Win - 10 Nova / Rambler.ru malware und NPE 0x8 Fehler - Verdacht auf rootkit

cosinus · 27.02.2017, 11:54

Die Funde müssen mit dem adwCleaner auch entfernt werden!!

Wir haben leider noch ne ältere Anleitung vom adwCleaner, bitte nochmal ausführen und so einstellen:

nekropolit · 27.02.2017, 15:46

Hatte alles entfernt. Hier nochmal ein Log mit der neuen Option:

Code:

ATTFilter

# AdwCleaner v6.043 - Bericht erstellt am 27/02/2017 um 14:58:58
# Aktualisiert am 27/01/2017 von Malwarebytes
# Datenbank : 2017-02-27.1 [Lokal]
# Betriebssystem : Windows 10 Pro  (X64)
# Benutzername : Martin Zenker - MZ_YOGA_1
# Gestartet von : C:\Users\mzenk_000\Desktop\AdwCleaner_6.043 (1).exe
# Modus: Suchlauf
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****

Keine schädlichen Dienste gefunden.


***** [ Ordner ] *****

Keine schädlichen Ordner gefunden.


***** [ Dateien ] *****

Keine schädlichen Dateien gefunden.


***** [ DLL ] *****

Keine infizierten DLLs gefunden.


***** [ WMI ] *****

Keine schädlichen Schlüssel gefunden.


***** [ Verknüpfungen ] *****

Keine infizierten Verknüpfungen gefunden.


***** [ Aufgabenplanung ] *****

Keine schädlichen Aufgaben gefunden.


***** [ Registrierungsdatenbank ] *****

Keine schädlichen Elemente in der Registrierungsdatenbank gefunden.


***** [ Internetbrowser ] *****

Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Keine schädlichen Elemente in Chrome basierten Browsern gefunden.

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [5480 Bytes] - [22/11/2016 09:30:47]
C:\AdwCleaner\AdwCleaner[C2].txt - [1842 Bytes] - [27/02/2017 11:31:12]
C:\AdwCleaner\AdwCleaner[S0].txt - [5322 Bytes] - [22/11/2016 09:30:22]
C:\AdwCleaner\AdwCleaner[S1].txt - [1528 Bytes] - [22/11/2016 09:55:45]
C:\AdwCleaner\AdwCleaner[S2].txt - [2048 Bytes] - [27/02/2017 11:28:20]
C:\AdwCleaner\AdwCleaner[S3].txt - [1750 Bytes] - [27/02/2017 13:44:05]
C:\AdwCleaner\AdwCleaner[S4].txt - [1640 Bytes] - [27/02/2017 14:58:58]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1713 Bytes] ##########

cosinus · 27.02.2017, 19:17

Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken

nekropolit · 28.02.2017, 08:28

Guten Morgen!

FRST:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 27-02-2017 01
durchgeführt von Martin Zenker (Administrator) auf MZ_YOGA_1 (28-02-2017 08:21:38)
Gestartet von C:\Users\mzenk_000\AppData\Local\Temp\scoped_dir8612_29749
Geladene Profile: Martin Zenker (Verfügbare Profile: Martin Zenker & alex_000 & DefaultAppPool)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Opera)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
() C:\Windows\System32\3DPrintService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(SecureMix LLC) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(MakerBot) C:\Program Files\MakerBot\MakerWare\conveyor-svc.exe
(Reason Software Company Inc.) C:\Program Files\Reason\Security\rsEngineSvc.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(3Dconnexion) C:\Program Files\3Dconnexion\3DxWare\3DxWinCore64\Mgl3DCtlrRPCService.exe
() C:\Windows\runSW.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
() C:\Program Files\Reason\Security\Protection\rscp\bin\rscp_svc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
() C:\Program Files\Reason\Security\Protection\rscp\bin\rscp_bg.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek) C:\Windows\SwUSB.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(SecureMix LLC) C:\Program Files (x86)\GlassWire\GlassWire.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Syntek Ltd.) C:\Windows\STK03N\STK03NM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(SecureMix LLC) C:\Program Files (x86)\GlassWire\GWIdlMon.exe
(Reason Software Company Inc.) C:\Program Files\Reason\Security\rsUI.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\OUTLOOK.EXE
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
(Adobe Systems, Incorporated) C:\Program Files\Adobe\Adobe Muse CC 2017\Muse.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Muse CC 2017\cep\CEPHtmlEngine\CEPHtmlEngine.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Muse CC 2017\cep\CEPHtmlEngine\CEPHtmlEngine.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Muse CC 2017\cep\CEPHtmlEngine\CEPHtmlEngine.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Muse CC 2017\cep\CEPHtmlEngine\CEPHtmlEngine.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Muse CC 2017\cep\CEPHtmlEngine\CEPHtmlEngine.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Muse CC 2017\cep\CEPHtmlEngine\CEPHtmlEngine.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Cybereason) C:\Program Files (x86)\Cybereason\RansomFree\CybereasonRansomFreeServiceHost.exe
(Cybereason) C:\Program Files (x86)\Cybereason\RansomFree\CybereasonRansomFree.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17012.10301.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Opera Software) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Farbar) C:\Users\mzenk_000\AppData\Local\Temp\scoped_dir8612_29749\FRST64_1.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [111488 2013-10-14] (Intel Corporation)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [yogaserver] => C:\ProgramData\YogaSmartSwicth\yogaserver.exe [208464 2012-11-29] ()
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17080376 2013-11-26] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191544 2013-11-26] (Lenovo(beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-14] (Microsoft Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Lenovo App Shop] => "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-16] (Apple Inc.)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2687520 2015-08-25] (Sony Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-2553620308-2587970361-2745048916-1001\...\Run: [GlassWire] => C:\Program Files (x86)\GlassWire\glasswire.exe [10571776 2016-01-27] (SecureMix LLC)
HKU\S-1-5-21-2553620308-2587970361-2745048916-1001\...\RunOnce: [Uninstall C:\Users\mzenk_000\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\mzenk_000\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll -> Keine Datei
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Motion Control.lnk [2012-11-29]
ShortcutTarget: Motion Control.lnk -> C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\STK03N PNP Monitor.lnk [2016-04-28]
ShortcutTarget: STK03N PNP Monitor.lnk -> C:\Windows\STK03N\STK03NM.exe (Syntek Ltd.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9979bf27-3ead-48b3-ba74-c5efe434be04}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{e082b941-bea0-4502-90fa-1a5edca624bb}: [DhcpNameServer] 192.168.1.1
ManualProxies: 

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-2553620308-2587970361-2745048916-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
HKU\S-1-5-21-2553620308-2587970361-2745048916-1001\Software\Microsoft\Internet Explorer\Main,Start Page = 
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {8A3FF90B-A977-47EC-9633-3E2C2D312AFD} URL = 
SearchScopes: HKU\S-1-5-21-2553620308-2587970361-2745048916-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-07-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-11-02] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-07-12] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-02] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-07-19] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-07-12] (Microsoft Corporation)
DPF: HKLM-x32 {82774781-8F4E-11D1-AB1C-0000F8773BF0} hxxps://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab
DPF: HKLM-x32 {F0C2A0FA-C11A-4B67-84ED-D62E95008822} hxxp://192.168.1.254/IPCConfig.exe

FireFox:
========
FF DefaultProfile: 1q2jlbpz.default
FF ProfilePath: C:\Users\mzenk_000\AppData\Roaming\CLIQZ\Profiles\1q2jlbpz.default [2016-12-08]
FF Extension: (Cliqz) - C:\Users\mzenk_000\AppData\Roaming\CLIQZ\Profiles\1q2jlbpz.default\Extensions\cliqz@cliqz.com.xpi [2016-11-15] [ist nicht signiert]
FF Extension: (Kein Name) - C:\Program Files (x86)\CLIQZ\browser\features\https-everywhere@cliqz.com.xpi [nicht gefunden]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-15] ()
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-02] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-15] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 -> C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll [2012-09-28] (Logitech Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-02-22] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-02-22] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [Keine Datei]
FF Plugin-x32: ChromeWebPlugin -> C:\Program Files (x86)\WebControl\npGS_ChromePlugins.dll [Keine Datei]
FF Plugin-x32: FireFoxWebPlugin -> C:\Program Files (x86)\WebControl\npGS_Plugins.dll [Keine Datei]
FF Plugin-x32: JFGuide -> C:\Program Files (x86)\NetSurveillance\CMS\npGuide.dll [2015-03-11] ()
FF Plugin-x32: JFWeb -> C:\Program Files (x86)\NetSurveillance\CMS\npWebPlugin.dll [2015-03-11] ()
FF Plugin-x32: Sony Corporation/PMCADownloader -> C:\ProgramData\Sony Corporation\PMCADownloader\1.1.1975.475\npPMCADownloader.dll [2012-10-17] (Sony Network Entertainment International LLC)
FF Plugin-x32: Sony Corporation/PMCADownloaderHelper -> C:\ProgramData\Sony Corporation\PMCADownloader\1.1.1975.475\PMCADownloaderHelper.exe [2012-10-17] (Sony Network Entertainment International LLC)
FF Plugin-x32: Sony Corporation/PMCADownloaderLib -> C:\ProgramData\Sony Corporation\PMCADownloader\1.1.1975.475\PMCADownloaderLib.dll [2012-10-17] (Sony Network Entertainment International LLC)
FF Plugin HKU\.DEFAULT: ipc.com/ipc -> C:\Program Files (x86)\RegIPCPlugin\IPCPlugin\npipc.dll [2013-07-25] (IPC)
FF Plugin HKU\S-1-5-21-2553620308-2587970361-2745048916-1001: ajvision.com/webconfig -> C:\WINDOWS\system32\WEBConfig2\npwebconfig.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-2553620308-2587970361-2745048916-1001: intel.com/AppUpx64 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-2553620308-2587970361-2745048916-1001: ipc.com/ipc -> C:\Program Files (x86)\RegIPCPlugin\IPCPlugin\npipc.dll [2013-07-25] (IPC)
FF Plugin HKU\S-1-5-21-2553620308-2587970361-2745048916-1001: tpsee.com/ipcctrl -> C:\WINDOWS\system32\IPCConfigV2\npipcctrl.dll [Keine Datei]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-19] (Microsoft Corporation)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\mzenk_000\AppData\Local\Google\Chrome\User Data\Default [2017-02-22]
CHR Extension: (Google Präsentationen) - C:\Users\mzenk_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-02-22]
CHR Extension: (Google Docs) - C:\Users\mzenk_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-22]
CHR Extension: (Google Drive) - C:\Users\mzenk_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-22]
CHR Extension: (YouTube) - C:\Users\mzenk_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-22]
CHR Extension: (Google Tabellen) - C:\Users\mzenk_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-02-22]
CHR Extension: (Google Docs Offline) - C:\Users\mzenk_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\mzenk_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-22]
CHR Extension: (Google Mail) - C:\Users\mzenk_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-22]
CHR Extension: (Chrome Media Router) - C:\Users\mzenk_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-22]
CHR HKLM-x32\...\Chrome\Extension: [omaonpoimgkmbllpdihbnmgphjoipdhf] - C:\Program Files (x86)\Logitech\Harmony Remote Driver\harmony_chrome.crx [2014-02-16]

Opera: 
=======
OPR Extension: (Adguard Werbeblocker) - C:\Users\mzenk_000\AppData\Roaming\Opera Software\Opera Stable\Extensions\bopfaehpakahokaelnomggbohfbimcia [2017-01-12]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 3DPrintService; C:\windows\system32\3DPrintService.exe [181752 2015-02-05] ()
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-01-19] (Adobe Systems, Incorporated)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2016-09-14] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2828016 2016-02-09] (Microsoft Corporation)
R2 CybereasonRansomFree; C:\Program Files (x86)\Cybereason\RansomFree\CybereasonRansomFreeServiceHost.exe [13312 2017-01-09] (Cybereason) [Datei ist nicht signiert]
S2 debugregsvc; C:\WINDOWS\System32\debugregsvc.dll [29184 2016-07-15] (Microsoft Corporation)
S3 DeveloperToolsService; C:\WINDOWS\System32\DeveloperToolsSvc.exe [104448 2016-07-15] (Microsoft Corporation)
S2 DptfParticipantProcessorService; C:\WINDOWS\system32\DptfParticipantProcessorService.exe [115656 2013-10-14] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe [118728 2013-10-14] (Intel Corporation)
R2 DptfPolicyLpmService; C:\WINDOWS\system32\DptfPolicyLpmService.exe [124904 2013-10-14] (Intel Corporation)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-19] (Microsoft Corporation) [Datei ist nicht signiert]
R2 GlassWire; C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [8915968 2016-01-27] (SecureMix LLC)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Datei ist nicht signiert]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
R2 IISADMIN; C:\WINDOWS\system32\inetsrv\inetinfo.exe [17408 2016-09-14] (Microsoft Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22768 2014-04-17] (Microsoft Corporation)
R2 irstrtsv; C:\WINDOWS\SysWOW64\irstrtsv.exe [193576 2012-07-20] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
S4 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584664 2015-12-14] (LENOVO INCORPORATED.)
R2 MakerBot Conveyor Service; C:\Program Files\MakerBot\MakerWare\conveyor-svc.exe [85504 2016-08-19] (MakerBot) [Datei ist nicht signiert]
R2 Mgl3DCtlrRPCService; C:\Program Files\3Dconnexion\3DxWare\3DxWinCore64\Mgl3DCtlrRPCService.exe [57856 2014-11-13] (3Dconnexion) [Datei ist nicht signiert]
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [227680 2011-08-12] ()
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation)
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [25088 2016-03-04] (The OpenVPN Project) [Datei ist nicht signiert]
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [496160 2015-08-25] (Sony Corporation)
R2 rscp; C:\Program Files\Reason\Security\Protection\rscp\bin\rscp_svc.exe [303896 2017-02-22] ()
R2 rsEngineSvc; C:\Program Files\Reason\Security\rsEngineSvc.exe [89880 2016-09-30] (Reason Software Company Inc.)
R2 RunSwUSB; C:\Windows\runSW.exe [44104 2013-05-23] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R3 SshBroker; C:\WINDOWS\System32\SshBroker.dll [360960 2016-12-21] (Microsoft Corporation)
R3 SshProxy; C:\WINDOWS\System32\SshProxy.dll [275456 2016-12-21] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-06-03] (Synaptics Incorporated)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [Datei ist nicht signiert]
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248736 2014-02-25] () [Datei ist nicht signiert]
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87736 2014-04-30] (Microsoft Corporation)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56552 2016-03-22] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S4 WebManagement; C:\WINDOWS\system32\WebManagement.exe [1000448 2016-09-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 3dxhid; C:\WINDOWS\System32\drivers\3dxhid.sys [38672 2014-11-07] (3Dconnexion SAM)
S3 AX88179; C:\WINDOWS\System32\drivers\ax88179_178a.sys [74240 2016-07-16] (ASIX Electronics Corp.)
S3 DCamUSBSTK03N; C:\WINDOWS\system32\DRIVERS\STK03NW2.sys [113288 2010-01-05] (Syntek Ltd.)
S3 DCamUSBSTK03N; C:\Windows\SysWOW64\DRIVERS\STK03NW2.sys [108544 2010-01-05] (Syntek Ltd.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 DptfDevPch; C:\WINDOWS\system32\DRIVERS\DptfDevPch.sys [116752 2013-10-14] (Intel Corporation)
S3 DptfDevProc; C:\WINDOWS\system32\DRIVERS\DptfDevProc.sys [290256 2013-10-14] (Intel Corporation)
R3 DptfManager; C:\WINDOWS\system32\DRIVERS\DptfManager.sys [494808 2013-10-14] (Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [52200 2016-02-26] (Intel Corporation)
R3 DUBE100B; C:\WINDOWS\System32\drivers\DUBE100B.sys [49152 2013-10-23] (D-Link Corporation)
S3 ewusbnet; C:\WINDOWS\System32\drivers\ewusbnet.sys [415232 2011-10-18] (Huawei Technologies Co., Ltd.)
R1 gwdrv; C:\WINDOWS\system32\DRIVERS\gwdrv.sys [33152 2015-05-29] (SecureMix LLC)
R2 hardlock; C:\windows\system32\drivers\hardlock.sys [331328 2013-08-01] (SafeNet Inc.)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [54736 2017-02-24] ()
R3 irstrtdv; C:\WINDOWS\System32\drivers\irstrtdv.sys [43800 2012-07-20] (Intel Corporation)
R3 KMJHidMini; C:\WINDOWS\System32\drivers\3dxkmj.sys [18944 2013-10-08] (3Dconnextion Inc.)
R3 KMJShim; C:\WINDOWS\System32\drivers\3dxshim.sys [7168 2013-10-08] (3Dconnextion Inc.)
S3 libusb0; C:\WINDOWS\system32\DRIVERS\libusb0.sys [52832 2013-12-05] (hxxp://libusb-win32.sourceforge.net)
S3 libusbK; C:\WINDOWS\System32\drivers\libusbK.sys [47200 2013-12-04] (hxxp://libusb-win32.sourceforge.net)
S3 MakerBotUsbFilter; C:\WINDOWS\system32\DRIVERS\MakerBotUsbFilter.sys [18712 2013-11-12] ()
R1 MpKsl58a325dc; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5EE750F1-7D9D-45D0-8319-7BB93C7C7CB2}\MpKsl58a325dc.sys [44928 2017-02-27] (Microsoft Corporation)
S3 MS3dPrintUSB; C:\WINDOWS\system32\DRIVERS\MS3DPrintUSB.sys [24072 2015-02-05] ()
S3 Netaapl; C:\WINDOWS\system32\DRIVERS\netaapl64.sys [23040 2013-07-25] (Apple Inc.) [Datei ist nicht signiert]
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 NPF; C:\WINDOWS\System32\drivers\NPF.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 pwdrvio; C:\windows\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\windows\system32\pwdspio.sys [12504 2013-09-30] ()
R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [624456 2015-07-07] (Realtek Semiconductor Corporation)
R3 RtlWlanu_OldIC; C:\WINDOWS\System32\drivers\rtwlanu_oldIC.sys [3814400 2016-07-16] (Realtek Semiconductor Corporation                           )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [422656 2016-03-09] (Realsil Semiconductor Corporation)
R3 SaiK1705; C:\WINDOWS\system32\DRIVERS\SaiK1705.sys [180584 2012-09-20] (Saitek)
R3 SaiMini; C:\WINDOWS\System32\drivers\SaiMini.sys [25120 2013-04-30] (Saitek)
R3 SaiNtBus; C:\WINDOWS\system32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek)
R3 SaiU1705; C:\WINDOWS\System32\drivers\SaiU1705.sys [47208 2012-09-20] (Saitek)
R3 SensorsAlsDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation)
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation)
S3 silabenm; C:\WINDOWS\system32\DRIVERS\silabenm.sys [27336 2013-11-08] (Silicon Laboratories) [Datei ist nicht signiert]
S3 silabser; C:\WINDOWS\system32\DRIVERS\silabser.sys [73216 2013-11-08] (Silicon Laboratories) [Datei ist nicht signiert]
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
R3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [772480 2015-12-25] (Sunplus)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R2 sxuptp; C:\WINDOWS\System32\drivers\sxuptp.sys [310496 2014-06-17] (silex technology, Inc.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Apple, Inc.) [Datei ist nicht signiert]
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R2 WLNdis50; C:\WINDOWS\system32\DRIVERS\wlndis50.sys [35840 2014-06-05] ()
R2 WLNdis50; C:\Windows\SysWOW64\DRIVERS\wlndis50.sys [35840 2014-06-05] ()
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2017-02-22] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-02-22] (Zemana Ltd.)
U0 aswVmm; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

