| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Ungewünschte Webseite öffnet sichWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
01.02.2017, 20:59
| #1 |
 |  Ungewünschte Webseite öffnet sich Hallo, Beim Besuchen einer Hotel Buchungsseite switcht der Chrome Browser zu einer Erotik Dating Seite. Ist bisher erst einmal passiert und nicht reproduzierbar. Hab ich mir eventuell etwas eingefangen? Malwarebytes und Kaspersky finden bei einem Full Scan nichts. Unten ein frst, danke! FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 29-01-2017
durchgeführt von ****** (Administrator) auf ****** (01-02-2017 20:51:07)
Gestartet von C:\Users\******\Downloads
Geladene Profile: ****** (Verfügbare Profile: ******)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Authentec Inc.) C:\Program Files\******Vantage Fingerprint Software\upeksvr.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
(Broadcom Corporation.) C:\Program Files\******Pad\Bluetooth Software\btwdins.exe
(Intel® Corporation) C:\Program Files\Intel\CAM\bin\CAMService.exe
() C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe
() C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Ericsson AB) C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Spotify Ltd) C:\Users\******\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHVE.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Broadcom Corporation.) C:\Program Files\******Pad\Bluetooth Software\BTTray.exe
(Dropbox, Inc.) C:\Users\******\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(SunplusIT, Inc.) C:\Program Files (x86)\Integrated Camera\Monitor.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Synology Inc.) C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-ui.exe
(Synology Inc.) C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\cloud-backup-ui.exe
(ABN AMRO) C:\Program Files (x86)\ABN AMRO e.dentifier2\wss\becwsupa.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Synology Inc.) C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-connect.exe
(Synology Inc.) C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\cloud-backup-connect.exe
(Synology Inc.) C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\cloud-backup-daemon.exe
(Lenovo Group Limited) C:\Program Files (x86)\******Pad\Utilities\SCHTASK.EXE
(Synology Inc.) C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-daemon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Broadcom Corporation.) C:\Program Files\******Pad\Bluetooth Software\BTStackServer.exe
() C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
(Lenovo) C:\Program Files (x86)\******Pad\Utilities\PWMDBSVC.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\AuthManager\AuthManSvr.exe
(RStudio, Inc.) C:\Program Files\RStudio\bin\rstudio.exe
(RStudio, Inc.) C:\Program Files\RStudio\bin\x64\rsession.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.517\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.517\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.517\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.517\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.517\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.517\opera.exe
(Spotify Ltd) C:\Users\******\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\******\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\******\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\******\AppData\Roaming\Spotify\Spotify.exe
(The OpenVPN Project) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\openvpn.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\chrome.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\chrome.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\chrome.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\chrome.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13653208 2013-09-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916592 2014-07-28] (Synaptics Incorporated)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-07-18] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [132920 2013-05-30] (Intel Corporation)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2013-06-19] (Intel Corporation)
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
HKLM-x32\...\Run: [Lenovo App Shop] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2013-06-19] (Intel Corporation)
HKLM-x32\...\Run: [Integrated Camera_Monitor] => C:\Program Files (x86)\Integrated Camera\monitor.exe [1719456 2013-12-10] (SunplusIT, Inc.)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [Becwsupa] => C:\Program Files (x86)\ABN AMRO e.dentifier2\wss\becwsupa.exe [162136 2014-11-28] (ABN AMRO)
HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\******Pad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\******Vantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Run: [Dropbox Update] => C:\Users\******\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Run: [Spotify Web Helper] => C:\Users\******\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-01-28] (Spotify Ltd)
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Run: [Google Update] => C:\Users\******\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2016-12-17] (Google Inc.)
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHVE.EXE [239488 2011-04-24] (SEIKO EPSON CORPORATION)
Lsa: [Notification Packages] scecli C:\Program Files\******Vantage Fingerprint Software\psqlpwd.dll C:\Program Files\******Pad\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [ 01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => -> Keine Datei
ShellIconOverlayIdentifiers: [ 02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => -> Keine Datei
ShellIconOverlayIdentifiers: [ 03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => -> Keine Datei
ShellIconOverlayIdentifiers: [ 04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => -> Keine Datei
ShellIconOverlayIdentifiers: [ 05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => -> Keine Datei
ShellIconOverlayIdentifiers: [CeDesktopIntegration] -> {3CEC3E6D-ECF2-4B49-8A41-3B16DF8B9C3F} => -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => -> Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => -> Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => -> Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\******\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\******\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\******\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll -> Keine Datei
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-07-27]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\******Pad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-01-11]
ShortcutTarget: Dropbox.lnk -> C:\Users\******\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Cloud Station Backup.lnk [2017-01-31]
ShortcutTarget: Synology Cloud Station Backup.lnk -> C:\Program Files (x86)\Synology\CloudStationBackup\bin\launcher.exe (Synology Inc.)
Startup: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Cloud Station Drive.lnk [2017-01-31]
ShortcutTarget: Synology Cloud Station Drive.lnk -> C:\Program Files (x86)\Synology\CloudStation\bin\launcher.exe (Synology Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog9 01 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-12-23] (Lavasoft Limited)
Winsock: Catalog9 02 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-12-23] (Lavasoft Limited)
Winsock: Catalog9 03 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-12-23] (Lavasoft Limited)
Winsock: Catalog9 04 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-12-23] (Lavasoft Limited)
Winsock: Catalog9 16 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-12-23] (Lavasoft Limited)
Winsock: Catalog9-x64 01 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-12-23] (Lavasoft Limited)
Winsock: Catalog9-x64 02 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-12-23] (Lavasoft Limited)
Winsock: Catalog9-x64 03 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-12-23] (Lavasoft Limited)
Winsock: Catalog9-x64 04 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-12-23] (Lavasoft Limited)
Winsock: Catalog9-x64 16 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-12-23] (Lavasoft Limited)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{377520F3-E7C7-403B-997E-42BDEC38E4BC}: [DhcpNameServer] 62.179.104.196 213.46.228.196 192.168.192.1
Tcpip\..\Interfaces\{88C1C209-1539-42ED-838C-A4BD8376D044}: [DhcpNameServer] 10.15.0.1
Tcpip\..\Interfaces\{8A21F8CE-5324-4563-A4A5-D47CF1CBA83B}: [DhcpNameServer] 172.168.111.2
Tcpip\..\Interfaces\{B524442D-7D83-4ED0-A93C-096812422175}: [DhcpNameServer] 62.179.104.196 213.46.228.196 192.168.192.1
Tcpip\..\Interfaces\{DD3744FA-918D-44DC-86A4-233872F49E60}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000 -> {417735E5-3C9D-89A4-A0EC-2BA9A2D311CA} URL =
SearchScopes: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll [2012-04-18] (Symantec Corporation)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-19] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll [2012-04-18] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-19] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei
Toolbar: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000 -> Kein Name - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - Keine Datei
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/NL/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: HKLM-x32 {538793D5-659C-4639-A56C-A179AD87ED44} hxxps://solisvpn.uu.nl/CACHE/stc/20/binaries/vpnweb.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
FireFox:
========
FF DefaultProfile: n12tz17e.default-1421155951383
FF ProfilePath: C:\Users\******\AppData\Roaming\Zotero\Zotero\Profiles\9jq04p59.default [2017-02-01]
FF Extension: (Zotero LibreOffice Integration) - C:\Program Files (x86)\Zotero Standalone\extensions\zoteroOpenOfficeIntegration@zotero.org [2016-11-14] [ist nicht signiert]
FF Extension: (Zotero Word for Windows Integration) - C:\Program Files (x86)\Zotero Standalone\extensions\zoteroWinWordIntegration@zotero.org [2016-11-14] [ist nicht signiert]
FF ProfilePath: C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-1480473739-3576749651-3455334848-1000\FireFox [2015-12-01]
FF user.js: detected! => C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-1480473739-3576749651-3455334848-1000\FireFox\user.js [2015-04-23]
FF Extension: (Kein Name) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [nicht gefunden]
FF ProfilePath: C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\n12tz17e.default-1421155951383 [2017-02-01]
FF Extension: (Zotero) - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\n12tz17e.default-1421155951383\Extensions\zotero@chnm.gmu.edu.xpi [2016-10-04]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-12-08]
FF HKLM-x32\...\Firefox\Extensions: [VIP2X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF Extension: (Symantec VIP Access Add-On) - C:\Program Files (x86)\Symantec\VIP Access Client [2013-06-04] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF HKLM-x32\...\Firefox\Extensions: [VIP5X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-11] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @ABNAMRO/BECON,version=1.00 -> C:\Program Files (x86)\ABN AMRO e.dentifier2\Mozilla\npBECON.dll [2014-11-28] (ABN AMRO)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-11] ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2015-12-10] (Citrix Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-13] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-13] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll [2012-05-23] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @hola.org/FlashPlayer -> C:\Users\******\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @hola.org/vlc -> C:\Users\******\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\******\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1312180-0-npoctoshape.dll [2013-12-18] (Octoshape ApS)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\******\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @talk.google.com/O1DPlugin -> C:\Users\******\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @tools.google.com/Google Update;version=3 -> C:\Users\******\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @tools.google.com/Google Update;version=9 -> C:\Users\******\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\******\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2016-09-08] (Zoom Video Communications, Inc.)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: google.com/WidevineMediaOptimizer -> C:\Users\******\AppData\Roaming\IDM\bin\npwidevinemediaoptimizer.dll [2014-06-09] (Google Inc.)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll [2013-06-19] (Intel)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: intel.com/AppUpx64 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll [2013-06-19] (Intel)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\******\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\******\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\******\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2014-05-15] (Octoshape ApS)
Chrome:
=======
CHR Profile: C:\Users\******\AppData\Local\Google\Chrome\User Data\Default [2017-02-01]
CHR Extension: (Google Präsentationen) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-26]
CHR Extension: (Google Docs) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-26]
CHR Extension: (Google Drive) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-26]
CHR Extension: (YouTube) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-26]
CHR Extension: (Google Cast) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-10-27]
CHR Extension: (Zotero Connector) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2016-12-09]
CHR Extension: (Google Tabellen) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-26]
CHR Extension: (Kaspersky Protection) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2017-01-31]
CHR Extension: (Google Docs Offline) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-26]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Google Mail) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-26]
CHR Extension: (Chrome Media Router) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-15]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 CAMService; C:\Program Files\Intel\CAM\bin\CAMService.exe [1243344 2014-09-03] (Intel® Corporation)
R2 Cloud Station Backup VSS Service x64; C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe [287240 2016-04-12] () [Datei ist nicht signiert]
R2 Cloud Station Drive VSS Service x64; C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe [287240 2016-04-12] () [Datei ist nicht signiert]
S3 DozeSvc; C:\Program Files (x86)\******Pad\Utilities\DZSVC64.EXE [326160 2016-04-14] (Lenovo.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-05-30] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2751760 2015-12-23] (Lavasoft Limited)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [115184 2014-07-08] (Lenovo Group Limited)
R2 lnvDiscoveryWinSvc; C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [20984 2013-10-18] (Lenovo)
S2 LPlatSvc; C:\Windows\system32\LPlatSvc.exe [710144 2016-09-06] (Lenovo.)
R3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (Lenovo)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265936 2014-10-29] ()
R2 NitroDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [216072 2012-05-23] (Nitro PDF Software)
R2 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [17168 2015-12-23] ()
R3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [23416 2017-01-18] ()
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248840 2016-03-18] () [Datei ist nicht signiert]
R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84080 2012-04-18] (Symantec Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WMCoreService; C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe [689560 2012-10-18] (Ericsson AB)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3818704 2014-10-29] (Intel® Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [170200 2013-03-27] (Broadcom Corporation.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
S3 e.dentifier2; C:\Windows\System32\DRIVERS\aabed2.sys [28672 2008-03-20] (Todos Data System AB)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2011-10-05] (Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [29736 2011-10-05] (Ericsson AB)
S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [39504 2013-04-11] (ThreatTrack Security)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-08-31] (GFI Software)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-06-04] (REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-16] (Intel Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [86352 2016-06-14] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [189264 2016-06-26] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [305496 2016-10-03] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1036512 2016-12-08] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [57936 2016-12-08] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [52144 2016-05-18] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [75696 2016-05-17] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [134880 2016-12-08] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [194480 2016-06-14] (AO Kaspersky Lab)
R3 l36wgps; C:\Windows\System32\DRIVERS\l36wgps64.sys [103184 2012-03-01] (Ericsson AB)
R3 l36wscard; C:\Windows\System32\DRIVERS\l36wscard.sys [61992 2011-01-14] (Ericsson AB)
S3 LenLan; C:\Windows\System32\DRIVERS\LenLan.sys [98816 2012-05-29] (Lenovo Corporation)
R3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [443208 2012-10-02] (MCCI Corporation)
R3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [453960 2012-10-02] (MCCI Corporation)
R3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [21832 2012-10-02] (MCCI Corporation)
R3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [506184 2012-10-02] (MCCI Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [45296 2014-07-28] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1514144 2013-12-10] (Sunplus)
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2012-12-05] (Seiko Epson Corporation)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-29] (Lenovo Information Product(ShenZhen China) Inc.)
S3 tvtvcamd; C:\Windows\System32\DRIVERS\tvtvcamd.sys [27432 2011-12-07] (******Vantage Communications Utility)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2015-10-23] (Cisco Systems, Inc.)
R3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [281840 2013-02-19] (Ericsson AB)
S3 ALSysIO; \??\C:\Users\******\AppData\Local\Temp\ALSysIO64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz137; \??\C:\Users\******\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
S2 smihlp2; \??\C:\Program Files\******Vantage Fingerprint Software\smihlp.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-01 20:51 - 2017-02-01 20:51 - 00043250 _____ C:\Users\******\Downloads\FRST.txt
2017-02-01 20:40 - 2017-02-01 20:51 - 00000000 ____D C:\FRST
2017-01-31 09:35 - 2017-01-31 09:35 - 00000000 ____D C:\Users\******\AppData\Local\Tvsukernel
2017-01-18 12:00 - 2017-01-18 12:00 - 00133448 _____ (Zoom Video Communications, Inc.) C:\Users\******\Downloads\Zoom_launcher (4).exe
2017-01-11 12:03 - 2017-01-11 12:03 - 00133448 _____ (Zoom Video Communications, Inc.) C:\Users\******\Downloads\Zoom_launcher (3).exe
2017-01-11 11:21 - 2017-01-05 19:55 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-01-11 11:21 - 2017-01-05 19:55 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-01-11 11:21 - 2017-01-05 19:52 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-01-11 11:21 - 2017-01-05 18:42 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-01-11 11:21 - 2017-01-05 18:32 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-01-11 11:21 - 2017-01-05 18:25 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-01-11 11:21 - 2017-01-05 18:24 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-01-11 11:21 - 2017-01-05 18:24 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-01-11 11:21 - 2017-01-05 18:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-01-11 11:21 - 2017-01-05 18:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-01-11 11:21 - 2017-01-05 18:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-01 20:45 - 2014-01-21 14:54 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-02-01 20:43 - 2015-01-14 13:15 - 00000000 ____D C:\Users\******\Documents\Zotero Workspace
2017-02-01 20:40 - 2015-01-27 22:41 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-02-01 20:37 - 2014-08-04 08:15 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-02-01 20:06 - 2013-08-14 00:35 - 00000000 ____D C:\Users\******\AppData\Roaming\Spotify
2017-02-01 19:59 - 2016-11-26 11:28 - 00000000 ____D C:\Users\******\AppData\LocalLow\Mozilla
2017-02-01 19:54 - 2015-06-17 15:27 - 00001228 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000UA.job
2017-02-01 19:01 - 2013-08-14 00:37 - 00000000 ____D C:\Users\******\AppData\Local\Spotify
2017-02-01 18:08 - 2015-06-17 15:27 - 00001176 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000Core.job
2017-02-01 18:04 - 2009-07-14 05:45 - 00034432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-02-01 18:04 - 2009-07-14 05:45 - 00034432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-02-01 17:58 - 2016-07-03 00:05 - 00000000 ___RD C:\Users\******\******drive
2017-02-01 15:52 - 2015-10-17 18:42 - 00000548 _____ C:\Windows\Tasks\MATLAB R2015b Startup Accelerator.job
2017-01-31 20:54 - 2016-01-24 16:52 - 00000000 ____D C:\Users\******\AppData\Local\Citrix
2017-01-31 14:14 - 2014-01-01 11:49 - 00000000 ____D C:\Users\******\Documents\Outlook-Dateien
2017-01-31 09:47 - 2013-06-05 09:15 - 00703214 _____ C:\Windows\system32\perfh007.dat
2017-01-31 09:47 - 2013-06-05 09:15 - 00150822 _____ C:\Windows\system32\perfc007.dat
2017-01-31 09:47 - 2009-07-14 06:13 - 01629436 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-31 09:47 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-01-31 09:42 - 2016-04-23 21:51 - 00000000 ___RD C:\Users\******\CloudStation
2017-01-31 09:42 - 2016-04-23 10:20 - 00000000 ____D C:\Users\******\AppData\Local\CloudStationBackup
2017-01-31 09:42 - 2013-06-26 17:26 - 00000000 ___RD C:\Users\******\Dropbox
2017-01-31 09:42 - 2013-06-26 16:49 - 00000000 ____D C:\Users\******
2017-01-31 09:41 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-31 09:36 - 2013-06-26 16:52 - 00000000 ____D C:\Users\******\AppData\Roaming\Nitro PDF
2017-01-31 09:35 - 2013-06-04 23:34 - 00000000 ____D C:\Program Files (x86)\Lenovo
2017-01-31 09:35 - 2013-06-04 17:02 - 00000000 ____D C:\ProgramData\Lenovo
2017-01-31 09:34 - 2016-11-22 21:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-31 09:34 - 2013-06-26 22:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-30 22:29 - 2013-06-27 19:37 - 00007644 _____ C:\Users\******\AppData\Local\Resmon.ResmonCfg
2017-01-30 10:02 - 2013-06-04 23:44 - 00000000 ____D C:\Windows\System32\Tasks\TVT
2017-01-30 10:02 - 2013-06-04 23:38 - 00000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ******Vantage Tools
2017-01-29 14:51 - 2016-02-07 11:28 - 00000946 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2017-01-28 11:02 - 2015-01-09 00:55 - 00003862 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1420761345
2017-01-28 11:02 - 2013-06-26 18:24 - 00000000 ____D C:\Program Files (x86)\Opera
2017-01-26 21:36 - 2016-04-23 21:36 - 00000000 ____D C:\Users\******\AppData\Local\CloudStation
2017-01-26 00:03 - 2015-04-23 19:04 - 00000000 ____D C:\Users\******\AppData\Local\RStudio-Desktop
2017-01-25 15:16 - 2016-05-16 22:52 - 00010275 _____ C:\Users\******\Documents\.Rhistory
2017-01-25 15:16 - 2015-04-23 19:22 - 00000000 ____D C:\Users\******\AppData\Roaming\RStudio
2017-01-25 08:40 - 2013-06-26 17:15 - 00000000 ____D C:\Users\******\AppData\Roaming\Dropbox
2017-01-23 07:12 - 2015-12-03 21:54 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-20 12:13 - 2013-06-26 16:59 - 00000000 ____D C:\Users\******\AppData\Roaming\Skype
2017-01-18 18:34 - 2013-06-26 17:00 - 00000000 ____D C:\Users\******\AppData\Local\LSC
2017-01-18 18:34 - 2013-06-26 16:50 - 00000000 ____D C:\Users\******\AppData\Local\Lenovo
2017-01-14 16:30 - 2014-11-22 14:10 - 00000000 ____D C:\ProgramData\Sonos,_Inc
2017-01-12 21:00 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2017-01-12 12:06 - 2013-07-15 10:32 - 00000000 ____D C:\Windows\system32\MRT
2017-01-12 12:00 - 2013-06-27 08:26 - 135657872 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-01-11 13:00 - 2015-01-07 17:33 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-01-11 12:40 - 2016-10-11 18:47 - 20630616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2017-01-11 12:40 - 2016-02-07 11:28 - 00003936 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-01-11 12:40 - 2015-01-27 22:41 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-01-11 12:40 - 2013-12-14 16:24 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-01-11 12:40 - 2013-12-14 16:24 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-01-11 12:40 - 2013-06-26 17:24 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-01-11 12:40 - 2013-06-26 17:24 - 00000000 ____D C:\Windows\system32\Macromed
2017-01-09 20:00 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-12-30 21:09 - 2016-12-30 21:09 - 0000000 _____ () C:\Users\******\AppData\Roaming\06614afc-e1da-4f66-8e25-9cdde7f40bc0.storage
2016-12-30 21:28 - 2016-12-30 21:28 - 0000000 _____ () C:\Users\******\AppData\Roaming\0b0b642d-bad1-4a42-ae39-e04d3dfd24eb.storage
2016-12-30 21:28 - 2016-12-30 21:28 - 0000000 _____ () C:\Users\******\AppData\Roaming\232b9fac-fc4c-42d2-aa1f-7e61e087d91d.storage
2016-12-30 21:28 - 2016-12-30 21:28 - 0000000 _____ () C:\Users\******\AppData\Roaming\69052423-4e19-425b-9aed-d51266bff2bc.storage
2013-10-03 23:29 - 2013-10-03 23:29 - 0000000 _____ () C:\Users\******\AppData\Roaming\AbsoluteReminder.xml
2013-10-16 20:22 - 2013-10-16 20:58 - 0000132 _____ () C:\Users\******\AppData\Roaming\Adobe CS5-Voreinstellungen für BMP-Format
2013-08-08 00:21 - 2013-08-08 00:21 - 0000037 ___SH () C:\Users\******\AppData\Local\70149b02515b3bb20dd492.47983420
2013-06-27 19:37 - 2017-01-30 22:29 - 0007644 _____ () C:\Users\******\AppData\Local\Resmon.ResmonCfg
2013-06-04 23:36 - 2013-06-04 23:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-03-06 19:19 - 2016-03-17 14:59 - 0000941 _____ () C:\ProgramData\GADump.txt
2014-07-21 09:47 - 2014-07-21 09:47 - 0000337 _____ () C:\ProgramData\hpzinstall.log
2013-06-26 16:52 - 2013-07-07 18:31 - 0000227 _____ () C:\ProgramData\LastUpdate.xml
Einige Dateien in TEMP:
====================
2015-12-11 15:53 - 2015-12-11 15:53 - 0172536 _____ (Cisco Systems, Inc.) C:\Users\******\AppData\Local\Temp\20151211035326961jniverify.dll
2015-10-22 13:22 - 2015-10-22 13:22 - 350951272 _____ (Continuum Analytics, Inc.) C:\Users\******\AppData\Local\Temp\Anaconda-2.3.0-Windows-x86_64.exe
2015-12-01 18:01 - 2015-12-01 18:01 - 0071168 _____ () C:\Users\******\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp1mbv7k.dll
2015-11-06 21:07 - 2015-11-06 21:09 - 23306368 _____ (Hola Networks Ltd.) C:\Users\******\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.10.317.exe
2016-01-14 20:43 - 2016-01-14 20:44 - 23318656 _____ (Hola Networks Ltd.) C:\Users\******\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.11.272.exe
2015-10-17 14:34 - 2015-10-18 09:38 - 23262848 _____ (Hola Networks Ltd.) C:\Users\******\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.9.624.exe
2015-10-29 17:25 - 2015-10-29 17:25 - 23262848 _____ (Hola Networks Ltd.) C:\Users\******\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.9.789.exe
2016-10-19 17:20 - 2016-10-19 17:20 - 0737856 _____ (Oracle Corporation) C:\Users\******\AppData\Local\Temp\jre-8u111-windows-au.exe
2015-10-18 15:41 - 2015-10-18 15:41 - 0585824 _____ (Oracle Corporation) C:\Users\******\AppData\Local\Temp\jre-8u60-windows-au.exe
2015-12-07 18:43 - 2015-12-07 18:43 - 0585824 _____ (Oracle Corporation) C:\Users\******\AppData\Local\Temp\jre-8u66-windows-au.exe
2016-05-03 23:21 - 2016-05-03 23:21 - 0739904 _____ (Oracle Corporation) C:\Users\******\AppData\Local\Temp\jre-8u91-windows-au.exe
2016-11-29 18:45 - 2016-11-29 18:45 - 16826944 ____T (Geek Software GmbH ) C:\Users\******\AppData\Local\Temp\pdf24-creator-update.exe
2016-03-04 23:03 - 2016-03-04 23:03 - 0111104 _____ () C:\Users\******\AppData\Local\Temp\readSTILog.dll
2016-05-15 17:46 - 2016-05-15 17:47 - 41346176 _____ (Skype Technologies S.A.) C:\Users\******\AppData\Local\Temp\SkypeSetup.exe
2015-08-14 13:29 - 2015-07-29 21:08 - 0681097 _____ (SQLite Development Team) C:\Users\******\AppData\Local\Temp\sqlite3.dll
2016-06-06 18:23 - 2016-07-05 21:12 - 3901016 _____ () C:\Users\******\AppData\Local\Temp\Synology-Cloud-Station-Backup-Upgrader.exe
2016-06-06 18:23 - 2016-11-24 23:32 - 3923032 _____ () C:\Users\******\AppData\Local\Temp\Synology-Cloud-Station-Drive-Upgrader.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-01-23 16:35
==================== Ende von FRST.txt ============================
|
|
02.02.2017, 09:31
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Ungewünschte Webseite öffnet sich hi,
__________________addition.txt logfile fehlt, bitte nachreichen  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
02.02.2017, 23:21
| #3 |
| | Ungewünschte Webseite öffnet sich Sorry -- hier die addition.
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 29-01-2017
durchgeführt von ****** (01-02-2017 20:51:38)
Gestartet von C:\Users\******\Downloads
Windows 7 Professional Service Pack 1 (X64) (2013-06-26 15:49:52)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1480473739-3576749651-3455334848-500 - Administrator - Disabled)
Gast (S-1-5-21-1480473739-3576749651-3455334848-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1480473739-3576749651-3455334848-1004 - Limited - Enabled)
Sonos (S-1-5-21-1480473739-3576749651-3455334848-1005 - Limited - Enabled)
****** (S-1-5-21-1480473739-3576749651-3455334848-1000 - Administrator - Enabled) => C:\Users\******
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Aangifte inkomstenbelasting 2011 (HKLM-x32\...\Aangifte inkomstenbelasting 2011) (Version: - Belastingdienst)
Aangifte inkomstenbelasting 2013 (HKLM-x32\...\Aangifte inkomstenbelasting 2013) (Version: - Belastingdienst)
ABN AMRO E.dentifier2 Software (HKLM-x32\...\{7FFDD64B-C182-41D6-AB43-257C07AE486A}) (Version: 03.10 - ABN AMRO BANK)
ActivePerl 5.20.2 Build 2002 (64-bit) (HKLM\...\{C07C5E6C-2225-4668-896C-31A7D105A9BB}) (Version: 5.20.2002 - ActiveState)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 23.0.0.257 - Adobe Systems Incorporated)
Adobe Connect 9 Add-in (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Adobe Connect 9 Add-in) (Version: 11,9,972,8 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 24 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.12020 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.12020 - Cisco Systems, Inc.) Hidden
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.4.0.8014 - Citrix Systems, Inc.)
Crayon Physics Deluxe Demo version 55_demo (HKLM-x32\...\{1AB2519C-B340-4B0C-9F81-BCF32A842EBF}_is1) (Version: 55_demo - Kloonigames, Ltd)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - ****** Group Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Dropbox) (Version: 18.4.32 - Dropbox, Inc.)
Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.68.10 - ****** Group Limited)
EPSON BX620FWD Series Printer Uninstall (HKLM\...\EPSON BX620FWD Series) (Version: - SEIKO EPSON Corporation)
EPSON BX635FWD Series Printer Uninstall (HKLM\...\EPSON BX635FWD Series) (Version: - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EpsonNet Config V4 (HKLM-x32\...\{08013FB5-DF8B-4D29-9B5E-B3DE88EBA6CA}) (Version: 4.1.1 - SEIKO EPSON CORPORATION)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ExpressVPN v3.305 (HKLM-x32\...\ExpressVPN) (Version: v3.305 - )
Free WMA to MP3 Converter 1.16 (HKLM-x32\...\Free WMA to MP3 Converter_is1) (Version: - Jodix Technologies Ltd.)
G*Power 3.1.9.2 (HKLM-x32\...\{F9C59D86-6F65-4EDB-89A2-FBA1F78762D2}) (Version: 3.1.92 - Franz Faul, Uni Kiel, Germany)
GOG.com Heroes of Might and Magic 3 (HKLM\...\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb) (Version: - )
Google Apps Migration For Microsoft Outlook® 4.0.29.9 (HKLM-x32\...\{E8248BD6-6294-4CF6-9CF9-BDAAC0CC8253}) (Version: 4.0.29.9 - Google, Inc.)
