FirewallRules: [TCP Query User{6745C786-D012-4C3A-BC8B-836914C7D92F}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe FirewallRules: [UDP Query User{447AC142-8D82-48CA-B188-7B7302208378}C:\program files (x86)\watchmycam\watchmycam.exe] => (Allow) C:\program files (x86)\watchmycam\watchmycam.exe FirewallRules: [TCP Query User{38137A09-DD5E-4A95-8D92-EA4037B9592E}C:\program files (x86)\watchmycam\watchmycam.exe] => (Allow) C:\program files (x86)\watchmycam\watchmycam.exe FirewallRules: [UDP Query User{ECE2BA50-6BF1-4FBB-B1ED-F4A516A797E6}C:\program files\ispy\ispy (64 bit)\ispy.exe] => (Allow) C:\program files\ispy\ispy (64 bit)\ispy.exe FirewallRules: [TCP Query User{A3D6508F-7D3D-4454-A423-4E4716359E7A}C:\program files\ispy\ispy (64 bit)\ispy.exe] => (Allow) C:\program files\ispy\ispy (64 bit)\ispy.exe FirewallRules: [UDP Query User{8423FAC8-3291-412B-BEC1-BAEF16071B4B}C:\program files (x86)\go1984\go1984.exe] => (Allow) C:\program files (x86)\go1984\go1984.exe FirewallRules: [TCP Query User{207D5E58-7892-455A-BD3D-418FD33C3A1D}C:\program files (x86)\go1984\go1984.exe] => (Allow) C:\program files (x86)\go1984\go1984.exe FirewallRules: [UDP Query User{7BF7347E-5A19-4D63-AE08-AE3AEB802E10}C:\users\cm\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\cm\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{0CABD201-DEB5-4923-BF31-50C3C168B212}C:\users\cm\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\cm\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{52A19F29-5A6B-4966-95F8-6FAED5B8BAEF}C:\users\cm\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\cm\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{C1364DCD-87C1-4ED5-87B6-ADA343A8468E}C:\users\cm\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\cm\appdata\roaming\spotify\spotify.exe FirewallRules: [{72E9B525-DE81-4061-B41A-46B79043BE7E}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\vncviewer.exe FirewallRules: [{F1EC1281-F8BD-4FEB-9D7E-B8855FC532B1}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\vncviewer.exe FirewallRules: [{72442C24-11B7-4903-ABB3-BB57C28D67C1}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe FirewallRules: [{7631BBB5-0561-42A3-B88D-8A868E7ACE5F}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe FirewallRules: [{8C6BAEB8-D900-47CF-BC59-A86472C5C6AB}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{FF6BE830-FB12-41F4-AA05-E756369CF059}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{82AF888A-84A7-4E68-891A-7855AE3ED4B8}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe FirewallRules: [{6C333028-43BB-4DF2-92A5-1E6B685BBDBD}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe FirewallRules: [{80266895-D733-4FEE-B5D1-ACCE2C545F94}] => (Allow) C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe FirewallRules: [{EC1A84CF-715B-438B-8A31-CC4001D8815F}] => (Allow) C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe FirewallRules: [{FEEEA9E5-F658-43B8-B897-339723751816}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{535A8B21-E9BF-4BA5-A53A-6AE8CD9233A9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Wiederherstellungspunkte ========================= 03-06-2016 22:49:37 paint.net v4.0.9 06-06-2016 09:28:12 Installiert Lenovo Settings - Power 07-06-2016 21:07:25 Installed PDF Architect 4 View Module 16-06-2016 12:39:43 Windows Update 27-06-2016 10:35:25 Removed Avira Browser Safety 27-06-2016 13:53:49 Malwarebytes Anti-Rootkit Restore Point 27-06-2016 14:35:54 Malwarebytes Anti-Rootkit Restore Point 28-06-2016 19:40:18 JRT Pre-Junkware Removal ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (06/28/2016 09:05:22 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 10.0.10586.420, Zeitstempel: 0x574919b9 Name des fehlerhaften Moduls: support.dll_unloaded, Version: 4.1.4.27684, Zeitstempel: 0x572a0944 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000000053c0 ID des fehlerhaften Prozesses: 0x1c8 Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0 Pfad der fehlerhaften Anwendung: Explorer.EXE1 Pfad des fehlerhaften Moduls: Explorer.EXE2 Berichtskennung: Explorer.EXE3 Vollständiger Name des fehlerhaften Pakets: Explorer.EXE4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Explorer.EXE5 Error: (06/28/2016 07:40:32 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert . Error: (06/27/2016 03:21:55 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CMS-PC) Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2147417848. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (06/27/2016 03:21:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CMS-PC) Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147417848. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (06/27/2016 03:21:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CMS-PC) Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (06/27/2016 03:21:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CMS-PC) Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147417848. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (06/27/2016 03:21:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CMS-PC) Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2147417848. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (06/27/2016 03:21:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CMS-PC) Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2147417848. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (06/27/2016 03:21:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CMS-PC) Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2147417848. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (06/27/2016 03:21:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CMS-PC) Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Systemfehler: ============= Error: (06/30/2016 01:25:27 PM) (Source: DCOM) (EventID: 10016) (User: CMS-PC) Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}CMs-PCCMS-1-5-21-793156834-983140082-329161430-1000LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 Error: (06/30/2016 01:25:27 PM) (Source: DCOM) (EventID: 10016) (User: CMS-PC) Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}CMs-PCCMS-1-5-21-793156834-983140082-329161430-1000LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 Error: (06/30/2016 01:19:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Emc.Captiva.WebCaptureService" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 = Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung. Error: (06/30/2016 01:19:34 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Emc.Captiva.WebCaptureService erreicht. Error: (06/30/2016 01:19:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "ImControllerService" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 = Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung. Error: (06/30/2016 01:19:33 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst ImControllerService erreicht. Error: (06/30/2016 01:19:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "FontCache3.0.0.0" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 = Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung. Error: (06/30/2016 01:19:32 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst FontCache3.0.0.0 erreicht. Error: (06/30/2016 01:19:01 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058 = Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. Error: (06/30/2016 01:18:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Dokan" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 = Das System kann die angegebene Datei nicht finden. CodeIntegrity: =================================== Date: 2016-06-17 18:46:18.515 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-16 21:25:32.028 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-16 18:43:27.823 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-06 09:34:22.756 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\risdxc64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-05-30 13:50:20.992 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-30 10:56:44.372 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-23 10:46:03.845 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-23 09:36:02.281 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-23 08:03:19.117 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-22 23:12:15.162 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i7-2620M CPU @ 2.70GHz Prozentuale Nutzung des RAM: 23% Installierter physikalischer RAM: 8075.23 MB Verfügbarer physikalischer RAM: 6189.35 MB Summe virtueller Speicher: 16267.23 MB Verfügbarer virtueller Speicher: 14566.8 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:244.04 GB) (Free:43.34 GB) NTFS Drive d: (Daten) (Fixed) (Total:146.48 GB) (Free:97.26 GB) NTFS Drive e: (Image Win7) (Fixed) (Total:75.13 GB) (Free:10.5 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 353236AD) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=244 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=146.5 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=75.1 GB) - (Type=OF Extended) ==================== Ende von Addition.txt ============================ |
Themen zu Windows will Dateien löschen, Virenscanner deaktiviert sich |
dateien, dateien gelöscht, deaktiviert, desinfect, gelöscht, gestern, guten, laptop, löschen, meldung, morgen, pc normal, scan, scanner, start, virenscan, virenscanner, warnung, win, win 10, windows, würde |