NETSVC: debugregsvc -> C:\Windows\System32\debugregsvc.dll (Microsoft Corporation)

==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-28 08:18 - 2017-02-28 08:19 - 02423296 _____ (Farbar) C:\Users\mzenk_000\Downloads\FRST64_1.exe
2017-02-27 16:04 - 2017-02-27 16:04 - 00529172 _____ C:\Users\aktito\perfect-opinions.xlsx
2017-02-27 16:04 - 2017-02-27 16:04 - 00526343 _____ C:\Users\QbQit\bentcreatingprocure.xlsx
2017-02-27 16:04 - 2017-02-27 16:04 - 00220170 _____ C:\Users\QbQit\WMTyKpR8.mdb
2017-02-27 16:04 - 2017-02-27 16:04 - 00200578 _____ C:\Users\aktito\authentic temper.mdb
2017-02-27 16:04 - 2017-02-27 16:04 - 00064717 _____ C:\Users\QbQit\sharing.has.xls
2017-02-27 16:04 - 2017-02-27 16:04 - 00064672 _____ C:\Users\aktito\fifty-treatment-intimacy-conflict.xls
2017-02-27 16:04 - 2017-02-27 16:04 - 00052116 _____ C:\Users\aktito\POJ.pem
2017-02-27 16:04 - 2017-02-27 16:04 - 00050911 _____ C:\Users\QbQit\agitate damage obtained.pem
2017-02-27 16:04 - 2017-02-27 16:04 - 00036594 _____ C:\Users\aktito\returningarnold.txt
2017-02-27 16:04 - 2017-02-27 16:04 - 00019805 _____ C:\Users\QbQit\lived amendment.sql
2017-02-27 16:04 - 2017-02-27 16:04 - 00014453 _____ C:\Users\QbQit\results.communications.protection.txt
2017-02-27 16:04 - 2017-02-27 16:04 - 00013302 _____ C:\Users\aktito\identical_defined_urethane.sql
2017-02-27 16:04 - 2017-02-27 16:04 - 00000000 __SHD C:\Users\mzenk_000\Desktop\ This folder protects against Ransomware. Just leave it here
2017-02-27 16:04 - 2017-02-27 16:04 - 00000000 ___HD C:\Users\QbQit
2017-02-27 16:04 - 2017-02-27 16:04 - 00000000 ___HD C:\Users\mzenk_000\Documents\Zvalues49
2017-02-27 16:04 - 2017-02-27 16:04 - 00000000 ___HD C:\Users\mzenk_000\Documents\2014-05-3 transfer132
2017-02-27 16:04 - 2017-02-27 16:04 - 00000000 ___HD C:\Users\aktito
2017-02-27 16:04 - 2017-02-27 16:04 - 00000000 ____D C:\Xdefinitions196
2017-02-27 16:04 - 2017-02-27 16:04 - 00000000 ____D C:\.rhelper133
2017-02-27 16:03 - 2017-02-27 16:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cybereason RansomFree
2017-02-27 13:40 - 2017-02-27 13:40 - 04015056 _____ C:\Users\mzenk_000\Desktop\AdwCleaner_6.043 (1).exe
2017-02-27 13:32 - 2017-02-27 13:32 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsigncb5ab2464ebf5127
2017-02-27 13:32 - 2017-02-27 13:32 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign3f5f4a9b8d3dfa2e
2017-02-27 13:00 - 2017-02-27 13:00 - 00954375 _____ C:\Users\mzenk_000\Downloads\image_resizer.zip
2017-02-27 12:57 - 2017-02-27 12:57 - 01496584 _____ C:\Users\mzenk_000\Downloads\Image Resizer for Windows - CHIP-Installer.exe
2017-02-27 11:37 - 2017-02-27 11:37 - 00000811 _____ C:\Users\mzenk_000\Desktop\JRT.txt
2017-02-27 11:22 - 2017-02-27 11:23 - 04015056 _____ C:\Users\mzenk_000\Downloads\AdwCleaner_6.043.exe
2017-02-25 12:17 - 2017-02-25 12:17 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign6a8b093775648d90
2017-02-25 12:17 - 2017-02-25 12:17 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign26c5f18a8d0c30f5
2017-02-25 11:40 - 2017-02-25 12:01 - 30715264 _____ (SecureMix LLC) C:\Users\mzenk_000\Downloads\GlassWireSetup.exe
2017-02-25 11:37 - 2017-02-25 11:38 - 00000194 _____ C:\Users\mzenk_000\Downloads\hosts-perm.bat
2017-02-25 11:04 - 2017-02-25 11:05 - 00316170 _____ C:\TDSSKiller.3.1.0.12_25.02.2017_11.04.11_log.txt
2017-02-25 10:59 - 2017-02-24 11:07 - 00002024 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20170225-105916.backup
2017-02-25 10:58 - 2017-02-25 11:01 - 00000000 ___HD C:\adobeTemp
2017-02-25 10:57 - 2017-02-25 10:57 - 00002531 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CC 2017.lnk
2017-02-25 10:53 - 2017-02-25 10:53 - 00001032 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Muse CC 2017.lnk
2017-02-25 10:30 - 2017-02-25 10:39 - 00322956 _____ C:\TDSSKiller.3.1.0.12_25.02.2017_10.30.55_log.txt
2017-02-25 10:23 - 2017-02-25 10:26 - 00322956 _____ C:\TDSSKiller.3.1.0.12_25.02.2017_10.23.55_log.txt
2017-02-25 10:23 - 2017-02-25 10:23 - 04747704 _____ (AO Kaspersky Lab) C:\Users\mzenk_000\Downloads\tdsskiller (2).exe
2017-02-25 10:23 - 2017-02-25 10:23 - 04747704 _____ (AO Kaspersky Lab) C:\Users\mzenk_000\Downloads\tdsskiller (1).exe
2017-02-24 10:22 - 2017-02-24 10:22 - 00000000 ____D C:\mbar
2017-02-24 10:19 - 2017-02-24 11:01 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-02-24 10:15 - 2017-02-24 10:15 - 00000000 ____D C:\WINDOWS\pss
2017-02-24 10:04 - 2017-02-24 10:04 - 00024024 _____ C:\Users\mzenk_000\Downloads\bugreport.txt
2017-02-23 23:48 - 2017-02-23 23:48 - 00005694 _____ C:\Users\mzenk_000\Desktop\Rkill_2.txt
2017-02-23 23:16 - 2017-02-25 12:16 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-02-23 23:14 - 2017-02-23 23:14 - 00007668 _____ C:\Users\mzenk_000\Desktop\rk_170223.txt
2017-02-23 22:17 - 2017-02-23 22:17 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-02-23 22:15 - 2017-02-23 23:14 - 00000000 ____D C:\ProgramData\RogueKiller
2017-02-23 22:10 - 2017-02-23 22:10 - 00000000 ____D C:\WINDOWS\ERDNT
2017-02-23 18:09 - 2017-02-24 11:06 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\CrashDumps
2017-02-23 18:00 - 2017-02-25 12:16 - 00000000 ____D C:\Users\mzenk_000\Desktop\mbar
2017-02-23 17:59 - 2017-02-23 17:59 - 16563352 _____ (Malwarebytes Corp.) C:\Users\mzenk_000\Downloads\mbar-1.09.3.1001.exe
2017-02-23 10:35 - 2017-02-23 10:41 - 00139491 _____ C:\Users\mzenk_000\Downloads\Addition.txt
2017-02-23 10:34 - 2017-02-28 08:21 - 00000000 ____D C:\FRST
2017-02-23 10:34 - 2017-02-23 10:41 - 00082078 _____ C:\Users\mzenk_000\Downloads\FRST.txt
2017-02-23 10:32 - 2017-02-23 10:32 - 02423296 _____ (Farbar) C:\Users\mzenk_000\Downloads\FRST64.exe
2017-02-23 10:29 - 2017-02-23 10:33 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\NPE
2017-02-23 10:29 - 2017-02-23 10:29 - 03435768 _____ (Symantec Corporation) C:\Users\mzenk_000\Downloads\NPE (1).exe
2017-02-23 10:29 - 2017-02-23 10:29 - 00000000 ____D C:\ProgramData\Norton
2017-02-23 10:26 - 2017-02-23 10:26 - 03435768 _____ (Symantec Corporation) C:\Users\mzenk_000\Downloads\NPE.exe
2017-02-23 10:13 - 2017-02-23 10:20 - 55566792 _____ (Malwarebytes ) C:\Users\mzenk_000\Downloads\mb3-setup-consumer-3.0.6.1469.exe
2017-02-22 20:39 - 2017-02-22 20:39 - 00000000 _____ C:\Users\mzenk_000\Desktop\Unbenannt.uafi
2017-02-22 18:04 - 2017-02-22 18:04 - 00003642 _____ C:\WINDOWS\System32\Tasks\ReasonSecurityScheduledScan
2017-02-22 18:04 - 2017-02-22 18:04 - 00003510 _____ C:\WINDOWS\System32\Tasks\ReasonSecurityStart
2017-02-22 18:04 - 2017-02-22 18:04 - 00000000 ____D C:\ProgramData\Reason
2017-02-22 18:03 - 2017-02-22 18:03 - 06406240 _____ (Reason Software Company Inc.) C:\Users\mzenk_000\Desktop\reason-core-security-setup.exe
2017-02-22 18:03 - 2017-02-22 18:03 - 00000959 _____ C:\Users\Public\Desktop\Reason Core Security.lnk
2017-02-22 18:03 - 2017-02-22 18:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reason Core Security
2017-02-22 18:03 - 2017-02-22 18:03 - 00000000 ____D C:\Program Files\Reason
2017-02-22 12:41 - 2017-02-22 12:41 - 00000000 ____D C:\WINDOWS\Panther
2017-02-22 12:40 - 2017-02-23 09:47 - 00000524 _____ C:\WINDOWS\system32\.crusader
2017-02-22 12:27 - 2017-02-24 11:02 - 00054736 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2017-02-22 12:27 - 2017-02-22 12:41 - 00000000 ____D C:\ProgramData\HitmanPro
2017-02-22 12:26 - 2017-02-22 12:27 - 11581544 _____ (SurfRight B.V.) C:\Users\mzenk_000\Downloads\hitmanpro_x64 (1).exe
2017-02-22 12:17 - 2017-02-25 11:12 - 00005376 _____ C:\Users\mzenk_000\Desktop\Rkill.txt
2017-02-22 12:02 - 2017-02-28 08:21 - 00555127 _____ C:\WINDOWS\ZAM.krnl.trace
2017-02-22 12:02 - 2017-02-28 08:21 - 00527448 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2017-02-22 12:02 - 2017-02-22 12:02 - 14449600 _____ (Copyright 2017.) C:\Users\mzenk_000\Downloads\Zemana.AntiMalware.Portable.exe
2017-02-22 12:02 - 2017-02-22 12:02 - 00203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2017-02-22 12:02 - 2017-02-22 12:02 - 00203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys
2017-02-22 12:02 - 2017-02-22 12:02 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Zemana
2017-02-22 11:54 - 2017-02-22 11:55 - 00316816 _____ C:\TDSSKiller.3.1.0.12_22.02.2017_11.54.43_log.txt
2017-02-22 11:54 - 2017-02-22 11:54 - 04747704 _____ (AO Kaspersky Lab) C:\Users\mzenk_000\Downloads\tdsskiller.exe
2017-02-22 11:42 - 2017-02-22 11:52 - 00002275 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-22 11:42 - 2017-02-22 11:52 - 00002263 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-02-22 11:41 - 2017-02-22 11:41 - 01201256 _____ (Adobe Systems Incorporated) C:\Users\mzenk_000\Downloads\flashplayer24pp_da_install.exe
2017-02-22 10:16 - 2017-02-22 10:18 - 00000000 ____D C:\Users\mzenk_000\Desktop\funk
2017-02-21 16:19 - 2017-02-21 16:19 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign7f26db0a4933127e
2017-02-21 16:16 - 2017-02-21 16:16 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign7012e679b3cdbef1
2017-02-21 14:11 - 2017-02-21 14:11 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsigndd822a315bd2fb18
2017-02-21 14:11 - 2017-02-21 14:11 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsigndc683d65d21136c8
2017-02-21 14:11 - 2017-02-21 14:11 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign106a730f97475271
2017-02-21 12:44 - 2017-02-21 12:44 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign49ae2af517fc5c58
2017-02-21 12:43 - 2017-02-21 12:43 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignc53783aa983d2a83
2017-02-21 11:36 - 2017-02-21 11:36 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsigne0769834de9bd005
2017-02-21 11:36 - 2017-02-21 11:36 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign4f800e60bde24a70
2017-02-21 11:36 - 2017-02-21 11:36 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign4baf574cc4a8d27d
2017-02-21 11:28 - 2017-02-21 11:28 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignf06cef9267c87ee3
2017-02-21 11:28 - 2017-02-21 11:28 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign4eff38e8db3cf107
2017-02-21 11:27 - 2017-02-21 11:27 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign56cd0fcb8de5d081
2017-02-21 08:37 - 2017-02-21 08:37 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign363f4652aac7f3f1
2017-02-21 08:36 - 2017-02-21 08:36 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsigncaa405149411c168
2017-02-21 07:45 - 2017-02-21 07:45 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignd2bbff85e07918b4
2017-02-21 07:45 - 2017-02-21 07:45 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign49aac4c9437b8cee
2017-02-21 07:45 - 2017-02-21 07:45 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign14020a0f1e77e812
2017-02-21 07:44 - 2017-02-21 07:44 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsigne4d9e333266c0b88
2017-02-21 07:44 - 2017-02-21 07:44 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignc17a6ecec7d8bc22
2017-02-21 07:44 - 2017-02-21 07:44 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsigna66ffdcdd968ebdf
2017-02-21 07:38 - 2017-02-21 07:38 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignda063bb2f1289280
2017-02-21 07:38 - 2017-02-21 07:38 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign58420517735a9b9c
2017-02-21 07:30 - 2017-02-21 07:30 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignc16edab1fda1e87b
2017-02-21 07:30 - 2017-02-21 07:30 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign9db95f2bec3f014b
2017-02-20 23:32 - 2017-02-20 23:32 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign9667c3bd1b6cad1e
2017-02-20 23:15 - 2017-02-20 23:15 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsigndcfad7ab9320a176
2017-02-20 23:15 - 2017-02-20 23:15 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignda36507a1f2319d1
2017-02-20 23:14 - 2017-02-20 23:14 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign1e10687bb9d87204
2017-02-20 23:07 - 2017-02-20 23:07 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignc7383a4717f93c60
2017-02-20 23:00 - 2017-02-20 23:00 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign02031925d2895d24
2017-02-20 22:59 - 2017-02-20 22:59 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign3a33744224791093
2017-02-20 22:58 - 2017-02-20 22:58 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignfed99dc4589e5e3b
2017-02-20 22:58 - 2017-02-20 22:58 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsigne8637107747c211d
2017-02-20 22:58 - 2017-02-20 22:58 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsigne10dc75ae43b8142
2017-02-20 22:58 - 2017-02-20 22:58 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsigna1f9734973fae393
2017-02-20 16:07 - 2017-02-20 16:07 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsigne415bed2d394f8c3
2017-02-20 14:38 - 2017-02-20 14:38 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsigne19eefa3b0ccf58d
2017-02-20 14:38 - 2017-02-20 14:38 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignd96c8a410bf9fe14
2017-02-20 14:38 - 2017-02-20 14:38 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign126c813ef87c6e51
2017-02-20 14:37 - 2017-02-20 14:37 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsigndfbc714a83173ccb
2017-02-20 14:33 - 2017-02-20 14:33 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign9c3bd7c420580f53
2017-02-20 14:32 - 2017-02-20 14:32 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign7d73408497e137fb
2017-02-20 14:20 - 2017-02-20 14:20 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign23f23f622c6519d4
2017-02-20 14:19 - 2017-02-20 14:19 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignc97b7c8c81fa117e
2017-02-20 14:19 - 2017-02-20 14:19 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignbef781058f15b7f0
2017-02-20 14:19 - 2017-02-20 14:19 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign4dde062d9c54892b
2017-02-20 14:19 - 2017-02-20 14:19 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign1d79ad993129aac8
2017-02-20 12:20 - 2017-02-20 12:20 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign848c08f209520c73
2017-02-20 12:19 - 2017-02-20 12:19 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign13d14c53619ffc01
2017-02-20 12:18 - 2017-02-20 12:18 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignfdfcae806561652c
2017-02-20 12:18 - 2017-02-20 12:18 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsigne91ae1f7d1eba320
2017-02-20 12:18 - 2017-02-20 12:18 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign4654f58f9857fa60
2017-02-18 11:02 - 2017-02-18 11:02 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign9c0f88bfe9d3dd44
2017-02-18 11:01 - 2017-02-18 11:01 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignbaaf037bfd15b1f9
2017-02-18 11:01 - 2017-02-18 11:01 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsigna058f9c95b1f2dea
2017-02-17 18:05 - 2017-02-17 18:05 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignfde3140021b60f06
2017-02-17 18:04 - 2017-02-17 18:04 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignfbf68b1b6fdf6a5b
2017-02-17 15:22 - 2017-02-17 15:22 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign682f7b41212e439a
2017-02-17 13:41 - 2017-02-17 13:41 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign785bf2dce2060654
2017-02-17 11:34 - 2017-02-17 11:34 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignf0f68ffbb638e886
2017-02-16 21:13 - 2017-02-16 21:13 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign914ec2e6746d24c9
2017-02-16 18:20 - 2017-02-16 18:20 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign14cbc91f303a3bde
2017-02-16 17:48 - 2017-02-16 17:48 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignd064987d536e674c
2017-02-16 17:47 - 2017-02-16 17:47 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign26b6e221d997388e
2017-02-16 17:46 - 2017-02-16 17:46 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignc7ff97d410d188aa
2017-02-16 17:46 - 2017-02-16 17:46 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign10f04a517778d9f7
2017-02-16 17:11 - 2017-02-16 17:11 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignc65d73d1631ebcf7
2017-02-16 17:08 - 2017-02-16 17:08 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignf8a832b01eb716c4
2017-02-16 17:08 - 2017-02-16 17:08 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign1f0af582579988c7
2017-02-16 16:45 - 2017-02-16 16:45 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignd159729d576db242
2017-02-16 16:45 - 2017-02-16 16:45 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign267f25a1a0e684cf
2017-02-16 16:44 - 2017-02-16 16:44 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignfe4d2e52d950ba99
2017-02-16 16:44 - 2017-02-16 16:44 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign2425db3c15d81f20
2017-02-16 16:43 - 2017-02-16 16:43 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignb0161fc2dfebc8ec
2017-02-16 16:43 - 2017-02-16 16:43 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign0c7741804853ace2
2017-02-16 16:39 - 2017-02-16 16:39 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign3d6b0a09f4fd504d