Google Apps Sync™ for Microsoft Outlook® 3.8.440.1250 (HKLM-x32\...\{091C294E-F243-432C-93E1-DEC4C2B9635B}) (Version: 3.8.440.1250 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Hema Fotoalbum (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\{83EF9202-135C-4AFC-A083-DE9D09C6BC46}_is1) (Version: - Hema)
Heroes of Might and Magic 3 Complete (HKLM-x32\...\GOGPACKHOMM3COMPLETE_is1) (Version: 2.0.0.16 - GOG.com)
IBM SPSS Statistics 20 (HKLM\...\{2AF8017B-E503-408F-AACE-8A335452CAD2}) (Version: 20.0.0.0 - IBM Corp)
inSSIDer 3 (HKLM-x32\...\{A80CEA4E-74C1-4F9F-806B-E1D9AFC01768}) (Version: 3.0.7.48 - MetaGeek, LLC)
Integrated Camera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.7.31 - SunplusIT)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.9.254 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{728985C5-A04B-457C-9D62-15360F3EAF85}) (Version: 3.1.29.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel® PROSet/Wireless Software (HKLM-x32\...\{9bffdf20-c3a3-4e93-9cbf-61712c6a38be}) (Version: 17.13.2 - Intel Corporation)
JabRef 2.10 (HKLM-x32\...\JabRef 2.10) (Version: 2.10 - JabRef Team)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
****** Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 8.80.10 - ******)
****** App Shop (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 44154 - Intel)
****** Auto Scroll Utility (HKLM\...\******AutoScrollUtility) (Version: 2.13 - )
****** Mobile Broadband Activation (HKLM-x32\...\{A95D9DF7-CF34-421A-A1DC-936A49A4DAEA}) (Version: 4.2.1003.00 - ****** Group Limited)
****** Patch Utility (HKLM-x32\...\{6E6E7725-C7BC-4C39-8B3F-14B67331A120}) (Version: 1.3.0.9 - ****** Group Limited)
****** Patch Utility (x32 Version: 1.4.0.4 - ****** Group Limited) Hidden
****** Patch Utility 64 bit (HKLM\...\{0369F866-2CE0-4EB9-B426-88FA122C6E82}) (Version: 1.3.0.9 - ****** Group Limited)
****** Patch Utility 64 bit (Version: 1.4.0.4 - ****** Group Limited) Hidden
****** Peer Connect SDK (HKLM\...\{75C87855-9CBB-4892-B1A9-74C73A19CACA}_is1) (Version: 1.0.0.1 - ******)
****** Power Management Driver (Version: 1.67.12.16 - ******) Hidden
****** Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.4 - ****** Inc.)
****** Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - ******)
****** System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0045 - ******)
****** USB 2.0 Ethernet Adapter (HKLM-x32\...\{29584513-DC7F-4EB9-8654-7C541DF0DDCE}) (Version: 1.11 - ******)
****** User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0009.00 - ****** Group Limited)
****** Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - ******)
****** Welcome (HKLM-x32\...\{2DC26D10-CC6A-494F-BEA3-B5BC21126D5E}) (Version: 3.1.0021.00 - ****** Group Limited)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Master of Orion 2 (HKLM-x32\...\1207661633_is1) (Version: 2.1.0.18 - GOG.com)
MATLAB R2015b (HKLM\...\Matlab R2015b) (Version: 8.6 - MathWorks)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Metric Collection SDK (x32 Version: 1.1.0005.00 - ****** Group Limited) Hidden
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 - Nederlands (HKLM\...\{90150000-001F-0413-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 - Nederlands (HKLM-x32\...\{90150000-001F-0413-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mobile Broadband Drivers (HKLM-x32\...\{EA9640BE-414E-4195-B53B-7905BF1A5A09}) (Version: 7.2.5.4 - Ericsson AB)
Mozilla Firefox 51.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 de)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
Mplus Version 7.3 Demo (64-bit) (HKLM\...\{BA273660-8C9F-4835-A906-3B5686BE7AB4}) (Version: 7.3.0 - Muthen & Muthen)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
Nitro Pro 7 (HKLM\...\{36710189-55DF-4D75-8B6A-523CC61B7047}) (Version: 7.4.1.4 - Nitro PDF Software)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.3.3 - Notepad++ Team)
Octave 4.0.0 (HKLM-x32\...\Octave-4.0.0) (Version: 4.0.0 - GNU Octave)
Octoshape Streaming Services (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Octoshape Streaming Services) (Version: - Octoshape ApS)
Online Plug-in (x32 Version: 14.4.0.8014 - Citrix Systems, Inc.) Hidden
Opera Stable 42.0.2393.517 (HKLM-x32\...\Opera 42.0.2393.517) (Version: 42.0.2393.517 - Opera Software)
PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Python 2.7.10 (Anaconda 2.3.0 64-bit) (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Python 2.7.10 (Anaconda 2.3.0 64-bit)) (Version: 2.3.0 - Continuum Analytics, Inc.)
Python 3.4.3 (HKLM-x32\...\{CCD588A7-8D55-49F1-A30C-47FAB40889ED}) (Version: 3.4.16490 - Python Software Foundation)
Python 3.5.2 (Anaconda3 4.1.1 64-bit) (HKLM\...\Python 3.5.2 (Anaconda3 4.1.1 64-bit)) (Version: 4.1.1 - Continuum Analytics, Inc.)
R for Windows 3.0.1 (HKLM\...\R for Windows 3.0.1_is1) (Version: 3.0.1 - R Core Team)
R for Windows 3.0.3 (HKLM\...\R for Windows 3.0.3_is1) (Version: 3.0.3 - R Core Team)
R for Windows 3.2.0 (HKLM\...\R for Windows 3.2.0_is1) (Version: 3.2.0 - R Core Team)
R for Windows 3.2.2 (HKLM\...\R for Windows 3.2.2_is1) (Version: 3.2.2 - R Core Team)
R for Windows 3.3.1 (HKLM\...\R for Windows 3.3.1_is1) (Version: 3.3.1 - R Core Team)
RapidBoot Shield (HKLM\...\{5E2652DF-743F-482B-A593-C95F431A5769}) (Version: 1.23 - ******)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7040 - Realtek Semiconductor Corp.)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
RICOH_Media_Driver_v2.14.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH)
RStudio (HKLM-x32\...\RStudio) (Version: 0.99.489 - RStudio)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.43.0 - SAMSUNG Electronics Co., Ltd.)
Self-Service Plug-in (x32 Version: 4.4.0.11833 - Citrix Systems, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
Sonos Controller (HKLM-x32\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 34.7.35161 - Sonos, Inc.)
Spotify (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Spotify) (Version: 1.0.47.13.gd8e05b1f - Spotify AB)
SRWare Iron version 48.2550.2 (HKLM-x32\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: 48.2550.2 - SRWare)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: - )
Synology Cloud Station Backup (remove only) (HKLM\...\Synology Cloud Station Backup) (Version: 4.0.4204 - Synology, Inc.)
Synology Cloud Station Drive (HKLM-x32\...\{A2E63753-A06C-40ED-902E-BBD8250B1CAD}) (Version: 4.0.4204 - Synology)
TeXnicCenter Version 2.02 Stable (HKLM\...\TeXnicCenter_is1) (Version: 2.02 Stable - The TeXnicCenter Team)
TeXstudio 2.6.2 (HKLM-x32\...\TeXstudio_is1) (Version: 2.6.2 - Benito van der Zander)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.4500 - Broadcom Corporation)
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.14 - )
ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 6.25.65 - ******)
ThinkVantage Access Connections (HKLM-x32\...\{A62AEB2B-E2A0-4E77-8AAE-9645FE3B5487}) (Version: 5.95 - ******)
ThinkVantage Fingerprint Software (HKLM\...\{F58DA859-016E-492D-A588-317D9BB28002}) (Version: 5.9.9.7282 - Authentec Inc.)
ThinkVantage GPS (HKLM-x32\...\{6DB21B2C-2BEF-44B4-B264-8EC2BC2369C6}) (Version: 2.81 - ******)
VIP Access (HKLM-x32\...\{E8D46836-CD55-453C-A107-A59EC51CB8DC}) (Version: 2.0.5.13 - VeriSign)
VUmc Desktop (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\storeservi-ee876895@@VUMC.VUmc Desktop $S1-1) (Version: 1.0 - Delivered by Citrix)
Web Companion (HKLM-x32\...\{6ece3bf6-3694-4acf-b158-16f51a2c6b56}) (Version: 2.1.1265.2535 - Lavasoft)
Widevine Media Optimizer Chrome 6.0.0 (HKLM-x32\...\optimizer_chrome) (Version: 6.0.0.12442 - Widevine Technologies)
Widevine Media Optimizer Chrome 6.0.0 (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\optimizer_chrome) (Version: 6.0.0.12442 - Widevine Technologies)
Widevine Media Optimizer IE 6.0.0 (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\optimizer_ie) (Version: 6.0.0.12757 - Widevine Technologies)
WinDirStat 1.1.2 (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\WinDirStat) (Version: - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-Treiberpaket - Intel (ISCT) System (08/23/2011 1.0.5.0) (HKLM\...\8D1FA6162A87496A05284A0C76A3B76705965B62) (Version: 08/23/2011 1.0.5.0 - Intel)
Windows-Treiberpaket - Intel System (01/11/2012 9.3.0.1020) (HKLM\...\09839A9B5EDA69DA2DCC34637B5140AAF8A53B44) (Version: 01/11/2012 9.3.0.1020 - Intel)
Windows-Treiberpaket - Intel System (08/26/2011 9.3.0.1011) (HKLM\...\9D7CD466F7FC8B18FF1B84943B7BB8648D17FCE8) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Intel System (08/26/2011 9.3.0.1011) (HKLM\...\D8EF6CACF49BD33CC1FACD124C8CC2B1A8E8AE35) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Intel USB (08/26/2011 9.3.0.1011) (HKLM\...\97EE1802A0385A37DE6323FA39EC76BEB2D73E41) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - ****** 1.65.05.20 (02/29/2012 1.65.05.20) (HKLM\...\E3535F123E7F666D573665142F90D3E5004DC326) (Version: 02/29/2012 1.65.05.20 - ******)
Windows-Treiberpaket - Synaptics (SmbDrv) System (07/05/2012 16.2.5.0) (HKLM\...\99334E0BAA64ED1D117794050F2AA7D3951D9A7D) (Version: 07/05/2012 16.2.5.0 - Synaptics)
Windows-Treiberpaket - Synaptics (SynTP) Mouse (07/05/2012 16.2.5.0) (HKLM\...\0395D83D6A2C0E110509B9E80E9BC5F29238FA82) (Version: 07/05/2012 16.2.5.0 - Synaptics)
Zoom (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\ZoomUMX) (Version: 3.5 - Zoom Video Communications, Inc.)
Zotero Standalone 4.0.29.10 (x86 en-US) (HKLM-x32\...\Zotero Standalone 4.0.29.10 (x86 en-US)) (Version: 4.0.29.10 - Zotero)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\******\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AC}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
CustomCLSID: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AD}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {04B8EF9D-CD39-4182-8842-9B08430F0197} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\******\System Update\tvsuShim.exe [2017-01-18] ()
Task: {0604997D-52D6-4514-AE28-F1DE449BF276} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {11257F63-5297-4886-AFC6-2211F6C9B8A3} - System32\Tasks\{AD1218B3-DC59-4081-8A45-2014706A72CC} => pcalua.exe -a "C:\Users\******\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4EH50OQF\AVM_FRITZ!WLAN_Repeater_310_Assistent.exe" -d C:\Users\******\Desktop
Task: {13D992D7-888A-4AAF-B17E-0ED000690458} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe [2017-01-11] (Adobe Systems Incorporated)
Task: {16D76F82-AC80-4041-BCAC-6798F30CD84B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000UA => C:\Users\******\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {223DFF31-BFCA-43FF-8339-C43B221A089F} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe [2016-04-14] (****** Group Limited)
Task: {23E62AD8-63C7-49C4-8D88-568E37D12038} - System32\Tasks\{E661EA14-4831-4DC9-BA24-1F58FD3A9520} => C:\Users\******\Downloads\alfatest.exe
Task: {2A225316-1432-459F-9552-0F316D99B9BB} - System32\Tasks\MATLAB R2015b Startup Accelerator => C:\Program Files\MATLAB\R2015b\bin\win64\MATLABStartupAccelerator.exe [2015-07-30] ()
Task: {4ED24D9E-64F9-4EFD-8D62-2A46AB7FD6F4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000Core => C:\Users\******\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {5101C02D-4ACA-41E8-A6F5-210953BD81F2} - System32\Tasks\{9F4FBCB7-441F-4042-8998-402A08F71CD7} => C:\Users\******\Downloads\alfatest.exe
Task: {51527F61-8136-4602-9BBD-7F6A3386DE9E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-11] (Adobe Systems Incorporated)
Task: {516DE39E-4BC8-46DC-98B3-4E384F30F3C3} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000UA => C:\Users\******\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {544E4E1D-B75D-4BB3-A0C9-D1FF08669CC2} - System32\Tasks\{96C4092B-3E36-4FFF-A252-679948D94E24} => C:\Users\******\Downloads\alfatest.exe
Task: {646D7B7F-B14A-469C-8AD8-BB0FB8EC24F5} - System32\Tasks\******\****** Solution Center Launcher => C:\Program Files\******\****** solution center\App\LSC.Services.UpdateStatusService.exe [2016-06-02] ()
Task: {76341AC4-F95F-4D4F-8EB4-6F4D2A41CBB6} - System32\Tasks\Opera scheduled Autoupdate 1420761345 => C:\Program Files (x86)\Opera\launcher.exe [2017-01-26] (Opera Software)
Task: {7A94AD62-0252-460D-9461-2AECDE893A62} - System32\Tasks\{B5103088-5AA1-4ED1-B052-EE1CD81AA67F} => C:\Users\******\Downloads\alfatest.exe
Task: {7ED977C3-E5A3-4DF8-A891-8CAC05FDC42C} - System32\Tasks\******\LSC\LSCHardwareScanPostpone => C:\Program Files\******\****** Solution Center\LSC.exe [2016-06-02] (******)
Task: {81950FA3-3AF2-4847-B96B-94549F81FE8A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {8B1A1E8D-C0C0-4103-A1F3-3F622D197ACF} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000Core => C:\Users\******\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {A0C547F0-617C-40D8-9079-033C06E2AFA0} - System32\Tasks\******\LSC\LSCHardwareScan => C:\Program Files\******\****** Solution Center\LSC.exe [2016-06-02] (******)
Task: {A66A4169-D399-41CB-8193-6621E49CB98E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {A9A553D2-A554-44FC-95C8-5FA6297B2471} - System32\Tasks\{396E50AE-0DBA-4615-A96F-CFE4DC2D9EF1} => C:\Users\******\Downloads\alfatest.exe
Task: {ACA06C7F-29C4-4B82-9EE4-5D7963A33E65} - System32\Tasks\{7389CD34-2D3B-4788-99E0-2FA2C4B12C48} => C:\Users\******\Downloads\alfatest.exe
Task: {AE958A85-104F-49B4-BB51-ED3F76BFD594} - System32\Tasks\******\****** Customer Feedback Program 64 35 => C:\Program Files (x86)\******\Customer Feedback Program 35\******.TVT.CustomerFeedback.Agent35.exe
Task: {C6BF3026-2C4E-4AA4-BC5A-B1168C431C62} - System32\Tasks\******\****** Customer Feedback Program 64 => C:\Program Files (x86)\******\Customer Feedback Program\******.TVT.CustomerFeedback.Agent.exe [2015-07-01] (******)
Task: {CE9FB232-A20A-4B40-BDDE-6185834DBC42} - System32\Tasks\{1D30A00C-6ED6-4D93-B8A1-4E559F3B335B} => C:\Users\******\Downloads\alfatest.exe
Task: {D2A57E6F-F90F-4E0A-8870-20C421B5B0C3} - System32\Tasks\{BC072FDB-9C95-45AD-8328-17D7B8A4868E} => C:\Users\******\Downloads\alfatest.exe
Task: {D63B89A4-B7CE-47C3-9233-92909828A987} - System32\Tasks\{010A5FF7-A151-4825-B0EA-879607C5D583} => C:\Users\******\Downloads\alfatest.exe
Task: {D7CDE812-B353-455D-8286-DE0FC7CFEE28} - System32\Tasks\{D82A1DC1-78A4-4231-BB44-53D94432F129} => C:\Users\******\Downloads\alfatest.exe
Task: {D878A05F-D674-4915-8F9F-E9E7706D7DE1} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\******\System Update\tvsuShim.exe [2017-01-18] ()
Task: {E3C18149-1EC2-429A-83A7-E2C63EA57782} - System32\Tasks\******\LSC\****** Solution Center Notifications => C:\Program Files\******\****** Solution Center\LSCNotify.exe [2016-06-02] (******)
Task: {E6402E65-A275-44D8-AAFA-BF21A3E4F87B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000Core.job => C:\Users\******\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000UA.job => C:\Users\******\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\MATLAB R2015b Startup Accelerator.job => C:\Program Files\MATLAB\R2015b\bin\win64\MATLABStartupAccelerator.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\******\Documents\Studium\Hiwi\Medieninhaltsforschung\Eigene Websites auf MSN\target.lnk -> hxxp://de.msnusers.co
Shortcut: C:\Users\******\Documents\Studium\Hiwi\Hiwi\Medieninhaltsforschung\Eigene Websites auf MSN\target.lnk -> hxxp://de.msnusers.co
ShortcutWithArgument: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda (64-bit)\Anaconda Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k "C:\Users\******\AppData\Local\Dato\Dato Launcher\Scripts\anaconda.bat"
ShortcutWithArgument: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda (64-bit)\Wakari (in the cloud).lnk -> C:\Users\******\AppData\Local\Dato\Dato Launcher\pythonw.exe () -> -m webbrowser -t "hxxps://www.wakari.io/"
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-04-12 07:15 - 2016-04-12 07:15 - 00287240 _____ () C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe
2016-04-12 14:47 - 2016-04-12 14:47 - 00287240 _____ () C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe
2015-12-23 14:15 - 2015-12-23 14:15 - 00017168 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
2015-12-23 14:15 - 2015-12-23 14:15 - 00008976 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Service.Logger.dll
2015-12-23 14:15 - 2015-12-23 14:15 - 00028432 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WcfService.dll
2016-03-18 06:41 - 2016-03-18 06:41 - 00248840 _____ () C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2013-06-04 23:37 - 2016-03-02 00:52 - 00102904 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-06-04 23:38 - 2016-04-14 05:08 - 00119808 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2017-01-30 10:02 - 2017-01-18 16:36 - 00023416 _____ () C:\Program Files (x86)\******\System Update\SUService.exe
2014-10-30 06:38 - 2014-10-30 06:38 - 00087040 _____ () C:\Program Files\RStudio\bin\x64\libgcc_s_sjlj-1.dll
2014-10-30 06:38 - 2014-10-30 06:38 - 01207296 _____ () C:\Program Files\RStudio\bin\x64\libstdc++-6.dll
2016-09-01 11:37 - 2016-06-21 13:36 - 00321501 _____ () C:\Program Files\R\R-3.3.1\bin\x64\Rgraphapp.dll
2016-09-01 11:37 - 2016-06-21 13:37 - 30707200 _____ () C:\Program Files\R\R-3.3.1\bin\x64\R.dll
2016-09-01 11:37 - 2016-06-21 13:37 - 00315866 _____ () C:\Program Files\R\R-3.3.1\bin\x64\Rblas.dll
2016-09-01 11:37 - 2016-06-21 13:36 - 00066785 _____ () C:\Program Files\R\R-3.3.1\bin\x64\Riconv.dll
2016-09-01 11:37 - 2016-06-21 13:43 - 00040960 _____ () C:\Program Files\R\R-3.3.1\library\methods\libs\x64\methods.dll
2016-09-01 11:37 - 2016-06-21 13:40 - 00124416 _____ () C:\Program Files\R\R-3.3.1\library\utils\libs\x64\utils.dll
2016-09-01 11:37 - 2016-06-21 13:41 - 01054208 _____ () C:\Program Files\R\R-3.3.1\library\grDevices\libs\x64\grDevices.dll
2016-09-01 11:37 - 2016-06-21 13:41 - 00260096 _____ () C:\Program Files\R\R-3.3.1\library\graphics\libs\x64\graphics.dll
2016-09-01 11:37 - 2016-06-21 13:42 - 00661504 _____ () C:\Program Files\R\R-3.3.1\library\stats\libs\x64\stats.dll
2016-09-01 11:37 - 2016-06-21 13:39 - 02702336 _____ () C:\Program Files\R\R-3.3.1\bin\x64\Rlapack.dll
2014-09-19 13:37 - 2014-09-19 13:37 - 21008384 _____ () C:\Program Files\RStudio\bin\rsclang\x86_64\libclang.dll
2016-09-01 11:37 - 2016-06-21 13:39 - 00086016 _____ () C:\Program Files\R\R-3.3.1\library\tools\libs\x64\tools.dll
2016-09-01 11:37 - 2016-06-21 13:38 - 02554981 _____ () C:\Program Files\R\R-3.3.1\modules\x64\internet.dll
2016-09-01 11:37 - 2016-06-21 13:46 - 00037888 _____ () C:\Program Files\R\R-3.3.1\library\MASS\libs\x64\MASS.dll
2016-09-01 11:37 - 2016-06-21 13:39 - 00050688 _____ () C:\Program Files\R\R-3.3.1\modules\x64\lapack.dll
2016-06-02 19:20 - 2016-06-02 19:20 - 00104272 _____ () C:\Program Files\******\****** Solution Center\App\LSC.Core.dll
2016-12-14 23:32 - 2016-12-08 09:03 - 02412888 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-14 23:32 - 2016-12-08 09:03 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2015-10-23 09:15 - 2015-10-23 09:15 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2016-06-27 23:19 - 2016-06-27 23:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll
2013-06-04 23:36 - 2011-07-13 09:10 - 00065576 ____R () C:\Program Files (x86)\Mobile Broadband drivers\WMCore\MBMDebug.dll
2017-01-25 08:40 - 2017-01-18 19:39 - 00801600 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\dropbox_watchdog.dll
2015-12-12 12:27 - 2016-12-21 09:44 - 00035792 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2015-12-12 12:27 - 2016-12-21 09:44 - 00100296 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-12 12:27 - 2016-12-21 09:44 - 00018888 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-12 12:27 - 2017-01-18 19:42 - 00019776 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-12-12 12:27 - 2016-12-21 09:44 - 00694224 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 00020824 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-12 12:27 - 2016-12-21 09:45 - 00123856 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 01682768 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 00020816 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2017-01-25 08:40 - 2016-12-21 09:44 - 00145864 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2017-01-25 08:40 - 2016-12-21 09:45 - 00019408 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2017-01-25 08:40 - 2016-12-21 09:44 - 00116688 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-12 12:27 - 2016-12-21 09:46 - 00105928 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-08-06 17:40 - 2017-01-18 19:42 - 00022864 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 00052032 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 00038712 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\fastpath.pyd
2017-01-25 08:40 - 2016-12-21 09:44 - 00392144 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2017-01-25 08:40 - 2016-12-21 09:46 - 00020936 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-12 12:27 - 2016-12-21 09:46 - 00024528 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-12-12 12:27 - 2016-12-21 09:47 - 00116176 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-12 12:27 - 2017-01-18 19:42 - 00381760 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-12 12:27 - 2016-12-21 09:46 - 00124880 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-08-06 17:40 - 2017-01-18 19:42 - 00026456 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2015-12-12 12:27 - 2016-12-21 09:46 - 00024016 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-12 12:27 - 2016-12-21 09:46 - 00175560 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-12 12:27 - 2016-12-21 09:46 - 00030160 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-12 12:27 - 2016-12-21 09:46 - 00043472 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-12 12:27 - 2016-12-21 09:47 - 00048592 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32service.pyd
2015-12-12 12:27 - 2016-12-21 09:46 - 00057808 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2015-12-12 12:27 - 2016-12-21 09:46 - 00024016 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32profile.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 00246608 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 00027488 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-08-06 17:40 - 2016-12-21 09:45 - 00241104 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\_jpegtran.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 00022336 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-12-12 12:27 - 2016-12-21 09:47 - 00028616 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32ts.pyd
2015-12-12 12:27 - 2017-01-18 19:42 - 00025432 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 00022872 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 00021848 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\winffi.winerror.compiled._winffi_winerror.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 00022872 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\winffi.wininet.compiled._winffi_wininet.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 01826104 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-12 12:27 - 2016-12-21 09:45 - 00083912 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\sip.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 00531264 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 03928896 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 01972536 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 00133432 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 00224064 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 00207680 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 00021840 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\winffi.user32.compiled._winffi_user32.pyd
2015-12-12 12:27 - 2016-12-21 09:47 - 00350152 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-02-11 22:03 - 2017-01-18 19:42 - 00023896 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 00025936 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2017-01-25 08:40 - 2016-12-21 09:42 - 00036296 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\librsync.dll
2017-01-25 08:40 - 2017-01-18 19:42 - 00084288 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2017-01-25 08:40 - 2016-12-21 09:50 - 00017864 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\libEGL.dll
2017-01-25 08:40 - 2016-12-21 09:50 - 01631184 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2017-01-25 08:40 - 2017-01-18 19:42 - 00042816 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 00171336 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 00357688 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2015-12-12 12:27 - 2016-12-21 09:46 - 00060880 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32print.pyd
2016-08-06 17:40 - 2017-01-18 19:42 - 00026456 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 00546104 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2015-03-04 22:45 - 2016-12-21 09:52 - 00697304 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2013-06-04 23:41 - 2013-06-19 19:10 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
2013-06-04 23:41 - 2013-06-19 19:10 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
2013-06-04 23:41 - 2013-06-19 19:10 - 00016896 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
2013-06-04 23:41 - 2013-06-19 19:10 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
2013-06-04 23:41 - 2013-06-19 19:10 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
2013-06-04 23:41 - 2013-06-19 19:10 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
2013-06-04 23:41 - 2013-06-19 19:10 - 00020480 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
2013-06-04 23:41 - 2013-06-19 19:10 - 00446976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll
2013-06-04 23:41 - 2013-06-19 19:10 - 00064512 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 00123918 _____ () C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\libgcc_s_dw2-1.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 01026062 _____ () C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\libstdc++-6.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 00524460 _____ () C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\libcurl-4.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 00115214 _____ () C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\zlib1.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 03095505 _____ () C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\icuin53.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 01798570 _____ () C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\icuuc53.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 21565192 _____ () C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\icudt53.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 03036430 _____ () C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\libsqlite3-0.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 00712704 _____ () C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\platforms\qwindows.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 00031744 _____ () C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qgif.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 00046080 _____ () C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qicns.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 00032768 _____ () C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qico.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 00516608 _____ () C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qjp2.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 00243200 _____ () C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qjpeg.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 00431616 _____ () C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qtiff.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 00123918 _____ () C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\libgcc_s_dw2-1.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 01026062 _____ () C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\libstdc++-6.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 00524460 _____ () C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\libcurl-4.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 00115214 _____ () C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\zlib1.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 03095505 _____ () C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\icuin53.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 01798570 _____ () C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\icuuc53.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 21565192 _____ () C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\icudt53.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 03036942 _____ () C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\libsqlite3-0.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 00712704 _____ () C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\platforms\qwindows.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 00031744 _____ () C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\imageformats\qgif.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 00046080 _____ () C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\imageformats\qicns.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 00032768 _____ () C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\imageformats\qico.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 00516608 _____ () C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\imageformats\qjp2.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 00243200 _____ () C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\imageformats\qjpeg.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 00431616 _____ () C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\imageformats\qtiff.dll
2013-06-27 09:41 - 2013-05-13 14:15 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-06-28 00:48 - 2016-12-07 23:27 - 01358360 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\KasperskyLab.Ksde.NativeInterop.dll
2014-10-23 11:27 - 2014-10-23 11:27 - 00119822 _____ () C:\Program Files\RStudio\bin\libgcc_s_dw2-1.dll
2014-10-23 11:27 - 2014-10-23 11:27 - 01026574 _____ () C:\Program Files\RStudio\bin\libstdc++-6.dll
2014-10-16 11:34 - 2014-10-16 11:34 - 03758809 _____ () C:\Program Files\RStudio\bin\icuin53.dll
2014-10-16 11:33 - 2014-10-16 11:33 - 02093901 _____ () C:\Program Files\RStudio\bin\icuuc53.dll
2014-10-16 11:34 - 2014-10-16 11:34 - 21565880 _____ () C:\Program Files\RStudio\bin\icudt53.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2017-01-28 11:02 - 2017-01-28 11:02 - 68771416 _____ () C:\Program Files (x86)\Opera\42.0.2393.517\opera.dll
2017-01-28 11:02 - 2017-01-28 11:02 - 01895000 _____ () C:\Program Files (x86)\Opera\42.0.2393.517\libglesv2.dll
2017-01-28 11:02 - 2017-01-28 11:02 - 00087128 _____ () C:\Program Files (x86)\Opera\42.0.2393.517\libegl.dll
2015-05-12 16:58 - 2017-01-28 11:08 - 51777648 _____ () C:\Users\******\AppData\Roaming\Spotify\libcef.dll
2015-05-12 16:58 - 2017-01-28 11:08 - 01803888 _____ () C:\Users\******\AppData\Roaming\Spotify\libglesv2.dll
2015-05-12 16:58 - 2017-01-28 11:08 - 00086128 _____ () C:\Users\******\AppData\Roaming\Spotify\libegl.dll
2013-12-14 16:17 - 2016-02-25 23:29 - 02073000 _____ () C:\Program Files (x86)\SRWare Iron\libglesv2.dll
2013-12-14 16:17 - 2016-02-25 23:29 - 00080296 _____ () C:\Program Files (x86)\SRWare Iron\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\AdwCleaner:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Boot:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Config.Msi:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Documents and Settings:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Dokumente und Einstellungen:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\DRIVERS:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Intel:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\MSOCache:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\PerfLogs:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Program Files:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Program Files (x86):IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Programme:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\swshare:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\SWTOOLS:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\System Volume Information:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Workspace R:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\All Users:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Adobe:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Application Data:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Brother:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Cisco:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Desktop:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Documents:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Dokumente:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Downloaded Installations:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\EPSON:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Favoriten:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Favorites:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\FileOpen:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\IDM:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Intel:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\******:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\MacheenService:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Malwarebytes:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\McAfee:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft Help:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Mozilla:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Nitro PDF:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Norton:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\NortonInstaller:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Oracle:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Package Cache:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\regid.1986-12.com.adobe:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\SafeNet Sentinel:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Samsung:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Simply Super Software:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Skype:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Sophos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\SPSS:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Spybot - Search & Destroy:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Start Menu:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Startmenü:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\TEMP:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Templates:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Vorlagen:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programme:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EpsonNet:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\****** App Shop:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\****** ThinkVantage Tools:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeXstudio:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Anwendungsdaten:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Application Data:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Desktop:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Documents:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Downloads:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Druckumgebung:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Eigene Dateien:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Favorites:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Links:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Local Settings:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Lokale Einstellungen:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Music:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\My Documents:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\NetHood:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Netzwerkumgebung:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Pictures:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\PrintHood:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Recent:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Roaming:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Saved Games:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\SendTo:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Start Menu:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Startmenü:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Templates:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Vorlagen:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Local:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Roaming:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Roaming\IMAT:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Macromedia:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Media Center Programs:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Microsoft:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Local\Anwendungsdaten:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Local\Application Data:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Local\History:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Local\Microsoft:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Local\Microsoft Help:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Local\Temporary Internet Files:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Local\Verlauf:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Documents\Eigene Bilder:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Documents\Eigene Musik:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Documents\Eigene Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Documents\My Music:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Documents\My Pictures:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Documents\My Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Local:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Roaming:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\IMAT:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Macromedia:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Media Center Programs:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Microsoft:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Local\Anwendungsdaten:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Local\Application Data:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Local\History:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Local\Microsoft:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Local\Microsoft Help:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Local\Temporary Internet Files:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Local\Verlauf:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\Documents\Eigene Bilder:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\Documents\Eigene Musik:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\Documents\Eigene Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\Documents\My Music:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\Documents\My Pictures:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\Documents\My Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Desktop:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Documents:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Downloads:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Favorites:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\******:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Libraries:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Music:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Pictures:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Recorded TV:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Roaming:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Symantec:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Downloads\Norton:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Documents\Eigene Bilder:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Documents\Eigene Musik:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Documents\Eigene Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Documents\My Music:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Documents\My Pictures:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Documents\My Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\.spss:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Anwendungsdaten:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Application Data:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Contacts:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Cookies:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Desktop:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Documents:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Downloads:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Dropbox:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Druckumgebung:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Eigene Dateien:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Favorites:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Links:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Lokale Einstellungen:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Music:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Netzwerkumgebung:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Pictures:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Recent:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Roaming:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Searches:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\SendTo:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Startmenü:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Vorlagen:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Desktop\project_description draft 29_TK.docx:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\******\Downloads\VlVNQy5WVW1jIERlc2t0b3AgJFMxLTE- (1).ica:icasource [223]
AlternateDataStreams: C:\Users\******\Downloads\VlVNQy5WVW1jIERlc2t0b3AgJFMxLTE- (2).ica:icasource [223]
AlternateDataStreams: C:\Users\******\Downloads\VlVNQy5WVW1jIERlc2t0b3AgJFMxLTE- (3).ica:icasource [223]
AlternateDataStreams: C:\Users\******\Downloads\VlVNQy5WVW1jIERlc2t0b3AgJFMxLTE- (4).ica:icasource [223]
AlternateDataStreams: C:\Users\******\Downloads\VlVNQy5WVW1jIERlc2t0b3AgJFMxLTE-.ica:icasource [223]
AlternateDataStreams: C:\Users\******\AppData\Local:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\LocalLow:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Adobe:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\CoSoSys:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Dropbox:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\EPSON:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\FileOpen:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Identities:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\IDM:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Intel:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\LavasoftStatistics:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Leadertech:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\******:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Macromedia:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Malwarebytes:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Media Center Programs:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Mozilla:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\MyPhoneExplorer:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Nitro PDF:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Notepad++:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Opera:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\PDAppFlex:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\PwrMgr:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Samsung:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Skype:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Spotify:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\texstudio:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Adobe:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Anwendungsdaten:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Broadcom:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Cisco:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Diagnostics:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Downloaded Installations:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\ElevatedDiagnostics:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Google:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\GPSENABLER:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Hema Fotoalbum:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\IBM:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\javasharedresources:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\******:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\LSC:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Macromedia:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\MetaGeek,_LLC:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Microsoft:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Microsoft Help:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\MobileAccess:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Mozilla:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\ms-drivers:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Opera:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\PDF24:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Programs:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\RStudio-Desktop.bu:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Samsung:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Spotify:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Temp:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Temporary Internet Files:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\VeriSign:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Verlauf:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\VirtualStore:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\LocalLow\Adobe:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\LocalLow\IDM:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\LocalLow\Intel:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\LocalLow\Microsoft:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\LocalLow\PlayReady:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\LocalLow\Sun:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\LocalLow\Symantec:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\LocalLow\VeriSign:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Documents\Eigene Bilder:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Documents\Eigene Musik:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Documents\Eigene Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Documents\Finanzen:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Documents\R:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Documents\Studium:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programme:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hema Fotoalbum:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MetaGeek:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup:IMAT__DS_DIR_HDR [6146]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\hola.org -> hxxp://hola.org
IE trusted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\100sexlinks.com -> 100sexlinks.com
Da befinden sich 4788 mehr Seiten.