2017-02-16 16:39 - 2017-02-16 16:39 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign0aefc66b401ab0c4
2017-02-16 16:34 - 2017-02-16 16:34 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignec9ee2589f9991d8
2017-02-16 16:34 - 2017-02-16 16:34 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign13722565e5571258
2017-02-16 16:33 - 2017-02-16 16:33 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign985e3b27a09a98e7
2017-02-16 16:33 - 2017-02-16 16:33 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign8333d1dc01829e44
2017-02-16 13:52 - 2017-02-16 13:52 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsigne15c34d2558ef35f
2017-02-16 13:52 - 2017-02-16 13:52 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign97de9fcbf995a9c6
2017-02-16 13:51 - 2017-02-16 13:51 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign909f476af60b03d0
2017-02-16 13:27 - 2017-02-16 13:27 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign4275ebd056208641
2017-02-16 13:09 - 2017-02-16 13:09 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign5beeac0d975285ec
2017-02-16 13:08 - 2017-02-16 13:08 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsigne88afef08fa6a26c
2017-02-16 13:08 - 2017-02-16 13:08 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign7db61f06c73c131b
2017-02-16 13:07 - 2017-02-16 13:07 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsigne802c191006cc720
2017-02-16 13:07 - 2017-02-16 13:07 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignb9fbb28027b3d633
2017-02-16 11:05 - 2017-02-16 11:05 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign4796ddcaf9067c89
2017-02-16 11:04 - 2017-02-16 11:04 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignd938129888ed70b4
2017-02-16 11:04 - 2017-02-16 11:04 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignc0e10d8b85ad6d98
2017-02-16 10:34 - 2017-02-16 10:34 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsigne842fcc80bf3e4a5
2017-02-16 10:32 - 2017-02-16 10:32 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignd8c1d5d9275e0a9a
2017-02-16 10:32 - 2017-02-16 10:32 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign18f18466713053dc
2017-02-16 10:32 - 2017-02-16 10:32 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign06e0e4d367433f97
2017-02-16 10:32 - 2017-02-16 10:32 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign0608a3c7c57f946a
2017-02-15 17:49 - 2017-02-15 17:49 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignefb7bb002230a3cd
2017-02-15 17:49 - 2017-02-15 17:49 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign5bf168b350ada6d8
2017-02-15 16:46 - 2017-02-15 16:46 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignd41d332e8e5e1a62
2017-02-15 16:46 - 2017-02-15 16:46 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign2e5d29f566963d38
2017-02-15 15:31 - 2017-02-15 15:31 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign492baf5f70dcef93
2017-02-15 15:27 - 2017-02-15 15:27 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign955e2546690217bf
2017-02-15 15:27 - 2017-02-15 15:27 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign32041dcedb3e9835
2017-02-15 15:26 - 2017-02-15 15:26 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignd096911b8a1e0486
2017-02-15 15:26 - 2017-02-15 15:26 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign234f1f4ae72fd587
2017-02-15 12:59 - 2017-02-15 12:59 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign6ae67a975ea5b8be
2017-02-15 12:59 - 2017-02-15 12:59 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign5ace8c50355aff8a
2017-02-14 15:26 - 2017-02-14 15:26 - 00023157 _____ C:\Users\mzenk_000\Downloads\full-page-navigation.zip
2017-02-14 15:23 - 2017-02-14 15:23 - 00026983 _____ C:\Users\mzenk_000\Downloads\gooey-menu-v1.zip
2017-02-14 15:00 - 2017-02-14 15:00 - 00029436 _____ C:\Users\mzenk_000\Downloads\gooey-menu-v4.zip
2017-02-14 14:55 - 2017-02-14 14:55 - 00029133 _____ C:\Users\mzenk_000\Downloads\angle-nav.zip
2017-02-14 13:49 - 2017-02-14 13:49 - 00167479 _____ C:\Users\mzenk_000\Downloads\News-Feed-Free-V2.zip
2017-02-14 13:49 - 2017-02-14 13:49 - 00097862 _____ C:\Users\mzenk_000\Downloads\Content-Locker-Free-V2.zip
2017-02-14 13:49 - 2017-02-14 13:49 - 00076310 _____ C:\Users\mzenk_000\Downloads\cool-countdownV21.zip
2017-02-14 13:49 - 2017-02-14 13:49 - 00035362 _____ C:\Users\mzenk_000\Downloads\Mailchimp-Signup-Form.zip
2017-02-14 13:49 - 2017-02-14 13:49 - 00025625 _____ C:\Users\mzenk_000\Downloads\cookie-policy-popup-V3.zip
2017-02-14 13:49 - 2017-02-14 13:49 - 00023810 _____ C:\Users\mzenk_000\Downloads\muse-password-protect1.zip
2017-02-14 13:49 - 2017-02-14 13:49 - 00023691 _____ C:\Users\mzenk_000\Downloads\HoverAnimationEffects.zip
2017-02-14 13:49 - 2017-02-14 13:49 - 00023416 _____ C:\Users\mzenk_000\Downloads\search-and-replace.zip
2017-02-13 15:35 - 2017-02-13 15:35 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignb6f8e8206877e911
2017-02-13 14:28 - 2017-02-13 14:28 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign56f6d694b2e04b6b
2017-02-13 14:28 - 2017-02-13 14:28 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign18daaabdfa9a73e9
2017-02-13 14:28 - 2017-02-13 14:28 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign172abc1b5708c755
2017-02-13 14:19 - 2017-02-13 14:19 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign384744cf76406df2
2017-02-13 13:29 - 2017-02-13 13:29 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsigna11df168643eb5fb
2017-02-13 13:29 - 2017-02-13 13:29 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign2ac49be8ace554af
2017-02-13 10:04 - 2017-02-13 10:04 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsigne42b26e018191999
2017-02-13 10:04 - 2017-02-13 10:04 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignb248c61ba1170207
2017-02-13 10:04 - 2017-02-13 10:04 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign1142a570deb9672a
2017-02-13 10:02 - 2017-02-13 10:02 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignbe001cddd3ca882f
2017-02-13 10:01 - 2017-02-13 10:01 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignba68d35dc63165c8
2017-02-10 19:05 - 2017-02-13 17:50 - 00038261 _____ C:\Users\mzenk_000\Desktop\Test_PCB.T3001
2017-02-10 19:05 - 2017-02-13 17:50 - 00000000 ____D C:\Users\mzenk_000\Desktop\BackupFiles
2017-02-10 14:12 - 2017-02-10 14:12 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignaeabc3ee579df135
2017-02-10 14:08 - 2017-02-10 14:08 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignf0fa481281a5196a
2017-02-10 14:08 - 2017-02-10 14:08 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign7515249099ccbb32
2017-02-10 10:20 - 2017-02-10 10:20 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign48ab21c6b95be5d9
2017-02-10 10:20 - 2017-02-10 10:20 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign3384cbd5878901c1
2017-02-10 09:18 - 2017-02-10 09:18 - 00000000 ____D C:\Users\mzenk_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TARGET 3001! V18 discover
2017-02-10 09:18 - 2017-02-10 09:18 - 00000000 ____D C:\ProgramData\Okmbexyj0
2017-02-10 09:17 - 2017-02-10 09:18 - 00000000 ____D C:\Program Files (x86)\ELECTRA
2017-02-10 09:17 - 2017-02-10 09:17 - 00001324 _____ C:\Users\Public\Desktop\Target 3001! V18 discover.lnk
2017-02-10 09:17 - 2017-02-10 09:17 - 00001075 _____ C:\Users\mzenk_000\Desktop\ELECTRA.lnk
2017-02-10 09:17 - 2017-02-10 09:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TARGET 3001! V18 discover
2017-02-10 09:17 - 2017-02-10 09:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ELECTRA
2017-02-10 09:17 - 2017-02-10 09:17 - 00000000 ____D C:\Program Files (x86)\ibf
2017-02-10 09:12 - 2017-02-10 09:12 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign8c71d19af8e569e4
2017-02-10 09:12 - 2017-02-10 09:12 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign7a59ce72730ddca8
2017-02-10 09:12 - 2017-02-10 09:12 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign5048d17ade60ef3a
2017-02-10 08:53 - 2017-02-10 08:53 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignbf59e829652370c9
2017-02-10 08:53 - 2017-02-10 08:53 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign283e73481bc56a0a
2017-02-10 08:53 - 2017-02-10 08:53 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign11c9b47200ec4070
2017-02-09 14:02 - 2017-02-09 14:02 - 00394252 _____ C:\Users\mzenk_000\Desktop\170209_01_OF-NBB_N.pdf
2017-02-09 12:58 - 2017-02-09 12:58 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignf59a1d730f094f39
2017-02-09 12:58 - 2017-02-09 12:58 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsigndcd87cbf3b53f024
2017-02-09 12:58 - 2017-02-09 12:58 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsigna9f8fb0bf2a339e3
2017-02-09 12:58 - 2017-02-09 12:58 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign98b93d005594c566
2017-02-09 12:57 - 2017-02-09 12:57 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsigna9347c0ec9f8d6e7
2017-02-09 12:57 - 2017-02-09 12:57 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign737a376c1362f98d
2017-02-09 12:57 - 2017-02-09 12:57 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign5c1258d0053196f5
2017-02-09 12:17 - 2017-02-09 12:17 - 03060834 _____ C:\Users\mzenk_000\Downloads\170207_video_userart.pdf
2017-02-09 12:16 - 2017-02-09 12:16 - 07530944 _____ C:\Users\mzenk_000\Downloads\A4_pricing (1).pdf
2017-02-09 11:16 - 2017-02-09 11:16 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign9856dcc15a1603ec
2017-02-09 11:16 - 2017-02-09 11:16 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign4f2d1d882eeed158
2017-02-09 11:16 - 2017-02-09 11:16 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign187b2b4ad4340a8e
2017-02-09 11:16 - 2017-02-09 11:16 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign06464810f4c0df2a
2017-02-09 10:41 - 2017-02-09 11:24 - 00387203 _____ C:\Users\mzenk_000\Desktop\170208_01_OF-EDK_CCB.pdf
2017-02-07 18:49 - 2017-02-07 18:49 - 00000000 ____D C:\Users\mzenk_000\Desktop\fritz
2017-02-07 18:48 - 2017-02-07 18:48 - 50293250 _____ C:\Users\mzenk_000\Downloads\fritzing.0.9.2b.32.pc.zip
2017-02-07 18:45 - 2017-02-07 18:45 - 00000000 ____D C:\Users\mzenk_000\Desktop\fritzing.0.9.3b.64.pc
2017-02-07 18:31 - 2017-02-07 18:31 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign97121c07a75f8c52
2017-02-07 18:31 - 2017-02-07 18:31 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign88c1733fb2770e04
2017-02-07 18:31 - 2017-02-07 18:31 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign4f09ad5c76a753f5
2017-02-07 18:06 - 2017-02-07 18:42 - 00000000 ____D C:\Users\mzenk_000\Downloads\fritzing.0.9.3b.64.pc
2017-02-07 17:20 - 2017-02-07 17:20 - 03060834 _____ C:\Users\mzenk_000\Desktop\170207_video_userart.pdf
2017-02-07 16:51 - 2017-02-07 16:51 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignd1f6318c9d1600bc
2017-02-07 16:51 - 2017-02-07 16:51 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignbaaad3e3d6784574
2017-02-07 16:51 - 2017-02-07 16:51 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignaec88454634c9105
2017-02-07 12:09 - 2017-02-07 12:10 - 04009061 _____ C:\Users\mzenk_000\Downloads\Reolink-Client-Windows-v7.1.2.44.zip
2017-02-06 12:25 - 2017-02-06 12:25 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign53641ec6fdc715eb
2017-02-06 12:14 - 2017-02-06 12:14 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign4f9d40a5c17806e6
2017-02-06 12:14 - 2017-02-06 12:14 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign06b388432c15f36f
2017-02-06 12:12 - 2017-02-06 12:12 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignb97eb56002ecbdf2
2017-02-06 12:12 - 2017-02-06 12:12 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign6db7dce2268c1653
2017-02-06 12:12 - 2017-02-06 12:12 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign57d2c35bd783b793
2017-02-05 13:11 - 2017-02-05 13:11 - 36193624 _____ C:\Users\mzenk_000\Desktop\hz.7z
2017-02-05 13:08 - 2017-02-05 13:08 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsigncd3e28d3e309604f
2017-02-05 13:08 - 2017-02-05 13:08 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignc38f5e4111fd38dd
2017-02-05 13:08 - 2017-02-05 13:08 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign7816e8e04de038af
2017-02-05 13:08 - 2017-02-05 13:08 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign5ed70d4e258b8ad9
2017-02-05 13:05 - 2017-02-05 13:05 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignd10a608de7703ed0
2017-02-05 13:05 - 2017-02-05 13:05 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign9a522224ce47b2de
2017-02-05 13:05 - 2017-02-05 13:05 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign24999d1b2762cbfd
2017-02-05 13:00 - 2017-02-05 13:43 - 00000000 ____D C:\Users\mzenk_000\Desktop\hz
2017-02-05 12:55 - 2017-02-05 12:55 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign98b038aa59773bc5
2017-02-05 12:55 - 2017-02-05 12:55 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign986829465dc8b451
2017-02-05 12:55 - 2017-02-05 12:55 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign66b2c2ff01014dfe
2017-02-03 10:48 - 2017-02-03 10:48 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsigne71557b37b948fe0
2017-02-03 10:48 - 2017-02-03 10:48 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign8e71485dc7e2836d
2017-02-03 10:48 - 2017-02-03 10:48 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign2c5fd137c97afcc6
2017-02-02 18:16 - 2017-02-02 18:16 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignff1a577bd8dfce30
2017-02-02 13:51 - 2017-02-02 13:51 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsigncfb76ba3b86d0f05
2017-02-02 13:51 - 2017-02-02 13:51 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign3c101241f5775b14
2017-02-02 11:32 - 2017-02-02 11:32 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign47b3c8d3a537346b
2017-02-02 10:36 - 2017-02-02 10:36 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsigna9238eb19aa5dd68
2017-02-02 10:35 - 2017-02-02 10:35 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign42ec664478d58e11
2017-02-02 10:35 - 2017-02-02 10:35 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign2106d3a2cdbe11e8
2017-02-02 10:04 - 2017-02-02 14:51 - 03188713 _____ C:\Users\mzenk_000\Desktop\test4.pdf
2017-02-02 09:14 - 2017-02-02 09:14 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign1e5eaef36b1ad4bc
2017-02-02 09:06 - 2017-02-02 09:06 - 02965745 _____ C:\Users\mzenk_000\Desktop\newDesign_test.psd
2017-02-02 08:28 - 2017-02-02 08:28 - 03004084 _____ C:\Users\mzenk_000\Downloads\test2 (3).pdf
2017-02-01 19:48 - 2017-02-01 19:48 - 03004084 _____ C:\Users\mzenk_000\Downloads\test2 (2).pdf
2017-02-01 19:47 - 2017-02-01 19:47 - 03004084 _____ C:\Users\mzenk_000\Downloads\test2 (1).pdf
2017-02-01 19:45 - 2017-02-01 19:45 - 03004084 _____ C:\Users\mzenk_000\Downloads\test2.pdf
2017-02-01 19:33 - 2017-02-01 19:33 - 03004084 _____ C:\Users\mzenk_000\Desktop\test2.pdf
2017-02-01 18:53 - 2017-02-01 18:53 - 02992213 _____ C:\Users\mzenk_000\Desktop\test.pdf
2017-02-01 18:26 - 2017-02-01 18:26 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsigneafda34b046ec09f
2017-02-01 17:45 - 2017-02-01 17:45 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign952e9cd8a44d7813
2017-02-01 17:45 - 2017-02-01 17:45 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign14d1df027716a70b
2017-02-01 16:03 - 2017-02-01 16:03 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign9148140213c2537b
2017-02-01 16:03 - 2017-02-01 16:03 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign8e82a863e603aedf
2017-02-01 15:18 - 2017-02-01 15:18 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignace09b0a7f52a7c3
2017-02-01 10:33 - 2017-02-01 10:33 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign59940190a9e2853f
2017-02-01 10:32 - 2017-02-01 10:32 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign9953110cc371eed4
2017-02-01 10:32 - 2017-02-01 10:32 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign1006db2fc981619d
2017-01-31 17:53 - 2017-01-31 17:53 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsigne575d59ab15779ab
2017-01-31 17:28 - 2017-01-31 17:28 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignfe91425c6bd6027f
2017-01-31 17:18 - 2017-01-31 17:18 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign98586aa3c9734a36
2017-01-31 17:16 - 2017-01-31 17:16 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign10e97d07a757b601
2017-01-30 19:21 - 2017-01-30 19:21 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign8b3c826f78683fd5
2017-01-30 19:20 - 2017-01-30 19:20 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsign9c31088370a4d7e5
2017-01-30 19:11 - 2017-01-30 19:11 - 00007987 _____ C:\Users\mzenk_000\Desktop\_DSC9265.xmp
2017-01-30 18:58 - 2017-01-30 18:58 - 00007983 _____ C:\Users\mzenk_000\Desktop\_DSC9263.xmp
2017-01-30 18:58 - 2017-01-30 18:58 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignb2def6a33deb50d4
2017-01-30 17:41 - 2017-01-30 17:41 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsignd929c642b92d88fa
2017-01-30 17:41 - 2017-01-30 17:41 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Tempzxpsigna4214f993abfeae1

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-28 07:44 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-28 07:44 - 2013-02-12 10:02 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Adobe
2017-02-28 07:43 - 2016-09-14 13:14 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-27 18:42 - 2014-09-06 19:24 - 00833413 _____ C:\Users\mzenk_000\Documents\MuseLog.txt
2017-02-27 16:03 - 2017-01-12 19:05 - 00004090 _____ C:\WINDOWS\System32\Tasks\Cybereason RansomFree Keepalive
2017-02-27 16:03 - 2017-01-12 19:05 - 00003196 _____ C:\WINDOWS\System32\Tasks\Cybereason RansomFree Autostart
2017-02-27 14:58 - 2016-11-22 09:28 - 00000000 ____D C:\AdwCleaner
2017-02-27 13:32 - 2016-05-10 15:42 - 00000000 ___RD C:\Users\mzenk_000\Creative Cloud Files
2017-02-27 13:32 - 2014-02-13 09:56 - 00000000 ____D C:\ProgramData\boost_interprocess
2017-02-27 13:11 - 2016-09-14 13:17 - 05054516 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-02-27 13:11 - 2016-07-16 23:51 - 02325912 _____ C:\WINDOWS\system32\perfh007.dat
2017-02-27 13:11 - 2016-07-16 23:51 - 00615556 _____ C:\WINDOWS\system32\perfc007.dat
2017-02-27 13:11 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-27 12:37 - 2015-07-01 14:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-27 12:35 - 2016-05-03 08:11 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\CLIQZ
2017-02-27 11:44 - 2016-09-14 13:17 - 05019400 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-27 11:41 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2017-02-27 11:41 - 2013-05-23 10:09 - 00000000 ____D C:\Program Files (x86)\GoPro
2017-02-27 11:39 - 2016-09-14 13:56 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-27 11:38 - 2016-07-16 07:04 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2017-02-27 11:31 - 2016-09-14 14:02 - 00000008 __RSH C:\Users\mzenk_000\ntuser.pol
2017-02-27 11:31 - 2016-09-14 13:17 - 00000000 ____D C:\Users\mzenk_000
2017-02-27 11:31 - 2013-11-21 13:33 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-02-27 10:13 - 2014-03-11 14:25 - 00000000 ____D C:\Program Files (x86)\Opera
2017-02-25 11:01 - 2016-04-27 17:21 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-02-25 11:01 - 2016-04-27 17:21 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-02-25 11:00 - 2013-02-12 10:03 - 00000000 ____D C:\ProgramData\Adobe
2017-02-25 10:58 - 2013-02-12 10:43 - 00000000 ____D C:\Program Files\Common Files\Adobe
2017-02-25 10:22 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-24 11:17 - 2016-11-03 12:05 - 00003976 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1478171135
2017-02-24 11:17 - 2016-11-03 12:05 - 00001131 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-02-24 11:10 - 2012-11-29 08:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2017-02-24 11:01 - 2016-07-16 23:56 - 00000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2017-02-23 23:44 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\IME
2017-02-23 18:06 - 2016-09-14 13:14 - 05234832 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-02-23 17:42 - 2013-07-24 10:32 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-23 17:31 - 2013-01-17 13:40 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-23 11:16 - 2014-09-06 18:33 - 00000000 ____D C:\Users\mzenk_000\Desktop\userart
2017-02-23 10:35 - 2015-11-19 17:23 - 00000000 ____D C:\ProgramData\Tenable
2017-02-23 10:21 - 2016-04-01 12:34 - 00000000 ____D C:\Users\mzenk_000\Documents\Visual Studio 2015
2017-02-22 20:48 - 2014-03-25 12:21 - 00000600 _____ C:\Users\mzenk_000\AppData\Local\PUTTY.RND
2017-02-22 18:25 - 2016-09-14 13:16 - 00000000 ____D C:\ProgramData\Razer
2017-02-22 18:25 - 2013-02-26 17:38 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Razer
2017-02-22 18:24 - 2016-09-14 13:16 - 00000000 ____D C:\Program Files (x86)\Razer
2017-02-22 18:22 - 2012-11-29 08:15 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-22 18:17 - 2016-04-01 09:32 - 00000000 ____D C:\Program Files (x86)\OpenVPN
2017-02-22 18:17 - 2015-07-29 11:46 - 00000000 ____D C:\Program Files (x86)\Bitcoin
2017-02-22 12:41 - 2016-11-15 10:49 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-22 12:41 - 2015-11-19 17:23 - 00001024 _____ C:\.rnd
2017-02-22 12:41 - 2015-11-04 10:57 - 00000946 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2017-02-22 12:08 - 2013-04-06 22:23 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Google
2017-02-22 11:47 - 2016-09-14 13:56 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-02-22 11:47 - 2016-09-14 13:56 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-02-22 11:42 - 2016-09-14 13:56 - 00004086 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-02-22 11:42 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-22 11:42 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-22 11:42 - 2013-04-06 22:23 - 00000000 ____D C:\Program Files (x86)\Google
2017-02-22 09:41 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-21 10:11 - 2013-01-17 12:52 - 00000000 ____D C:\Users\mzenk_000\AppData\Local\Packages
2017-02-21 07:45 - 2016-05-11 09:07 - 00000033 _____ C:\Users\mzenk_000\AppData\Roaming\AdobeWLCMCache.dat
2017-02-20 18:25 - 2013-02-28 11:43 - 00000000 ____D C:\Users\mzenk_000\AppData\Roaming\MakerBot
2017-02-15 15:41 - 2013-01-17 12:52 - 00000000 ____D C:\Users\mzenk_000\AppData\Roaming\Adobe
2017-02-10 09:18 - 2013-09-13 22:07 - 00000000 ____D C:\Users\mzenk_000\AppData\Roaming\ibf
2017-02-07 17:59 - 2015-03-06 12:22 - 00000000 ____D C:\Users\mzenk_000\AppData\Roaming\Fritzing
2017-02-06 20:48 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-06 16:45 - 2016-12-14 09:25 - 00001365 _____ C:\Users\mzenk_000\Desktop\Neues Textdokument (2).txt
2017-01-31 15:58 - 2016-12-08 15:22 - 00000000 ____D C:\Users\mzenk_000\Desktop\sales
2017-01-30 20:10 - 2016-11-22 19:28 - 00008256 _____ C:\Users\mzenk_000\Desktop\_DSC9255.xmp

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-01-17 12:53 - 2013-01-19 10:33 - 0002347 _____ () C:\Users\mzenk_000\AppData\Roaming\AbsoluteReminder.xml
2013-10-06 10:56 - 2013-10-06 10:56 - 0000132 _____ () C:\Users\mzenk_000\AppData\Roaming\Adobe CS6-BMP-Format - Voreinstellungen
2014-10-15 07:59 - 2015-01-29 12:34 - 0000132 _____ () C:\Users\mzenk_000\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2016-05-11 09:07 - 2017-02-21 07:45 - 0000033 _____ () C:\Users\mzenk_000\AppData\Roaming\AdobeWLCMCache.dat
2013-02-26 17:52 - 2013-02-26 19:36 - 0001846 _____ () C:\Users\mzenk_000\AppData\Roaming\EliseProfile0.dat
2013-02-26 19:35 - 2013-02-26 19:36 - 0001820 _____ () C:\Users\mzenk_000\AppData\Roaming\EliseProfile1.dat
2015-12-19 19:13 - 2016-04-13 12:23 - 0000600 _____ () C:\Users\mzenk_000\AppData\Roaming\PUTTY.RND
2013-10-06 10:32 - 2013-10-06 10:32 - 0000000 _____ () C:\Users\mzenk_000\AppData\Roaming\sdsce.dll
2013-10-06 10:35 - 2013-10-06 10:35 - 0000000 _____ () C:\Users\mzenk_000\AppData\Roaming\systkr32.dll
2014-03-19 11:33 - 2014-12-12 09:28 - 0000600 _____ () C:\Users\mzenk_000\AppData\Roaming\winscp.rnd
2013-02-13 17:31 - 2016-05-06 08:48 - 0001456 _____ () C:\Users\mzenk_000\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2013-01-17 12:52 - 2016-03-03 12:26 - 0067415 _____ () C:\Users\mzenk_000\AppData\Local\BTServer.log
2014-01-15 13:32 - 2014-01-15 13:32 - 0000144 _____ () C:\Users\mzenk_000\AppData\Local\CFHDMNOQAIGPKHIHSRKO.75956.blb
2013-02-26 17:47 - 2013-02-26 17:47 - 0007875 _____ () C:\Users\mzenk_000\AppData\Local\CleanupUninstall.txt
2014-01-25 18:10 - 2014-01-25 18:10 - 0000144 _____ () C:\Users\mzenk_000\AppData\Local\CLNTFNCJIMJFDSTBSCHS.5108.blb
2013-12-18 15:28 - 2013-12-18 15:28 - 0000144 _____ () C:\Users\mzenk_000\AppData\Local\EFHHTCHONLPNPHRFQANH.30860.blb
2014-01-25 17:27 - 2014-01-25 17:27 - 0000144 _____ () C:\Users\mzenk_000\AppData\Local\FPISCFKGEBANHRLFIGGT.5108.blb
2013-12-18 16:44 - 2013-12-18 16:44 - 0000144 _____ () C:\Users\mzenk_000\AppData\Local\GBCTOPGKTCGSHDMETAJG.16708.blb
2014-01-25 15:52 - 2014-01-25 15:52 - 0000144 _____ () C:\Users\mzenk_000\AppData\Local\HFSSDHRKCHOFPQJHIOHJ.5108.blb
2014-01-15 12:50 - 2014-01-15 12:50 - 0000144 _____ () C:\Users\mzenk_000\AppData\Local\LTRMABHCTOJCOQEMCERM.75956.blb
2013-12-18 17:24 - 2013-12-18 17:24 - 0000144 _____ () C:\Users\mzenk_000\AppData\Local\NQNKIDCARMBCCFPMHNCI.15028.blb
2013-01-18 09:03 - 2013-07-17 13:09 - 0000008 ____H () C:\Users\mzenk_000\AppData\Local\pcdit.dat
2014-03-25 12:21 - 2017-02-22 20:48 - 0000600 _____ () C:\Users\mzenk_000\AppData\Local\PUTTY.RND
2015-01-15 16:11 - 2015-01-15 16:11 - 0000218 _____ () C:\Users\mzenk_000\AppData\Local\recently-used.xbel
2013-02-18 21:57 - 2013-11-04 12:44 - 0000369 _____ () C:\Users\mzenk_000\AppData\Local\RegisteredPackageInformation.xml
2013-10-30 10:43 - 2013-10-30 10:43 - 0000017 _____ () C:\Users\mzenk_000\AppData\Local\resmon.resmoncfg
2014-01-18 15:59 - 2014-01-18 15:59 - 0000144 _____ () C:\Users\mzenk_000\AppData\Local\RTHHCLTGFPJAKJKLANID.900792.blb
2013-11-11 12:22 - 2013-11-11 12:22 - 0000331 _____ () C:\Users\mzenk_000\AppData\Local\RunFromPB.rtfxoptions
2016-09-14 13:14 - 2016-09-14 13:14 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-01-18 09:02 - 2013-01-18 09:02 - 0000036 _____ () C:\ProgramData\InstallAlibre.config
2013-12-18 15:13 - 2013-12-18 15:13 - 0000090 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