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2015-10-16 12:47 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\******\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\startupfolder: C:^Users^******^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Citrix Receiver.lnk => C:\Windows\pss\Citrix Receiver.lnk.Startup
MSCONFIG\startupreg: AcWin7Hlpr => C:\Program Files (x86)\******\Access Connections\AcTBenabler.exe
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: ConnectionCenter => "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
MSCONFIG\startupreg: Google Update => "C:\Users\******\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: Integrated Camera_Monitor => C:\Program Files (x86)\Integrated Camera\monitor.exe
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: ******.TPKNRRES => C:\Program Files\******\Communications Utility\TPKNRRES.exe
MSCONFIG\startupreg: ******Nal => C:\Program Files\******\****** Peer Connect\NalService.exe
MSCONFIG\startupreg: Octoshape Streaming Services => "C:\Users\******\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: PWMTRV => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
MSCONFIG\startupreg: Redirector => "C:\Program Files (x86)\Citrix\ICA Client\redirector.exe" /startup
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\******\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\******\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{2B063FA6-477F-48FA-9D1E-3BDBBDEB2DE6}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{EDD477BC-C5F1-4E0C-AD2F-EAB87CBE2016}] => LPort=2869
FirewallRules: [{03D5C4C4-1599-4012-AD49-5002A9EA33DD}] => LPort=1900
FirewallRules: [{34A60A08-403E-4FD9-86AE-64718FB480EF}] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{EF5C29A3-17C3-46AC-91A1-F104C6D38372}] => C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{7BA793EC-F5F6-4071-992C-E69FEA754B68}] => C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{44D10574-CC59-4D88-A295-485DA2832F38}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F6FD2F10-D1DB-47D9-8902-2643C5E69F79}] => C:\Users\******\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{36428086-0079-4F5C-BAA1-ADC33A93C5A4}] => C:\Users\******\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{0E310144-12A2-4304-B85D-67C0B79B1E3E}] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
FirewallRules: [{EF0AF0CC-7E9B-400C-AF5B-4BEA2C18386F}] => C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{658B0361-312C-421C-8ECA-CA0C1E879717}] => C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{22E03A7D-DA2D-4C2A-ABF2-8C8A40C6CFF1}] => C:\Program Files (x86)\EpsonNet\EpsonNet Config V4\ENConfig.exe
FirewallRules: [{C7DB25E6-D90E-4F4A-A745-29D1622204C1}] => C:\Program Files (x86)\EpsonNet\EpsonNet Config V4\ENConfig.exe
FirewallRules: [TCP Query User{5837FA49-EC04-4CE2-A17F-5469621E5F70}C:\users\******\appdata\roaming\spotify\spotify.exe] => C:\users\******\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{C81CF274-8D28-4900-94C1-2F1891831C07}C:\users\******\appdata\roaming\spotify\spotify.exe] => C:\users\******\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{E3EF79E9-FE81-445C-9358-86918EBEBB9E}C:\users\******\appdata\roaming\dropbox\bin\dropbox.exe] => C:\users\******\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{1C160363-0105-456F-B3D6-8A10B374F511}C:\users\******\appdata\roaming\dropbox\bin\dropbox.exe] => C:\users\******\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{E2ECEC31-40B6-4B15-B912-4E7378DF0193}C:\users\******\appdata\local\hola\firefox\app\hola_plugin.exe] => C:\users\******\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [UDP Query User{4CA88648-4EDA-4AF1-95D5-B3B155D7CCFB}C:\users\******\appdata\local\hola\firefox\app\hola_plugin.exe] => C:\users\******\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [{575915FC-4116-470F-8057-4C9DFAC272F6}] => C:\Program Files (x86)\Sonos\Sonos.exe
FirewallRules: [{AE4AA11B-7BE4-4429-9D7B-BCF8EC179EC1}] => C:\Program Files (x86)\Sonos\Sonos.exe
FirewallRules: [{522142AE-B1C9-423A-B3CD-8ED4EA0DBE7A}] => C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{6844444C-9084-4822-A681-A85969309E62}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8CE040F5-BCF4-4718-86D9-4A0CA9DFC42F}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{26696B35-988E-4352-AB60-6F6A3533F30F}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{295B1CB8-60F5-4973-A4E9-D9183FF7D7E7}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{EEE28765-7988-4C32-8C15-18C3985B6C3B}C:\program files\rstudio\bin\x64\rsession.exe] => C:\program files\rstudio\bin\x64\rsession.exe
FirewallRules: [UDP Query User{855EC420-ECEE-40AD-AF0E-577EAC717B99}C:\program files\rstudio\bin\x64\rsession.exe] => C:\program files\rstudio\bin\x64\rsession.exe
FirewallRules: [TCP Query User{7350319E-0F08-45DE-8720-778FAE3F4BE2}C:\program files\rstudio\bin\x64\rsession.exe] => C:\program files\rstudio\bin\x64\rsession.exe
FirewallRules: [UDP Query User{0BBBA499-F433-4961-A3EC-B78DFE79ACED}C:\program files\rstudio\bin\x64\rsession.exe] => C:\program files\rstudio\bin\x64\rsession.exe
FirewallRules: [TCP Query User{B5E8254B-666F-4F3F-AAC6-44B00DF7DB05}C:\program files\ibm\spss\statistics\20\stats.exe] => C:\program files\ibm\spss\statistics\20\stats.exe
FirewallRules: [UDP Query User{BA67F580-5769-4870-949B-2ED14217B91D}C:\program files\ibm\spss\statistics\20\stats.exe] => C:\program files\ibm\spss\statistics\20\stats.exe
FirewallRules: [TCP Query User{29E361B7-DAC4-4E87-BF0D-A19A1120F3DB}C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe] => C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe
FirewallRules: [UDP Query User{02FB5303-C161-4D8E-AE4D-97E3B2304D45}C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe] => C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe
FirewallRules: [{162B20CF-B715-46CB-ACA5-F15A4765BD70}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{53563EED-90E6-48F2-8006-9FB0CBAB52EB}] => C:\Program Files (x86)\Opera\42.0.2393.137\opera.exe
FirewallRules: [{0934AB64-A2B0-4D5C-99EB-0992CD66733F}] => C:\Program Files (x86)\Opera\42.0.2393.517\opera.exe
FirewallRules: [{240CDADA-91DD-4300-BFCE-2DF6624EC536}] => C:\Program Files (x86)\******\System Update\uncserver.exe
FirewallRules: [{EEAA9EF9-4B6D-4402-8DB2-3DFD925F37D6}] => C:\Program Files (x86)\******\System Update\uncserver.exe
==================== Wiederherstellungspunkte =========================
29-01-2017 19:00:14 Windows-Sicherung
31-01-2017 18:30:15 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: ****** Connect Device 1.0
Description: ****** Connect Device 1.0
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/01/2017 05:58:32 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (02/01/2017 05:58:32 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (02/01/2017 05:58:32 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (02/01/2017 05:58:32 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=23, Autor-ID=8086, Lieferant-ID=0, Lieferant-Typ=0
Error: (02/01/2017 05:58:32 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=21, Autor-ID=8086, Lieferant-ID=0, Lieferant-Typ=0
Error: (02/01/2017 05:58:32 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=18, Autor-ID=8086, Lieferant-ID=0, Lieferant-Typ=0
Error: (02/01/2017 03:52:25 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (02/01/2017 03:52:25 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (02/01/2017 03:52:25 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (02/01/2017 03:52:25 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=23, Autor-ID=8086, Lieferant-ID=0, Lieferant-Typ=0
Systemfehler:
=============
Error: (02/01/2017 05:58:39 PM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Smartcard-Lesegerät "Mobile Broadband SIM Card Reader 0" verweigerte IOCTL GET_STATE: Das Gerät erkennt den Befehl nicht.. Wenn dieser Fehler weiterhin besteht, werden die Smartcard oder das Lesegerät möglicherweise nicht richtig ausgeführt.
Befehlskopf: XX XX XX XX.
Error: (02/01/2017 03:52:28 PM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Smartcard-Lesegerät "Mobile Broadband SIM Card Reader 0" verweigerte IOCTL GET_STATE: Das Gerät erkennt den Befehl nicht.. Wenn dieser Fehler weiterhin besteht, werden die Smartcard oder das Lesegerät möglicherweise nicht richtig ausgeführt.
Befehlskopf: XX XX XX XX.
Error: (02/01/2017 12:51:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "****** Solution Center System Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/01/2017 12:51:59 PM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Smartcard-Lesegerät "Mobile Broadband SIM Card Reader 0" verweigerte IOCTL GET_STATE: Das Gerät erkennt den Befehl nicht.. Wenn dieser Fehler weiterhin besteht, werden die Smartcard oder das Lesegerät möglicherweise nicht richtig ausgeführt.
Befehlskopf: XX XX XX XX.
Error: (02/01/2017 09:51:24 AM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Smartcard-Lesegerät "Mobile Broadband SIM Card Reader 0" verweigerte IOCTL GET_STATE: Das Gerät erkennt den Befehl nicht.. Wenn dieser Fehler weiterhin besteht, werden die Smartcard oder das Lesegerät möglicherweise nicht richtig ausgeführt.
Befehlskopf: XX XX XX XX.
Error: (02/01/2017 03:50:02 AM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Smartcard-Lesegerät "Mobile Broadband SIM Card Reader 0" verweigerte IOCTL GET_STATE: Das Gerät erkennt den Befehl nicht.. Wenn dieser Fehler weiterhin besteht, werden die Smartcard oder das Lesegerät möglicherweise nicht richtig ausgeführt.
Befehlskopf: XX XX XX XX.
Error: (01/31/2017 11:43:25 AM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Smartcard-Lesegerät "Mobile Broadband SIM Card Reader 0" verweigerte IOCTL GET_STATE: Das Gerät erkennt den Befehl nicht.. Wenn dieser Fehler weiterhin besteht, werden die Smartcard oder das Lesegerät möglicherweise nicht richtig ausgeführt.
Befehlskopf: XX XX XX XX.
Error: (01/31/2017 09:42:16 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-18) für Benutzer NT-AUTORITÄT\SYSTEM von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
und APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.
Error: (01/31/2017 09:41:45 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (01/31/2017 09:41:13 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst ****** Platform Service erreicht.
CodeIntegrity:
===================================
Date: 2017-01-20 10:30:56.610
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-20 10:30:52.144
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-20 10:29:07.458
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-20 10:29:07.296
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-20 10:24:45.765
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-18 12:01:03.460
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-15 11:02:24.953
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-15 11:02:23.807
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-15 11:02:22.071
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-15 10:46:39.082
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-3667U CPU @ 2.00GHz
Prozentuale Nutzung des RAM: 87%
Installierter physikalischer RAM: 7888.92 MB
Verfügbarer physikalischer RAM: 1000.84 MB
Summe virtueller Speicher: 15776.02 MB
Verfügbarer virtueller Speicher: 5427.58 MB
==================== Laufwerke ================================
Drive c: (Windows7_OS) (Fixed) (Total:200.43 GB) (Free:44.95 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive q: (******_Recovery) (Fixed) (Total:13.67 GB) (Free:3.23 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: B605DD09)
Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=200.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=8 GB) - (Type=84)
==================== Ende von Addition.txt ============================
|
|
03.02.2017, 11:43
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Ungewünschte Webseite öffnet sich 1. Schritt: Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers 2. Schritt: Kaspersky TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
07.02.2017, 11:41
| #5 |
| | Ungewünschte Webseite öffnet sich Nicht gefunden. Zwischenfrage: kann es auch sein, dass nicht mein PC sondern die Webseite nicht in Ordnung war? Handelt sich allerdings um die Webseite einer großen Hotelkete (Best Western; hxxp://www.airporthotelrotterdam.nl/deutsch/). Ist aber, wie gesagt nicht reproduzierbar. Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2017.02.07.04
rootkit: v2016.11.20.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18537
***** :: THINK [administrator]
07.02.2017 11:15:05
mbar-log-2017-02-07 (11-15-05).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 347137
Time elapsed: 13 minute(s), 48 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 11:33:49.0384 0x2f28 TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
11:34:12.0358 0x2f28 ============================================================
11:34:12.0358 0x2f28 Current date / time: 2017/02/07 11:34:12.0358
11:34:12.0358 0x2f28 SystemInfo:
11:34:12.0358 0x2f28
11:34:12.0358 0x2f28 OS Version: 6.1.7601 ServicePack: 1.0
11:34:12.0358 0x2f28 Product type: Workstation
11:34:12.0358 0x2f28 ComputerName: THINK
11:34:12.0358 0x2f28 UserName: *****
11:34:12.0358 0x2f28 Windows directory: C:\Windows
11:34:12.0358 0x2f28 System windows directory: C:\Windows
11:34:12.0358 0x2f28 Running under WOW64
11:34:12.0358 0x2f28 Processor architecture: Intel x64
11:34:12.0358 0x2f28 Number of processors: 4
11:34:12.0358 0x2f28 Page size: 0x1000
11:34:12.0358 0x2f28 Boot type: Normal boot
11:34:12.0358 0x2f28 CodeIntegrityOptions = 0x00000001
11:34:12.0358 0x2f28 ============================================================
11:34:12.0457 0x2f28 KLMD registered as C:\Windows\system32\drivers\35755373.sys
11:34:12.0457 0x2f28 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23572, osProperties = 0x1
11:34:12.0556 0x2f28 System UUID: {B8F224B9-A328-4D6D-7BBB-3D088D1DAA56}
11:34:12.0921 0x2f28 Drive \Device\Harddisk0\DR0 - Size: 0x37E4896000 ( 223.57 Gb ), SectorSize: 0x200, Cylinders: 0x7201, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:34:12.0926 0x2f28 ============================================================
11:34:12.0926 0x2f28 \Device\Harddisk0\DR0:
11:34:12.0926 0x2f28 MBR partitions:
11:34:12.0926 0x2f28 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2EE000
11:34:12.0926 0x2f28 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x190DD000
11:34:12.0926 0x2f28 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x193CB800, BlocksNum 0x1B58000
11:34:12.0926 0x2f28 ============================================================
11:34:12.0927 0x2f28 C: <-> \Device\Harddisk0\DR0\Partition2
11:34:12.0928 0x2f28 Q: <-> \Device\Harddisk0\DR0\Partition3
11:34:12.0928 0x2f28 ============================================================
11:34:12.0928 0x2f28 Initialize success
11:34:12.0928 0x2f28 ============================================================
11:34:20.0488 0x068c ============================================================
11:34:20.0488 0x068c Scan started
11:34:20.0488 0x068c Mode: Manual;
11:34:20.0488 0x068c ============================================================
11:34:20.0488 0x068c KSN ping started
11:34:22.0587 0x068c KSN ping finished: true
11:34:22.0902 0x068c ================ Scan system memory ========================
11:34:22.0902 0x068c Scan was interrupted by user!
11:34:22.0933 0x068c AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\wmiav.exe ( 17.0.0.611 ), 0x41000 ( enabled : updated )
11:34:22.0934 0x068c FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\wmiav.exe ( 17.0.0.611 ), 0x41010 ( enabled )
11:34:25.0048 0x068c ============================================================
11:34:25.0048 0x068c Scan finished
11:34:25.0048 0x068c ============================================================
11:34:25.0053 0x30cc Detected object count: 0
11:34:25.0053 0x30cc Actual detected object count: 0
11:34:57.0932 0x252c ============================================================
11:34:57.0932 0x252c Scan started
11:34:57.0932 0x252c Mode: Manual; SigCheck; TDLFS;
11:34:57.0932 0x252c ============================================================
11:34:57.0932 0x252c KSN ping started
11:35:00.0077 0x252c KSN ping finished: true
11:35:00.0327 0x252c ================ Scan system memory ========================
11:35:00.0327 0x252c System memory - ok
11:35:00.0327 0x252c ================ Scan services =============================
11:35:00.0367 0x252c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
11:35:00.0408 0x252c 1394ohci - ok
11:35:00.0417 0x252c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
11:35:00.0431 0x252c ACPI - ok
11:35:00.0434 0x252c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
11:35:00.0451 0x252c AcpiPmi - ok
11:35:00.0458 0x252c [ C355E18A892271574976DFEC962A66C5, A3E13D15D5B54E77DF74592039E2056E926794B66E44E048BA90AB5006F4F5B7 ] AcPrfMgrSvc C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
11:35:00.0467 0x252c AcPrfMgrSvc - ok
11:35:00.0472 0x252c [ AAA8E68E685DB1B68747E3DF68F96368, 1A5BE239B2D0C6F727303A98CFFC91070B6A05ECD6B9CD05AB326AC1910ECEBF ] acsock C:\Windows\system32\DRIVERS\acsock64.sys
11:35:00.0487 0x252c acsock - ok
11:35:00.0494 0x252c [ 59997CDE434376E03384C2659728DA17, C48FBAEF0FC58B22BB57C5B6650769BCF9D7AA8E556E93BB38A1E205D3DE9549 ] AcSvc C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
11:35:00.0505 0x252c AcSvc - ok
11:35:00.0510 0x252c [ B932E0EE190778D840F1442DFC0F9612, 8780963F14D57279FDD585BE945ED40F24590D32676C7A9EF94002D38B8BA643 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:35:00.0518 0x252c AdobeARMservice - ok
11:35:00.0546 0x252c [ 1EEC35CD4B215AF8C217084EDC629532, 62B527C9AB4443CC2513010E0BAB8474020368827417AAEDCE008B9AB499ECFE ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:35:00.0561 0x252c AdobeFlashPlayerUpdateSvc - ok
11:35:00.0572 0x252c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
11:35:00.0589 0x252c adp94xx - ok
11:35:00.0597 0x252c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
11:35:00.0610 0x252c adpahci - ok
11:35:00.0616 0x252c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
11:35:00.0627 0x252c adpu320 - ok
11:35:00.0632 0x252c [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:35:00.0644 0x252c AeLookupSvc - ok
11:35:00.0655 0x252c [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
11:35:00.0675 0x252c AFD - ok
11:35:00.0679 0x252c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
11:35:00.0688 0x252c agp440 - ok
11:35:00.0692 0x252c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
11:35:00.0706 0x252c ALG - ok
11:35:00.0710 0x252c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
11:35:00.0717 0x252c aliide - ok
11:35:00.0793 0x252c ALSysIO - ok
11:35:00.0825 0x252c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
11:35:00.0832 0x252c amdide - ok
11:35:00.0836 0x252c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
11:35:00.0846 0x252c AmdK8 - ok
11:35:00.0850 0x252c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
11:35:00.0861 0x252c AmdPPM - ok
11:35:00.0866 0x252c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:35:00.0876 0x252c amdsata - ok
11:35:00.0883 0x252c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
11:35:00.0893 0x252c amdsbs - ok
11:35:00.0897 0x252c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:35:00.0904 0x252c amdxata - ok
11:35:00.0908 0x252c [ FCE5C79717A487BDC71F3DEC78A684CA, F5520F112A4EBDD10444AA5E9FDB9125219FCF768FEB95AB608BC84D60136816 ] AppID C:\Windows\system32\drivers\appid.sys
11:35:00.0923 0x252c AppID - ok
11:35:00.0926 0x252c [ 8921E1D8AE5171691F186A7C5B98B630, 4A37313BB94D4B49D0294C9439AD0793DE328F9F4DA1C47E34E6ACEA46AF6E14 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:35:00.0936 0x252c AppIDSvc - ok
11:35:00.0940 0x252c [ DE23E052E557580674785CDF45B613F3, A955ADC6CC7D816BA7CE1065F911E7A3295A1908C22BE0A3C506C38CFEE8DE0D ] Appinfo C:\Windows\System32\appinfo.dll
11:35:00.0950 0x252c Appinfo - ok
11:35:00.0956 0x252c [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
11:35:00.0968 0x252c AppMgmt - ok
11:35:00.0973 0x252c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
11:35:00.0982 0x252c arc - ok
11:35:00.0987 0x252c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
11:35:00.0995 0x252c arcsas - ok
11:35:01.0009 0x252c [ EE424A5CE56E3923D59BB7DE2E15036D, 8B8196870EFE74D43EDA72674021A46846D370E97A6A058134D84A721AECD091 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:35:01.0019 0x252c aspnet_state - ok
11:35:01.0022 0x252c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:35:01.0070 0x252c AsyncMac - ok
11:35:01.0073 0x252c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
11:35:01.0081 0x252c atapi - ok
11:35:01.0095 0x252c [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:35:01.0117 0x252c AudioEndpointBuilder - ok
11:35:01.0131 0x252c [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:35:01.0150 0x252c AudioSrv - ok
11:35:01.0161 0x252c [ 03B45C52179E8DAE51A0F685C30D06D6, E06F066B4BFE5344BBF5749B9B8B8CFBA0C02920FD2B9C73BDDA7E34F1785DA7 ] AVP17.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
11:35:01.0174 0x252c AVP17.0.0 - ok
11:35:01.0180 0x252c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:35:01.0201 0x252c AxInstSV - ok
11:35:01.0211 0x252c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
11:35:01.0231 0x252c b06bdrv - ok
11:35:01.0239 0x252c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
11:35:01.0252 0x252c b57nd60a - ok
11:35:01.0259 0x252c [ 455EB0128FD08E07EACE0C6F754A3AAD, E14237655F64B1576A67CC6A323933F13A5104003B53D46A650420F0279E8ADD ] bcbtums C:\Windows\system32\drivers\bcbtums.sys
11:35:01.0270 0x252c bcbtums - ok
11:35:01.0274 0x252c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
11:35:01.0287 0x252c BDESVC - ok
11:35:01.0292 0x252c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
11:35:01.0315 0x252c Beep - ok
11:35:01.0329 0x252c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
11:35:01.0352 0x252c BFE - ok
11:35:01.0370 0x252c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
11:35:01.0436 0x252c BITS - ok
11:35:01.0440 0x252c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
11:35:01.0450 0x252c blbdrive - ok
11:35:01.0455 0x252c [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:35:01.0468 0x252c bowser - ok
11:35:01.0472 0x252c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
11:35:01.0483 0x252c BrFiltLo - ok
11:35:01.0486 0x252c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
11:35:01.0497 0x252c BrFiltUp - ok
11:35:01.0502 0x252c [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
11:35:01.0528 0x252c BridgeMP - ok
11:35:01.0533 0x252c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
11:35:01.0545 0x252c Browser - ok
11:35:01.0553 0x252c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:35:01.0569 0x252c Brserid - ok
11:35:01.0573 0x252c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:35:01.0583 0x252c BrSerWdm - ok
11:35:01.0587 0x252c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:35:01.0596 0x252c BrUsbMdm - ok
11:35:01.0599 0x252c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:35:01.0608 0x252c BrUsbSer - ok
11:35:01.0612 0x252c [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
11:35:01.0623 0x252c BthEnum - ok
11:35:01.0627 0x252c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
11:35:01.0639 0x252c BTHMODEM - ok
11:35:01.0643 0x252c [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
11:35:01.0656 0x252c BthPan - ok
11:35:01.0668 0x252c [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
11:35:01.0692 0x252c BTHPORT - ok
11:35:01.0701 0x252c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
11:35:01.0730 0x252c bthserv - ok
11:35:01.0735 0x252c [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
11:35:01.0745 0x252c BTHUSB - ok
11:35:01.0758 0x252c [ 96E22173FD0E2670A2A20C1EEECA162A, 2CC26317DBA063058178EA9B775C2A0FA2CF94FEDC6DF89F3D8314207D56DA24 ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
11:35:01.0779 0x252c btwampfl - ok
11:35:01.0785 0x252c [ A771078558477068DFD8037B82EB00F8, 58E1686B12B747639FE3BF4CCA58D48B8BBB349C9D316315AD7237F44EF760A4 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
11:35:01.0794 0x252c btwaudio - ok
11:35:01.0801 0x252c [ 9FF58F76024D25784755B01F926B00BE, 7A2504E326E63B7225FA25EA6D6ED3E7267278F5D2343A375D7F3B3F74EC9F38 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
11:35:01.0810 0x252c btwavdt - ok
11:35:01.0834 0x252c [ C8306C64F95DABC69A11DF3A664C00FB, 1AFE7B7E9FADA3A55CACADA8FEC1C2646CB99DA71CD033A28239932253B807C4 ] btwdins C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
11:35:01.0863 0x252c btwdins - ok
11:35:01.0867 0x252c [ B1ACFD00CDD13B48D86F46BFEC153BF9, CD7BE27D93364735511CC714B85CB7D97E21E84E3C2361EC405BADAAEA550925 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
11:35:01.0874 0x252c btwl2cap - ok
11:35:01.0877 0x252c [ EDD953D635F3AA89EF902E3F82D60D22, 22A60B225A1AD0F25B9715338C805FED9D5F4BCAC296BBC0D045C6935BDA55E7 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
11:35:01.0884 0x252c btwrchid - ok
11:35:01.0889 0x252c [ 32B94975BF6F101C27C43E90FF8ABBEB, B5475D9A705894CBFA583D6E9DAF969527A75800E98D0288182BAB2F10136642 ] busenum C:\Windows\system32\DRIVERS\busenum.sys
11:35:01.0897 0x252c busenum - ok
11:35:01.0922 0x252c [ 4E1D29BD13F186158A4D788DF98984D1, 64D6F925860DDDCEED4342776C0133ECF81A4A70890DE8C7C8A6375F7677D867 ] CAMService C:\Program Files\Intel\CAM\bin\CAMService.exe
11:35:01.0950 0x252c CAMService - ok
11:35:01.0954 0x252c catchme - ok
11:35:01.0959 0x252c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:35:01.0984 0x252c cdfs - ok
11:35:01.0989 0x252c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:35:02.0000 0x252c cdrom - ok
11:35:02.0004 0x252c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
11:35:02.0028 0x252c CertPropSvc - ok
11:35:02.0031 0x252c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
11:35:02.0042 0x252c circlass - ok
11:35:02.0051 0x252c [ 3D67C27DD17B254D7915FA16A5AE3573, 5B3A6C6A7F940C06362775DAF13CEADA37C7AA84A509458A57C23B4369970A90 ] CLFS C:\Windows\system32\CLFS.sys