Einige Dateien in TEMP:
====================
2017-02-23 22:16 - 2016-11-11 11:13 - 1886344 _____ (Microsoft Corporation) C:\Users\mzenk_000\AppData\Local\Temp\dllnt_dump.dll

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-02-20 12:57

==================== Ende von FRST.txt ============================

nekropolit · 28.02.2017, 12:20

Addition:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 27-02-2017 01
durchgeführt von Martin Zenker (28-02-2017 08:22:45)
Gestartet von C:\Users\mzenk_000\AppData\Local\Temp\scoped_dir8612_29749
Windows 10 Pro Version 1607 (X64) (2016-09-14 13:02:34)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2553620308-2587970361-2745048916-500 - Administrator - Disabled)
alex_000 (S-1-5-21-2553620308-2587970361-2745048916-1014 - Limited - Enabled) => C:\Users\alex_000
DefaultAccount (S-1-5-21-2553620308-2587970361-2745048916-503 - Limited - Disabled)
Gast (S-1-5-21-2553620308-2587970361-2745048916-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2553620308-2587970361-2745048916-1009 - Limited - Enabled)
Martin Zenker (S-1-5-21-2553620308-2587970361-2745048916-1001 - Administrator - Enabled) => C:\Users\mzenk_000

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

3Dconnexion 3DxWare 10 (64-bit) (HKLM-x32\...\{BAFCA6AC-8B37-405B-B57E-C1D45DE70ACC}) (Version: 10.2.0 - 3Dconnexion)
3Dconnexion 3DxWinCore (Version: 17.2.0.11011 - 3Dconnexion) Hidden
3Dconnexion Add-In for AutoCAD (Version: 5.0.0 - 3Dconnexion) Hidden
3Dconnexion Add-In for Inventor 11 - 2015 (Version: 2.1.0 - 3Dconnexion) Hidden
3Dconnexion Add-In for Solid Edge V18 - ST7 (Version: 3.2.0 - 3Dconnexion) Hidden
3Dconnexion Add-In for SolidWorks 2005 - 2015 (Version: 3.2.0 - 3Dconnexion) Hidden
3Dconnexion Add-On for XSI v5.0 - 2015 (Version: 3.0.3 - 3Dconnexion) Hidden
3Dconnexion Collage (x32 Version: 1.3.0 - 3Dconnexion) Hidden
3Dconnexion Extension for SketchUp (Version: 4.1.0 - 3Dconnexion) Hidden
3Dconnexion LCD Applets for SpacePilot Pro (Version: 1.3.3 - 3Dconnexion) Hidden
3Dconnexion Plug-In for 3ds Max 2008 - 2015 (Version: 6.1.0 - 3Dconnexion) Hidden
3Dconnexion Plug-in for Acrobat 3D (x32 Version: 1.3.0 - 3Dconnexion) Hidden
3Dconnexion Plug-In for Maya v8.5 - 2015 (Version: 5.1.0 - 3Dconnexion) Hidden
3Dconnexion Plug-In for NX v4.0 - v10.0 (Version: 3.2.0 - 3Dconnexion) Hidden
3Dconnexion Plug-In for Photoshop CS3 - CS6 and CC (Version: 2.4.0 - 3Dconnexion) Hidden
3Dconnexion Plug-In for Pro/ENGINEER Wildfire 3.0 - Creo 3.0 (Version: 2.2.0 - 3Dconnexion) Hidden
3Dconnexion Trainer (x32 Version: 3.2.2 - 3Dconnexion) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Active Directory Authentication Library für SQL Server (Version: 13.0.1100.286 - Microsoft Corporation) Hidden
Active Directory Authentication Library für SQL Server (x86) (x32 Version: 13.0.1100.286 - Microsoft Corporation) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.1.335 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Edge Animate CC 2015 (HKLM-x32\...\{92AC6B8F-F962-11E4-867D-81149C0292DF}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Edge Code Preview 3 (HKLM-x32\...\{DEDC5560-EC63-4FCE-A1A1-671326862C2B}) (Version: 0.20 - Adobe Systems Incorporated)
Adobe Edge Inspect (HKLM-x32\...\{D830EE30-BF0C-42B7-A13C-927A379353ED}) (Version: 1.0.388 - Adobe Systems Incorporated)
Adobe Edge Reflow CC Preview (HKLM\...\{8452F686-0D9B-4450-B723-FCD0582B02C3}) (Version: 0.51.17178 - Adobe Systems Incorporated)
Adobe Extension Manager CC (HKLM-x32\...\{244FD30F-63F1-49B9-9D98-1150FF4FFCB1}) (Version: 7.3.2 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Flash Player 24 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CC 2017 (HKLM-x32\...\ILST_21_0_2) (Version: 21.0.2 - Adobe Systems Incorporated)
Adobe InDesign CC 2017 (HKLM-x32\...\IDSN_12_0_0) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2017 (HKLM-x32\...\AME_11_0_0) (Version: 11.0.0 - Adobe Systems Incorporated)
Adobe Muse CC 2017 (HKLM-x32\...\MUSE_2017_0_2) (Version: 2017.0.2.60 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.19) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.19 - Adobe Systems Incorporated)
Adobe Touch App Plugins (HKLM-x32\...\{1EC083EE-5B76-4A2A-B95A-CAF460AA29D6}) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{981F324E-98F4-4784-B76F-04E92039F3F6}) (Version: 5.2.60328.3 - Microsoft Corporation)
Arduino (HKLM-x32\...\Arduino) (Version: 1.0.5-r2 - Arduino LLC)
AX88179_AX88178A Windows 8.1 Drivers (HKLM-x32\...\InstallShield_{23CD4583-326F-40FC-A9AA-5A48EA066C16}) (Version: 2.0.1.0 - ASIX Electronics Corporation)
AX88179_AX88178A Windows 8.1 Drivers (x32 Version: 2.0.1.0 - ASIX Electronics Corporation) Hidden
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blue Iris 4 (HKLM-x32\...\{24DBFE51-243F-4538-BB28-2FD7EC8E7F16}) (Version: 4.3.0.15 - Perspective Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build Tools - amd64 (Version: 12.0.30501 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.30501 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Canon iX4000 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iX4000) (Version:  - )
Canon MX880 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX880_series) (Version:  - )
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CMake (HKLM\...\{72DA7A62-0082-4E68-A6FB-52B9A1141C7C}) (Version: 3.7.1 - Kitware)
Complemento do Microsoft Report Viewer para Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden
Complemento Microsoft Report Viewer para Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden
Compon. agg. Microsoft Report Viewer per Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant)
Corel Graphics Suite 11 (x32 Version: 11 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 11 (HKLM-x32\...\InstallShield_{1C63DD23-6554-4A1F-8D0D-B5A6B49D8015}) (Version: 11 - Corel Corporation)
Cybereason RansomFree 2.2.5.0 (HKLM-x32\...\{4A79F8E4-F22D-4F66-9D52-D84F5AFA830E}) (Version: 2.2.5.0 - Cybereason Inc.)
Dependency Package Update (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Dependency Package Update (x32 Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (x32 Version: 1.6.38.00 - Lenovo Group Limited) Hidden
Dependency Package Update (x32 Version: 1.6.38.01 - Lenovo Group Limited) Hidden
Devenv-Ressourcen für Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
DiskInternals Partition Recovery (HKLM-x32\...\DiskInternals Partition Recovery) (Version: 6.1 - DiskInternals Research)
D-Link Powerline AV Utility (HKLM-x32\...\D-Link Powerline AV Utility) (Version: 1.0.0.0 - D-Link Corporation.)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition 5.19.1 (x32 Version: 5.19.1.3091 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack 5.19.1 de-DE (x32 Version: 5.19.1.3091 - PreEmptive Solutions) Hidden
EGR-ShellExtension (HKLM-x32\...\EGR-ShellExtension) (Version: 1.2.0.101 - EasternGraphics)
ELECTRA Demo 5.10 (HKLM-x32\...\ELECTRA_is1) (Version:  - KONEKT)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.4 - Lenovo)
Energy Management (x32 Version: 8.0.2.4 - Lenovo) Hidden
Entity Framework 6.1.0 Tools  for Visual Studio 2013 (HKLM-x32\...\{D4635FB4-434D-4663-A4C8-CFC00FA9D24E}) (Version: 12.0.30228.0 - Microsoft Corporation)
Entity Framework 6.1.3 Tools  for Visual Studio 2015 Update 1 (HKLM-x32\...\{2A56910C-69C8-495D-8ED8-9080F0A14E58}) (Version: 14.0.41103.0 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
Erforderliche Komponenten für SSDT RC0 (HKLM-x32\...\{837FF5F6-F0CB-4C80-B003-65B14F1490FE}) (Version: 13.0.1100.286 - Microsoft Corporation)
Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2015 Sprachpaket (DEU) - v1.7 (x32 Version: 1.7.40113.5 - Microsoft Corporation) Hidden
GeoVision ADPCM (HKLM-x32\...\GeoADPCM) (Version:  - )
GeoVision Audio (HKLM-x32\...\GeoAudio) (Version:  - )
GeoVision H264 (HKLM-x32\...\Codec_264) (Version:  - )
GeoVision JPEG (HKLM-x32\...\Codec_jpeg) (Version:  - )
GeoVision MJPG (HKLM-x32\...\Codec_MJPG) (Version:  - )
GeoVision MPEG2 (HKLM-x32\...\Codec_mp2) (Version:  - )
GeoVision MPEG4 (HKLM-x32\...\GEOXCodec) (Version:  - )
GeoVision MPEG4 ASP (HKLM-x32\...\Codec_amp4) (Version:  - )
GeoVision MPEG4 AVC (HKLM-x32\...\Codec_AVC) (Version:  - )
GeoVision MXPG (HKLM-x32\...\Codec_MXPG) (Version:  - )
GetFoldersize 2.5.24 (HKLM-x32\...\GetFoldersize_is1) (Version: 2.5.24 - Michael Thummerer Software Design)
Git version 2.7.0 (HKLM\...\Git_is1) (Version: 2.7.0 - The Git Development Community)
GlassWire 1.1 (remove only) (HKLM-x32\...\GlassWire 1.1) (Version: 1.1.41 - SecureMix LLC)
GNU Tools for ARM Embedded Processors 5.4 2016 (remove only) (HKLM-x32\...\GNU Tools for ARM Embedded Processors 5.4 2016) (Version: 5.4 2016q3 - ARM Holdings)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GSurf_Pro_V2 (HKLM-x32\...\GSurf_Pro_V2) (Version: 1.0.2.11 - Grandstream)
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
Harmony Browser Plug-in (HKLM-x32\...\{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}) (Version: 2.0 - Logitech)
Hotfix für Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (HKLM-x32\...\{8343C2D8-09DF-38B3-9D1A-A26148918E45}.KB947789) (Version: 1 - Microsoft Corporation)
IIS 10.0 Express (HKLM\...\{7A28A2B0-458B-4A58-84AC-C90D2D4B79FB}) (Version: 10.0.1735 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version:  - )
Image Resizer for Windows (64 bit) (Version: 3.0.4802.35565 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{69d72156-6582-4556-8637-06f40aa7f85b}) (Version: 3.0.4802.35565 - Brice Lambson)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2106 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 2.1.0.1002 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IP Camera (HKLM-x32\...\IP Camera) (Version:  - )
ISO to USB (HKLM-x32\...\{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1) (Version:  - isotousb.com)
IsoBuster 3.6 (HKLM-x32\...\IsoBuster_is1) (Version: 3.6 - Smart Projects)
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java SE Development Kit 7 Update 55 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170550}) (Version: 1.7.0.550 - Oracle)
K-Lite Codec Pack 11.9.6 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.9.6 - KLCP)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.38.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.5.5.10 - SunplusIT)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.0710 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.0710 - CyberLink Corp.) Hidden
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for de-de Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
MakerBot_Bundle_BETA_3.10.0.1725_x64 (HKLM-x32\...\MakerBot) (Version: 3.10.0.1725 - MakerBot)
Memory Profiler (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
MergeModule_x86 (x32 Version: 9.3.00 - Sony Corporation) Hidden
Microsoft .NET Compact Framework 3.5 (HKLM-x32\...\{72CCBEA1-8D57-4981-A337-81019F28C5BA}) (Version: 3.5.7283 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft Access 2013 - de-de (HKLM\...\AccessRetail - de-de) (Version: 15.0.4805.1003 - Microsoft Corporation)
Microsoft Access database engine 2010 (German) (HKLM-x32\...\{90140000-00D1-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{D32EF103-4016-4C15-BCB0-700C0A7A2309}) (Version: 3.0.50813.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Document Explorer 2008 (HKLM-x32\...\Microsoft Document Explorer 2008) (Version:  - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25123 - Microsoft Corporation)
Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.25123 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (German) (HKLM-x32\...\{90120000-00D1-0407-0000-0000000FF1CE}) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Project 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{8446EB22-A746-46DC-B1BD-E0DFA1F3CDDA}) (Version:  - Microsoft)
Microsoft Office Project Professional 2007 (HKLM-x32\...\PRJPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2008 SP1 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2008 (KB971119)) (Version:  - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2008 SP1 Language Pack - DEU (HKLM-x32\...\Microsoft Report Viewer Redistributable 2008 SP1 Language Pack - DEU) (Version:  - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB RC0 (HKLM\...\{BDEC3091-D84B-4F70-B1AB-6487354160F4}) (Version: 13.0.1100.286 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects RC0 (x64) (HKLM\...\{8C76566F-6B51-43FD-A99E-AAA2E9A96918}) (Version: 13.0.1100.286 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom RC0 (HKLM\...\{F5E316A6-F894-4DCF-9088-F07E06A1ABFA}) (Version: 13.0.1100.286 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL-Sprachdienst RC0 (HKLM-x32\...\{F5AF6F7A-E0DC-480C-94E3-B5596C9A239F}) (Version: 13.0.12000.52 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (14.0.60311.1) (HKLM-x32\...\{FE4AF448-6FF2-4996-889F-8F07BA88DB59}) (Version: 14.0.60311.1 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects  (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom  (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service  (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2016 Management Objects RC0 (HKLM-x32\...\{029A7000-E652-4D44-88C2-483C9FD345A7}) (Version: 13.0.1100.286 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft Visio Professional 2013 (HKLM-x32\...\Office15.VISPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{a55ac379-46b0-461a-95b1-fef5c08443f2}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger - ENU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger - ENU Service Pack 1 (KB945140) (HKLM-x32\...\{64D5BBC6-5270-3711-AA39-31C1087AF4E6}.KB945140) (Version: 1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - DEU (HKLM-x32\...\{987AE03F-234A-3623-BD28-6B31FD1D3AB3}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2015 Tools for Unity (HKLM-x32\...\{5359C5C6-F83D-4E74-9170-F9A68BE1C57F}) (Version: 2.3.0.0 - Microsoft Corporation)
Microsoft Visual Studio Professional 2013 (HKLM-x32\...\{0b3e9a26-155d-42c3-aac0-b7571833df38}) (Version: 12.0.30501 - Microsoft Corporation)
Microsoft Visual Studio Professional 2015 mit Update 2 (HKLM-x32\...\{a54fbb28-1ab6-4d34-a4c8-3f122db12b5f}) (Version: 14.0.25123.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU (HKLM-x32\...\{8343C2D8-09DF-38B3-9D1A-A26148918E45}) (Version: 9.0.35191 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications Design-Time 3.0 - DEU Language Pack (HKLM-x32\...\{38F74A0E-357B-336C-B614-FE59F4BC62A0}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications Design-Time 3.0 (HKLM-x32\...\{5A03C202-08B4-3F1D-9A60-A4F53EF1B636}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications x86 Runtime 3.0 - DEU Language Pack (HKLM-x32\...\{96D7B7B6-424F-3A52-8E8D-32CF2615DBD2}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Web Authoring Component (HKLM-x32\...\VisualWebDeveloper) (Version: 12.0.4518.1066 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Microsoft Web Platform Installer 4.0 (HKLM\...\{E2B8249D-895C-4685-8C83-00F3B1A13028}) (Version: 4.0.1622 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server*2016 RC0 (HKLM\...\{71F2875A-58DC-432F-B959-67B6D928E08F}) (Version: 13.0.1100.286 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server*2016 RC0 (HKLM-x32\...\{D2C7A7B6-719A-4F6A-881A-555B999F82AC}) (Version: 13.0.1100.286 - Microsoft Corporation)
MiniTool Partition Wizard Home Edition 8.0 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
Mit C# erstellte geräteübergreifende Hybrid-Apps - Vorlagen - DEU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
MobaXterm (HKLM-x32\...\{7F6E8FAE-C96A-4B24-B59B-A6E035504B26}) (Version: 9.4.0.0 - Mobatek)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.07.00.03 - Huawei Technologies Co.,Ltd)
Module Microsoft Report Viewer pour Visual Studio*2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden
Motion Control (HKLM\...\Motion Control) (Version: 1.1.2.41 - Lenovo)
MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.25123 - Microsoft Corporation) Hidden
MyHarmony (HKU\S-1-5-21-2553620308-2587970361-2745048916-1001\...\036a0e4fc6a247ec) (Version: 1.0.1.241 - Logitech)
NetBeans IDE 8.2 (HKLM\...\nbi-nb-base-8.2.0.0.201609300101) (Version: 8.2 - NetBeans.org)
NetSurveillance (HKLM-x32\...\NetSurveillance) (Version:  - )
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4805.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4805.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4805.1003 - Microsoft Corporation) Hidden
ONVIF Device Manager v2.2.250 (HKLM-x32\...\{6AC771CF-4EAA-41B7-A398-61A33701E076}) (Version: 2.2.250 - Synesis)
Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
OpenTFTPServer (HKLM-x32\...\OpenTFTPServer) (Version:  - )
Opera Stable 43.0.2442.991 (HKLM-x32\...\Opera 43.0.2442.991) (Version: 43.0.2442.991 - Opera Software)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM-x32\...\{3F514FDC-F0F2-3B99-86D6-F7B3A2679B39}) (Version: 4.5.51209 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6 (Deutsch) (HKLM-x32\...\{FACF2669-E25A-428A-9167-5EEDE741F3B9}) (Version: 4.6.00127 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation)
pCon.planner STD (HKLM-x32\...\{86480C70-BDAB-4C58-B96E-3FF5469A6979}) (Version: 7.2.0.101 - EasternGraphics)
PidCAInstall7 (x32 Version: 2.0.0.0 - Microsoft) Hidden
PlayMemories Camera Apps Downloader (HKLM-x32\...\{E4B95A36-0EF2-44C6-B939-5B3DBBC34502}) (Version: 1.1.1975.475 - Sony Network Entertainment International LLC)
PlayMemories Home (HKLM-x32\...\{94F4815B-755A-4FFA-AFDC-EE8FE776981E}) (Version: 5.0.00.08250 - Sony Corporation)