11:35:02.0065 0x252c CLFS - ok
11:35:02.0073 0x252c [ AA64F36A4DFEE8374D74200F1C1560B9, 179DB04A96524E0D2D601F6A0046AECA50D04992F95452DE5F7081CFB8BABED0 ] Cloud Station Backup VSS Service x64 C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe
11:35:02.0083 0x252c Cloud Station Backup VSS Service x64 - detected UnsignedFile.Multi.Generic ( 1 )
11:35:04.0280 0x252c Detect skipped due to KSN trusted
11:35:04.0280 0x252c Cloud Station Backup VSS Service x64 - ok
11:35:04.0288 0x252c [ 2DD3F8945831AA402A22F955338CF6C2, 45BBD1077F39D6BAE46ACC5B2FB0F80631842BF98E1DCC9BCC181AE70FA8C01C ] Cloud Station Drive VSS Service x64 C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe
11:35:04.0298 0x252c Cloud Station Drive VSS Service x64 - detected UnsignedFile.Multi.Generic ( 1 )
11:35:06.0408 0x252c Detect skipped due to KSN trusted
11:35:06.0408 0x252c Cloud Station Drive VSS Service x64 - ok
11:35:06.0414 0x252c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:35:06.0422 0x252c clr_optimization_v2.0.50727_32 - ok
11:35:06.0427 0x252c [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:35:06.0436 0x252c clr_optimization_v2.0.50727_64 - ok
11:35:06.0445 0x252c [ 5BAF4F1296D4D91FC28560CDB4C37C4B, ACA4BC57ED1F8432F18F0F215EC7FF956BAEF6E02760779E264E4008A979E9DD ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:35:06.0455 0x252c clr_optimization_v4.0.30319_32 - ok
11:35:06.0460 0x252c [ 569B54004A7E85A74FD92841DE6058E2, 58949313D0F6B1C06359B2F3C68E29940B1655A17E93FFC3718F6D2EAE1633E4 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:35:06.0472 0x252c clr_optimization_v4.0.30319_64 - ok
11:35:06.0475 0x252c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
11:35:06.0485 0x252c CmBatt - ok
11:35:06.0488 0x252c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:35:06.0496 0x252c cmdide - ok
11:35:06.0503 0x252c [ B29A764A1E76473CD9D64C9438705C19, CD0497EB84DE60E1E491CA495AF981A8DFC4949BB373C1978CAF1BCF4321D30E ] cm_km C:\Windows\system32\DRIVERS\cm_km.sys
11:35:06.0515 0x252c cm_km - ok
11:35:06.0526 0x252c [ A98CED39AD91B445E2E442A9BD67E8B4, B4189DEEF1C0EE22AE983119047B1A40FFDD8F3E163DFFABD7C2706231B0B1B0 ] CNG C:\Windows\system32\Drivers\cng.sys
11:35:06.0545 0x252c CNG - ok
11:35:06.0549 0x252c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
11:35:06.0556 0x252c Compbatt - ok
11:35:06.0559 0x252c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
11:35:06.0571 0x252c CompositeBus - ok
11:35:06.0574 0x252c COMSysApp - ok
11:35:06.0600 0x252c [ A93043E0B855AD23C97B9121D73DCA7E, B134450EFD61E901A3FA02A97BFE8B23B29E2551081CBE6D07DBC190F3711029 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
11:35:06.0615 0x252c cphs - ok
11:35:06.0690 0x252c cpuz137 - ok
11:35:06.0724 0x252c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
11:35:06.0732 0x252c crcdisk - ok
11:35:06.0739 0x252c [ 2C6632CECFDBBE793FDA8AF9CA55A9CC, 335188515F798483660E529204A13012E4D21B0ECA489224A11C26F91A5B3CCE ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:35:06.0754 0x252c CryptSvc - ok
11:35:06.0765 0x252c [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
11:35:06.0785 0x252c CSC - ok
11:35:06.0802 0x252c [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
11:35:06.0823 0x252c CscService - ok
11:35:06.0830 0x252c [ DC08465037FA57A5203BDF3E963422C2, ADA7F6B4ED68413924E187DA1A609BB7B7AA5E483055994A17AEBC7F1BCEC5F2 ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys
11:35:06.0841 0x252c ctxusbm - ok
11:35:06.0852 0x252c [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch C:\Windows\system32\rpcss.dll
11:35:06.0872 0x252c DcomLaunch - ok
11:35:06.0881 0x252c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
11:35:06.0909 0x252c defragsvc - ok
11:35:06.0914 0x252c [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:35:06.0927 0x252c DfsC - ok
11:35:06.0933 0x252c [ 1E0F456A03E204F92D24437CD907A512, 8BB28AF33BDEFFECC4EC5C6BFBFBDA525A32FA6A26382353E01FF94BAD2A200C ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
11:35:06.0943 0x252c dg_ssudbus - ok
11:35:06.0951 0x252c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
11:35:06.0966 0x252c Dhcp - ok
11:35:06.0993 0x252c [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack C:\Windows\system32\diagtrack.dll
11:35:07.0028 0x252c DiagTrack - ok
11:35:07.0033 0x252c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
11:35:07.0058 0x252c discache - ok
11:35:07.0062 0x252c [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk C:\Windows\system32\drivers\disk.sys
11:35:07.0070 0x252c Disk - ok
11:35:07.0074 0x252c [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
11:35:07.0087 0x252c dmvsc - ok
11:35:07.0093 0x252c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:35:07.0107 0x252c Dnscache - ok
11:35:07.0115 0x252c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
11:35:07.0142 0x252c dot3svc - ok
11:35:07.0151 0x252c [ 497E0E7CD4E6A708EDF8EF4D1702F427, 53591AFB2CACD1A1EDEAEDFABE57E04E219E0A7112F168E78A34DFE9413D7CEC ] DozeSvc C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
11:35:07.0164 0x252c DozeSvc - ok
11:35:07.0169 0x252c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
11:35:07.0196 0x252c DPS - ok
11:35:07.0199 0x252c [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:35:07.0273 0x252c drmkaud - ok
11:35:07.0294 0x252c [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:35:07.0319 0x252c DXGKrnl - ok
11:35:07.0324 0x252c [ 3CE83D7EE95D9C9F03323810A2E747DF, 50E34E2EC26584A1BE06EA5049481D1AE2F3213B2A81BA86411623ADCEE24F53 ] DzHDD64 C:\Windows\system32\DRIVERS\DzHDD64.sys
11:35:07.0331 0x252c DzHDD64 - ok
11:35:07.0334 0x252c [ A0D5450B3D4689DCE4CBBC8268141C37, 86674139314058AB8D8B12BED193828C006329CBA70FA5469E5D39526867B346 ] e.dentifier2 C:\Windows\system32\DRIVERS\aabed2.sys
11:35:07.0345 0x252c e.dentifier2 - ok
11:35:07.0350 0x252c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
11:35:07.0375 0x252c EapHost - ok
11:35:07.0434 0x252c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
11:35:07.0506 0x252c ebdrv - ok
11:35:07.0514 0x252c [ B90BEFCCEB59C83AC65BFD39EF7404F4, E67C41BF4512948F4F30CE981F4BCF52E3A93EBBAE8408783E9D2D3A04C5CB46 ] ecnssndis C:\Windows\system32\Drivers\wwuss64.sys
11:35:07.0522 0x252c ecnssndis - ok
11:35:07.0525 0x252c [ 1CF09C0555BE49EFE96B33BDA514A334, 63D57C887EB259EA364CBF89AB1D85D7C86D980AAD26E727185ED48348D60A15 ] ecnssndisfltr C:\Windows\system32\Drivers\wwussf64.sys
11:35:07.0533 0x252c ecnssndisfltr - ok
11:35:07.0536 0x252c [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] EFS C:\Windows\System32\lsass.exe
11:35:07.0548 0x252c EFS - ok
11:35:07.0562 0x252c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:35:07.0587 0x252c ehRecvr - ok
11:35:07.0592 0x252c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
11:35:07.0604 0x252c ehSched - ok
11:35:07.0615 0x252c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
11:35:07.0633 0x252c elxstor - ok
11:35:07.0637 0x252c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:35:07.0646 0x252c ErrDev - ok
11:35:07.0659 0x252c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
11:35:07.0690 0x252c EventSystem - ok
11:35:07.0705 0x252c [ 323740D842252032D57B5DED757C65D5, 617875CA136E0CDA7C4856C4D0C2B233EE09078E5B46C515CA2476CCCE44AF00 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
11:35:07.0722 0x252c EvtEng - ok
11:35:07.0729 0x252c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
11:35:07.0759 0x252c exfat - ok
11:35:07.0766 0x252c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:35:07.0795 0x252c fastfat - ok
11:35:07.0809 0x252c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
11:35:07.0833 0x252c Fax - ok
11:35:07.0838 0x252c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
11:35:07.0847 0x252c fdc - ok
11:35:07.0850 0x252c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
11:35:07.0875 0x252c fdPHost - ok
11:35:07.0878 0x252c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
11:35:07.0903 0x252c FDResPub - ok
11:35:07.0907 0x252c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:35:07.0915 0x252c FileInfo - ok
11:35:07.0918 0x252c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:35:07.0945 0x252c Filetrace - ok
11:35:07.0948 0x252c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
11:35:07.0957 0x252c flpydisk - ok
11:35:07.0965 0x252c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:35:07.0977 0x252c FltMgr - ok
11:35:07.0999 0x252c [ 700A5373FA66F1DAAECBD2CFB88C73ED, D6C1C4C846BC24EB6539ECC701A456FA53BB6679C79391F5B70580D47B6CE395 ] FontCache C:\Windows\system32\FntCache.dll
11:35:08.0035 0x252c FontCache - ok
11:35:08.0040 0x252c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:35:08.0047 0x252c FontCache3.0.0.0 - ok
11:35:08.0051 0x252c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:35:08.0059 0x252c FsDepends - ok
11:35:08.0062 0x252c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:35:08.0071 0x252c Fs_Rec - ok
11:35:08.0078 0x252c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:35:08.0091 0x252c fvevol - ok
11:35:08.0095 0x252c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
11:35:08.0103 0x252c gagp30kx - ok
11:35:08.0106 0x252c [ 9F5E8645FECD68C0ECC374F5A4AE068A, 7F225A1DC6B665EF3DB8B19D553194A1D6020EEDA74A9CEE0E9B22FE4573C4B6 ] gfiark C:\Windows\system32\drivers\gfiark.sys
11:35:08.0114 0x252c gfiark - ok
11:35:08.0117 0x252c [ 14908F4F9005C29DE8F5587E271390EE, 43DDFA99F52467F91019DB858989F111EBE48A2BED8D43EA2C15D1FD3C104489 ] gfibto C:\Windows\system32\drivers\gfibto.sys
11:35:08.0124 0x252c gfibto - ok
11:35:08.0140 0x252c [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc C:\Windows\System32\gpsvc.dll
11:35:08.0165 0x252c gpsvc - ok
11:35:08.0171 0x252c [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:35:08.0179 0x252c gupdate - ok
11:35:08.0184 0x252c [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:35:08.0192 0x252c gupdatem - ok
11:35:08.0195 0x252c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:35:08.0207 0x252c hcw85cir - ok
11:35:08.0216 0x252c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:35:08.0233 0x252c HdAudAddService - ok
11:35:08.0238 0x252c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
11:35:08.0251 0x252c HDAudBus - ok
11:35:08.0255 0x252c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
11:35:08.0264 0x252c HidBatt - ok
11:35:08.0268 0x252c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
11:35:08.0280 0x252c HidBth - ok
11:35:08.0284 0x252c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
11:35:08.0295 0x252c HidIr - ok
11:35:08.0299 0x252c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
11:35:08.0324 0x252c hidserv - ok
11:35:08.0328 0x252c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:35:08.0338 0x252c HidUsb - ok
11:35:08.0343 0x252c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:35:08.0367 0x252c hkmsvc - ok
11:35:08.0374 0x252c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:35:08.0387 0x252c HomeGroupListener - ok
11:35:08.0393 0x252c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:35:08.0405 0x252c HomeGroupProvider - ok
11:35:08.0409 0x252c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
11:35:08.0417 0x252c HpSAMD - ok
11:35:08.0432 0x252c [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:35:08.0457 0x252c HTTP - ok
11:35:08.0480 0x252c [ E5805896A55D4166C20F216249F40FA3, F426BF60D5B916E7A778EF24C49FE1FFE1B2977C2ABD2977FD5C38C6E6CB139F ] HWiNFO32 C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS
11:35:08.0487 0x252c HWiNFO32 - ok
11:35:08.0490 0x252c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:35:08.0497 0x252c hwpolicy - ok
11:35:08.0505 0x252c [ 16A7CA284629A4D002F7B992C9A49EF9, FEA48B8DAAE18042C87F05D7C07251F4543D0E9F49C7B705E55477E7F75884A3 ] HyperW7Svc C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
11:35:08.0513 0x252c HyperW7Svc - ok
11:35:08.0518 0x252c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
11:35:08.0528 0x252c i8042prt - ok
11:35:08.0541 0x252c [ CCFA835960E35F30D28A868E0B3B8722, 47D95E75685F9D40229902A92426FBCB358EA929202EAFBBF79C72873B8B9032 ] iaStor C:\Windows\system32\drivers\iaStor.sys
11:35:08.0557 0x252c iaStor - ok
11:35:08.0570 0x252c [ 8BE099617DA18FE085A40D47FC156B1B, A5F7AB41D32DF8A12F1945C263EE954CE15069C3CFD7131C74A8A3F4EC3AC122 ] iaStorA C:\Windows\system32\DRIVERS\iaStorA.sys
11:35:08.0588 0x252c iaStorA - ok
11:35:08.0592 0x252c [ 005C0887D8B57A19883E3ADEF5478F05, E4D53F6197F128C5A753DBA0592619893D93F87575678E9708830B04C4CE1553 ] iaStorF C:\Windows\system32\DRIVERS\iaStorF.sys
11:35:08.0599 0x252c iaStorF - ok
11:35:08.0608 0x252c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:35:08.0623 0x252c iaStorV - ok
11:35:08.0627 0x252c [ 053DFE4E6324B828C16CB6F5B9F20790, 17347896126DE49C570D2AC025F2A4BB8250B67ECD6A6D31B80EBD9423799F0B ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys
11:35:08.0638 0x252c IBMPMDRV - ok
11:35:08.0644 0x252c [ D84EF85ED4F2044784A44C211A27D065, FA18EA57507353DC3DB18F840F0499D7874AC055E3190E4D76DB9AA1021FC674 ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
11:35:08.0655 0x252c IBMPMSVC - ok
11:35:08.0661 0x252c [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
11:35:08.0670 0x252c ICCS - ok
11:35:08.0687 0x252c [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:35:08.0710 0x252c idsvc - ok
11:35:08.0714 0x252c IEEtwCollectorService - ok
11:35:08.0809 0x252c [ E294EA00A7B5616215C0A3DFB8BF3A6D, F7E20695EF0A9E4F6C30F86823BBF24CE7CBDE9432958A1D98E82E62DCCCB167 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
11:35:08.0920 0x252c igfx - ok
11:35:08.0929 0x252c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
11:35:08.0937 0x252c iirsp - ok
11:35:08.0954 0x252c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
11:35:08.0976 0x252c IKEEXT - ok
11:35:08.0982 0x252c [ 314285071F7117263BD246E35C17FD82, 12E135DAB9D717D697026800C97FB58A64C0C37ACE715C2805A411A5384CB55A ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
11:35:08.0989 0x252c intaud_WaveExtensible - ok
11:35:09.0052 0x252c [ 0CDE7928C4B99C25AAED3B4E84E78168, 5B5444574551D2637A3827F26D248573AECE1B12DFA175C13B10B2A777AD2513 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:35:09.0128 0x252c IntcAzAudAddService - ok
11:35:09.0143 0x252c [ B375D8686E1BD2B79C0F00E3868A8C3B, A15D99F04B69FB37ED3AC0C3BBA464BF6D6EB1873D4AE1062983120E3BD1C4DB ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
11:35:09.0157 0x252c IntcDAud - ok
11:35:09.0172 0x252c [ C6128F2E3DC6156C6F8828F9F1B96010, 612C1191AFB8F69BA5634E8C52BDDE608F57D98FA4C76C5A337676A5F1E8191D ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
11:35:09.0191 0x252c Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
11:35:11.0308 0x252c Detect skipped due to KSN trusted
11:35:11.0308 0x252c Intel(R) Capability Licensing Service Interface - ok
11:35:11.0325 0x252c [ 729AB4F0608E95EFF8FDEF23596283E2, 62A2091FF440C65505AB3E38436A86D9B0978BCB9485960EFCE0C5CBC8E06201 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
11:35:11.0346 0x252c Intel(R) Capability Licensing Service TCP IP Interface - ok
11:35:11.0349 0x252c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
11:35:11.0357 0x252c intelide - ok
11:35:11.0361 0x252c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:35:11.0371 0x252c intelppm - ok
11:35:11.0376 0x252c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:35:11.0402 0x252c IPBusEnum - ok
11:35:11.0406 0x252c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:35:11.0430 0x252c IpFilterDriver - ok
11:35:11.0442 0x252c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:35:11.0461 0x252c iphlpsvc - ok
11:35:11.0466 0x252c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
11:35:11.0476 0x252c IPMIDRV - ok
11:35:11.0480 0x252c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:35:11.0507 0x252c IPNAT - ok
11:35:11.0510 0x252c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:35:11.0523 0x252c IRENUM - ok
11:35:11.0526 0x252c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:35:11.0536 0x252c isapnp - ok
11:35:11.0543 0x252c [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
11:35:11.0556 0x252c iScsiPrt - ok
11:35:11.0560 0x252c [ 970995B7C36F4408ED31C3BF204FE1F5, 466C5FA3A26E997009E33EA9B0923BFE7FCC9D367444F31C1BEB3D6EACDB6BA9 ] ISCT C:\Windows\system32\DRIVERS\ISCTD64.sys
11:35:11.0567 0x252c ISCT - ok
11:35:11.0571 0x252c [ 68CF5515B176527523ED379915350AE3, C69C7B69ECAE290A27F0D3DF6C989CDA667A0C4807216D3C0390EECFC4108D16 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
11:35:11.0578 0x252c iusb3hcs - ok
11:35:11.0587 0x252c [ EE522B28633D275BFE12EF70F4936E37, 420153B13CF3C2AD566A8A3EAFDBE57877E41BA8D3130447EFF97E14D2C61FED ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
11:35:11.0600 0x252c iusb3hub - ok
11:35:11.0616 0x252c [ 69AB13996A97F8168538F98FB832A86B, 305DD07ACE25E83175FD95DBBB4B1A276ECFB1DAB840595182C03FED7B02B2EB ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
11:35:11.0637 0x252c iusb3xhc - ok
11:35:11.0642 0x252c [ 4487AD9C070D3973FE28AB4406555FC6, 77D8DE3036613618D44D7E5E47C9C754B8F0FF294D9DD778C92A7AFDA8F778FC ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
11:35:11.0650 0x252c iwdbus - ok
11:35:11.0657 0x252c [ A3B59E5887B294F2ED06A522F0FDC9D3, 38B8453FC100C74376E6B36D71F27228D1EBE1094ED0175F96C018C958B1B37A ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
11:35:11.0665 0x252c jhi_service - ok
11:35:11.0669 0x252c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:35:11.0677 0x252c kbdclass - ok
11:35:11.0680 0x252c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:35:11.0690 0x252c kbdhid - ok
11:35:11.0693 0x252c [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] KeyIso C:\Windows\system32\lsass.exe
11:35:11.0703 0x252c KeyIso - ok
11:35:11.0715 0x252c [ 97E3E8F35632EECD0ABD2DE6519A9666, ABE96FDEB1076E380D7FB4975C020B43ED4E821097EFC6AFE8C75D764167D6E8 ] kl1 C:\Windows\system32\DRIVERS\kl1.sys
11:35:11.0734 0x252c kl1 - ok
11:35:11.0739 0x252c [ B01AD8DA034EE42D4C2282F77FDB03AE, 3FF55F3CEE4A0E5D559F04F5A639297EA0F36580720E94CF9DD56DEBF2E98F39 ] klbackupdisk C:\Windows\system32\DRIVERS\klbackupdisk.sys
11:35:11.0749 0x252c klbackupdisk - ok
11:35:11.0754 0x252c [ 39DFFABF0E74E1F4856EF0A9E696C337, F7CA397BC87B01EAF0A2B737447B0B84ACCD72782473CA98FA73DA3232B64AD7 ] klbackupflt C:\Windows\system32\DRIVERS\klbackupflt.sys
11:35:11.0764 0x252c klbackupflt - ok
11:35:11.0768 0x252c [ 7DAA9047F50BF5A3F8C147719FC520AF, 0740387075AF46DB1E9AEE3B12C65A06EDFE58EADB8B562C36CB1FEFF9905C26 ] kldisk C:\Windows\system32\DRIVERS\kldisk.sys
11:35:11.0779 0x252c kldisk - ok
11:35:11.0786 0x252c [ DCF9E429D30DD641F948DF7F6B1AE098, 04A2241B93FA6C543BC57FA5E7817D526F0BB98970A8DA1EF2783300227DC58C ] klflt C:\Windows\system32\DRIVERS\klflt.sys
11:35:11.0798 0x252c klflt - ok
11:35:11.0807 0x252c [ 9A5B29ADF3F6F3A09DD92C6A6C6C4C3C, F8F8FC5CEE5A39C53FB39EC8F5B55EEC318206690B81A4D32C27018294820ECB ] klhk C:\Windows\system32\DRIVERS\klhk.sys
11:35:11.0823 0x252c klhk - ok
11:35:11.0844 0x252c [ EE74069475F36F56042150ED71876D5E, DE2E87B4610A1BA4A18FB81786CE1106D367B19DDE1ADE0FD9EA2532D1A3B4D2 ] KLIF C:\Windows\system32\DRIVERS\klif.sys
11:35:11.0873 0x252c KLIF - ok
11:35:11.0877 0x252c [ F8AE6D4060F8822D246D493359D06201, 9974A80DF0CF22ACB8A4F37E1A19E27ACB4F16429FDC194608762E02BE23FDD9 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
11:35:11.0888 0x252c KLIM6 - ok
11:35:11.0892 0x252c [ DDBA4D4C8C08E4C972D7AF7B06B84804, FDC9138316C1ADA0895BBB9358EC74CD1E1B546E09EA1079393C4E6568523612 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
11:35:11.0902 0x252c klkbdflt - ok
11:35:11.0906 0x252c [ D792857D47B8DF5BFEC02534C1933BE2, BDD483FA8E2DC50DB4E54D475867455F0D7E115494E2A31CD27A065C7EC26951 ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
11:35:11.0915 0x252c klmouflt - ok
11:35:11.0918 0x252c [ 6B0C605591C892CBB683F63EA47822DC, E74C0A0501A1B4B56B417402108521F34DA6A23FCD1C05E4E524E41EBA0906FF ] klpd C:\Windows\system32\DRIVERS\klpd.sys
11:35:11.0928 0x252c klpd - ok
11:35:11.0932 0x252c [ 828B042A95F055648DA190DF6C7AB1B6, 0457B0EF03BCB4CC1297EB25A25C162937F456BF406EC7B1A5E9A0AA13A9BCD7 ] kltap C:\Windows\system32\DRIVERS\kltap.sys
11:35:11.0941 0x252c kltap - ok
11:35:11.0945 0x252c [ CFE5FD219EC7773D5674C6EDDF8C1A98, 34F7EEA492690980BE3A76E978D545CA49245E668174A51C9209B878ADA1E96A ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
11:35:11.0956 0x252c kltdi - ok
11:35:11.0962 0x252c [ D7F0B46844565E2ED68AC99AF0F4263F, AB419CBC29F96703237127AC4178A5365D4CCA010BAB1BD66D100D635E6E89B8 ] klvssbrigde64 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe
11:35:11.0970 0x252c klvssbrigde64 - ok
11:35:11.0975 0x252c [ D476ABA10C8429EB69E8F943247A5423, EC74FECA4A85D05D426D0A16A302ACA71CD47A8F1A83361D732ACC8F0A0EE971 ] Klwtp C:\Windows\system32\DRIVERS\klwtp.sys
11:35:11.0987 0x252c Klwtp - ok
11:35:11.0994 0x252c [ 67EFD862ACEFCB9687523832C62FA584, B3C9A36C535B706EB19E5C5437705E8C5EC71F45115A2C97E1348462EC2A3922 ] kneps C:\Windows\system32\DRIVERS\kneps.sys
11:35:12.0007 0x252c kneps - ok
11:35:12.0014 0x252c [ EFF5EA6088DB81C6EF6EDCDA5EE79909, 4D364B0BF012C335FA3B25BDF042D4AF672D961B9B48CB7C5BE34FCFD1D64979 ] KSDE1.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
11:35:12.0025 0x252c KSDE1.0.0 - ok
11:35:12.0031 0x252c [ 6F5F0C6160EF237F0243C1E416EEBA98, 8BA8AA0D71350A74E294A731226B1638C6059013D645ABDE7188F7733E320FBD ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:35:12.0040 0x252c KSecDD - ok
11:35:12.0046 0x252c [ 05529E53B286FD60E7EF04EF138CABFD, 6C045750DCD3EE76F748582513AD4FA99C0E8E56B616725CD48DCA1068FF8923 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:35:12.0056 0x252c KSecPkg - ok
11:35:12.0059 0x252c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:35:12.0083 0x252c ksthunk - ok
11:35:12.0091 0x252c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
11:35:12.0121 0x252c KtmRm - ok
11:35:12.0127 0x252c [ 69355633064DF425098477A3247B9448, 07F5E633D9C7FEEC1B451765EBD27835AB101B29230DAC037C2B659074C586A9 ] l36wgps C:\Windows\system32\DRIVERS\l36wgps64.sys
11:35:12.0136 0x252c l36wgps - ok
11:35:12.0140 0x252c [ 95DA07E4859396912D8E5630DA5A9324, E49278419B7F121C8A51926B56043D2BD0CE26335F580BBAE394348275542B48 ] l36wscard C:\Windows\system32\DRIVERS\l36wscard.sys
11:35:12.0147 0x252c l36wscard - ok
11:35:12.0155 0x252c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
11:35:12.0182 0x252c LanmanServer - ok
11:35:12.0188 0x252c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:35:12.0214 0x252c LanmanWorkstation - ok
11:35:12.0264 0x252c [ 8FB6D64CB42E660C4534D38013D64A03, 11A6A914E8588DDFDE32D12A858BA8A31783B5DDB42C9E7FD0F237D57A437976 ] LavasoftTcpService C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
11:35:12.0316 0x252c LavasoftTcpService - ok
11:35:12.0324 0x252c [ 070A31A7AEDBC6FC0E990D4944A95FB4, A486D85D1F4857F832AA45372FF531C9001329FD02CEFB16DDC1C82CDC0A8FF1 ] LenLan C:\Windows\system32\DRIVERS\LenLan.sys
11:35:12.0336 0x252c LenLan - ok
11:35:12.0341 0x252c [ F96ADC7EA527C2588CB0A7AA94F23B31, BA317F71F2035DE1CF856381A92463E31DFFB580B23275F34A3770D13313F0FE ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
11:35:12.0349 0x252c LENOVO.MICMUTE - ok
11:35:12.0354 0x252c [ EE982F13F0957AB40992DDBC47164A76, C75AA052A8B2E5A1CBA06C32D855B74C576F2E349B8D1A4570F7E991933FEE6A ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
11:35:12.0362 0x252c Lenovo.VIRTSCRLSVC - ok
11:35:12.0366 0x252c [ 77D5786C6A7765503884E38706C9FD5E, 827DC2069AA0997DB87E118AAAA53575D97A89147C1451464986F8D68A329D41 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
11:35:12.0375 0x252c LHidFilt - ok
11:35:12.0378 0x252c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:35:12.0403 0x252c lltdio - ok
11:35:12.0410 0x252c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:35:12.0440 0x252c lltdsvc - ok
11:35:12.0444 0x252c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:35:12.0470 0x252c lmhosts - ok
11:35:12.0474 0x252c [ F84023FB2E3DEA06103501974A2EDB44, 38144EB7DE7F0B33F9C3E637715834CD0860CCE11915C77065000949767D98DF ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
11:35:12.0481 0x252c LMouFilt - ok
11:35:12.0490 0x252c [ 3142FC089FE8FCF79B442B91BC4F0C16, ECF8E9CC84B87D19C4762E73EA2DD80B336A9C42A67512F2E73179F49484592A ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
11:35:12.0503 0x252c LMS - ok
11:35:12.0506 0x252c [ 285BE1702B8ED8EDDE032C2994845A48, 2E8829A7F28456B9035A53C2488507577B5A08C5E90C29B0089386773D31A453 ] lnvDiscoveryWinSvc C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe
11:35:12.0513 0x252c lnvDiscoveryWinSvc - ok
11:35:12.0529 0x252c [ 67569B50D28182AE1B21C46815CE58D0, 8332604147643BB151DB035F97A611B0D935DA6778266D9913BC945D5789EF87 ] LPlatSvc C:\Windows\system32\LPlatSvc.exe
11:35:12.0551 0x252c LPlatSvc - ok
11:35:12.0561 0x252c [ FD66828B7E8D085FD0F6009444525636, EA9405BA323EF8B1972669713C45DF1F2BF9C4C55310FEE6367FA8C9DE2CC164 ] LSC.Services.SystemService C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe
11:35:12.0575 0x252c LSC.Services.SystemService - ok
11:35:12.0580 0x252c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
11:35:12.0590 0x252c LSI_FC - ok
11:35:12.0594 0x252c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
11:35:12.0603 0x252c LSI_SAS - ok
11:35:12.0608 0x252c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
11:35:12.0616 0x252c LSI_SAS2 - ok
11:35:12.0621 0x252c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
11:35:12.0630 0x252c LSI_SCSI - ok
11:35:12.0635 0x252c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
11:35:12.0661 0x252c luafv - ok
11:35:12.0664 0x252c [ 97355D9AAC9EC42A7DFC9664F81FC699, B96E483271F326135F2CB7797A7EEFFCA275761FE75134849DCAA812E26523B8 ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys
11:35:12.0671 0x252c LUsbFilt - ok
11:35:12.0681 0x252c [ 7FC758B6B562E8105758328961EE50F2, DE12E5C0283510C21632157D151D1168C09CCEB3F3BFAA58357DE652450687FE ] Mbm3CBus C:\Windows\system32\DRIVERS\Mbm3CBus.sys
11:35:12.0696 0x252c Mbm3CBus - ok
11:35:12.0706 0x252c [ 9644C6B313A08B36E3577193FE844197, BA51DFD136CC741EF908402F21FC6748805B50EC4DE162415E50A3273D0EA3BE ] Mbm3DevMt C:\Windows\system32\DRIVERS\Mbm3DevMt.sys
11:35:12.0721 0x252c Mbm3DevMt - ok