PLCUtility (HKLM-x32\...\PLCUtility) (Version: 4.00 - D-Link)
PMB_ModeEditor (x32 Version: 9.3.00 - Sony Corporation) Hidden
PMB_ServiceUploader (x32 Version: 10.0.00 - Sony Corporation) Hidden
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
PuTTY version 0.63 (HKLM-x32\...\PuTTY_is1) (Version: 0.63 - Simon Tatham)
Python Tools Redirection Template (x32 Version: 1.1 - Microsoft Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN and Bluetooth Driver (HKLM-x32\...\{B6322D12-A133-4128-8306-DAFFF7231152}) (Version: 1.03.0199 - REALTEK Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{B63CCD1C-A133-4DF8-8306-DA0387231152}) (Version: 1.00.0230 - REALTEK Semiconductor Corp.)
Reason Core Security (HKLM-x32\...\Reason Core Security) (Version: 1.2.0.1 - Reason Software Company Inc.)
RegIPCPlugin (HKLM-x32\...\{A917EBA8-8C3B-4379-9EAD-9EF23F4A100C}) (Version:  - )
Roadkil's Disk Image Version 1.6 (HKLM-x32\...\{2AE21A08-FF8E-44CF-84C7-F5571DBF7360}_is1) (Version:  - Roadkil.Net)
Roslyn Language Services - x86 (x32 Version: 14.0.25123 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.25125 - Microsoft Corporation) Hidden
Samsung Universal Print Driver 2 (HKLM-x32\...\Samsung Universal Print Driver 2) (Version: 2.50.04.00 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SharePoint Client Components (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
SharePoint Client Components (Version: 16.0.2617.1200 - Microsoft Corporation) Hidden
Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16102.12 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.16102.12 - Samsung Electronics Co., Ltd.) Hidden
Smart Technology Programming Software 7.0.27.13 (HKLM\...\{C9193CBB-C31A-412A-A074-AD08F0F2CF3D}) (Version: 7.0.27.13 - Mad Catz)
SQL Server 2012 Data quality client (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
STK02N 2.4.1 (HKLM-x32\...\{3F424493-B0F2-43A4-A892-DFA447B2A59D}) (Version: 2.4.1 - Syntek)
STK03N (HKLM-x32\...\{E83CD823-C522-4B71-B10A-E1088B3BD261}) (Version: 1.00.0 - Syntek)
SX Virtual Link (HKLM\...\SX Virtual Link) (Version: 3.13.0 - silex technology, Inc.)
SXi-Q (HKLM-x32\...\{AEA43572-B9C1-41DB-BBB1-613CA519E52E}) (Version: 1.9.7 - YiHiEcigar)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version:  - )
Target 3001! V18 discover (HKLM-x32\...\Target 3001! V18 discover) (Version:  - Ing. Buero FRIEDRICH)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Team Explorer for Microsoft Visual Studio 2015 Update 2 (x32 Version: 14.95.25118 - Microsoft) Hidden
Tenable Nessus (x64) (HKLM\...\{B6332D5D-7E18-49AA-8AC5-710952BFBC65}) (Version: 6.5.3.20040 - Tenable Network Security, Inc.)
Tera Term 4.79 (HKLM-x32\...\Tera Term_is1) (Version:  - )
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
TFTPUtil GUI Installer (HKLM-x32\...\TFTPUtil) (Version:  - )
TypeScript Power Tool (x32 Version: 1.0.1.0 - Microsoft Corporation) Hidden
TypeScript Power Tool (x32 Version: 1.8.9.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.1.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.29.0 - Microsoft Corporation) Hidden
UC_4.8.2 (HKLM-x32\...\UC) (Version: 4.8.2 - UC(China) Co., Ltd. )
Universal CRT Extension SDK (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Redistributable (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3039776) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{FD1F398D-BD56-43E6-8E58-707857AC9A8C}) (Version:  - Microsoft)
VC Runtimes MSI (x32 Version: 9.0.21022 - Microsoft) Hidden
version 5.13.415.31/1.0.0.27/3.4.5.11(H1C307WW) (HKLM-x32\...\{4AD4461B-8BD4-4354-805C-E97E7A404906}_is1) (Version:  - Lenovo Group Limited)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
Visual C++ 2008 IA64 Runtime - v9.0.30729.01 (HKLM-x32\...\{22E23C71-C27A-3F30-8849-BB6129E50679}.vc_i64runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
Visual C++ 2008 x64 Runtime - v9.0.30729.01 (HKLM-x32\...\{0DF3AE91-E533-3960-8516-B23737F8B7A2}.vc_x64runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
Visual C++ 2008 x64 Runtime - v9.0.30729.4148 (HKLM-x32\...\{3C11D2DA-6802-3F66-BE6B-B2C046AFE866}.vc_x64runtime_30729_4148) (Version: 9.0.30729.4148 - Microsoft Corporation)
Visual C++ 2008 x64 Runtime - v9.0.30729.6161 (HKLM-x32\...\{E7E58A3A-D9BD-3D4B-9475-AE757454AD82}.vc_x64runtime_30729_6161) (Version: 9.0.30729.6161 - Microsoft Corporation)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM-x32\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
Visual C++ 2008 x86 Runtime - v9.0.30729.4148 (HKLM-x32\...\{7B33F480-496D-334A-BAC2-205DEC0CBC2D}.vc_x86runtime_30729_4148) (Version: 9.0.30729.4148 - Microsoft Corporation)
Visual C++ 2008 x86 Runtime - v9.0.30729.6161 (HKLM-x32\...\{3F8D9A47-9C50-3F46-8F12-B92DD5CA0A2E}.vc_x86runtime_30729_6161) (Version: 9.0.30729.6161 - Microsoft Corporation)
Visual Micro for Arduino (HKLM-x32\...\{FF1DC9D9-DE05-499F-87D8-5B8EDA4F31BD}) (Version: 14.07.1001 - Visual Micro Limited)
Visual Studio .NET Prerequisites - English (HKLM\...\{D3E39E77-0EB4-36FB-B97A-8C8AB21B9A45}) (Version: 9.0.30729 - Microsoft Corporation)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio 2010 Prerequisites - English (HKLM\...\{53952792-BF16-300E-ADF2-E7E4367E00CF}) (Version: 10.0.40219 - Microsoft Corporation)
Visual Studio 2013 Update 2 (KB2829760) (HKLM-x32\...\{3c348532-c3bd-4bae-a928-7b555f8c808f}) (Version: 12.0.30501 - Microsoft Corporation)
Visual Studio 2015 Update 2 (KB3022398) (HKLM-x32\...\{78c1b501-a6eb-4f29-88c5-84189564827e}) (Version: 14.0.25123 - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VS Update core components (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
VS Update core components (x32 Version: 14.0.25123 - Microsoft Corporation) Hidden
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17362 - Microsoft Corporation)
Windows Driver Package - FTDI CDM Driver Package (03/30/2010 2.06.02) (HKLM\...\883C04C33C70062A4AD0ED48685D05F25A854C1D) (Version: 03/30/2010 2.06.02 - FTDI)
Windows Driver Package - FTDI CDM Driver Package (03/30/2010 2.06.02) (HKLM\...\ABE36B9BBD00CD433A4454EBCAD52F303406A488) (Version: 03/30/2010 2.06.02 - FTDI)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices  (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012  - GoPro)
Windows Driver Package - MakerBot Industries, LLC (usbser) Ports  (04/17/2013 12.1.0.639) (HKLM\...\F7D0B2D70964C65B3EB37A398A0678DB5B355473) (Version: 04/17/2013 12.1.0.639 - MakerBot Industries, LLC)
Windows Driver Package - MakerBot Industries, LLC (usbser) Ports  (04/17/2013 12.1.0.650) (HKLM\...\4B9440C349A1879E0CA6A584D511B394F5E9AE6A) (Version: 04/17/2013 12.1.0.650 - MakerBot Industries, LLC)
Windows Driver Package - MakerBot Industries, LLC (usbser) Ports  (04/17/2013 12.1.0.661) (HKLM\...\05189AFD431C84D49E734EB2833DB0889B646528) (Version: 04/17/2013 12.1.0.661 - MakerBot Industries, LLC)
Windows Driver Package - MakerBot Industries, LLC (usbser) Ports  (06/19/2013 11.5.25.112) (HKLM\...\6A636E7AF8932FAA275E91F5FF49DF4E32C97BD0) (Version: 06/19/2013 11.5.25.112 - MakerBot Industries, LLC)
Windows Driver Package - MakerBot Industries, LLC (usbser) Ports  (06/19/2013 11.5.25.117) (HKLM\...\723AA4BB670B9AE16430083DC1ADA79FDDB5D1CE) (Version: 06/19/2013 11.5.25.117 - MakerBot Industries, LLC)
Windows Driver Package - MakerBot Industries, LLC (usbser) Ports  (06/19/2013 11.5.25.121) (HKLM\...\1CBFF36ABF7BD52443A5772968A0F84D22AC802D) (Version: 06/19/2013 11.5.25.121 - MakerBot Industries, LLC)
Windows Driver Package - MakerBot Industries, LLC (usbser) Ports  (10/24/2013 16.31.44.402) (HKLM\...\3C8B9891A89A64A0D43646719EC82184B33C4048) (Version: 10/24/2013 16.31.44.402 - MakerBot Industries, LLC)
Windows Driver Package - MakerBot Industries, LLC (usbser) Ports  (10/24/2013 16.31.44.418) (HKLM\...\D6083E36A9821DF3D9DCA6F80AECCD3CD8411A75) (Version: 10/24/2013 16.31.44.418 - MakerBot Industries, LLC)
Windows Driver Package - MakerBot Industries, LLC (usbser) Ports  (10/24/2013 16.31.44.418) (HKLM\...\E332B90FD0740040DF2D2CC1865C773283836BB6) (Version: 10/24/2013 16.31.44.418 - MakerBot Industries, LLC)
Windows Driver Package - MakerBot Industries, LLC (usbser) Ports  (10/24/2013 16.31.44.434) (HKLM\...\72D0E03AD363F20E1A8A3FCBA6CDCEEB52988168) (Version: 10/24/2013 16.31.44.434 - MakerBot Industries, LLC)
Windows Driver Package - MakerBot Industries, LLC (usbser) Ports  (10/27/2014 100.1.0.0) (HKLM\...\1D8A20A244A54F5B2205DA2E74E00AB42CE9C3C3) (Version: 10/27/2014 100.1.0.0 - MakerBot Industries, LLC)
Windows Driver Package - MakerBot Industries, LLC (usbser) Ports  (10/27/2014 100.1.0.0) (HKLM\...\6EFF38D5C9DAEBC02D00EDAC1B0EBFE09DF3CF76) (Version: 10/27/2014 100.1.0.0 - MakerBot Industries, LLC)
Windows Driver Package - MakerBot Industries, LLC (usbser) Ports  (10/27/2014 100.1.0.0) (HKLM\...\703C503DB153791AFD1609E2315BDA63FB883721) (Version: 10/27/2014 100.1.0.0 - MakerBot Industries, LLC)
Windows Driver Package - MakerBot Industries, LLC (usbser) Ports  (10/27/2014 100.1.0.0) (HKLM\...\FB798FEEF8815896BACE053F2CACE979AC7FA12D) (Version: 10/27/2014 100.1.0.0 - MakerBot Industries, LLC)
Windows Driver Package - MakerBot Industries, LLC (usbser) Ports  (11/20/2012 14.45.00.00) (HKLM\...\1855175F43A2953479DEC4F169B16991615D0F10) (Version: 11/20/2012 14.45.00.00 - MakerBot Industries, LLC)
Windows Driver Package - MakerBot Industries, LLC (usbser) Ports  (11/20/2012 14.45.00.00) (HKLM\...\996D101F52A0C99A8CEAD78093656B50AC1C8829) (Version: 11/20/2012 14.45.00.00 - MakerBot Industries, LLC)
Windows Driver Package - MakerBot Industries, LLC (usbser) Ports  (11/20/2012 14.45.00.00) (HKLM\...\B84C6C11C3DFEE0FE60F577DEA45312843F2EE61) (Version: 11/20/2012 14.45.00.00 - MakerBot Industries, LLC)
Windows Embedded Compact 7 (HKLM-x32\...\{A4FF3FC0-A8B3-47c2-8627-CE1D2988D0D8}) (Version: 7.1.2832.0 - Microsoft Corporation)
Windows Embedded Compact 7 ATL Update for Visual Studio 2008 SP1 (HKLM-x32\...\{94EA0C97-9FFB-438F-8291-F571031627ED}) (Version: 7.0.2806 - Microsoft Corporation)
Windows Embedded Silverlight Tools (HKLM-x32\...\{C0E5BD5A-EE0F-4E50-945F-0E12A04A6BDD}) (Version: 3.1.2830.0 - Microsoft Corporation)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
Windows-Treiberpaket - Silicon Laboratories (silabenm) Ports  (03/19/2014 6.7.0.0) (HKLM\...\B97004A400E30DCF940971EFA7A0C13C6B0A4B66) (Version: 03/19/2014 6.7.0.0 - Silicon Laboratories)
Windows-Treiberpaket - Silicon Laboratories (silabenm) Ports  (10/18/2013 6.6.1.0) (HKLM\...\F92C2D6CB4EA0EE558BDF5F8BDD69083DFC62179) (Version: 10/18/2013 6.6.1.0 - Silicon Laboratories)
winpcap-overlook 4.02 (HKLM-x32\...\winpcap-overlook) (Version:  - )
WinSCP 5.5.1 (HKLM-x32\...\winscp3_is1) (Version: 5.5.1 - Martin Prikryl)
Wireshark 2.2.1 (64-bit) (HKLM-x32\...\Wireshark) (Version: 2.2.1 - The Wireshark developer community, hxxps://www.wireshark.org)
Workflow Manager Client 1.0 (Version: 2.0.40131.0 - Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.40326.0 - Microsoft Corporation) Hidden
X264 (HKLM-x32\...\Codec_X264) (Version:  - )
XVID (HKLM-x32\...\Codec_XVID) (Version:  - )
Надстройка Microsoft Report Viewer для Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
用于 Visual Studio 2013 的 Microsoft 报告查看器加载项 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2553620308-2587970361-2745048916-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\mzenk_000\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei
CustomCLSID: HKU\S-1-5-21-2553620308-2587970361-2745048916-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-2F60296C886A}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2553620308-2587970361-2745048916-1001_Classes\CLSID\{3A9040F8-9292-886D-2AA4-B732BA1816D55}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2553620308-2587970361-2745048916-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2553620308-2587970361-2745048916-1001_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AC}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2553620308-2587970361-2745048916-1001_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AD}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2553620308-2587970361-2745048916-1001_Classes\CLSID\{D8145022-B776-96F3-1DFF-F2626BCD0B667}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-2553620308-2587970361-2745048916-1001_Classes\CLSID\{DEDBE4C9-9E87-40C5-B437-9AAB7EB9C667}\InprocServer32 -> C:\Program Files (x86)\EasternGraphics\EGR-ShellExtension\Win64\egr_se.dll (EasternGraphics)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {17ABE341-CC6A-4488-8BA3-3244C375493C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {1F0A9AC9-6275-46CA-9620-F5633E35641A} - System32\Tasks\ReasonSecurityStart => C:\Program Files\Reason\Security\rsUI.exe [2016-09-30] (Reason Software Company Inc.)
Task: {20F1A769-972D-48D3-9431-64BD287D424D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-30] (Microsoft Corporation)
Task: {22490418-AA0F-413D-AA5E-7ADDE59E3B85} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-30] (Microsoft Corporation)
Task: {28AF53FC-C7A6-46F2-82A5-61F1554039D0} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {2B34E097-8ADE-42FC-B53A-D02FB003C433} - System32\Tasks\Cybereason RansomFree Keepalive => C:\Program Files (x86)\Cybereason\RansomFree\CybereasonRansomFree.exe [2017-01-09] (Cybereason)
Task: {2FD41E1C-0957-453E-BC1B-0958C88C6307} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe 
Task: {3DD9D26D-B3DC-4F17-8304-13A64DF98E41} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-22] (Google Inc.)
Task: {46C1EBB3-086D-413C-9FA9-C16BA0D47466} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {474D3576-9519-4726-9E7C-37B51C34ED9E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2017-02-23] (Microsoft Corporation)
Task: {4DA11CFB-17B9-4DBA-B3CF-064E5A894230} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {5A36AB38-A708-4D5C-BCEE-DEC4847D02D3} - System32\Tasks\3DconnexionCreateProcess_3DxService.exe => C:\Program Files\3Dconnexion\3DxWare\3DxWinCore64\3DxService.exe [2014-11-13] (3Dconnexion, INC)
Task: {5FA73430-D8A7-406A-A7B3-3EBE223B23E1} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe 
Task: {6EA11936-C5DB-42FD-AB01-39150CD0A502} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2015-12-14] ()
Task: {6ED188E3-1B35-4A1C-974A-23D8FDE25F28} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-22] (Google Inc.)
Task: {6F225C6C-8AEE-450C-AA38-72A14E8B0F8D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {7191338D-880B-45C0-A031-82BE0C1722A0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {73AD2421-B5B6-42E6-90FA-584785F513CD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {820016F4-8784-45A2-A88C-2C986E870819} - System32\Tasks\AdobeAAMUpdater-1.0-MZ_Yoga_1-alex => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {875B3CB3-6A2D-46C9-90B5-584E756D6A3D} - System32\Tasks\ReasonSecurityScheduledScan => C:\Program Files\Reason\Security\rsUI.exe [2016-09-30] (Reason Software Company Inc.)
Task: {95D988E6-26F7-42C6-A227-0EC28350958A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {96FC6AEE-593E-4F39-AFA3-E8D9AEBA8814} - System32\Tasks\3DconnexionCreateProcess_3DxSRV.EXE => C:\Program Files\3Dconnexion\3Dconnexion 3DxSoftware\3DxWare64\3DxSRV.EXE 
Task: {994F5CA2-1B37-4B40-9100-7FBF67E01913} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {9ABEFAEA-745A-4A49-8A30-70B62EA31EE8} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe 
Task: {9D907717-FDF9-4AC6-AA15-96E2892A946B} - System32\Tasks\Cybereason RansomFree Autostart => C:\Program Files (x86)\Cybereason\RansomFree\CybereasonRansomFree.exe [2017-01-09] (Cybereason)
Task: {9F45B991-5A99-4D20-81DE-3D6D28AE8D8C} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {A7A03112-5F28-47EF-8B1A-90BD85C2768D} - System32\Tasks\Opera scheduled Autoupdate 1478171135 => C:\Program Files (x86)\Opera\launcher.exe [2017-02-20] (Opera Software)
Task: {AE466FD9-213E-420E-AC1C-87799C3ED285} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe 
Task: {B53594F2-71A1-41A0-8613-A7A9991B16EA} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_221_pepper.exe [2017-02-22] (Adobe Systems Incorporated)
Task: {B569D6B1-A701-4624-A796-9F860AE1B330} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {B56B51CF-C7B1-4E58-9C22-906D5A2256CC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {BAEEFE9F-545B-42EE-83DC-A588375405BD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {C39696EC-C836-4E8D-931A-5B85A1D3B642} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-22] (Adobe Systems Incorporated)
Task: {C81BBD2D-65D2-47B6-A923-67455ED2AC4B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {C932C14B-E8BA-4AE3-88FD-6C3FFA7C0B4E} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [2016-03-22] (Microsoft Corporation)
Task: {C9CFC16C-D249-4D78-9878-44FA2ADA6AEC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {DB943FDA-F7F2-4341-B6F1-4DB77DBFCB04} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {EC978F3E-C7F3-43D4-A281-521CF3E70AE9} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {F0B86955-8A53-411D-A8CB-CED93B065B25} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {F0CEBD8B-C4FC-46CA-8CA2-5339781FCCCF} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => %ProgramFiles%\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe 
Task: {F0DCAA20-1ADC-49B9-9932-7C8F57E801AA} - System32\Tasks\AdobeAAMUpdater-1.0-MZ_Yoga_1-mz => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {FFDBED15-62AB-41BA-A7FB-F34B9AE1B70C} - System32\Tasks\{9874746C-C047-4C01-84AE-BA7157B12DF0} => pcalua.exe -a "C:\Program Files (x86)\BonanzaDeals\uninst.exe" -d "C:\Program Files (x86)\BonanzaDeals"