11:35:12.0725 0x252c [ FAFA77810CB6C4E196C7CD28855292BB, C59E5C297FDE253DACAC4371847E7BA741CCE297633EBA92CD028930D70B28CB ] Mbm3mdfl C:\Windows\system32\DRIVERS\Mbm3mdfl.sys
11:35:12.0732 0x252c Mbm3mdfl - ok
11:35:12.0743 0x252c [ A1A8597F1EB14A27DDA510371498C0AB, 6D22A5FA1C22FD871146516311C1F657B59CFAFF9458CCF8F2D55C971353F4A1 ] Mbm3Mdm C:\Windows\system32\DRIVERS\Mbm3Mdm.sys
11:35:12.0758 0x252c Mbm3Mdm - ok
11:35:12.0762 0x252c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:35:12.0772 0x252c Mcx2Svc - ok
11:35:12.0775 0x252c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
11:35:12.0782 0x252c megasas - ok
11:35:12.0790 0x252c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
11:35:12.0802 0x252c MegaSR - ok
11:35:12.0806 0x252c [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
11:35:12.0814 0x252c MEIx64 - ok
11:35:12.0819 0x252c Microsoft SharePoint Workspace Audit Service - ok
11:35:12.0823 0x252c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
11:35:12.0852 0x252c MMCSS - ok
11:35:12.0855 0x252c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
11:35:12.0879 0x252c Modem - ok
11:35:12.0882 0x252c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:35:12.0893 0x252c monitor - ok
11:35:12.0897 0x252c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:35:12.0905 0x252c mouclass - ok
11:35:12.0908 0x252c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:35:12.0917 0x252c mouhid - ok
11:35:12.0921 0x252c [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:35:12.0929 0x252c mountmgr - ok
11:35:12.0935 0x252c [ ADF79A49E942C91D1FC9863CBFDD6B58, C2B2A792C4717133DCAE6297EE3F5D985B11D3C1E68A8DC23985AC6B78ACDE98 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:35:12.0946 0x252c MozillaMaintenance - ok
11:35:12.0951 0x252c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
11:35:12.0963 0x252c mpio - ok
11:35:12.0968 0x252c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:35:12.0992 0x252c mpsdrv - ok
11:35:13.0010 0x252c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
11:35:13.0046 0x252c MpsSvc - ok
11:35:13.0052 0x252c [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:35:13.0067 0x252c MRxDAV - ok
11:35:13.0074 0x252c [ 632E8A00090E4F85F304E152C92C7F2C, A3098941251A8327C95E6B1122384D54FB0ED705A9215577D968EA5B5FD88C87 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:35:13.0089 0x252c mrxsmb - ok
11:35:13.0097 0x252c [ 0D9C05484F2F4BD9D33A615D5DBE67EA, 1E164B631B1CD85DD5B205284CB547B189609946490AAABD22741743BFB413DF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:35:13.0112 0x252c mrxsmb10 - ok
11:35:13.0118 0x252c [ 6123E6FECC1C164022868FB1982271BE, 417E6C7AFF8B014B31AFCC202B0DCEECBDBB73205DF8C3EFC7E313664E284178 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:35:13.0129 0x252c mrxsmb20 - ok
11:35:13.0133 0x252c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
11:35:13.0141 0x252c msahci - ok
11:35:13.0146 0x252c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:35:13.0156 0x252c msdsm - ok
11:35:13.0161 0x252c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
11:35:13.0174 0x252c MSDTC - ok
11:35:13.0179 0x252c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:35:13.0204 0x252c Msfs - ok
11:35:13.0207 0x252c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:35:13.0232 0x252c mshidkmdf - ok
11:35:13.0235 0x252c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:35:13.0245 0x252c msisadrv - ok
11:35:13.0251 0x252c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:35:13.0277 0x252c MSiSCSI - ok
11:35:13.0280 0x252c msiserver - ok
11:35:13.0283 0x252c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:35:13.0307 0x252c MSKSSRV - ok
11:35:13.0310 0x252c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:35:13.0333 0x252c MSPCLOCK - ok
11:35:13.0336 0x252c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:35:13.0361 0x252c MSPQM - ok
11:35:13.0371 0x252c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:35:13.0384 0x252c MsRPC - ok
11:35:13.0389 0x252c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
11:35:13.0397 0x252c mssmbios - ok
11:35:13.0400 0x252c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:35:13.0425 0x252c MSTEE - ok
11:35:13.0427 0x252c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
11:35:13.0436 0x252c MTConfig - ok
11:35:13.0440 0x252c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
11:35:13.0449 0x252c Mup - ok
11:35:13.0457 0x252c [ CD8DD76B58803B36FDC7C6B5D68300DD, 7F8672E22BFC2993A50D85F7749C1007FA7C4010FB51CA44F47B2A3028FEC0B7 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
11:35:13.0468 0x252c MyWiFiDHCPDNS - ok
11:35:13.0479 0x252c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
11:35:13.0511 0x252c napagent - ok
11:35:13.0519 0x252c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:35:13.0537 0x252c NativeWifiP - ok
11:35:13.0555 0x252c [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:35:13.0581 0x252c NDIS - ok
11:35:13.0585 0x252c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:35:13.0611 0x252c NdisCap - ok
11:35:13.0614 0x252c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:35:13.0639 0x252c NdisTapi - ok
11:35:13.0642 0x252c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:35:13.0667 0x252c Ndisuio - ok
11:35:13.0673 0x252c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:35:13.0701 0x252c NdisWan - ok
11:35:13.0704 0x252c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:35:13.0728 0x252c NDProxy - ok
11:35:13.0731 0x252c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:35:13.0756 0x252c NetBIOS - ok
11:35:13.0763 0x252c [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:35:13.0780 0x252c NetBT - ok
11:35:13.0784 0x252c [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] Netlogon C:\Windows\system32\lsass.exe
11:35:13.0793 0x252c Netlogon - ok
11:35:13.0801 0x252c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
11:35:13.0831 0x252c Netman - ok
11:35:13.0839 0x252c [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:35:13.0851 0x252c NetMsmqActivator - ok
11:35:13.0855 0x252c [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:35:13.0865 0x252c NetPipeActivator - ok
11:35:13.0875 0x252c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
11:35:13.0907 0x252c netprofm - ok
11:35:13.0912 0x252c [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:35:13.0923 0x252c NetTcpActivator - ok
11:35:13.0927 0x252c [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:35:13.0938 0x252c NetTcpPortSharing - ok
11:35:14.0138 0x252c [ 9233F2F1A3CD407A6622F6D38F120838, BA63FB78A29718F5F9DE5B967B4BAE8D3F455356855BB8E2A03DFF760BE6A6DA ] NETwNs64 C:\Windows\system32\DRIVERS\Netwsw00.sys
11:35:14.0364 0x252c NETwNs64 - ok
11:35:14.0377 0x252c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
11:35:14.0386 0x252c nfrd960 - ok
11:35:14.0393 0x252c [ BC4B7FA7F7EBE5E9CC70885A2CB727D0, 0BC3EF7B5CEC9A4639607E5F901A65296F150B451714DF754847637D98CD8D98 ] NitroDriverReadSpool2 C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
11:35:14.0402 0x252c NitroDriverReadSpool2 - ok
11:35:14.0410 0x252c [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
11:35:14.0426 0x252c NlaSvc - ok
11:35:14.0430 0x252c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:35:14.0454 0x252c Npfs - ok
11:35:14.0457 0x252c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
11:35:14.0482 0x252c nsi - ok
11:35:14.0485 0x252c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:35:14.0510 0x252c nsiproxy - ok
11:35:14.0544 0x252c [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:35:14.0584 0x252c Ntfs - ok
11:35:14.0589 0x252c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
11:35:14.0614 0x252c Null - ok
11:35:14.0619 0x252c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:35:14.0629 0x252c nvraid - ok
11:35:14.0634 0x252c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:35:14.0645 0x252c nvstor - ok
11:35:14.0650 0x252c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:35:14.0659 0x252c nv_agp - ok
11:35:14.0663 0x252c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:35:14.0673 0x252c ohci1394 - ok
11:35:14.0678 0x252c [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:35:14.0687 0x252c ose - ok
11:35:14.0770 0x252c [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:35:14.0862 0x252c osppsvc - ok
11:35:14.0878 0x252c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:35:14.0895 0x252c p2pimsvc - ok
11:35:14.0909 0x252c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
11:35:14.0924 0x252c p2psvc - ok
11:35:14.0929 0x252c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
11:35:14.0939 0x252c Parport - ok
11:35:14.0943 0x252c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:35:14.0951 0x252c partmgr - ok
11:35:14.0958 0x252c [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc C:\Windows\System32\pcasvc.dll
11:35:14.0974 0x252c PcaSvc - ok
11:35:14.0981 0x252c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
11:35:14.0992 0x252c pci - ok
11:35:14.0995 0x252c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
11:35:15.0003 0x252c pciide - ok
11:35:15.0009 0x252c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
11:35:15.0021 0x252c pcmcia - ok
11:35:15.0025 0x252c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
11:35:15.0033 0x252c pcw - ok
11:35:15.0046 0x252c [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:35:15.0067 0x252c PEAUTH - ok
11:35:15.0095 0x252c [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
11:35:15.0135 0x252c PeerDistSvc - ok
11:35:15.0164 0x252c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
11:35:15.0175 0x252c PerfHost - ok
11:35:15.0181 0x252c [ B4C1BF666DBD6899EC4A9A499DAA040B, D6F9E42F25DCBE19A3766165D96CC2D30E834B19B841688FD6A2E26FD9166315 ] PHCORE C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS
11:35:15.0189 0x252c PHCORE - ok
11:35:15.0217 0x252c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
11:35:15.0263 0x252c pla - ok
11:35:15.0275 0x252c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
|
|
07.02.2017, 11:42
| #6 |
| | Ungewünschte Webseite öffnet sichCode:
ATTFilter 11:35:15.0294 0x252c PlugPlay - ok
11:35:15.0298 0x252c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:35:15.0308 0x252c PNRPAutoReg - ok
11:35:15.0316 0x252c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:35:15.0329 0x252c PNRPsvc - ok
11:35:15.0341 0x252c [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:35:15.0360 0x252c PolicyAgent - ok
11:35:15.0368 0x252c [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power C:\Windows\system32\umpo.dll
11:35:15.0383 0x252c Power - ok
11:35:15.0415 0x252c [ 3E1BA96F0B2E07117AD0E81C2B685E32, 8E6C45C1222D3C5442ECCE5E29B1023DDEB1E457FE86267A1DDEF8ED06ADDB3B ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
11:35:15.0448 0x252c Power Manager DBC Service - ok
11:35:15.0456 0x252c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:35:15.0481 0x252c PptpMiniport - ok
11:35:15.0485 0x252c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
11:35:15.0497 0x252c Processor - ok
11:35:15.0503 0x252c [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
11:35:15.0517 0x252c ProfSvc - ok
11:35:15.0520 0x252c [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] ProtectedStorage C:\Windows\system32\lsass.exe
11:35:15.0529 0x252c ProtectedStorage - ok
11:35:15.0532 0x252c [ 05A4779E4994B21473EDBE85AABE8030, AFD597461B036FDE42013648A4D542B02AE1D7E128BF0B193BA4B478432F0C72 ] psadd C:\Windows\system32\DRIVERS\psadd.sys
11:35:15.0538 0x252c psadd - ok
11:35:15.0543 0x252c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:35:15.0568 0x252c Psched - ok
11:35:15.0595 0x252c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
11:35:15.0630 0x252c ql2300 - ok
11:35:15.0638 0x252c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
11:35:15.0648 0x252c ql40xx - ok
11:35:15.0654 0x252c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
11:35:15.0670 0x252c QWAVE - ok
11:35:15.0673 0x252c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:35:15.0685 0x252c QWAVEdrv - ok
11:35:15.0688 0x252c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:35:15.0713 0x252c RasAcd - ok
11:35:15.0717 0x252c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:35:15.0742 0x252c RasAgileVpn - ok
11:35:15.0746 0x252c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
11:35:15.0772 0x252c RasAuto - ok
11:35:15.0776 0x252c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:35:15.0801 0x252c Rasl2tp - ok
11:35:15.0810 0x252c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
11:35:15.0843 0x252c RasMan - ok
11:35:15.0848 0x252c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:35:15.0873 0x252c RasPppoe - ok
11:35:15.0877 0x252c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:35:15.0903 0x252c RasSstp - ok
11:35:15.0911 0x252c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:35:15.0940 0x252c rdbss - ok
11:35:15.0944 0x252c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
11:35:15.0956 0x252c rdpbus - ok
11:35:15.0958 0x252c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:35:15.0984 0x252c RDPCDD - ok
11:35:15.0992 0x252c [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
11:35:16.0005 0x252c RDPDR - ok
11:35:16.0009 0x252c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:35:16.0032 0x252c RDPENCDD - ok
11:35:16.0036 0x252c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:35:16.0059 0x252c RDPREFMP - ok
11:35:16.0064 0x252c [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:35:16.0079 0x252c RdpVideoMiniport - ok
11:35:16.0086 0x252c [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:35:16.0100 0x252c RDPWD - ok
11:35:16.0107 0x252c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:35:16.0118 0x252c rdyboost - ok
11:35:16.0124 0x252c [ 23D6449B8D2E2A0CA02A09453853F5B0, 227A151C61D94040F3635E6FBC6238CA3378973EC830755674A306DEE7EC2289 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
11:35:16.0133 0x252c RegSrvc - ok
11:35:16.0139 0x252c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:35:16.0164 0x252c RemoteAccess - ok
11:35:16.0169 0x252c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:35:16.0199 0x252c RemoteRegistry - ok
11:35:16.0205 0x252c [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
11:35:16.0219 0x252c RFCOMM - ok
11:35:16.0224 0x252c [ 5A227511ED22DDFEDF7EF7323C8F7D2F, 5056DED32432E192268BE8214B6152A488807357D1BBB769171843E589BF4320 ] risdxc C:\Windows\system32\DRIVERS\risdxc64.sys
11:35:16.0235 0x252c risdxc - ok
11:35:16.0239 0x252c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:35:16.0265 0x252c RpcEptMapper - ok
11:35:16.0268 0x252c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
11:35:16.0277 0x252c RpcLocator - ok
11:35:16.0289 0x252c [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs C:\Windows\system32\rpcss.dll
11:35:16.0307 0x252c RpcSs - ok
11:35:16.0311 0x252c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:35:16.0336 0x252c rspndr - ok
11:35:16.0347 0x252c [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
11:35:16.0363 0x252c s3cap - ok
11:35:16.0366 0x252c [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] SamSs C:\Windows\system32\lsass.exe
11:35:16.0377 0x252c SamSs - ok
11:35:16.0381 0x252c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:35:16.0390 0x252c sbp2port - ok
11:35:16.0397 0x252c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:35:16.0424 0x252c SCardSvr - ok
11:35:16.0427 0x252c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:35:16.0450 0x252c scfilter - ok
11:35:16.0471 0x252c [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
11:35:16.0500 0x252c Schedule - ok
11:35:16.0507 0x252c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
11:35:16.0530 0x252c SCPolicySvc - ok
11:35:16.0535 0x252c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:35:16.0549 0x252c SDRSVC - ok
11:35:16.0553 0x252c [ A507D0060EEB23B89E76E08C240B5E99, ACDB11F8AB8619983E553227227138E5C47BA9831F64BBBEFFABA8DC9440DE9F ] SearchProtectionService C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
11:35:16.0558 0x252c SearchProtectionService - ok
11:35:16.0561 0x252c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:35:16.0571 0x252c secdrv - ok
11:35:16.0575 0x252c [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
11:35:16.0586 0x252c seclogon - ok
11:35:16.0591 0x252c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
11:35:16.0615 0x252c SENS - ok
11:35:16.0619 0x252c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:35:16.0630 0x252c SensrSvc - ok
11:35:16.0634 0x252c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
11:35:16.0643 0x252c Serenum - ok
11:35:16.0648 0x252c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
11:35:16.0658 0x252c Serial - ok
11:35:16.0661 0x252c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
11:35:16.0671 0x252c sermouse - ok
11:35:16.0679 0x252c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
11:35:16.0706 0x252c SessionEnv - ok
11:35:16.0709 0x252c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:35:16.0719 0x252c sffdisk - ok
11:35:16.0722 0x252c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:35:16.0733 0x252c sffp_mmc - ok
11:35:16.0736 0x252c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:35:16.0747 0x252c sffp_sd - ok
11:35:16.0749 0x252c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
11:35:16.0759 0x252c sfloppy - ok
11:35:16.0768 0x252c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:35:16.0798 0x252c SharedAccess - ok
11:35:16.0807 0x252c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:35:16.0836 0x252c ShellHWDetection - ok
11:35:16.0840 0x252c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
11:35:16.0848 0x252c SiSRaid2 - ok
11:35:16.0852 0x252c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
11:35:16.0860 0x252c SiSRaid4 - ok
11:35:16.0871 0x252c [ F3AAB7DF6408431C762D8721B68F46E4, 56ED764AA660955B8B06322703D086B3A52106625A83CCAF195B08BCBDEDA88F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
11:35:16.0886 0x252c SkypeUpdate - ok
11:35:16.0890 0x252c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:35:16.0914 0x252c Smb - ok
11:35:16.0918 0x252c [ 7956FD22F1AC83057630975D2B9AA452, ACBA47559D97B1B3FBDD7D9C7F13918EA00D63D9194642692E89E05B2D304BDE ] SmbDrvI C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
11:35:16.0926 0x252c SmbDrvI - ok
11:35:16.0929 0x252c smihlp2 - ok
11:35:16.0935 0x252c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:35:16.0944 0x252c SNMPTRAP - ok
11:35:16.0947 0x252c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
11:35:16.0955 0x252c spldr - ok
11:35:16.0966 0x252c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
11:35:16.0988 0x252c Spooler - ok
11:35:17.0050 0x252c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
11:35:17.0140 0x252c sppsvc - ok
11:35:17.0147 0x252c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:35:17.0175 0x252c sppuinotify - ok
11:35:17.0203 0x252c [ 13F0EB464D44CA0AE87CF16F72BD07AE, 99894854B1E9EA0E40D2204E5B2006039DEE30E5593290C8323D8340DFF7F8B2 ] SPUVCbv C:\Windows\system32\Drivers\SPUVCbv_x64.sys
11:35:17.0247 0x252c SPUVCbv - ok
11:35:17.0261 0x252c [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv C:\Windows\system32\DRIVERS\srv.sys
11:35:17.0280 0x252c srv - ok
11:35:17.0290 0x252c [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:35:17.0306 0x252c srv2 - ok
11:35:17.0311 0x252c [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:35:17.0322 0x252c srvnet - ok
11:35:17.0329 0x252c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:35:17.0356 0x252c SSDPSRV - ok
11:35:17.0360 0x252c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:35:17.0388 0x252c SstpSvc - ok
11:35:17.0394 0x252c [ F38232291F05CE25BA1C47FB51EB64CB, 7F72E87D02F3072E0D61D528BEBB8F4BFB6AD67FC94A93745493C9A0907FF435 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
11:35:17.0406 0x252c ssudmdm - ok
11:35:17.0409 0x252c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
11:35:17.0416 0x252c stexstor - ok
11:35:17.0428 0x252c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
11:35:17.0452 0x252c stisvc - ok
11:35:17.0456 0x252c [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
11:35:17.0463 0x252c storflt - ok
11:35:17.0467 0x252c [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
11:35:17.0478 0x252c StorSvc - ok
11:35:17.0481 0x252c [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
11:35:17.0489 0x252c storvsc - ok
11:35:17.0493 0x252c [ 26B2BB5733F69B0A8306BAC37551F90A, 60F1A0C23727144B53F1C64348907AAD611F991C0A8C9F93AC8194210634420B ] SUService C:\Program Files (x86)\Lenovo\System Update\SUService.exe
11:35:17.0500 0x252c SUService - ok
11:35:17.0503 0x252c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
11:35:17.0512 0x252c swenum - ok
11:35:17.0523 0x252c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
11:35:17.0557 0x252c swprv - ok
11:35:17.0568 0x252c [ AFB9FC97DAC435B588EACD63C3174DAA, FDE397F1202E02B1911E3C4A851918AA73BF206A44939BA981F50BC116E0E35A ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
11:35:17.0583 0x252c SynTP - ok
11:35:17.0615 0x252c [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
11:35:17.0660 0x252c SysMain - ok
11:35:17.0667 0x252c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:35:17.0684 0x252c TabletInputService - ok
11:35:17.0689 0x252c [ F9BE29D5E097F03F81D3CD12B794CB66, 5EC208DEAF7C721F4C36512E7DAD4AC66578AB935B9502A5E1E213BC91BE508C ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
11:35:17.0699 0x252c tap0901 - ok
11:35:17.0708 0x252c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
11:35:17.0740 0x252c TapiSrv - ok
11:35:17.0776 0x252c [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:35:17.0822 0x252c Tcpip - ok
11:35:17.0860 0x252c [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:35:17.0901 0x252c TCPIP6 - ok
11:35:17.0911 0x252c [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:35:17.0925 0x252c tcpipreg - ok
11:35:17.0929 0x252c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:35:17.0944 0x252c TDPIPE - ok
11:35:17.0949 0x252c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:35:17.0960 0x252c TDTCP - ok
11:35:17.0965 0x252c [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:35:17.0978 0x252c tdx - ok
11:35:17.0983 0x252c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
11:35:17.0992 0x252c TermDD - ok
11:35:18.0008 0x252c [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
11:35:18.0034 0x252c TermService - ok
11:35:18.0040 0x252c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
11:35:18.0055 0x252c Themes - ok
11:35:18.0060 0x252c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
11:35:18.0088 0x252c THREADORDER - ok
11:35:18.0095 0x252c [ CCF673CD41815063EEC0DE517F5E1D27, D49B1465A51EF3C2229938752A785009E1ED8306A8DE399F63354379DB2F8BF9 ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
11:35:18.0105 0x252c TPHKLOAD - ok
11:35:18.0110 0x252c [ 7FF003567BE266566A2F13BE04F76714, 0E8525B6D54DAC39E72DE79006CA4E72A2BB41010DA486828882F9BC88B22234 ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
11:35:18.0118 0x252c TPHKSVC - ok
11:35:18.0124 0x252c [ 48DDEF0B921DD331536CC82C1A8FF64F, 540107E278E4C7DE4F43D37F7EA7BC094B6755399C22EE3A68574AA8A7719ACC ] TPM C:\Windows\system32\drivers\tpm.sys
11:35:18.0133 0x252c TPM - ok
11:35:18.0137 0x252c [ 1B58B92F059C30F33A7B9DF7EC61F288, 0C0469784166F0433A178017BFB79831919372C5B5A7C948BAA8727F753FBF09 ] TPPWRIF C:\Windows\system32\drivers\Tppwr64v.sys
11:35:18.0144 0x252c TPPWRIF - ok
11:35:18.0149 0x252c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
11:35:18.0176 0x252c TrkWks - ok
11:35:18.0182 0x252c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:35:18.0208 0x252c TrustedInstaller - ok
11:35:18.0213 0x252c [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:35:18.0224 0x252c tssecsrv - ok
11:35:18.0229 0x252c [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
11:35:18.0240 0x252c TsUsbFlt - ok
11:35:18.0244 0x252c [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
11:35:18.0255 0x252c TsUsbGD - ok
11:35:18.0261 0x252c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:35:18.0285 0x252c tunnel - ok
11:35:18.0288 0x252c [ D4915DB03B19F9FD50EC084CC0ED15FC, 1CA899C0D48E69825DB27A4A52D8A3FEBA00A47C2D0E2FC0F5F358D15B7F3496 ] TVTI2C C:\Windows\system32\DRIVERS\Tvti2c.sys
11:35:18.0294 0x252c TVTI2C - ok
11:35:18.0298 0x252c [ 760B34088C2AD8D634CC3784EF3A2CA2, 20D23EDBDE7EBBA495C032097E7C5B1C6F94037971D9B2D6B98ABE11E7FF3643 ] tvtvcamd C:\Windows\system32\DRIVERS\tvtvcamd.sys
11:35:18.0305 0x252c tvtvcamd - ok
11:35:18.0309 0x252c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
11:35:18.0317 0x252c uagp35 - ok
11:35:18.0325 0x252c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:35:18.0353 0x252c udfs - ok
11:35:18.0359 0x252c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:35:18.0370 0x252c UI0Detect - ok
11:35:18.0373 0x252c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:35:18.0381 0x252c uliagpkx - ok
11:35:18.0385 0x252c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
11:35:18.0394 0x252c umbus - ok
11:35:18.0397 0x252c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
11:35:18.0407 0x252c UmPass - ok
11:35:18.0413 0x252c [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
11:35:18.0426 0x252c UmRdpService - ok
11:35:18.0434 0x252c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
11:35:18.0465 0x252c upnphost - ok
11:35:18.0469 0x252c [ 28B81917A195B67617AF7DCF4DFE5736, 40A4D2AAE1BDE5ABA8708ED150396E913C566ECD5CDA40D6C6DB256F1B9FD4A9 ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
11:35:18.0481 0x252c usbccgp - ok
11:35:18.0486 0x252c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:35:18.0498 0x252c usbcir - ok
11:35:18.0505 0x252c [ 5F446E44B402B5FD12056EA57F929E42, 1EFE583AFBFD36E1CCD8F933A0476661BD213FA18FD4352066CA2F28C1D63C7E ] UsbClientService C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
11:35:18.0514 0x252c UsbClientService - detected UnsignedFile.Multi.Generic ( 1 )
11:35:20.0712 0x252c Detect skipped due to KSN trusted
11:35:20.0712 0x252c UsbClientService - ok
11:35:20.0717 0x252c [ B626F048318DAE65A3317F0592BE592C, 284D8FFE1D35F852EFDA182A72288AC3A10D6ED825FE2CC5812497D3FE291AF1 ] usbehci C:\Windows\system32\drivers\usbehci.sys