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_221_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\mzenk_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TARGET 3001! V18 discover\Online Hilfe.lnk -> hxxp://server.ibfriedrich.com/wiki/ibfwikide/index.ph

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-14 09:30 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2014-10-07 10:33 - 2011-04-11 06:26 - 00034304 _____ () C:\WINDOWS\System32\spe__l.dll
2008-06-04 06:53 - 2008-06-04 06:53 - 00027648 _____ () C:\WINDOWS\System32\ssd2cl6.dll
2015-02-05 17:29 - 2015-02-05 17:29 - 00181752 _____ () C:\windows\system32\3DPrintService.exe
2014-03-21 09:55 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2016-05-08 01:09 - 2016-05-08 01:09 - 00138240 _____ () C:\Program Files\MakerBot\MakerWare\jsoncpp.dll
2016-08-18 19:35 - 2016-08-18 19:35 - 00111616 _____ () C:\Program Files\MakerBot\MakerWare\py27_dlls\_ctypes.pyd
2016-08-18 19:35 - 2016-08-18 19:35 - 00047616 _____ () C:\Program Files\MakerBot\MakerWare\py27_dlls\_socket.pyd
2016-08-18 19:35 - 2016-08-18 19:35 - 01210368 _____ () C:\Program Files\MakerBot\MakerWare\py27_dlls\_ssl.pyd
2016-08-18 19:35 - 2016-08-18 19:35 - 00474624 _____ () C:\Program Files\MakerBot\MakerWare\py27_dlls\_hashlib.pyd
2016-08-18 19:35 - 2016-08-18 19:35 - 00010752 _____ () C:\Program Files\MakerBot\MakerWare\py27_dlls\select.pyd
2016-08-18 19:35 - 2016-08-18 19:35 - 00689664 _____ () C:\Program Files\MakerBot\MakerWare\py27_dlls\unicodedata.pyd
2015-08-19 22:48 - 2015-08-19 22:48 - 02596352 _____ () C:\Program Files\MakerBot\MakerWare\vtkCommon.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 03111424 _____ () C:\Program Files\MakerBot\MakerWare\vtkFiltering.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 05822464 _____ () C:\Program Files\MakerBot\MakerWare\vtkGraphics.dll
2015-08-19 22:46 - 2015-08-19 22:46 - 02572288 _____ () C:\Program Files\MakerBot\MakerWare\opencv_core2410.dll
2015-08-19 22:46 - 2015-08-19 22:46 - 01200640 _____ () C:\Program Files\MakerBot\MakerWare\opencv_calib3d2410.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 04569600 _____ () C:\Program Files\MakerBot\MakerWare\vtkIO.dll
2015-08-19 22:46 - 2015-08-19 22:46 - 02236928 _____ () C:\Program Files\MakerBot\MakerWare\opencv_imgproc2410.dll
2015-08-19 22:46 - 2015-08-19 22:46 - 02413056 _____ () C:\Program Files\MakerBot\MakerWare\opencv_highgui2410.dll
2014-08-06 14:30 - 2014-08-06 14:30 - 00050688 _____ () C:\Program Files\MakerBot\MakerWare\boost_date_time-vc120-mt-1_56.dll
2014-08-06 14:30 - 2014-08-06 14:30 - 00116224 _____ () C:\Program Files\MakerBot\MakerWare\boost_filesystem-vc120-mt-1_56.dll
2014-08-06 14:29 - 2014-08-06 14:29 - 00019456 _____ () C:\Program Files\MakerBot\MakerWare\boost_system-vc120-mt-1_56.dll
2014-08-06 14:30 - 2014-08-06 14:30 - 00100864 _____ () C:\Program Files\MakerBot\MakerWare\boost_thread-vc120-mt-1_56.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00243200 _____ () C:\Program Files\MakerBot\MakerWare\vtksys.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00159232 _____ () C:\Program Files\MakerBot\MakerWare\vtkverdict.dll
2015-08-19 22:46 - 2015-08-19 22:46 - 00656896 _____ () C:\Program Files\MakerBot\MakerWare\opencv_flann2410.dll
2015-08-19 22:46 - 2015-08-19 22:46 - 00869888 _____ () C:\Program Files\MakerBot\MakerWare\opencv_features2d2410.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00116736 _____ () C:\Program Files\MakerBot\MakerWare\vtkDICOMParser.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00783360 _____ () C:\Program Files\MakerBot\MakerWare\vtkNetCDF.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00110592 _____ () C:\Program Files\MakerBot\MakerWare\vtkNetCDF_cxx.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00080896 _____ () C:\Program Files\MakerBot\MakerWare\LSDyna.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00611328 _____ () C:\Program Files\MakerBot\MakerWare\vtkmetaio.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00127488 _____ () C:\Program Files\MakerBot\MakerWare\vtkpng.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00065024 _____ () C:\Program Files\MakerBot\MakerWare\vtkzlib.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00314880 _____ () C:\Program Files\MakerBot\MakerWare\vtktiff.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00141312 _____ () C:\Program Files\MakerBot\MakerWare\vtkjpeg.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00128000 _____ () C:\Program Files\MakerBot\MakerWare\vtkexpat.dll
2014-08-06 14:29 - 2014-08-06 14:29 - 00028672 _____ () C:\Program Files\MakerBot\MakerWare\boost_chrono-vc120-mt-1_56.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 02085888 _____ () C:\Program Files\MakerBot\MakerWare\vtkhdf5.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00097280 _____ () C:\Program Files\MakerBot\MakerWare\vtkhdf5_hl.dll
2016-05-08 01:23 - 2016-05-08 01:23 - 00107520 _____ () C:\Program Files\MakerBot\MakerWare\tinything.dll
2011-08-12 07:21 - 2011-08-12 07:21 - 00227680 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe
2016-11-28 16:49 - 2013-05-23 15:33 - 00044104 _____ () C:\Windows\runSW.exe
2017-02-22 18:04 - 2017-02-22 18:05 - 00303896 _____ () C:\Program Files\Reason\Security\Protection\rscp\bin\rscp_svc.exe
2014-02-25 02:28 - 2014-02-25 02:28 - 00248736 _____ () C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
2017-02-22 18:04 - 2017-02-22 18:05 - 00625432 _____ () C:\Program Files\Reason\Security\Protection\rscp\bin\rscp_bg.exe
2016-12-14 09:30 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-25 09:57 - 2016-10-25 09:57 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-09-14 14:05 - 2016-09-14 14:05 - 00959168 _____ () C:\Users\mzenk_000\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64\ClientTelemetry.dll
2016-09-14 14:10 - 2016-09-14 14:10 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 11:08 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 11:08 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 11:08 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 11:08 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 11:08 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 11:08 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-02-22 08:23 - 2017-02-22 08:24 - 00073728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-02-22 08:23 - 2017-02-22 08:24 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-02-22 08:23 - 2017-02-22 08:24 - 42895360 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-02-06 09:46 - 2017-02-06 09:46 - 02215424 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\roottools.dll
2016-09-14 13:15 - 2010-10-26 11:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2017-02-06 22:55 - 2017-02-06 22:55 - 00019048 _____ () C:\Program Files\Adobe\Adobe Muse CC 2017\SPBasic.dll
2016-10-25 09:57 - 2016-10-25 09:57 - 31723696 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2017-02-24 11:13 - 2017-02-24 11:18 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-02-24 11:13 - 2017-02-24 11:18 - 21149696 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-02-24 11:13 - 2017-02-24 11:18 - 05380096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2016-06-03 08:10 - 2016-06-03 08:12 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-02-24 11:13 - 2017-02-24 11:18 - 00387584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-02-24 11:13 - 2017-02-24 11:18 - 01047552 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-03-04 17:28 - 2016-03-04 17:29 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2017-02-15 08:15 - 2017-02-15 08:15 - 03865088 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\Calculator.exe
2016-01-27 08:11 - 2016-01-27 08:11 - 00246272 _____ () C:\Program Files (x86)\GlassWire\GeoIP.dll
2012-11-29 08:14 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2017-02-24 11:17 - 2017-02-24 11:17 - 39820888 _____ () C:\Program Files (x86)\Opera\43.0.2442.991\opera_browser.dll
2016-09-14 14:04 - 2016-09-14 14:04 - 00679624 _____ () C:\Users\mzenk_000\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\ClientTelemetry.dll
2017-02-24 11:17 - 2017-02-24 11:17 - 45854808 _____ () C:\Program Files (x86)\Opera\43.0.2442.991\opera_child.dll
2017-02-24 11:17 - 2017-02-24 11:17 - 01930328 _____ () C:\Program Files (x86)\Opera\43.0.2442.991\libglesv2.dll
2017-02-24 11:17 - 2017-02-24 11:17 - 00087640 _____ () C:\Program Files (x86)\Opera\43.0.2442.991\libegl.dll
2015-11-18 15:57 - 2015-11-18 15:57 - 01754296 _____ () C:\Program Files (x86)\Microsoft Office\Office15\tmpod.dll
2015-10-13 15:07 - 2015-10-13 15:07 - 01032360 _____ () C:\Program Files (x86)\Microsoft Office\Office15\ADDINS\UmOutlookAddin.dll
2016-10-12 01:08 - 2016-10-12 01:08 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-10-12 01:08 - 2016-10-12 01:08 - 00223232 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-10-12 01:08 - 2016-10-12 01:08 - 00117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2016-10-12 01:08 - 2016-10-12 01:08 - 00124928 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-10-25 10:49 - 2016-10-25 10:49 - 00098496 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2016-10-12 01:08 - 2016-10-12 01:08 - 00166400 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2016-10-10 23:15 - 2016-10-10 23:15 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-10-10 23:15 - 2016-10-10 23:15 - 00117760 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ref\build\Release\binding.node
2016-10-10 23:15 - 2016-10-10 23:15 - 00125440 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-10-10 23:17 - 2016-10-10 23:17 - 00223232 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-10-25 10:41 - 2016-10-25 10:41 - 00098496 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2016-10-10 23:14 - 2016-10-10 23:14 - 00121856 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\bufferutil\build\Release\bufferutil.node
2016-10-10 23:14 - 2016-10-10 23:14 - 00166400 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\idle-gc\build\Release\idle-gc.node
2017-02-06 22:55 - 2017-02-06 22:55 - 44050024 _____ () C:\Program Files\Adobe\Adobe Muse CC 2017\cep\CEPHtmlEngine\libcef.dll
2017-02-06 22:55 - 2017-02-06 22:55 - 01489512 _____ () C:\Program Files\Adobe\Adobe Muse CC 2017\cep\CEPHtmlEngine\libglesv2.dll
2017-02-06 22:55 - 2017-02-06 22:55 - 00081000 _____ () C:\Program Files\Adobe\Adobe Muse CC 2017\cep\CEPHtmlEngine\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Temp:054203E4 [144]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7931 mehr Seiten.

IE restricted site: HKU\S-1-5-21-2553620308-2587970361-2745048916-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2553620308-2587970361-2745048916-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2553620308-2587970361-2745048916-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2553620308-2587970361-2745048916-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2553620308-2587970361-2745048916-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2553620308-2587970361-2745048916-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2553620308-2587970361-2745048916-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2553620308-2587970361-2745048916-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2553620308-2587970361-2745048916-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2553620308-2587970361-2745048916-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2553620308-2587970361-2745048916-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2553620308-2587970361-2745048916-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2553620308-2587970361-2745048916-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2553620308-2587970361-2745048916-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2553620308-2587970361-2745048916-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2553620308-2587970361-2745048916-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2553620308-2587970361-2745048916-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2553620308-2587970361-2745048916-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2553620308-2587970361-2745048916-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2553620308-2587970361-2745048916-1001\...\123simsen.com -> www.123simsen.com

Da befinden sich 7932 mehr Seiten.


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2017-02-27 12:55 - 00454188 ____A C:\WINDOWS\system32\Drivers\etc\hosts

0.0.0.0	0.0.0.0
0.0.0.0	tracking.opencandy.com.s3.amazonaws.com
0.0.0.0	media.opencandy.com
0.0.0.0	cdn.opencandy.com
0.0.0.0	tracking.opencandy.com
0.0.0.0	api.opencandy.com
0.0.0.0	api.recommendedsw.com
0.0.0.0	installer.betterinstaller.com
0.0.0.0	installer.filebulldog.com
0.0.0.0	d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0	inno.bisrv.com
0.0.0.0	nsis.bisrv.com
0.0.0.0	cdn.file2desktop.com
0.0.0.0	cdn.goateastcach.us
0.0.0.0	cdn.guttastatdk.us
0.0.0.0	cdn.inskinmedia.com
0.0.0.0	cdn.insta.oibundles2.com
0.0.0.0	cdn.insta.playbryte.com
0.0.0.0	cdn.llogetfastcach.us
0.0.0.0	cdn.montiera.com
0.0.0.0	cdn.msdwnld.com
0.0.0.0	cdn.mypcbackup.com
0.0.0.0	cdn.ppdownload.com
0.0.0.0	cdn.riceateastcach.us
0.0.0.0	cdn.shyapotato.us
0.0.0.0	cdn.solimba.com
0.0.0.0	cdn.tuto4pc.com
0.0.0.0	cdn.appround.biz
0.0.0.0	cdn.bigspeedpro.com
0.0.0.0	cdn.bispd.com

Da befinden sich 15584 zusätzliche Einträge.


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2553620308-2587970361-2745048916-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\Services: Lenovo System Agent Service => 2
HKLM\...\StartupApproved\StartupFolder: => "CineForm Status.lnk"
HKLM\...\StartupApproved\Run: => "Windows Mobile-based device management"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "EnergyUtility"
HKLM\...\StartupApproved\Run: => "yogaserver"
HKLM\...\StartupApproved\Run: => "Zune Launcher"
HKLM\...\StartupApproved\Run: => "Windows Mobile Device Center"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "AirPort Base Station Agent"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "EaseUS EPM tray"
HKLM\...\StartupApproved\Run32: => "Razer Synapse"
HKU\S-1-5-21-2553620308-2587970361-2745048916-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-2553620308-2587970361-2745048916-1001\...\StartupApproved\StartupFolder: => "Collector.lnk"
HKU\S-1-5-21-2553620308-2587970361-2745048916-1001\...\StartupApproved\StartupFolder: => "TeraTerm Menu.lnk"
HKU\S-1-5-21-2553620308-2587970361-2745048916-1001\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-2553620308-2587970361-2745048916-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2553620308-2587970361-2745048916-1001\...\StartupApproved\Run: => "Skype"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{04E956DE-2A73-4650-8B39-6B25BF4079E9}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
FirewallRules: [{13EA8767-F5B2-4643-B8E7-54501BC4B749}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
FirewallRules: [{86ABB89B-1204-4404-9F32-DB605ED9BD06}] => (Allow) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
FirewallRules: [TCP Query User{BC166131-716C-4E9C-949F-7F411930A4F0}C:\program files\adobe\adobe muse cc 2017\muse.exe] => (Allow) C:\program files\adobe\adobe muse cc 2017\muse.exe
FirewallRules: [UDP Query User{42A03122-CF5A-4E6D-9A2A-5863FB2046D5}C:\program files\adobe\adobe muse cc 2017\muse.exe] => (Allow) C:\program files\adobe\adobe muse cc 2017\muse.exe

==================== Wiederherstellungspunkte =========================

27-02-2017 14:15:03 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/27/2017 06:42:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1141

Error: (02/27/2017 06:42:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1141

Error: (02/27/2017 06:42:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/27/2017 02:15:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (02/27/2017 11:39:05 AM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfPolicyConfigTDPService
ServiceMainThread:  NotifyServiceStatusRunning() failed.

Error: (02/27/2017 11:39:05 AM) (Source: DptfEvent) (EventID: 2) (User: )
Description: DptfPolicyConfigTDPService
NotifyServiceStatusRunning:  DeviceIoControl() failed.
Last error = [0x0000001f]

Error: (02/27/2017 11:39:02 AM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfProcessorParticipantService
ServiceMain:  ServiceStart() failed.

Error: (02/27/2017 11:39:02 AM) (Source: DptfEvent) (EventID: 1) (User: )
Description: DptfProcessorParticipantService
ServiceStart:  ConnectToDptfProcessorDriver() failed.

Error: (02/27/2017 11:39:02 AM) (Source: DptfEvent) (EventID: 2) (User: )
Description: DptfProcessorParticipantService
ConnectToDptfProcessorDriver:  SetupDiEnumDeviceInterfaces() failed.
Last error = [0x00000103]

Error: (02/27/2017 11:35:06 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.


Systemfehler:
=============
Error: (02/28/2017 07:43:18 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/27/2017 06:42:20 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (02/27/2017 05:51:53 PM) (Source: DCOM) (EventID: 10010) (User: MZ_YOGA_1)
Description: Der Server "{37998346-3765-45B1-8C66-AA88CA6B20B8}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/27/2017 05:49:53 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet: 
Unbekannter Fehler

Error: (02/27/2017 05:49:44 PM) (Source: DCOM) (EventID: 10010) (User: MZ_YOGA_1)
Description: Der Server "{37998346-3765-45B1-8C66-AA88CA6B20B8}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/27/2017 05:47:44 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet: 
Unbekannter Fehler

Error: (02/27/2017 05:36:44 PM) (Source: DCOM) (EventID: 10010) (User: MZ_YOGA_1)
Description: Der Server "{37998346-3765-45B1-8C66-AA88CA6B20B8}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/27/2017 05:34:44 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet: 
Unbekannter Fehler

Error: (02/27/2017 04:52:38 PM) (Source: DCOM) (EventID: 10010) (User: MZ_YOGA_1)
Description: Der Server "{37998346-3765-45B1-8C66-AA88CA6B20B8}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (02/27/2017 04:50:38 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet: 
Unbekannter Fehler


CodeIntegrity:
===================================
  Date: 2017-02-27 13:49:07.665
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-25 12:03:16.274
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-25 12:03:16.257
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-25 12:03:16.237
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-25 12:03:16.013
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-25 12:03:16.007
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-25 12:03:15.993
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-25 12:03:15.624
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-25 12:03:15.591
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-25 12:03:15.578
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-3517U CPU @ 1.90GHz
Prozentuale Nutzung des RAM: 59%
Installierter physikalischer RAM: 8071.27 MB
Verfügbarer physikalischer RAM: 3302.2 MB
Summe virtueller Speicher: 16142.55 MB
Verfügbarer virtueller Speicher: 8621.33 MB

==================== Laufwerke ================================

Drive a: (Windows8_OS) (Network) (Total:211.34 GB) (Free:22.03 GB) NTFS
Drive c: (Windows8_OS) (Fixed) (Total:211.34 GB) (Free:22.03 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive f: (ssd) (Fixed) (Total:116.5 GB) (Free:70.98 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 3A649FA6)

Partition: GPT.

========================================================
Disk: 1 (Size: 116.5 GB) (Disk ID: BA2EDFB9)
Partition 1: (Not Active) - (Size=116.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

Schaut ganz gut aus, oder?
Gerne würde ich die Logs hier entfernen, sofern das Ok ist?!

Darüber hinaus: Welche Firewall und aktive Scanner würdest Du empfehlen?

cosinus · 28.02.2017, 12:25

Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte:

1. Schritt: MBAM

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

2. Schritt: ESET

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

3. Schritt: SecurityCheck

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

nekropolit · 02.03.2017, 11:28

mbam:

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 01.03.2017
Suchlaufzeit: 15:11
Protokolldatei: mbam_log170301_1601.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.02.16.06
Rootkit-Datenbank: v2017.02.27.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Martin Zenker

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 855763
Abgelaufene Zeit: 47 Min., 30 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

eset:

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=324a1b70e5f0ab4cbb4ca3856606c554
# end=init
# utc_time=2017-03-01 03:04:39
# local_time=2017-03-01 04:04:39 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=37126
Update Finalize
Updated modules version: 0
Old modules - leave modules
Update Init
Update Download
Update Init
Update Download
Update Finalize
Updated modules version: 32569
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=324a1b70e5f0ab4cbb4ca3856606c554
# end=updated
# utc_time=2017-03-01 03:11:14
# local_time=2017-03-01 04:11:14 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=324a1b70e5f0ab4cbb4ca3856606c554
# end=init
# utc_time=2017-03-01 03:35:40
# local_time=2017-03-01 04:35:40 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=53251
Update Finalize
Updated modules version: 32569
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=324a1b70e5f0ab4cbb4ca3856606c554
# end=updated
# utc_time=2017-03-01 03:35:57
# local_time=2017-03-01 04:35:57 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=324a1b70e5f0ab4cbb4ca3856606c554
# engine=32569
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-03-01 05:59:21
# local_time=2017-03-01 06:59:21 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 36740 19721777 0 0
# scanned=853680
# found=2
# cleaned=2
# scan_time=8603
sh=F14DE558398784DB642D2D5F97A84433C6C568D3 ft=0 fh=0000000000000000 vn="JS/ProxyChanger.CW Trojaner (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="C:\Users\mzenk_000\AppData\Local\CLIQZ\Profiles\1q2jlbpz.default\cache2\entries\797FD5261FBDB9D813E1F693F75E8FC5D22BF45D"
sh=4963F84E2336DA01B854FF1609565AC60287FA04 ft=1 fh=0340a08c1ea27edd vn="Variante von Win32/DownloadSponsor.C eventuell unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen)" ac=C fn="C:\Users\mzenk_000\Downloads\Image Resizer for Windows - CHIP-Installer.exe"

SecurityCheck:

Code:

ATTFilter

 Results of screen317's Security Check version 1.009  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Windows Defender   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 MVPS Hosts File  
 Microsoft VisualStudio JavaScript Language Service 
 Visual Studio Extensions for Windows Library for JavaScript 
 Java SE Development Kit 7 Update 55 
 Microsoft VisualStudio JavaScript Project System 
 Java version 32-bit out of Date! 
 Adobe Flash Player 	24.0.0.221  
 Adobe Reader XI  
 Google Chrome (56.0.2924.87) 
 Google Chrome (SetupMetrics...) 
 Google Chrome (SetupMetrics.pma..) 
````````Process Check: objlist.exe by Laurent````````  
 Windows Defender MSMpEng.exe 
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
 Windows Defender MpCmdRun.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````

cosinus · 02.03.2017, 12:03

Zitat:

C:\Users\mzenk_000\Downloads\Image Resizer for Windows - CHIP-Installer.exe

In Zukunft keine Downloads mehr von chip.de!

Von chip lädst du in Zukunft besser nix mehr. Die verarschen ihre Kunden aus reiner Profitgier. Siehe auch http://www.trojaner-board.de/168364-...mpfehlung.html und CHIP-Installer - was ist das? - Anleitungen

FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

C:\Users\mzenk_000\AppData\Local\CLIQZ
C:\Users\mzenk_000\Downloads\Image Resizer for Windows - CHIP-Installer.exe
emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

nekropolit · 02.03.2017, 15:49

Chip = stimme zu. musste schnell gehen. /-:

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01-03-2017
durchgeführt von Martin Zenker (02-03-2017 15:38:44) Run:1
Gestartet von C:\Users\mzenk_000\Desktop
Geladene Profile: Martin Zenker (Verfügbare Profile: Martin Zenker & alex_000 & DefaultAppPool)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
C:\Users\mzenk_000\AppData\Local\CLIQZ
C:\Users\mzenk_000\Downloads\Image Resizer for Windows - CHIP-Installer.exe
emptytemp:
*****************

C:\Users\mzenk_000\AppData\Local\CLIQZ => erfolgreich verschoben
"C:\Users\mzenk_000\Downloads\Image Resizer for Windows - CHIP-Installer.exe" => nicht gefunden.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 196581491 B
Java, Flash, Steam htmlcache => 16624 B
Windows/system/drivers => 6305714 B
Edge => 5436422 B
Chrome => 110852325 B
Firefox => 0 B
Opera => 314800746 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 18191 B
systemprofile32 => 0 B
LocalService => 462973 B
NetworkService => 115453180 B
mzenk_000 => 2560948096 B
alex_000 => 7058 B
DefaultAppPool => 0 B

RecycleBin => 0 B
EmptyTemp: => 3.1 GB temporäre Dateien entfernt.

================================

Das System musste neu gestartet werden.

==== Ende von Fixlog 15:46:28 ====

cosinus · 02.03.2017, 16:05

Gut. Was ist jetzt noch an Problemen offen?

nekropolit · 03.03.2017, 11:00

Scheint alles wieder normal zu arbeiten. Du könntest mir evtl einen Tipp geben, welches Programm Partitionierungen wiederherstellen kann, die durch IsoToUSB gelöscht wurden.

Davon ab danke ich Dir sehr für die ganze Unterstützung!

cosinus · 03.03.2017, 11:27

Das hat nix mit malware zun. Die Frage bitte im Windows-Bereich hier stellen.

Dann wären wir durch!

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...

und/oder das Forum mit einer kleinen Spende unterstützen.

Abschließend müssen wir noch ein paar Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.

Cleanup:

Alle Logs gepostet? Dann lade Dir bitte

DelFix herunter.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen - sofern benötigt, wenn nicht benötigt natürlich sinnigerweise deinstallieren oder Alternativen verwenden (und diese aktuell halten).

Browser (Internet Explorer, Edge, Firefox, Chrome, ...)
Java (bitte wirklich nur installieren/installiert lassen wenn unbedingt nötig!)
Flash-Player (nach Möglichkeit deinstallieren und HTML5 verwenden siehe zB https://www.youtube.com/html5 )
PDF-Reader (nach Möglichkeit nicht den Adobe Reader verwenden)

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Schutzsoftware: Vorab sei erwähnt, dass man niemals die Schutzwirkung eines Virenscanners überbewerten darf! Die Dinger sind mittlerweile auch unter Windows stark umstritten und können Probleme bereiten, die man so ohne AV einfach nicht haben wird. Zudem werden sie auch niemals jeden Schädling finden können. Aussagen der Anbieter dieser Software entpuppen sich regelmäßig als Marketinggeblubber. Lies mal => Aus aktuellem Anlass: Antivirus-Schlangenöl | Elias Schwerdtfeger und Antivirensoftware: Die Schlangenöl-Branche - Golem.de

Verwende also MAXIMAL ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:

	Emsisoft	Microsoft Security Essentials	ESET

Microsoft Security Essentials (MSE) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE entschieden hast, brauchst du nicht extra MSE zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür.

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und/oder mit dem ESET Online Scanner scannen.

Optional:

NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. NoScript kann gerade bei technisch nicht allzu versierten Nutzern beim Surfen zum Nervfaktor werden; ob das Tool geeignet ist, muss jeder selbst mal ausprobieren und dann für sich entscheiden. Alternativen zu NoScript (wenn um das das Verhindern von Usertracking und Werbung auf Webseiten) geht wären da Ghostery oder uBlock. Ghostery ist eine sehr bekannte Erweiterung, die aber auch in Kritik geraten ist, vgl. dazu bitte diesen Thread => Ghostery schleift Werbung durch

Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.

Lade Software von einem sauberen Portal wie

.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .

Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.

27.02.2017, 11:54	#16
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Win - 10 Nova / Rambler.ru malware und NPE 0x8 Fehler - Verdacht auf rootkit Die Funde müssen mit dem adwCleaner auch entfernt werden!! Wir haben leider noch ne ältere Anleitung vom adwCleaner, bitte nochmal ausführen und so einstellen: __________________ Logfiles bitte immer in CODE-Tags posten

27.02.2017, 19:17	#18
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Win - 10 Nova / Rambler.ru malware und NPE 0x8 Fehler - Verdacht auf rootkit Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken __________________ __________________

02.03.2017, 16:05	#25
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Win - 10 Nova / Rambler.ru malware und NPE 0x8 Fehler - Verdacht auf rootkit Gut. Was ist jetzt noch an Problemen offen? __________________ Logfiles bitte immer in CODE-Tags posten

Win - 10 Nova / Rambler.ru malware und NPE 0x8 Fehler - Verdacht auf rootkit

Log-Analyse und Auswertung: Win - 10 Nova / Rambler.ru malware und NPE 0x8 Fehler - Verdacht auf rootkit