11:35:20.0729 0x252c usbehci - ok
11:35:20.0737 0x252c [ 390109E8E05BA00375DCB1ED64DC60AF, B8628502590B423BEFB6F7C8C69FAD0667AD0746FF6B444EE02016E8E1052B78 ] usbhub C:\Windows\system32\drivers\usbhub.sys
11:35:20.0753 0x252c usbhub - ok
11:35:20.0756 0x252c [ B4DF0F4C1D9D25DFE1DAD1D8670F1D4F, 4317C2DEDC639527B53864BAEC46CBE022D298C0503E29E1072DD1C851D92BFC ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:35:20.0765 0x252c usbohci - ok
11:35:20.0768 0x252c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:35:20.0779 0x252c usbprint - ok
11:35:20.0782 0x252c [ 2C42E595E7E381596B9A14F88F5AE027, 948C2AD7FA0B01184312D1ABE43F2F3D85A934CF0658A8B2BDF9F0919568377B ] usbrndis6 C:\Windows\system32\DRIVERS\usb80236.sys
11:35:20.0793 0x252c usbrndis6 - ok
11:35:20.0797 0x252c [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
11:35:20.0808 0x252c usbscan - ok
11:35:20.0812 0x252c [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
11:35:20.0825 0x252c USBSTOR - ok
11:35:20.0829 0x252c [ CFEAAF96E666E3DCBD8F6DFF516784AE, 006218A3DB5851790CC0A7F3DCD7B3AF82F624DA679296DE507AFD36C5468317 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
11:35:20.0838 0x252c usbuhci - ok
11:35:20.0845 0x252c [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
11:35:20.0859 0x252c usbvideo - ok
11:35:20.0863 0x252c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
11:35:20.0888 0x252c UxSms - ok
11:35:20.0891 0x252c [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] VaultSvc C:\Windows\system32\lsass.exe
11:35:20.0899 0x252c VaultSvc - ok
11:35:20.0903 0x252c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:35:20.0910 0x252c vdrvroot - ok
11:35:20.0922 0x252c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
11:35:20.0955 0x252c vds - ok
11:35:20.0958 0x252c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:35:20.0968 0x252c vga - ok
11:35:20.0972 0x252c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
11:35:20.0996 0x252c VgaSave - ok
11:35:21.0004 0x252c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
11:35:21.0015 0x252c vhdmp - ok
11:35:21.0018 0x252c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
11:35:21.0026 0x252c viaide - ok
11:35:21.0030 0x252c [ 49C122513203B98B0B2C10211F23450B, 98C281A5F9A68C0E9F766EE136B72605C8724BA521B6A28E9B7232FFDB1108B9 ] VIPAppService C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
11:35:21.0037 0x252c VIPAppService - ok
11:35:21.0044 0x252c [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
11:35:21.0054 0x252c vmbus - ok
11:35:21.0058 0x252c [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
11:35:21.0066 0x252c VMBusHID - ok
11:35:21.0070 0x252c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:35:21.0078 0x252c volmgr - ok
11:35:21.0088 0x252c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:35:21.0101 0x252c volmgrx - ok
11:35:21.0109 0x252c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:35:21.0121 0x252c volsnap - ok
11:35:21.0134 0x252c [ 8B02F857621B5482BB05DF9C2CB9AB87, 0BB91BF5D2E2C5FE62AB9FAC0BBE8FD88661983EE2D98235D93166E5B24248D0 ] vpnagent C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
11:35:21.0150 0x252c vpnagent - ok
11:35:21.0154 0x252c [ 0F42C39016F82F345C0F2DB2D5B90EB4, 2E957E72BB8D0293F61FA7385BA9400DF7759E1E3D35FE24F3877A6460988F4D ] vpnva C:\Windows\system32\DRIVERS\vpnva64-6.sys
11:35:21.0161 0x252c vpnva - ok
11:35:21.0167 0x252c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
11:35:21.0176 0x252c vsmraid - ok
11:35:21.0205 0x252c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
11:35:21.0258 0x252c VSS - ok
11:35:21.0262 0x252c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
11:35:21.0273 0x252c vwifibus - ok
11:35:21.0276 0x252c [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
11:35:21.0289 0x252c vwififlt - ok
11:35:21.0292 0x252c [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
11:35:21.0304 0x252c vwifimp - ok
11:35:21.0312 0x252c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
11:35:21.0344 0x252c W32Time - ok
11:35:21.0348 0x252c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
11:35:21.0357 0x252c WacomPen - ok
11:35:21.0360 0x252c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:35:21.0384 0x252c WANARP - ok
11:35:21.0387 0x252c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:35:21.0411 0x252c Wanarpv6 - ok
11:35:21.0435 0x252c [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
11:35:21.0466 0x252c WatAdminSvc - ok
11:35:21.0494 0x252c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
11:35:21.0588 0x252c wbengine - ok
11:35:21.0595 0x252c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:35:21.0612 0x252c WbioSrvc - ok
11:35:21.0621 0x252c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:35:21.0640 0x252c wcncsvc - ok
11:35:21.0643 0x252c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:35:21.0655 0x252c WcsPlugInService - ok
11:35:21.0658 0x252c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
11:35:21.0665 0x252c Wd - ok
11:35:21.0680 0x252c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:35:21.0702 0x252c Wdf01000 - ok
11:35:21.0707 0x252c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:35:21.0720 0x252c WdiServiceHost - ok
11:35:21.0724 0x252c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:35:21.0735 0x252c WdiSystemHost - ok
11:35:21.0742 0x252c [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient C:\Windows\System32\webclnt.dll
11:35:21.0757 0x252c WebClient - ok
11:35:21.0763 0x252c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:35:21.0792 0x252c Wecsvc - ok
11:35:21.0797 0x252c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:35:21.0824 0x252c wercplsupport - ok
11:35:21.0829 0x252c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
11:35:21.0856 0x252c WerSvc - ok
11:35:21.0859 0x252c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:35:21.0882 0x252c WfpLwf - ok
11:35:21.0885 0x252c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:35:21.0893 0x252c WIMMount - ok
11:35:21.0895 0x252c WinDefend - ok
11:35:21.0901 0x252c WinHttpAutoProxySvc - ok
11:35:21.0912 0x252c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:35:21.0941 0x252c Winmgmt - ok
11:35:21.0976 0x252c [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM C:\Windows\system32\WsmSvc.dll
11:35:22.0027 0x252c WinRM - ok
11:35:22.0034 0x252c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
11:35:22.0045 0x252c WinUsb - ok
11:35:22.0063 0x252c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
11:35:22.0091 0x252c Wlansvc - ok
11:35:22.0095 0x252c [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:35:22.0101 0x252c wlcrasvc - ok
11:35:22.0141 0x252c [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:35:22.0185 0x252c wlidsvc - ok
11:35:22.0203 0x252c [ 45AA83A1FA24D5A630254D3FCF9EFDE9, 7497C8477414A512E3438786B628E55ADCDF6DBEC85381CEF49C1394561D5DED ] WMCoreService C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
11:35:22.0220 0x252c WMCoreService - ok
11:35:22.0223 0x252c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
11:35:22.0232 0x252c WmiAcpi - ok
11:35:22.0239 0x252c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:35:22.0252 0x252c wmiApSrv - ok
11:35:22.0254 0x252c WMPNetworkSvc - ok
11:35:22.0258 0x252c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:35:22.0270 0x252c WPCSvc - ok
11:35:22.0275 0x252c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:35:22.0292 0x252c WPDBusEnum - ok
11:35:22.0296 0x252c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:35:22.0320 0x252c ws2ifsl - ok
11:35:22.0324 0x252c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
11:35:22.0339 0x252c wscsvc - ok
11:35:22.0342 0x252c [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
11:35:22.0353 0x252c WSDPrintDevice - ok
11:35:22.0356 0x252c [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
11:35:22.0364 0x252c WSDScan - ok
11:35:22.0366 0x252c WSearch - ok
11:35:22.0414 0x252c [ 31F32E0C1A8BA9A37EEC23DE5F27F847, 0180832BC6172C9A4C32B5B222BB3F91EA615A5EBDA98DB79ED4FED258C2D257 ] wuauserv C:\Windows\system32\wuaueng.dll
11:35:22.0474 0x252c wuauserv - ok
11:35:22.0480 0x252c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:35:22.0491 0x252c WudfPf - ok
11:35:22.0497 0x252c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:35:22.0509 0x252c WUDFRd - ok
11:35:22.0513 0x252c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:35:22.0523 0x252c wudfsvc - ok
11:35:22.0529 0x252c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
11:35:22.0544 0x252c WwanSvc - ok
11:35:22.0551 0x252c [ 47499F9665153749DB433C76790C3262, 39526C595B7EF05653FCDF12C2CBACD99471944174A7E72D4A3DDB115DE801A3 ] WwanUsbServ C:\Windows\system32\DRIVERS\WwanUsbMp64.sys
11:35:22.0562 0x252c WwanUsbServ - ok
11:35:22.0631 0x252c [ 75044F6FC44045047B15415B89E4D1B4, 43461141A326B99C218C3712725767C08825963EA9D430CBA03D4978E15EF23E ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
11:35:22.0699 0x252c ZeroConfigService - ok
11:35:22.0719 0x252c ================ Scan global ===============================
11:35:22.0722 0x252c [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
11:35:22.0728 0x252c [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\Windows\system32\winsrv.dll
11:35:22.0737 0x252c [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\Windows\system32\winsrv.dll
11:35:22.0743 0x252c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
11:35:22.0751 0x252c [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
11:35:22.0757 0x252c [ Global ] - ok
11:35:22.0758 0x252c ================ Scan MBR ==================================
11:35:22.0759 0x252c [ B78F010C2F6E54FC3F947B22CE0352FC ] \Device\Harddisk0\DR0
11:35:22.0890 0x252c \Device\Harddisk0\DR0 - ok
11:35:22.0890 0x252c ================ Scan VBR ==================================
11:35:22.0891 0x252c [ 001EEEC6A385F26084D41060D4596F89 ] \Device\Harddisk0\DR0\Partition1
11:35:22.0892 0x252c \Device\Harddisk0\DR0\Partition1 - ok
11:35:22.0894 0x252c [ CCAA2FAC2A5CA3B922360B270F04CF0E ] \Device\Harddisk0\DR0\Partition2
11:35:22.0895 0x252c \Device\Harddisk0\DR0\Partition2 - ok
11:35:22.0897 0x252c [ 2D6DF5AF477E641F37230E0CCA1835B7 ] \Device\Harddisk0\DR0\Partition3
11:35:22.0898 0x252c \Device\Harddisk0\DR0\Partition3 - ok
11:35:22.0898 0x252c ================ Scan generic autorun ======================
11:35:23.0124 0x252c [ 047D94A22B47AF83DDE4E32BB4E06D0A, CB9257995C67A1A44D6D316C36D3AAEF639BFD51A26C699D70FD047C45440CA5 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
11:35:23.0348 0x252c RTHDVCPL - ok
11:35:23.0382 0x252c [ D8AB6AC4A2D30641C9544021373B47EB, A0553AFB3B186D8EA28CF056139FA5AA150D6BD31E36E5EB9D5DD5940A90CA55 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
11:35:23.0409 0x252c RtHDVBg_Dolby - ok
11:35:23.0410 0x252c SynTPEnh - ok
11:35:23.0416 0x252c [ 0FFB5B307B3CD92E6ED89D5B7BAC1C01, 4AA5124443BB4F28B856688788A4F341212B1C1E05E4716F82522454C73552A9 ] C:\Windows\system32\igfxtray.exe
11:35:23.0428 0x252c IgfxTray - ok
11:35:23.0436 0x252c [ 7BF9B8232D62635C22944C1BCD1C1378, A9AA1FA62BC05E766B17847FBC52A5B33C0A7874833B5E0AC323240EDFB7078B ] C:\Windows\system32\hkcmd.exe
11:35:23.0450 0x252c HotKeysCmds - ok
11:35:23.0460 0x252c [ 1BBD5272533630E6E2AE1DFF4A5EC2FF, 9522DC4A51659A6DDFF4629CB55AC56E58A024503FB8774900B412053C428EBA ] C:\Windows\system32\igfxpers.exe
11:35:23.0475 0x252c Persistence - ok
11:35:23.0482 0x252c [ 7515EC02E1F288107C95D5C195381235, E9D1C77FA69AA00EA8AC653D8F924BD2EC5BA599C946F543016749F448E87FC0 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
11:35:23.0493 0x252c USB3MON - ok
11:35:23.0497 0x252c [ 9CBEE48C8C5BB8BEED9F68D6FE66C3C5, CE52DC224F12FA71E399127590C9C417A7FC6D8E58B7D3FF0175DC4AAF52F3ED ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
11:35:23.0505 0x252c IMSS - ok
11:35:23.0511 0x252c [ 49CD8D25D932C5BF867EBFF00D432B75, D107F7736AC8D43CE93ABDE1A8038D8FE87779F25F41B3FD1E942DF439581236 ] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
11:35:23.0520 0x252c Intel AppUp(SM) center - ok
11:35:23.0595 0x252c [ B3E053ED10DD568A3B292241F1A74D32, 62606F78FF968D7DF3EF04CD146749B525AEC9C438E9A897DA48F05577659DB2 ] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe
11:35:23.0683 0x252c Lenovo Registration - ok
11:35:23.0693 0x252c [ 49CD8D25D932C5BF867EBFF00D432B75, D107F7736AC8D43CE93ABDE1A8038D8FE87779F25F41B3FD1E942DF439581236 ] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
11:35:23.0701 0x252c Lenovo App Shop - ok
11:35:23.0732 0x252c [ 040E1896190EA93D1B4DE31AC7B8F216, EA144E0ED16887498623BA67F7209FC1A58195B077A832250B27AF0C6B9D043D ] C:\Program Files (x86)\Integrated Camera\monitor.exe
11:35:23.0769 0x252c Integrated Camera_Monitor - detected UnsignedFile.Multi.Generic ( 1 )
11:35:25.0966 0x252c Detect skipped due to KSN trusted
11:35:25.0967 0x252c Integrated Camera_Monitor - ok
11:35:25.0979 0x252c [ EE864CD35936E4AAD8120321907DA8F5, D4A37E70302DF0A76E20F1AC1CD427A831BA80A8E1729E0E5637DC48E7A85DF3 ] C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
11:35:25.0993 0x252c Dolby Home Theater v4 - ok
11:35:25.0998 0x252c [ 2754C202DAD779D3AB4AC4DCFF2D0A96, FB818CC1D60DB0028C47075AB0E71A86AC6389BD0F8831E06150B4AC41D1E703 ] C:\Program Files (x86)\ABN AMRO e.dentifier2\wss\becwsupa.exe
11:35:26.0009 0x252c Becwsupa - ok
11:35:26.0010 0x252c PWMTRV - ok
11:35:26.0016 0x252c [ CD0362AEE36CFE1EF5DF973230742E67, 9F1D8AD4E09D16C39CD6A35CB298456468C1808226FFA8AD65BF9562A6ECC07D ] C:\Program Files (x86)\PDF24\pdf24.exe
11:35:26.0028 0x252c PDFPrint - ok
11:35:26.0039 0x252c [ 395CB6E8C67BFB1063AD86987909C184, 15F3BA6DF6D0C5C8FB9FF0AB661A5A652F26BAB7A0FB0DB47874069522400B16 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
11:35:26.0055 0x252c SunJavaUpdateSched - ok
11:35:26.0061 0x252c [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe
11:35:26.0071 0x252c Dropbox Update - ok
11:35:26.0097 0x252c [ BCAD71A4D347781B57D1392712008739, 557F8E3E2DFFAEE87FA20B2DA4CE62A43E5B130E123F184E15692E16EA709B56 ] C:\Users\*****\AppData\Roaming\Spotify\SpotifyWebHelper.exe
11:35:26.0127 0x252c Spotify Web Helper - ok
11:35:26.0142 0x252c [ FE9E6388A039441098EB09C070EA5049, 3888822AF992F3BE27E9F973E31EBEE5302901E4A8260A9A6CF6B2BB2A12D173 ] C:\Users\*****\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe
11:35:26.0160 0x252c Google Update - ok
11:35:26.0173 0x252c [ 6320CA4A7C486D412D01391E202745F6, D694D6A6C696AF16F14A000E0DD09D7BD6F177CEDAF6BD20012AEED4CB531EE4 ] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHVE.EXE
11:35:26.0183 0x252c EPLTarget\P0000000000000001 - ok
11:35:26.0187 0x252c Waiting for KSN requests completion. In queue: 148
11:35:27.0187 0x252c Waiting for KSN requests completion. In queue: 148
11:35:28.0187 0x252c Waiting for KSN requests completion. In queue: 148
11:35:29.0195 0x252c AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\wmiav.exe ( 17.0.0.611 ), 0x41000 ( enabled : updated )
11:35:29.0196 0x252c FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\wmiav.exe ( 17.0.0.611 ), 0x41010 ( enabled )
11:35:31.0318 0x252c ============================================================
11:35:31.0318 0x252c Scan finished
11:35:31.0318 0x252c ============================================================
11:35:31.0322 0x20ac Detected object count: 0
11:35:31.0322 0x20ac Actual detected object count: 0
|
|
07.02.2017, 11:57
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Ungewünschte Webseite öffnet sich Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.02.2017, 10:56
| #8 |
| | Ungewünschte Webseite öffnet sich Die Version von Malwarebytes AdwCleaner scheint neuer zu sein, als die in Eurer Anleitung. Ich habe unter "Werkzeuge" -> "Optionen" die Haken so gesetzt, wie angegeben. Ein Problem tritt auf: es wurden Bedrohungen gefunden, aber nach klicken auf Löschen gibt das Programm keine Rückmeldung mehr. Kann ich einen Neustart erzwingen und dann mit dem zweiten Programm fortfahren? Der Bericht sieht so aus: Code:
ATTFilter # AdwCleaner v6.043 - Bericht erstellt am 08/02/2017 um 10:30:53
# Aktualisiert am 27/01/2017 von Malwarebytes
# Datenbank : 2017-02-03.2 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (X64)
# Benutzername : ****** - THINK
# Gestartet von : C:\Users\******\Downloads\AdwCleaner_6.043.exe
# Modus: Suchlauf
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
Dienst Gefunden: LavasoftTcpService
Dienst Gefunden: SearchProtectionService
***** [ Ordner ] *****
Ordner Gefunden: C:\Users\******\AppData\Roaming\Hola
Ordner Gefunden: C:\ProgramData\lavasoft\web companion
Ordner Gefunden: C:\ProgramData\Application Data\lavasoft\web companion
Ordner Gefunden: C:\Program Files (x86)\lavasoft\web companion
***** [ Dateien ] *****
Datei Gefunden: C:\Windows\SysNative\LavasoftTcpService64.dll
Datei Gefunden: C:\Windows\SysNative\LavasoftTcpServiceOff.ini
Datei Gefunden: C:\Windows\SysWOW64\lavasofttcpservice.dll
Datei Gefunden: C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
***** [ DLL ] *****
Keine infizierten DLLs gefunden.
***** [ WMI ] *****
Keine schädlichen Schlüssel gefunden.
***** [ Verknüpfungen ] *****
Keine infizierten Verknüpfungen gefunden.
***** [ Aufgabenplanung ] *****
Keine schädlichen Aufgaben gefunden.
***** [ Registrierungsdatenbank ] *****
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
Schlüssel Gefunden: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\Software\Hola
Schlüssel Gefunden: HKCU\Software\Hola
Schlüssel Gefunden: HKLM\SOFTWARE\Lavasoft\Web Companion
Schlüssel Gefunden: [x64] HKCU\Software\Hola
Schlüssel Gefunden: HKCU\Software\MozillaPlugins\@hola.org/FlashPlayer
Schlüssel Gefunden: HKCU\Software\MozillaPlugins\@hola.org/vlc
Schlüssel Gefunden: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Schlüssel Gefunden: HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Schlüssel Gefunden: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\hola.org
***** [ Internetbrowser ] *****
Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Keine schädlichen Elemente in Chrome basierten Browsern gefunden.
*************************
C:\AdwCleaner\AdwCleaner[C3].txt - [2497 Bytes] - [17/10/2015 14:32:35]
C:\AdwCleaner\AdwCleaner[R0].txt - [6160 Bytes] - [18/10/2013 19:03:09]
C:\AdwCleaner\AdwCleaner[R1].txt - [2937 Bytes] - [16/09/2014 20:22:17]
C:\AdwCleaner\AdwCleaner[S0].txt - [5626 Bytes] - [18/10/2013 19:09:20]
C:\AdwCleaner\AdwCleaner[S1].txt - [2943 Bytes] - [16/09/2014 20:23:41]
C:\AdwCleaner\AdwCleaner[S3].txt - [2240 Bytes] - [17/10/2015 14:28:15]
C:\AdwCleaner\AdwCleaner[S4].txt - [6188 Bytes] - [08/02/2017 10:30:53]
########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [6261 Bytes] ##########
Code:
ATTFilter # AdwCleaner v6.043 - Bericht erstellt am 08/02/2017 um 10:47:40
# Aktualisiert am 27/01/2017 von Malwarebytes
# Datenbank : 2017-02-03.2 [Lokal]
# Betriebssystem : Windows 7 Professional Service Pack 1 (X64)
# Benutzername : ****** - THINK
# Gestartet von : C:\Users\******\Downloads\AdwCleaner_6.043 (1).exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
[-] Datei gelöscht: C:\Windows\SysNative\LavasoftTcpService64.dll
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C2].txt - [1019 Bytes] - [08/02/2017 10:47:40]
C:\AdwCleaner\AdwCleaner[C3].txt - [2497 Bytes] - [17/10/2015 14:32:35]
C:\AdwCleaner\AdwCleaner[R0].txt - [6160 Bytes] - [18/10/2013 19:03:09]
C:\AdwCleaner\AdwCleaner[R1].txt - [2937 Bytes] - [16/09/2014 20:22:17]
C:\AdwCleaner\AdwCleaner[S0].txt - [5626 Bytes] - [18/10/2013 19:09:20]
C:\AdwCleaner\AdwCleaner[S1].txt - [2943 Bytes] - [16/09/2014 20:23:41]
C:\AdwCleaner\AdwCleaner[S3].txt - [2240 Bytes] - [17/10/2015 14:28:15]
C:\AdwCleaner\AdwCleaner[S4].txt - [6408 Bytes] - [08/02/2017 10:30:53]
C:\AdwCleaner\AdwCleaner[S5].txt - [1900 Bytes] - [08/02/2017 10:46:01]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1676 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 7 Professional x64
Ran by ***** (Administrator) on 08.02.2017 at 10:53:11,02
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 10
Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\Users\*****\AppData\Roaming\productdata (Folder)
Successfully deleted: C:\Users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Registry: 3
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{417735E5-3C9D-89A4-A0EC-2BA9A2D311CA} (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{093F479D-712E-46CD-9E06-62E734A05F68} (Registry Value)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08.02.2017 at 10:55:25,58
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
08.02.2017, 11:32
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Ungewünschte Webseite öffnet sich Wir haben leider noch ne ältere Anleitung vom adwCleaner, bitte nochmal ausführen und so einstellen: 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.02.2017, 11:52
| #10 |
| | Ungewünschte Webseite öffnet sichCode:
ATTFilter # AdwCleaner v6.043 - Bericht erstellt am 08/02/2017 um 11:51:31
# Aktualisiert am 27/01/2017 von Malwarebytes
# Datenbank : 2017-02-03.2 [Lokal]
# Betriebssystem : Windows 7 Professional Service Pack 1 (X64)
# Benutzername : ***** - THINK
# Gestartet von : C:\Users\*****\Downloads\AdwCleaner_6.043 (2).exe
# Modus: Suchlauf
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
Keine schädlichen Dienste gefunden.
***** [ Ordner ] *****
Keine schädlichen Ordner gefunden.
***** [ Dateien ] *****
Keine schädlichen Dateien gefunden.
***** [ DLL ] *****
Keine infizierten DLLs gefunden.
***** [ WMI ] *****
Keine schädlichen Schlüssel gefunden.
***** [ Verknüpfungen ] *****
Keine infizierten Verknüpfungen gefunden.
***** [ Aufgabenplanung ] *****
Keine schädlichen Aufgaben gefunden.
***** [ Registrierungsdatenbank ] *****
Keine schädlichen Elemente in der Registrierungsdatenbank gefunden.
***** [ Internetbrowser ] *****
Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Keine schädlichen Elemente in Chrome basierten Browsern gefunden.
*************************
C:\AdwCleaner\AdwCleaner[C2].txt - [1755 Bytes] - [08/02/2017 10:47:40]
C:\AdwCleaner\AdwCleaner[C3].txt - [2497 Bytes] - [17/10/2015 14:32:35]
C:\AdwCleaner\AdwCleaner[R0].txt - [6160 Bytes] - [18/10/2013 19:03:09]
C:\AdwCleaner\AdwCleaner[R1].txt - [2937 Bytes] - [16/09/2014 20:22:17]
C:\AdwCleaner\AdwCleaner[S0].txt - [5626 Bytes] - [18/10/2013 19:09:20]
C:\AdwCleaner\AdwCleaner[S1].txt - [2943 Bytes] - [16/09/2014 20:23:41]
C:\AdwCleaner\AdwCleaner[S3].txt - [2240 Bytes] - [17/10/2015 14:28:15]
C:\AdwCleaner\AdwCleaner[S4].txt - [6408 Bytes] - [08/02/2017 10:30:53]
C:\AdwCleaner\AdwCleaner[S5].txt - [1900 Bytes] - [08/02/2017 10:46:01]
C:\AdwCleaner\AdwCleaner[S6].txt - [1869 Bytes] - [08/02/2017 11:51:31]
########## EOF - C:\AdwCleaner\AdwCleaner[S6].txt - [1942 Bytes] ##########
|
|
08.02.2017, 11:54
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Ungewünschte Webseite öffnet sich Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken
__________________ Logfiles bitte immer in CODE-Tags posten |
|
09.02.2017, 09:53
| #12 |
| | Ungewünschte Webseite öffnet sichCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 05-02-2017
durchgeführt von ***** (Administrator) auf THINK (08-02-2017 14:59:46)
Gestartet von C:\Users\*****\Downloads
Geladene Profile: ***** (Verfügbare Profile: *****)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
() C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe
() C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Ericsson AB) C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\CDViewer.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfica32.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\AuthManager\AuthManSvr.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\*****\Downloads\FRST64 (1).exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13653208 2013-09-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916592 2014-07-28] (Synaptics Incorporated)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-07-18] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [132920 2013-05-30] (Intel Corporation)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2013-06-19] (Intel Corporation)
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
HKLM-x32\...\Run: [Lenovo App Shop] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2013-06-19] (Intel Corporation)
HKLM-x32\...\Run: [Integrated Camera_Monitor] => C:\Program Files (x86)\Integrated Camera\monitor.exe [1719456 2013-12-10] (SunplusIT, Inc.)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [Becwsupa] => C:\Program Files (x86)\ABN AMRO e.dentifier2\wss\becwsupa.exe [162136 2014-11-28] (ABN AMRO)
HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Run: [Dropbox Update] => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Run: [Spotify Web Helper] => C:\Users\*****\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-01-28] (Spotify Ltd)
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Run: [Google Update] => C:\Users\*****\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2016-12-17] (Google Inc.)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [ 01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => -> Keine Datei
ShellIconOverlayIdentifiers: [ 02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => -> Keine Datei
ShellIconOverlayIdentifiers: [ 03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => -> Keine Datei
ShellIconOverlayIdentifiers: [ 04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => -> Keine Datei
ShellIconOverlayIdentifiers: [ 05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => -> Keine Datei
ShellIconOverlayIdentifiers: [CeDesktopIntegration] -> {3CEC3E6D-ECF2-4B49-8A41-3B16DF8B9C3F} => -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => -> Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => -> Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => -> Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll -> Keine Datei
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-07-27]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-02-07]
ShortcutTarget: Dropbox.lnk -> C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Cloud Station Backup.lnk [2017-02-08]
ShortcutTarget: Synology Cloud Station Backup.lnk -> C:\Program Files (x86)\Synology\CloudStationBackup\bin\launcher.exe (Synology Inc.)
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Cloud Station Drive.lnk [2017-02-08]
ShortcutTarget: Synology Cloud Station Drive.lnk -> C:\Program Files (x86)\Synology\CloudStation\bin\launcher.exe (Synology Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 62.179.104.196 213.46.228.196 192.168.192.1
Tcpip\..\Interfaces\{377520F3-E7C7-403B-997E-42BDEC38E4BC}: [DhcpNameServer] 62.179.104.196 213.46.228.196 192.168.192.1
Tcpip\..\Interfaces\{88C1C209-1539-42ED-838C-A4BD8376D044}: [DhcpNameServer] 10.15.0.1
Tcpip\..\Interfaces\{8A21F8CE-5324-4563-A4A5-D47CF1CBA83B}: [DhcpNameServer] 172.168.111.2
Tcpip\..\Interfaces\{B524442D-7D83-4ED0-A93C-096812422175}: [DhcpNameServer] 62.179.104.196 213.46.228.196 192.168.192.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll [2012-04-18] (Symantec Corporation)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-02] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll [2012-04-18] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-02] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei
Toolbar: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000 -> Kein Name - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - Keine Datei
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/NL/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: HKLM-x32 {538793D5-659C-4639-A56C-A179AD87ED44} hxxps://solisvpn.uu.nl/CACHE/stc/20/binaries/vpnweb.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
FireFox:
========
FF DefaultProfile: n12tz17e.default-1421155951383
FF ProfilePath: C:\Users\*****\AppData\Roaming\Zotero\Zotero\Profiles\9jq04p59.default [2017-02-01]
FF Extension: (Zotero LibreOffice Integration) - C:\Program Files (x86)\Zotero Standalone\extensions\zoteroOpenOfficeIntegration@zotero.org [2016-11-14] [ist nicht signiert]
FF Extension: (Zotero Word for Windows Integration) - C:\Program Files (x86)\Zotero Standalone\extensions\zoteroWinWordIntegration@zotero.org [2016-11-14] [ist nicht signiert]
FF ProfilePath: C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-1480473739-3576749651-3455334848-1000\FireFox [2015-12-01]
FF user.js: detected! => C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-1480473739-3576749651-3455334848-1000\FireFox\user.js [2015-04-23]
FF Extension: (Kein Name) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [nicht gefunden]
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\n12tz17e.default-1421155951383 [2017-02-08]
FF Extension: (Zotero) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\n12tz17e.default-1421155951383\Extensions\zotero@chnm.gmu.edu.xpi [2017-02-08]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-12-08]
FF HKLM-x32\...\Firefox\Extensions: [VIP2X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF Extension: (Symantec VIP Access Add-On) - C:\Program Files (x86)\Symantec\VIP Access Client [2013-06-04] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF HKLM-x32\...\Firefox\Extensions: [VIP5X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-02-08] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @ABNAMRO/BECON,version=1.00 -> C:\Program Files (x86)\ABN AMRO e.dentifier2\Mozilla\npBECON.dll [2014-11-28] (ABN AMRO)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-02-08] ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2015-12-10] (Citrix Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-13] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-13] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-02] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll [2012-05-23] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\*****\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1312180-0-npoctoshape.dll [2013-12-18] (Octoshape ApS)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\*****\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @talk.google.com/O1DPlugin -> C:\Users\*****\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @tools.google.com/Google Update;version=3 -> C:\Users\*****\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @tools.google.com/Google Update;version=9 -> C:\Users\*****\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\*****\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2016-09-08] (Zoom Video Communications, Inc.)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: google.com/WidevineMediaOptimizer -> C:\Users\*****\AppData\Roaming\IDM\bin\npwidevinemediaoptimizer.dll [2014-06-09] (Google Inc.)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll [2013-06-19] (Intel)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: intel.com/AppUpx64 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll [2013-06-19] (Intel)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\*****\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\*****\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\*****\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2014-05-15] (Octoshape ApS)
Chrome:
=======
CHR Profile: C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default [2017-02-08]
CHR Extension: (Google Präsentationen) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-26]
CHR Extension: (Google Docs) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-26]
CHR Extension: (Google Drive) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-26]
CHR Extension: (YouTube) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-26]
CHR Extension: (Google Cast) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-10-27]
CHR Extension: (Zotero Connector) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2016-12-09]
CHR Extension: (Google Tabellen) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-26]
CHR Extension: (Kaspersky Protection) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2017-01-31]
CHR Extension: (Google Docs Offline) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-26]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Google Mail) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-26]
CHR Extension: (Chrome Media Router) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-08]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
S2 CAMService; C:\Program Files\Intel\CAM\bin\CAMService.exe [1243344 2014-09-03] (Intel® Corporation)
R2 Cloud Station Backup VSS Service x64; C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe [287240 2016-04-12] () [Datei ist nicht signiert]
R2 Cloud Station Drive VSS Service x64; C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe [287240 2016-04-12] () [Datei ist nicht signiert]
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [326160 2016-04-14] (Lenovo.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-05-30] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [115184 2014-07-08] (Lenovo Group Limited)
R2 lnvDiscoveryWinSvc; C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [20984 2013-10-18] (Lenovo)
S2 LPlatSvc; C:\Windows\system32\LPlatSvc.exe [710144 2016-09-06] (Lenovo.)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (Lenovo)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265936 2014-10-29] ()
R2 NitroDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [216072 2012-05-23] (Nitro PDF Software)
R3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [23416 2017-01-18] ()
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248840 2016-03-18] () [Datei ist nicht signiert]
R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84080 2012-04-18] (Symantec Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WMCoreService; C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe [689560 2012-10-18] (Ericsson AB)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3818704 2014-10-29] (Intel® Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [170200 2013-03-27] (Broadcom Corporation.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
S3 e.dentifier2; C:\Windows\System32\DRIVERS\aabed2.sys [28672 2008-03-20] (Todos Data System AB)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2011-10-05] (Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [29736 2011-10-05] (Ericsson AB)
S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [39504 2013-04-11] (ThreatTrack Security)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-08-31] (GFI Software)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-06-04] (REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-16] (Intel Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [86352 2016-06-14] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [189264 2016-06-26] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [305496 2016-10-03] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1036512 2016-12-08] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [57936 2016-12-08] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [52144 2016-05-18] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [75696 2016-05-17] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [134880 2016-12-08] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [194480 2016-06-14] (AO Kaspersky Lab)
R3 l36wgps; C:\Windows\System32\DRIVERS\l36wgps64.sys [103184 2012-03-01] (Ericsson AB)
R3 l36wscard; C:\Windows\System32\DRIVERS\l36wscard.sys [61992 2011-01-14] (Ericsson AB)
S3 LenLan; C:\Windows\System32\DRIVERS\LenLan.sys [98816 2012-05-29] (Lenovo Corporation)
R3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [443208 2012-10-02] (MCCI Corporation)
R3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [453960 2012-10-02] (MCCI Corporation)
R3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [21832 2012-10-02] (MCCI Corporation)
R3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [506184 2012-10-02] (MCCI Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [45296 2014-07-28] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1514144 2013-12-10] (Sunplus)
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2012-12-05] (Seiko Epson Corporation)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-29] (Lenovo Information Product(ShenZhen China) Inc.)
S3 tvtvcamd; C:\Windows\System32\DRIVERS\tvtvcamd.sys [27432 2011-12-07] (ThinkVantage Communications Utility)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2015-10-23] (Cisco Systems, Inc.)
R3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [281840 2013-02-19] (Ericsson AB)
S3 ALSysIO; \??\C:\Users\*****\AppData\Local\Temp\ALSysIO64.sys [X] <==== ACHTUNG
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz137; \??\C:\Users\*****\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X] <==== ACHTUNG
S2 smihlp2; \??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-08 14:59 - 2017-02-08 14:59 - 02421248 _____ (Farbar) C:\Users\*****\Downloads\FRST64 (1).exe
2017-02-08 12:03 - 2017-02-08 12:03 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\*****\Downloads\Zoom_launcher (5).exe
2017-02-08 11:50 - 2017-02-08 11:50 - 04015056 _____ C:\Users\*****\Downloads\AdwCleaner_6.043 (2).exe
2017-02-08 11:48 - 2017-02-08 11:48 - 00002004 _____ C:\Users\*****\Downloads\VlVNQy5WVW1jIERlc2t0b3AgJFMxLTE- (5).ica
2017-02-08 10:55 - 2017-02-08 10:55 - 00002416 _____ C:\Users\*****\Desktop\JRT.txt
2017-02-08 10:52 - 2017-02-08 10:52 - 01663040 _____ (Malwarebytes) C:\Users\*****\Downloads\JRT.exe
2017-02-08 10:49 - 2017-02-08 10:52 - 00000000 ___HD C:\Users\*****\Downloads\.SynologyWorkingDirectory
2017-02-08 10:49 - 2017-02-08 10:49 - 00000000 ___HD C:\Users\*****\Documents\.SynologyWorkingDirectory
2017-02-08 10:49 - 2017-02-08 10:49 - 00000000 ___HD C:\Users\*****\Desktop\.SynologyWorkingDirectory
2017-02-08 10:44 - 2017-02-08 10:44 - 04015056 _____ C:\Users\*****\Downloads\AdwCleaner_6.043 (1).exe
2017-02-08 10:27 - 2017-02-08 10:27 - 04015056 _____ C:\Users\*****\Downloads\AdwCleaner_6.043.exe
2017-02-07 22:59 - 2017-02-07 22:59 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-02-07 11:33 - 2017-02-07 12:04 - 00251946 _____ C:\TDSSKiller.3.1.0.12_07.02.2017_11.33.49_log.txt
2017-02-07 11:33 - 2017-02-07 11:33 - 04747704 _____ (AO Kaspersky Lab) C:\Users\*****\Downloads\tdsskiller.exe
2017-02-07 11:13 - 2017-02-07 11:33 - 00000000 ____D C:\Users\*****\Desktop\mbar
2017-02-07 11:13 - 2017-02-07 11:13 - 16563352 _____ (Malwarebytes Corp.) C:\Users\*****\Desktop\mbar-1.09.3.1001.exe
2017-02-01 20:51 - 2017-02-08 14:59 - 00036488 _____ C:\Users\*****\Downloads\FRST.txt
2017-02-01 20:51 - 2017-02-02 23:28 - 00097091 _____ C:\Users\*****\Downloads\Addition.txt
2017-02-01 20:40 - 2017-02-08 14:59 - 00000000 ____D C:\FRST
2017-02-01 20:39 - 2017-02-01 20:39 - 02420736 _____ (Farbar) C:\Users\*****\Downloads\FRST64.exe
2017-01-31 13:11 - 2017-01-31 13:31 - 00085849 _____ C:\Users\*****\Desktop\Rplot02.jpeg
2017-01-31 09:35 - 2017-01-31 09:35 - 00000000 ____D C:\Users\*****\AppData\Local\Tvsukernel
2017-01-11 12:03 - 2017-01-11 12:03 - 00133448 _____ (Zoom Video Communications, Inc.) C:\Users\*****\Downloads\Zoom_launcher (3).exe
2017-01-11 11:21 - 2017-01-05 19:55 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-01-11 11:21 - 2017-01-05 19:55 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-01-11 11:21 - 2017-01-05 19:52 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-01-11 11:21 - 2017-01-05 18:42 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-01-11 11:21 - 2017-01-05 18:32 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-01-11 11:21 - 2017-01-05 18:25 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-01-11 11:21 - 2017-01-05 18:24 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-01-11 11:21 - 2017-01-05 18:24 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-01-11 11:21 - 2017-01-05 18:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-01-11 11:21 - 2017-01-05 18:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-01-11 11:21 - 2017-01-05 18:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-01-10 00:16 - 2017-01-10 00:16 - 03226591 _____ C:\Users\*****\Downloads\ProjectNetAanvraag63595 (1).pdf
2017-01-10 00:13 - 2017-01-10 00:13 - 03226574 _____ C:\Users\*****\Downloads\ProjectNetAanvraag63595.pdf
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-08 14:54 - 2015-06-17 15:27 - 00001228 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000UA.job
2017-02-08 14:40 - 2015-01-27 22:41 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-02-08 13:56 - 2014-01-21 14:54 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-02-08 13:04 - 2015-10-17 18:42 - 00000548 _____ C:\Windows\Tasks\MATLAB R2015b Startup Accelerator.job
2017-02-08 11:51 - 2013-10-18 19:02 - 00000000 ____D C:\AdwCleaner
2017-02-08 11:48 - 2016-01-24 16:52 - 00000000 ____D C:\Users\*****\AppData\Local\Citrix
2017-02-08 10:59 - 2016-11-26 11:28 - 00000000 ____D C:\Users\*****\AppData\LocalLow\Mozilla
2017-02-08 10:59 - 2015-01-27 22:41 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-02-08 10:59 - 2013-12-14 16:24 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-02-08 10:59 - 2013-12-14 16:24 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-08 10:59 - 2013-06-26 17:24 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-02-08 10:59 - 2013-06-26 17:24 - 00000000 ____D C:\Windows\system32\Macromed
2017-02-08 10:59 - 2013-06-26 17:10 - 00000000 ____D C:\Users\*****\AppData\Local\Adobe
2017-02-08 10:56 - 2009-07-14 05:45 - 00034432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-02-08 10:56 - 2009-07-14 05:45 - 00034432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-02-08 10:53 - 2013-06-05 09:15 - 00703214 _____ C:\Windows\system32\perfh007.dat
2017-02-08 10:53 - 2013-06-05 09:15 - 00150822 _____ C:\Windows\system32\perfc007.dat
2017-02-08 10:53 - 2009-07-14 06:13 - 01629436 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-08 10:53 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-02-08 10:49 - 2016-07-03 00:05 - 00000000 ___RD C:\Users\*****\VUdrive
2017-02-08 10:49 - 2016-04-23 21:51 - 00000000 ___RD C:\Users\*****\CloudStation
2017-02-08 10:49 - 2013-06-26 17:26 - 00000000 ___RD C:\Users\*****\Dropbox
2017-02-08 10:48 - 2013-06-26 16:49 - 00000000 ____D C:\Users\*****
2017-02-08 10:48 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-08 10:31 - 2015-12-23 14:15 - 00000000 ____D C:\ProgramData\Lavasoft
2017-02-08 10:31 - 2013-08-31 08:46 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2017-02-08 09:54 - 2015-06-17 15:27 - 00001176 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000Core.job
2017-02-07 22:59 - 2013-06-26 17:15 - 00000000 ____D C:\Users\*****\AppData\Roaming\Dropbox
2017-02-07 21:19 - 2013-06-26 16:52 - 00000000 ____D C:\Users\*****\AppData\Roaming\Nitro PDF
2017-02-07 21:13 - 2016-10-26 11:00 - 00002198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-07 21:13 - 2016-10-26 11:00 - 00002186 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-02-07 21:09 - 2016-04-23 21:36 - 00000000 ____D C:\Users\*****\AppData\Local\CloudStation
2017-02-07 21:09 - 2016-04-23 10:20 - 00000000 ____D C:\Users\*****\AppData\Local\CloudStationBackup
2017-02-07 11:33 - 2015-09-10 13:52 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-02-07 11:14 - 2014-08-04 08:15 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-02-07 11:14 - 2014-08-04 08:15 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-02-02 23:28 - 2014-11-22 14:10 - 00000000 ____D C:\ProgramData\Sonos,_Inc
2017-02-02 01:13 - 2016-08-29 11:10 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2017-02-02 01:13 - 2016-08-29 11:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-02-02 01:13 - 2014-10-21 20:08 - 00000000 ____D C:\Program Files (x86)\Java
2017-02-02 00:36 - 2016-05-16 22:52 - 00011933 _____ C:\Users\*****\Documents\.Rhistory
2017-02-02 00:36 - 2015-04-23 19:22 - 00000000 ____D C:\Users\*****\AppData\Roaming\RStudio
2017-02-02 00:36 - 2015-04-23 19:04 - 00000000 ____D C:\Users\*****\AppData\Local\RStudio-Desktop
2017-02-02 00:36 - 2013-08-14 00:37 - 00000000 ____D C:\Users\*****\AppData\Local\Spotify
2017-02-01 20:43 - 2015-01-14 13:15 - 00000000 ____D C:\Users\*****\Documents\Zotero Workspace
2017-02-01 20:06 - 2013-08-14 00:35 - 00000000 ____D C:\Users\*****\AppData\Roaming\Spotify
2017-01-31 14:14 - 2014-01-01 11:49 - 00000000 ____D C:\Users\*****\Documents\Outlook-Dateien
2017-01-31 09:35 - 2013-06-04 23:34 - 00000000 ____D C:\Program Files (x86)\Lenovo
2017-01-31 09:35 - 2013-06-04 17:02 - 00000000 ____D C:\ProgramData\Lenovo
2017-01-31 09:34 - 2016-11-22 21:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-31 09:34 - 2013-06-26 22:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-30 22:29 - 2013-06-27 19:37 - 00007644 _____ C:\Users\*****\AppData\Local\Resmon.ResmonCfg
2017-01-30 10:02 - 2013-06-04 23:44 - 00000000 ____D C:\Windows\System32\Tasks\TVT
2017-01-30 10:02 - 2013-06-04 23:38 - 00000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2017-01-29 14:51 - 2016-02-07 11:28 - 00000946 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2017-01-28 11:02 - 2015-01-09 00:55 - 00003862 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1420761345
2017-01-28 11:02 - 2013-06-26 18:24 - 00000000 ____D C:\Program Files (x86)\Opera
2017-01-23 07:12 - 2015-12-03 21:54 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-20 12:13 - 2013-06-26 16:59 - 00000000 ____D C:\Users\*****\AppData\Roaming\Skype
2017-01-18 18:34 - 2013-06-26 17:00 - 00000000 ____D C:\Users\*****\AppData\Local\LSC
2017-01-18 18:34 - 2013-06-26 16:50 - 00000000 ____D C:\Users\*****\AppData\Local\Lenovo
2017-01-12 21:00 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2017-01-12 12:06 - 2013-07-15 10:32 - 00000000 ____D C:\Windows\system32\MRT
2017-01-12 12:00 - 2013-06-27 08:26 - 135657872 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-01-11 13:00 - 2015-01-07 17:33 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-01-11 12:40 - 2016-10-11 18:47 - 20630616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2017-01-11 12:40 - 2016-02-07 11:28 - 00003936 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-01-09 20:00 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-12-30 21:09 - 2016-12-30 21:09 - 0000000 _____ () C:\Users\*****\AppData\Roaming\06614afc-e1da-4f66-8e25-9cdde7f40bc0.storage
2016-12-30 21:28 - 2016-12-30 21:28 - 0000000 _____ () C:\Users\*****\AppData\Roaming\0b0b642d-bad1-4a42-ae39-e04d3dfd24eb.storage
2016-12-30 21:28 - 2016-12-30 21:28 - 0000000 _____ () C:\Users\*****\AppData\Roaming\232b9fac-fc4c-42d2-aa1f-7e61e087d91d.storage
2016-12-30 21:28 - 2016-12-30 21:28 - 0000000 _____ () C:\Users\*****\AppData\Roaming\69052423-4e19-425b-9aed-d51266bff2bc.storage
2013-10-03 23:29 - 2013-10-03 23:29 - 0000000 _____ () C:\Users\*****\AppData\Roaming\AbsoluteReminder.xml
2013-10-16 20:22 - 2013-10-16 20:58 - 0000132 _____ () C:\Users\*****\AppData\Roaming\Adobe CS5-Voreinstellungen für BMP-Format
2013-08-08 00:21 - 2013-08-08 00:21 - 0000037 ___SH () C:\Users\*****\AppData\Local\70149b02515b3bb20dd492.47983420
2013-06-27 19:37 - 2017-01-30 22:29 - 0007644 _____ () C:\Users\*****\AppData\Local\Resmon.ResmonCfg
2013-06-04 23:36 - 2013-06-04 23:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-03-06 19:19 - 2016-03-17 14:59 - 0000941 _____ () C:\ProgramData\GADump.txt
2014-07-21 09:47 - 2014-07-21 09:47 - 0000337 _____ () C:\ProgramData\hpzinstall.log
2013-06-26 16:52 - 2013-07-07 18:31 - 0000227 _____ () C:\ProgramData\LastUpdate.xml
Einige Dateien in TEMP:
====================
2015-12-11 15:53 - 2015-12-11 15:53 - 0172536 _____ (Cisco Systems, Inc.) C:\Users\*****\AppData\Local\Temp\20151211035326961jniverify.dll
2015-10-22 13:22 - 2015-10-22 13:22 - 350951272 _____ (Continuum Analytics, Inc.) C:\Users\*****\AppData\Local\Temp\Anaconda-2.3.0-Windows-x86_64.exe
2015-12-01 18:01 - 2015-12-01 18:01 - 0071168 _____ () C:\Users\*****\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp1mbv7k.dll
2015-11-06 21:07 - 2015-11-06 21:09 - 23306368 _____ (Hola Networks Ltd.) C:\Users\*****\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.10.317.exe
2016-01-14 20:43 - 2016-01-14 20:44 - 23318656 _____ (Hola Networks Ltd.) C:\Users\*****\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.11.272.exe
2015-10-17 14:34 - 2015-10-18 09:38 - 23262848 _____ (Hola Networks Ltd.) C:\Users\*****\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.9.624.exe
2015-10-29 17:25 - 2015-10-29 17:25 - 23262848 _____ (Hola Networks Ltd.) C:\Users\*****\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.9.789.exe
2016-10-19 17:20 - 2016-10-19 17:20 - 0737856 _____ (Oracle Corporation) C:\Users\*****\AppData\Local\Temp\jre-8u111-windows-au.exe
2017-02-02 01:12 - 2017-02-02 01:12 - 0739904 _____ (Oracle Corporation) C:\Users\*****\AppData\Local\Temp\jre-8u121-windows-au.exe
2015-10-18 15:41 - 2015-10-18 15:41 - 0585824 _____ (Oracle Corporation) C:\Users\*****\AppData\Local\Temp\jre-8u60-windows-au.exe
2015-12-07 18:43 - 2015-12-07 18:43 - 0585824 _____ (Oracle Corporation) C:\Users\*****\AppData\Local\Temp\jre-8u66-windows-au.exe
2016-05-03 23:21 - 2016-05-03 23:21 - 0739904 _____ (Oracle Corporation) C:\Users\*****\AppData\Local\Temp\jre-8u91-windows-au.exe
2016-11-29 18:45 - 2016-11-29 18:45 - 16826944 ____T (Geek Software GmbH ) C:\Users\*****\AppData\Local\Temp\pdf24-creator-update.exe
2016-03-04 23:03 - 2016-03-04 23:03 - 0111104 _____ () C:\Users\*****\AppData\Local\Temp\readSTILog.dll
2016-05-15 17:46 - 2016-05-15 17:47 - 41346176 _____ (Skype Technologies S.A.) C:\Users\*****\AppData\Local\Temp\SkypeSetup.exe
2016-06-06 18:23 - 2016-07-05 21:12 - 3901016 _____ () C:\Users\*****\AppData\Local\Temp\Synology-Cloud-Station-Backup-Upgrader.exe
2016-06-06 18:23 - 2016-11-24 23:32 - 3923032 _____ () C:\Users\*****\AppData\Local\Temp\Synology-Cloud-Station-Drive-Upgrader.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-02-03 00:45
==================== Ende von FRST.txt ============================
|
|
09.02.2017, 09:54
| #13 |
| | Ungewünschte Webseite öffnet sichCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 05-02-2017
durchgeführt von ****** (08-02-2017 15:00:24)
Gestartet von C:\Users\******\Downloads
Windows 7 Professional Service Pack 1 (X64) (2013-06-26 15:49:52)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1480473739-3576749651-3455334848-500 - Administrator - Disabled)
Gast (S-1-5-21-1480473739-3576749651-3455334848-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1480473739-3576749651-3455334848-1004 - Limited - Enabled)
Sonos (S-1-5-21-1480473739-3576749651-3455334848-1005 - Limited - Enabled)
****** (S-1-5-21-1480473739-3576749651-3455334848-1000 - Administrator - Enabled) => C:\Users\******
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Aangifte inkomstenbelasting 2011 (HKLM-x32\...\Aangifte inkomstenbelasting 2011) (Version: - Belastingdienst)
Aangifte inkomstenbelasting 2013 (HKLM-x32\...\Aangifte inkomstenbelasting 2013) (Version: - Belastingdienst)
ABN AMRO E.dentifier2 Software (HKLM-x32\...\{7FFDD64B-C182-41D6-AB43-257C07AE486A}) (Version: 03.10 - ABN AMRO BANK)
ActivePerl 5.20.2 Build 2002 (64-bit) (HKLM\...\{C07C5E6C-2225-4668-896C-31A7D105A9BB}) (Version: 5.20.2002 - ActiveState)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 23.0.0.257 - Adobe Systems Incorporated)
Adobe Connect 9 Add-in (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Adobe Connect 9 Add-in) (Version: 11,9,972,8 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 24 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.12020 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.12020 - Cisco Systems, Inc.) Hidden
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.4.0.8014 - Citrix Systems, Inc.)
Crayon Physics Deluxe Demo version 55_demo (HKLM-x32\...\{1AB2519C-B340-4B0C-9F81-BCF32A842EBF}_is1) (Version: 55_demo - Kloonigames, Ltd)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Dropbox) (Version: 19.4.13 - Dropbox, Inc.)
Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.68.10 - Lenovo Group Limited)
EPSON BX620FWD Series Printer Uninstall (HKLM\...\EPSON BX620FWD Series) (Version: - SEIKO EPSON Corporation)
EPSON BX635FWD Series Printer Uninstall (HKLM\...\EPSON BX635FWD Series) (Version: - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EpsonNet Config V4 (HKLM-x32\...\{08013FB5-DF8B-4D29-9B5E-B3DE88EBA6CA}) (Version: 4.1.1 - SEIKO EPSON CORPORATION)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ExpressVPN v3.305 (HKLM-x32\...\ExpressVPN) (Version: v3.305 - )
Free WMA to MP3 Converter 1.16 (HKLM-x32\...\Free WMA to MP3 Converter_is1) (Version: - Jodix Technologies Ltd.)
G*Power 3.1.9.2 (HKLM-x32\...\{F9C59D86-6F65-4EDB-89A2-FBA1F78762D2}) (Version: 3.1.92 - Franz Faul, Uni Kiel, Germany)
GOG.com Heroes of Might and Magic 3 (HKLM\...\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb) (Version: - )
Google Apps Migration For Microsoft Outlook® 4.0.29.9 (HKLM-x32\...\{E8248BD6-6294-4CF6-9CF9-BDAAC0CC8253}) (Version: 4.0.29.9 - Google, Inc.)
Google Apps Sync™ for Microsoft Outlook® 3.8.440.1250 (HKLM-x32\...\{091C294E-F243-432C-93E1-DEC4C2B9635B}) (Version: 3.8.440.1250 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Hema Fotoalbum (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\{83EF9202-135C-4AFC-A083-DE9D09C6BC46}_is1) (Version: - Hema)
Heroes of Might and Magic 3 Complete (HKLM-x32\...\GOGPACKHOMM3COMPLETE_is1) (Version: 2.0.0.16 - GOG.com)
IBM SPSS Statistics 20 (HKLM\...\{2AF8017B-E503-408F-AACE-8A335452CAD2}) (Version: 20.0.0.0 - IBM Corp)
inSSIDer 3 (HKLM-x32\...\{A80CEA4E-74C1-4F9F-806B-E1D9AFC01768}) (Version: 3.0.7.48 - MetaGeek, LLC)
Integrated Camera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.7.31 - SunplusIT)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.9.254 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{728985C5-A04B-457C-9D62-15360F3EAF85}) (Version: 3.1.29.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel® PROSet/Wireless Software (HKLM-x32\...\{9bffdf20-c3a3-4e93-9cbf-61712c6a38be}) (Version: 17.13.2 - Intel Corporation)
JabRef 2.10 (HKLM-x32\...\JabRef 2.10) (Version: 2.10 - JabRef Team)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Lenovo Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 8.80.10 - Lenovo)
Lenovo App Shop (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 44154 - Intel)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.13 - )
Lenovo Mobile Broadband Activation (HKLM-x32\...\{A95D9DF7-CF34-421A-A1DC-936A49A4DAEA}) (Version: 4.2.1003.00 - Lenovo Group Limited)
Lenovo Patch Utility (HKLM-x32\...\{6E6E7725-C7BC-4C39-8B3F-14B67331A120}) (Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Patch Utility (x32 Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (HKLM\...\{0369F866-2CE0-4EB9-B426-88FA122C6E82}) (Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Peer Connect SDK (HKLM\...\{75C87855-9CBB-4892-B1A9-74C73A19CACA}_is1) (Version: 1.0.0.1 - Lenovo)
Lenovo Power Management Driver (Version: 1.67.12.16 - Lenovo) Hidden
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.4 - Lenovo Inc.)
Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - Lenovo)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0045 - Lenovo)
Lenovo USB 2.0 Ethernet Adapter (HKLM-x32\...\{29584513-DC7F-4EB9-8654-7C541DF0DDCE}) (Version: 1.11 - Lenovo)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0009.00 - Lenovo Group Limited)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)
Lenovo Welcome (HKLM-x32\...\{2DC26D10-CC6A-494F-BEA3-B5BC21126D5E}) (Version: 3.1.0021.00 - Lenovo Group Limited)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Master of Orion 2 (HKLM-x32\...\1207661633_is1) (Version: 2.1.0.18 - GOG.com)
MATLAB R2015b (HKLM\...\Matlab R2015b) (Version: 8.6 - MathWorks)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 - Nederlands (HKLM\...\{90150000-001F-0413-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 - Nederlands (HKLM-x32\...\{90150000-001F-0413-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mobile Broadband Drivers (HKLM-x32\...\{EA9640BE-414E-4195-B53B-7905BF1A5A09}) (Version: 7.2.5.4 - Ericsson AB)
Mozilla Firefox 51.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 de)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
Mplus Version 7.3 Demo (64-bit) (HKLM\...\{BA273660-8C9F-4835-A906-3B5686BE7AB4}) (Version: 7.3.0 - Muthen & Muthen)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
Nitro Pro 7 (HKLM\...\{36710189-55DF-4D75-8B6A-523CC61B7047}) (Version: 7.4.1.4 - Nitro PDF Software)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.3.3 - Notepad++ Team)
Octave 4.0.0 (HKLM-x32\...\Octave-4.0.0) (Version: 4.0.0 - GNU Octave)
Octoshape Streaming Services (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Octoshape Streaming Services) (Version: - Octoshape ApS)
Online Plug-in (x32 Version: 14.4.0.8014 - Citrix Systems, Inc.) Hidden
Opera Stable 42.0.2393.517 (HKLM-x32\...\Opera 42.0.2393.517) (Version: 42.0.2393.517 - Opera Software)
PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Python 2.7.10 (Anaconda 2.3.0 64-bit) (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Python 2.7.10 (Anaconda 2.3.0 64-bit)) (Version: 2.3.0 - Continuum Analytics, Inc.)
Python 3.4.3 (HKLM-x32\...\{CCD588A7-8D55-49F1-A30C-47FAB40889ED}) (Version: 3.4.16490 - Python Software Foundation)
Python 3.5.2 (Anaconda3 4.1.1 64-bit) (HKLM\...\Python 3.5.2 (Anaconda3 4.1.1 64-bit)) (Version: 4.1.1 - Continuum Analytics, Inc.)
R for Windows 3.0.1 (HKLM\...\R for Windows 3.0.1_is1) (Version: 3.0.1 - R Core Team)
R for Windows 3.0.3 (HKLM\...\R for Windows 3.0.3_is1) (Version: 3.0.3 - R Core Team)
R for Windows 3.2.0 (HKLM\...\R for Windows 3.2.0_is1) (Version: 3.2.0 - R Core Team)
R for Windows 3.2.2 (HKLM\...\R for Windows 3.2.2_is1) (Version: 3.2.2 - R Core Team)
R for Windows 3.3.1 (HKLM\...\R for Windows 3.3.1_is1) (Version: 3.3.1 - R Core Team)
RapidBoot Shield (HKLM\...\{5E2652DF-743F-482B-A593-C95F431A5769}) (Version: 1.23 - Lenovo)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7040 - Realtek Semiconductor Corp.)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
RICOH_Media_Driver_v2.14.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH)
RStudio (HKLM-x32\...\RStudio) (Version: 0.99.489 - RStudio)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.43.0 - SAMSUNG Electronics Co., Ltd.)
Self-Service Plug-in (x32 Version: 4.4.0.11833 - Citrix Systems, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
Sonos Controller (HKLM-x32\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 34.7.35161 - Sonos, Inc.)
Spotify (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Spotify) (Version: 1.0.47.13.gd8e05b1f - Spotify AB)
SRWare Iron version 48.2550.2 (HKLM-x32\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: 48.2550.2 - SRWare)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: - )
Synology Cloud Station Backup (remove only) (HKLM\...\Synology Cloud Station Backup) (Version: 4.0.4204 - Synology, Inc.)
Synology Cloud Station Drive (HKLM-x32\...\{A2E63753-A06C-40ED-902E-BBD8250B1CAD}) (Version: 4.0.4204 - Synology)
TeXnicCenter Version 2.02 Stable (HKLM\...\TeXnicCenter_is1) (Version: 2.02 Stable - The TeXnicCenter Team)
TeXstudio 2.6.2 (HKLM-x32\...\TeXstudio_is1) (Version: 2.6.2 - Benito van der Zander)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.4500 - Broadcom Corporation)
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.14 - )
ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 6.25.65 - Lenovo)
ThinkVantage Access Connections (HKLM-x32\...\{A62AEB2B-E2A0-4E77-8AAE-9645FE3B5487}) (Version: 5.95 - Lenovo)
ThinkVantage Fingerprint Software (HKLM\...\{F58DA859-016E-492D-A588-317D9BB28002}) (Version: 5.9.9.7282 - Authentec Inc.)
ThinkVantage GPS (HKLM-x32\...\{6DB21B2C-2BEF-44B4-B264-8EC2BC2369C6}) (Version: 2.81 - Lenovo)
VIP Access (HKLM-x32\...\{E8D46836-CD55-453C-A107-A59EC51CB8DC}) (Version: 2.0.5.13 - VeriSign)
VUmc Desktop (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\storeservi-ee876895@@VUMC.VUmc Desktop $S1-1) (Version: 1.0 - Delivered by Citrix)
Web Companion (HKLM-x32\...\{6ece3bf6-3694-4acf-b158-16f51a2c6b56}) (Version: 2.1.1265.2535 - Lavasoft)
Widevine Media Optimizer Chrome 6.0.0 (HKLM-x32\...\optimizer_chrome) (Version: 6.0.0.12442 - Widevine Technologies)
Widevine Media Optimizer Chrome 6.0.0 (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\optimizer_chrome) (Version: 6.0.0.12442 - Widevine Technologies)
Widevine Media Optimizer IE 6.0.0 (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\optimizer_ie) (Version: 6.0.0.12757 - Widevine Technologies)
WinDirStat 1.1.2 (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\WinDirStat) (Version: - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-Treiberpaket - Intel (ISCT) System (08/23/2011 1.0.5.0) (HKLM\...\8D1FA6162A87496A05284A0C76A3B76705965B62) (Version: 08/23/2011 1.0.5.0 - Intel)
Windows-Treiberpaket - Intel System (01/11/2012 9.3.0.1020) (HKLM\...\09839A9B5EDA69DA2DCC34637B5140AAF8A53B44) (Version: 01/11/2012 9.3.0.1020 - Intel)
Windows-Treiberpaket - Intel System (08/26/2011 9.3.0.1011) (HKLM\...\9D7CD466F7FC8B18FF1B84943B7BB8648D17FCE8) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Intel System (08/26/2011 9.3.0.1011) (HKLM\...\D8EF6CACF49BD33CC1FACD124C8CC2B1A8E8AE35) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Intel USB (08/26/2011 9.3.0.1011) (HKLM\...\97EE1802A0385A37DE6323FA39EC76BEB2D73E41) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Lenovo 1.65.05.20 (02/29/2012 1.65.05.20) (HKLM\...\E3535F123E7F666D573665142F90D3E5004DC326) (Version: 02/29/2012 1.65.05.20 - Lenovo)
Windows-Treiberpaket - Synaptics (SmbDrv) System (07/05/2012 16.2.5.0) (HKLM\...\99334E0BAA64ED1D117794050F2AA7D3951D9A7D) (Version: 07/05/2012 16.2.5.0 - Synaptics)
Windows-Treiberpaket - Synaptics (SynTP) Mouse (07/05/2012 16.2.5.0) (HKLM\...\0395D83D6A2C0E110509B9E80E9BC5F29238FA82) (Version: 07/05/2012 16.2.5.0 - Synaptics)
Zoom (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\ZoomUMX) (Version: 3.5 - Zoom Video Communications, Inc.)
Zotero Standalone 4.0.29.10 (x86 en-US) (HKLM-x32\...\Zotero Standalone 4.0.29.10 (x86 en-US)) (Version: 4.0.29.10 - Zotero)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\******\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AC}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
CustomCLSID: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AD}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {04B8EF9D-CD39-4182-8842-9B08430F0197} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2017-01-18] ()
Task: {0604997D-52D6-4514-AE28-F1DE449BF276} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {11257F63-5297-4886-AFC6-2211F6C9B8A3} - System32\Tasks\{AD1218B3-DC59-4081-8A45-2014706A72CC} => pcalua.exe -a "C:\Users\******\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4EH50OQF\AVM_FRITZ!WLAN_Repeater_310_Assistent.exe" -d C:\Users\******\Desktop
Task: {13D992D7-888A-4AAF-B17E-0ED000690458} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe [2017-01-11] (Adobe Systems Incorporated)
Task: {16D76F82-AC80-4041-BCAC-6798F30CD84B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000UA => C:\Users\******\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {223DFF31-BFCA-43FF-8339-C43B221A089F} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe [2016-04-14] (Lenovo Group Limited)
Task: {23E62AD8-63C7-49C4-8D88-568E37D12038} - System32\Tasks\{E661EA14-4831-4DC9-BA24-1F58FD3A9520} => C:\Users\******\Downloads\alfatest.exe
Task: {2A225316-1432-459F-9552-0F316D99B9BB} - System32\Tasks\MATLAB R2015b Startup Accelerator => C:\Program Files\MATLAB\R2015b\bin\win64\MATLABStartupAccelerator.exe [2015-07-30] ()
Task: {4ED24D9E-64F9-4EFD-8D62-2A46AB7FD6F4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000Core => C:\Users\******\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {5101C02D-4ACA-41E8-A6F5-210953BD81F2} - System32\Tasks\{9F4FBCB7-441F-4042-8998-402A08F71CD7} => C:\Users\******\Downloads\alfatest.exe
Task: {51527F61-8136-4602-9BBD-7F6A3386DE9E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-08] (Adobe Systems Incorporated)
Task: {516DE39E-4BC8-46DC-98B3-4E384F30F3C3} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000UA => C:\Users\******\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {544E4E1D-B75D-4BB3-A0C9-D1FF08669CC2} - System32\Tasks\{96C4092B-3E36-4FFF-A252-679948D94E24} => C:\Users\******\Downloads\alfatest.exe
Task: {646D7B7F-B14A-469C-8AD8-BB0FB8EC24F5} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [2016-06-02] ()
Task: {76341AC4-F95F-4D4F-8EB4-6F4D2A41CBB6} - System32\Tasks\Opera scheduled Autoupdate 1420761345 => C:\Program Files (x86)\Opera\launcher.exe [2017-01-26] (Opera Software)
Task: {7A94AD62-0252-460D-9461-2AECDE893A62} - System32\Tasks\{B5103088-5AA1-4ED1-B052-EE1CD81AA67F} => C:\Users\******\Downloads\alfatest.exe
Task: {7ED977C3-E5A3-4DF8-A891-8CAC05FDC42C} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {81950FA3-3AF2-4847-B96B-94549F81FE8A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {8B1A1E8D-C0C0-4103-A1F3-3F622D197ACF} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000Core => C:\Users\******\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {A0C547F0-617C-40D8-9079-033C06E2AFA0} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {A66A4169-D399-41CB-8193-6621E49CB98E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {A9A553D2-A554-44FC-95C8-5FA6297B2471} - System32\Tasks\{396E50AE-0DBA-4615-A96F-CFE4DC2D9EF1} => C:\Users\******\Downloads\alfatest.exe
Task: {ACA06C7F-29C4-4B82-9EE4-5D7963A33E65} - System32\Tasks\{7389CD34-2D3B-4788-99E0-2FA2C4B12C48} => C:\Users\******\Downloads\alfatest.exe
Task: {AE958A85-104F-49B4-BB51-ED3F76BFD594} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {C6BF3026-2C4E-4AA4-BC5A-B1168C431C62} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-01] (Lenovo)
Task: {CE9FB232-A20A-4B40-BDDE-6185834DBC42} - System32\Tasks\{1D30A00C-6ED6-4D93-B8A1-4E559F3B335B} => C:\Users\******\Downloads\alfatest.exe
Task: {D2A57E6F-F90F-4E0A-8870-20C421B5B0C3} - System32\Tasks\{BC072FDB-9C95-45AD-8328-17D7B8A4868E} => C:\Users\******\Downloads\alfatest.exe
Task: {D63B89A4-B7CE-47C3-9233-92909828A987} - System32\Tasks\{010A5FF7-A151-4825-B0EA-879607C5D583} => C:\Users\******\Downloads\alfatest.exe
Task: {D7CDE812-B353-455D-8286-DE0FC7CFEE28} - System32\Tasks\{D82A1DC1-78A4-4231-BB44-53D94432F129} => C:\Users\******\Downloads\alfatest.exe
Task: {D878A05F-D674-4915-8F9F-E9E7706D7DE1} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2017-01-18] ()
Task: {E3C18149-1EC2-429A-83A7-E2C63EA57782} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-06-02] (Lenovo)
Task: {E6402E65-A275-44D8-AAFA-BF21A3E4F87B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000Core.job => C:\Users\******\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000UA.job => C:\Users\******\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\MATLAB R2015b Startup Accelerator.job => C:\Program Files\MATLAB\R2015b\bin\win64\MATLABStartupAccelerator.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\******\Documents\Studium\Hiwi\Medieninhaltsforschung\Eigene Websites auf MSN\target.lnk -> hxxp://de.msnusers.co
Shortcut: C:\Users\******\Documents\Studium\Hiwi\Hiwi\Medieninhaltsforschung\Eigene Websites auf MSN\target.lnk -> hxxp://de.msnusers.co
ShortcutWithArgument: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda (64-bit)\Anaconda Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k "C:\Users\******\AppData\Local\Dato\Dato Launcher\Scripts\anaconda.bat"
ShortcutWithArgument: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda (64-bit)\Wakari (in the cloud).lnk -> C:\Users\******\AppData\Local\Dato\Dato Launcher\pythonw.exe () -> -m webbrowser -t "hxxps://www.wakari.io/"
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-04-12 07:15 - 2016-04-12 07:15 - 00287240 _____ () C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe
2016-04-12 14:47 - 2016-04-12 14:47 - 00287240 _____ () C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe
2016-03-18 06:41 - 2016-03-18 06:41 - 00248840 _____ () C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2012-05-23 22:14 - 2012-05-23 22:14 - 00108040 _____ () C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NPShellExtension64.dll
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2017-01-30 10:02 - 2017-01-18 16:36 - 00023416 _____ () C:\Program Files (x86)\Lenovo\System Update\SUService.exe
2017-02-07 21:13 - 2017-02-01 10:47 - 02459992 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-07 21:13 - 2017-02-01 10:47 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
2015-10-23 09:15 - 2015-10-23 09:15 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2013-06-04 23:36 - 2011-07-13 09:10 - 00065576 ____R () C:\Program Files (x86)\Mobile Broadband drivers\WMCore\MBMDebug.dll
2013-06-27 09:41 - 2013-05-13 14:15 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2016-06-27 23:19 - 2016-06-27 23:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll
2015-11-10 18:39 - 2015-11-10 18:39 - 03190016 _____ () C:\Program Files (x86)\Citrix\ICA Client\coreavc_sdk.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\AdwCleaner:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Boot:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Config.Msi:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Documents and Settings:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Dokumente und Einstellungen:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\DRIVERS:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Intel:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\MSOCache:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\PerfLogs:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Program Files:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Program Files (x86):IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Programme:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\swshare:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\SWTOOLS:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\System Volume Information:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Workspace R:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\All Users:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Adobe:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Application Data:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Brother:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Cisco:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Desktop:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Documents:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Dokumente:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Downloaded Installations:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\EPSON:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Favoriten:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Favorites:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\FileOpen:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\IDM:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Intel:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Lenovo:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\MacheenService:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Malwarebytes:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\McAfee:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft Help:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Mozilla:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Nitro PDF:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Norton:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\NortonInstaller:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Oracle:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Package Cache:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\regid.1986-12.com.adobe:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\SafeNet Sentinel:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Samsung:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Simply Super Software:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Skype:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Sophos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\SPSS:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Spybot - Search & Destroy:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Start Menu:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Startmenü:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\TEMP:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Templates:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Vorlagen:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programme:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EpsonNet:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo App Shop:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeXstudio:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Anwendungsdaten:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Application Data:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Desktop:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Documents:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Downloads:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Druckumgebung:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Eigene Dateien:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Favorites:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Links:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Local Settings:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Lokale Einstellungen:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Music:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\My Documents:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\NetHood:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Netzwerkumgebung:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Pictures:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\PrintHood:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Recent:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Roaming:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Saved Games:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\SendTo:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Start Menu:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Startmenü:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Templates:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Vorlagen:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Local:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Roaming:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Roaming\IMAT:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Macromedia:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Media Center Programs:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Microsoft:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Local\Anwendungsdaten:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Local\Application Data:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Local\History:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Local\Microsoft:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Local\Microsoft Help:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Local\Temporary Internet Files:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Local\Verlauf:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Documents\Eigene Bilder:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Documents\Eigene Musik:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Documents\Eigene Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Documents\My Music:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Documents\My Pictures:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Documents\My Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Local:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Roaming:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\IMAT:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Macromedia:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Media Center Programs:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Microsoft:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Local\Anwendungsdaten:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Local\Application Data:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Local\History:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Local\Microsoft:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Local\Microsoft Help:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Local\Temporary Internet Files:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Local\Verlauf:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\Documents\Eigene Bilder:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\Documents\Eigene Musik:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\Documents\Eigene Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\Documents\My Music:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\Documents\My Pictures:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\Documents\My Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Desktop:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Documents:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Downloads:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Favorites:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Lenovo:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Libraries:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Music:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Pictures:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Recorded TV:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Roaming:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Symantec:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Downloads\Norton:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Documents\Eigene Bilder:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Documents\Eigene Musik:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Documents\Eigene Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Documents\My Music:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Documents\My Pictures:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Documents\My Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\.spss:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Anwendungsdaten:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Application Data:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Contacts:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Cookies:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Desktop:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Documents:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Downloads:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Dropbox:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Druckumgebung:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Eigene Dateien:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Favorites:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Links:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Lokale Einstellungen:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Music:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Netzwerkumgebung:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Pictures:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Recent:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Roaming:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Searches:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\SendTo:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Startmenü:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Vorlagen:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Desktop\project_description draft 29_TK.docx:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\******\Downloads\VlVNQy5WVW1jIERlc2t0b3AgJFMxLTE- (1).ica:icasource [223]
AlternateDataStreams: C:\Users\******\Downloads\VlVNQy5WVW1jIERlc2t0b3AgJFMxLTE- (2).ica:icasource [223]
AlternateDataStreams: C:\Users\******\Downloads\VlVNQy5WVW1jIERlc2t0b3AgJFMxLTE- (3).ica:icasource [223]
AlternateDataStreams: C:\Users\******\Downloads\VlVNQy5WVW1jIERlc2t0b3AgJFMxLTE- (4).ica:icasource [223]
AlternateDataStreams: C:\Users\******\Downloads\VlVNQy5WVW1jIERlc2t0b3AgJFMxLTE- (5).ica:icasource [224]
AlternateDataStreams: C:\Users\******\Downloads\VlVNQy5WVW1jIERlc2t0b3AgJFMxLTE-.ica:icasource [223]
AlternateDataStreams: C:\Users\******\AppData\Local:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\LocalLow:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Adobe:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\CoSoSys:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Dropbox:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\EPSON:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\FileOpen:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Identities:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\IDM:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Intel:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\LavasoftStatistics:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Leadertech:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Lenovo:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Macromedia:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Malwarebytes:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Media Center Programs:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Mozilla:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\MyPhoneExplorer:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Nitro PDF:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Notepad++:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Opera:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\PDAppFlex:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\PwrMgr:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Samsung:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Skype:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Spotify:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\texstudio:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Adobe:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Anwendungsdaten:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Broadcom:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Cisco:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Diagnostics:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Downloaded Installations:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\ElevatedDiagnostics:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Google:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\GPSENABLER:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Hema Fotoalbum:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\IBM:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\javasharedresources:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Lenovo:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\LSC:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Macromedia:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\MetaGeek,_LLC:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Microsoft:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Microsoft Help:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\MobileAccess:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Mozilla:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\ms-drivers:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Opera:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\PDF24:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Programs:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\RStudio-Desktop.bu:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Samsung:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Spotify:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Temp:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Temporary Internet Files:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\VeriSign:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Verlauf:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\VirtualStore:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\LocalLow\Adobe:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\LocalLow\IDM:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\LocalLow\Intel:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\LocalLow\Microsoft:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\LocalLow\PlayReady:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\LocalLow\Sun:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\LocalLow\Symantec:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\LocalLow\VeriSign:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Documents\Eigene Bilder:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Documents\Eigene Musik:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Documents\Eigene Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Documents\Finanzen:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Documents\R:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Documents\Studium:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programme:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hema Fotoalbum:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MetaGeek:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup:IMAT__DS_DIR_HDR [6146]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\100sexlinks.com -> 100sexlinks.com
Da befinden sich 4788 mehr Seiten.
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2015-10-16 12:47 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\******\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 62.179.104.196 - 213.46.228.196
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\startupfolder: C:^Users^******^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Citrix Receiver.lnk => C:\Windows\pss\Citrix Receiver.lnk.Startup
MSCONFIG\startupreg: AcWin7Hlpr => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: ConnectionCenter => "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
MSCONFIG\startupreg: Google Update => "C:\Users\******\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: Integrated Camera_Monitor => C:\Program Files (x86)\Integrated Camera\monitor.exe
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LENOVO.TPKNRRES => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
MSCONFIG\startupreg: LenovoNal => C:\Program Files\Lenovo\Lenovo Peer Connect\NalService.exe
MSCONFIG\startupreg: Octoshape Streaming Services => "C:\Users\******\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: PWMTRV => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
MSCONFIG\startupreg: Redirector => "C:\Program Files (x86)\Citrix\ICA Client\redirector.exe" /startup
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\******\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\******\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{2B063FA6-477F-48FA-9D1E-3BDBBDEB2DE6}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{EDD477BC-C5F1-4E0C-AD2F-EAB87CBE2016}] => LPort=2869
FirewallRules: [{03D5C4C4-1599-4012-AD49-5002A9EA33DD}] => LPort=1900
FirewallRules: [{34A60A08-403E-4FD9-86AE-64718FB480EF}] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{EF5C29A3-17C3-46AC-91A1-F104C6D38372}] => C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{7BA793EC-F5F6-4071-992C-E69FEA754B68}] => C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{44D10574-CC59-4D88-A295-485DA2832F38}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F6FD2F10-D1DB-47D9-8902-2643C5E69F79}] => C:\Users\******\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{36428086-0079-4F5C-BAA1-ADC33A93C5A4}] => C:\Users\******\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{0E310144-12A2-4304-B85D-67C0B79B1E3E}] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
FirewallRules: [{EF0AF0CC-7E9B-400C-AF5B-4BEA2C18386F}] => C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{658B0361-312C-421C-8ECA-CA0C1E879717}] => C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{22E03A7D-DA2D-4C2A-ABF2-8C8A40C6CFF1}] => C:\Program Files (x86)\EpsonNet\EpsonNet Config V4\ENConfig.exe
FirewallRules: [{C7DB25E6-D90E-4F4A-A745-29D1622204C1}] => C:\Program Files (x86)\EpsonNet\EpsonNet Config V4\ENConfig.exe
FirewallRules: [TCP Query User{5837FA49-EC04-4CE2-A17F-5469621E5F70}C:\users\******\appdata\roaming\spotify\spotify.exe] => C:\users\******\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{C81CF274-8D28-4900-94C1-2F1891831C07}C:\users\******\appdata\roaming\spotify\spotify.exe] => C:\users\******\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{E3EF79E9-FE81-445C-9358-86918EBEBB9E}C:\users\******\appdata\roaming\dropbox\bin\dropbox.exe] => C:\users\******\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{1C160363-0105-456F-B3D6-8A10B374F511}C:\users\******\appdata\roaming\dropbox\bin\dropbox.exe] => C:\users\******\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{E2ECEC31-40B6-4B15-B912-4E7378DF0193}C:\users\******\appdata\local\hola\firefox\app\hola_plugin.exe] => C:\users\******\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [UDP Query User{4CA88648-4EDA-4AF1-95D5-B3B155D7CCFB}C:\users\******\appdata\local\hola\firefox\app\hola_plugin.exe] => C:\users\******\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [{575915FC-4116-470F-8057-4C9DFAC272F6}] => C:\Program Files (x86)\Sonos\Sonos.exe
FirewallRules: [{AE4AA11B-7BE4-4429-9D7B-BCF8EC179EC1}] => C:\Program Files (x86)\Sonos\Sonos.exe
FirewallRules: [{522142AE-B1C9-423A-B3CD-8ED4EA0DBE7A}] => C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{6844444C-9084-4822-A681-A85969309E62}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8CE040F5-BCF4-4718-86D9-4A0CA9DFC42F}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{26696B35-988E-4352-AB60-6F6A3533F30F}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{295B1CB8-60F5-4973-A4E9-D9183FF7D7E7}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{EEE28765-7988-4C32-8C15-18C3985B6C3B}C:\program files\rstudio\bin\x64\rsession.exe] => C:\program files\rstudio\bin\x64\rsession.exe
FirewallRules: [UDP Query User{855EC420-ECEE-40AD-AF0E-577EAC717B99}C:\program files\rstudio\bin\x64\rsession.exe] => C:\program files\rstudio\bin\x64\rsession.exe
FirewallRules: [TCP Query User{7350319E-0F08-45DE-8720-778FAE3F4BE2}C:\program files\rstudio\bin\x64\rsession.exe] => C:\program files\rstudio\bin\x64\rsession.exe
FirewallRules: [UDP Query User{0BBBA499-F433-4961-A3EC-B78DFE79ACED}C:\program files\rstudio\bin\x64\rsession.exe] => C:\program files\rstudio\bin\x64\rsession.exe
FirewallRules: [TCP Query User{B5E8254B-666F-4F3F-AAC6-44B00DF7DB05}C:\program files\ibm\spss\statistics\20\stats.exe] => C:\program files\ibm\spss\statistics\20\stats.exe
FirewallRules: [UDP Query User{BA67F580-5769-4870-949B-2ED14217B91D}C:\program files\ibm\spss\statistics\20\stats.exe] => C:\program files\ibm\spss\statistics\20\stats.exe
FirewallRules: [TCP Query User{29E361B7-DAC4-4E87-BF0D-A19A1120F3DB}C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe] => C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe
FirewallRules: [UDP Query User{02FB5303-C161-4D8E-AE4D-97E3B2304D45}C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe] => C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe
FirewallRules: [{53563EED-90E6-48F2-8006-9FB0CBAB52EB}] => C:\Program Files (x86)\Opera\42.0.2393.137\opera.exe
FirewallRules: [{0934AB64-A2B0-4D5C-99EB-0992CD66733F}] => C:\Program Files (x86)\Opera\42.0.2393.517\opera.exe
FirewallRules: [{240CDADA-91DD-4300-BFCE-2DF6624EC536}] => C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{EEAA9EF9-4B6D-4402-8DB2-3DFD925F37D6}] => C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{385AB514-2CAE-424D-9881-1356F0AF0BD5}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
07-02-2017 09:41:08 Windows Update
07-02-2017 19:18:58 Windows-Sicherung
08-02-2017 10:53:11 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Lenovo Connect Device 1.0
Description: Lenovo Connect Device 1.0
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/08/2017 10:48:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CAMService.exe, Version: 1.0.0.1, Zeitstempel: 0x54077d08
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.23572, Zeitstempel: 0x57fd0651
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000048f24
ID des fehlerhaften Prozesses: 0x94c
Startzeit der fehlerhaften Anwendung: 0x01d281f08111248f
Pfad der fehlerhaften Anwendung: C:\Program Files\Intel\CAM\bin\CAMService.exe
Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll
Berichtskennung: c734410b-ede3-11e6-8a7c-b8763fa86bbd
Error: (02/08/2017 10:48:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (02/08/2017 10:42:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CAMService.exe, Version: 1.0.0.1, Zeitstempel: 0x54077d08
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.23572, Zeitstempel: 0x57fd0651
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000048f24
ID des fehlerhaften Prozesses: 0x980
Startzeit der fehlerhaften Anwendung: 0x01d281ef983ec976
Pfad der fehlerhaften Anwendung: C:\Program Files\Intel\CAM\bin\CAMService.exe
Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll
Berichtskennung: e7bfea15-ede2-11e6-b2d2-b8763fa86bbd
Error: (02/08/2017 10:42:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (02/07/2017 09:09:16 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: "Fehler beim Zugreifen auf den freigegebenen Remoteordner durch die Windows-Sicherung. (0x81000039)"
Error: (02/07/2017 07:08:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (02/07/2017 09:36:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (02/03/2017 08:45:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CAMService.exe, Version: 1.0.0.1, Zeitstempel: 0x54077d08
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.23572, Zeitstempel: 0x57fd0651
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000048f24
ID des fehlerhaften Prozesses: 0x96c
Startzeit der fehlerhaften Anwendung: 0x01d27df16e0ccb7a
Pfad der fehlerhaften Anwendung: C:\Program Files\Intel\CAM\bin\CAMService.exe
Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll
Berichtskennung: bb26cea3-e9e4-11e6-9b18-b8763fa86bbd
Error: (02/03/2017 08:45:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (02/03/2017 12:48:23 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Systemfehler:
=============
Error: (02/08/2017 10:49:31 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-18) für Benutzer NT-AUTORITÄT\SYSTEM von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
und APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.
Error: (02/08/2017 10:48:44 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "CAM Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/08/2017 10:48:44 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (02/08/2017 10:48:27 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Lenovo Platform Service erreicht.
Error: (02/08/2017 10:48:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SMI Helper Driver (smihlp2)" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (02/08/2017 10:48:08 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Error: (02/08/2017 10:48:08 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Error: (02/08/2017 10:48:08 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Error: (02/08/2017 10:48:07 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Error: (02/08/2017 10:47:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Power Manager Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===================================
Date: 2017-02-08 12:03:33.172
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-20 10:30:56.610
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-20 10:30:52.144
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-20 10:29:07.458
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-20 10:29:07.296
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-20 10:24:45.765
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-18 12:01:03.460
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-15 11:02:24.953
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-15 11:02:23.807
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2017-01-15 11:02:22.071
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-3667U CPU @ 2.00GHz
Prozentuale Nutzung des RAM: 62%
Installierter physikalischer RAM: 7888.92 MB
Verfügbarer physikalischer RAM: 2933.07 MB
Summe virtueller Speicher: 15776.02 MB
Verfügbarer virtueller Speicher: 10636.74 MB
==================== Laufwerke ================================
Drive c: (Windows7_OS) (Fixed) (Total:200.43 GB) (Free:44.28 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive q: (Lenovo_Recovery) (Fixed) (Total:13.67 GB) (Free:3.23 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: B605DD09)
Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=200.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=8 GB) - (Type=84)
==================== Ende von Addition.txt ============================
|
|
09.02.2017, 10:19
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Ungewünschte Webseite öffnet sich Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte: 1. Schritt: MBAM Downloade Dir bitte  Malwarebytes Anti-Malware
2. Schritt: ESET ESET Online Scanner
3. Schritt: SecurityCheck Downloade Dir bitte  SecurityCheck und:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.02.2017, 14:01
| #15 |
| | Ungewünschte Webseite öffnet sichCode:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 15.02.2017 Scan Time: 11:08 Logfile: malwarebytes scan.txt Administrator: Yes Version: 2.2.1.1043 Malware Database: v2017.02.15.03 Rootkit Database: v2017.02.11.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: ****** Scan Type: Threat Scan Result: Completed Objects Scanned: 347725 Time Elapsed: 12 min, 39 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Warn PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end) Code:
ATTFilter C:\Users\******\AppData\Local\Temp\DMR\dmr_72.exe Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung
Code:
ATTFilter Results of screen317's Security Check version 1.009
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Kaspersky Internet Security
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 8 Update 121
Java version 32-bit out of Date!
Adobe Flash Player 24.0.0.221
Mozilla Firefox (51.0.1)
Google Chrome (56.0.2924.87)
Google Chrome (SetupMetrics...)
````````Process Check: objlist.exe by Laurent````````
Kaspersky Lab Kaspersky Internet Security 17.0.0 avp.exe
Kaspersky Lab Kaspersky Internet Security 17.0.0 avpui.exe
Kaspersky Lab Kaspersky Secure Connection 1.0 ksde.exe
Kaspersky Lab Kaspersky Secure Connection 1.0 ksdeui.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
|
|
| Themen zu Ungewünschte Webseite öffnet sich |
| browser, combofix, defender, explorer, firefox, flash player, google, home, kaspersky, lavasofttcpservice64.dll, mozilla, prozesse, realtek, registry, rundll, scan, security, services.exe, software, svchost.exe, symantec, system, temp, windows, winlogon.exe, öffnet |
Linear-Darstellung
