Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Kaspersky und Malwarebytes finden HEUR:Trojan-Downloader.Script.Generic (https://www.trojaner-board.de/184839-kaspersky-malwarebytes-finden-heur-trojan-downloader-script-generic.html)

tomka 19.03.2017 23:52
Kaspersky und Malwarebytes finden HEUR:Trojan-Downloader.Script.Generic
 
Kaspersky und Malwarebytes finden plötzlich Malware, insb. HEUR:Trojan-Downloader.Script.Generic. Unten Scan Ergebnisse.

Ist es eventuell ein Fehlalarm? Es ist ja nur ein heuristisches Ergebnis wie es scheint.

Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 19.03.2017
Scan Time: 15:49
Logfile: malwarebytes result.txt
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2017.03.19.03
Rootkit Database: v2017.03.11.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: *****

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 351631
Time Elapsed: 12 min, 36 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 6
Adware.ChinAd, C:\Users\*****\AppData\Local\Temp\DMR, , [9b44edde8e1a290dbbc1cb1ad22f8f71],
Adware.ChinAd, C:\Users\*****\AppData\Local\Temp\DMR\Downloads, , [9b44edde8e1a290dbbc1cb1ad22f8f71],
Adware.ChinAd, C:\Users\*****\AppData\Local\Temp\DMR\Downloads\152e221a8bef8d2d13c58f995563a1a1, , [9b44edde8e1a290dbbc1cb1ad22f8f71],
Adware.ChinAd, C:\Users\*****\AppData\Local\Temp\DMR\Downloads\152e221a8bef8d2d13c58f995563a1a1\aaf9fe1c4c8809d293dead4654f153f9, , [9b44edde8e1a290dbbc1cb1ad22f8f71],
PUP.Optional.AdvancedSystemCare, C:\ProgramData\IObit\ASCDownloader, , [df006566941445f101946bbb00026a96],
PUP.Optional.AdvancedSystemCare, C:\ProgramData\IObit\ASCDownloader\IU4, , [df006566941445f101946bbb00026a96],

Files: 11
Adware.ChinAd, C:\Users\*****\AppData\Local\Temp\DMR\gtfscvbwiflohqtm.dat, , [9b44edde8e1a290dbbc1cb1ad22f8f71],
Adware.ChinAd, C:\Users\*****\AppData\Local\Temp\DMR\dmr_72.exe, , [9b44edde8e1a290dbbc1cb1ad22f8f71],
Adware.ChinAd, C:\Users\*****\AppData\Local\Temp\DMR\Downloads\152e221a8bef8d2d13c58f995563a1a1\aaf9fe1c4c8809d293dead4654f153f9\free-wma-mp3-converter.exe.exe, , [9b44edde8e1a290dbbc1cb1ad22f8f71],
PUP.Optional.AdvancedSystemCare, C:\ProgramData\IObit\ASCDownloader\ASC8_UserConfig.ini, , [df006566941445f101946bbb00026a96],
PUP.Optional.AdvancedSystemCare, C:\ProgramData\IObit\ASCDownloader\ASCInstaller_Downloader.log, , [df006566941445f101946bbb00026a96],
PUP.Optional.AdvancedSystemCare, C:\ProgramData\IObit\ASCDownloader\Downloader.log, , [df006566941445f101946bbb00026a96],
PUP.Optional.AdvancedSystemCare, C:\ProgramData\IObit\ASCDownloader\Freeware.dat, , [df006566941445f101946bbb00026a96],
PUP.Optional.AdvancedSystemCare, C:\ProgramData\IObit\ASCDownloader\IU4Downloader.log, , [df006566941445f101946bbb00026a96],
PUP.Optional.AdvancedSystemCare, C:\ProgramData\IObit\ASCDownloader\Toolbox_Downloader.log, , [df006566941445f101946bbb00026a96],
PUP.Optional.AdvancedSystemCare, C:\ProgramData\IObit\ASCDownloader\IU4\Advanced SystemCare 8.exe, , [df006566941445f101946bbb00026a96],
PUP.Optional.AdvancedSystemCare, C:\ProgramData\IObit\ASCDownloader\IU4\Advanced SystemCare 8.exe.dat, , [df006566941445f101946bbb00026a96],

Physical Sectors: 0
(No malicious items detected)


(end)
Code:
19.03.2017 15.31.46        Full Scan        Task completed        Completion time: Today, 3/19/2017 3:31 PM
19.03.2017 15.31.46        Detected object (file) deleted        C:\Windows\temp\iocF32CC871-A4C4-3B42-BEDD-A8A849B694EE        File: C:\Windows\temp\iocF32CC871-A4C4-3B42-BEDD-A8A849B694EE        Object name: HEUR:Trojan-Downloader.Script.Generic
19.03.2017 15.31.46        Detected object (file) moved to Quarantine        C:\Windows\temp\iocF32CC871-A4C4-3B42-BEDD-A8A849B694EE        File: C:\Windows\temp\iocF32CC871-A4C4-3B42-BEDD-A8A849B694EE        Object name: HEUR:Trojan-Downloader.Script.Generic
19.03.2017 15.31.46        Detected object (file) deleted        C:\Windows\temp\ioc36A25284-7940-1243-BF80-AD0ECB27B7C0        File: C:\Windows\temp\ioc36A25284-7940-1243-BF80-AD0ECB27B7C0        Object name: HEUR:Trojan-Downloader.Script.Generic
19.03.2017 15.31.46        Detected object (file) moved to Quarantine        C:\Windows\temp\ioc36A25284-7940-1243-BF80-AD0ECB27B7C0        File: C:\Windows\temp\ioc36A25284-7940-1243-BF80-AD0ECB27B7C0        Object name: HEUR:Trojan-Downloader.Script.Generic
19.03.2017 15.31.46        Detected object (file) deleted        C:\Windows\temp\iocDCE270F4-B966-A246-9A05-8B926EE3D512        File: C:\Windows\temp\iocDCE270F4-B966-A246-9A05-8B926EE3D512        Object name: HEUR:Trojan-Downloader.Script.Generic
19.03.2017 15.31.46        Detected object (file) moved to Quarantine        C:\Windows\temp\iocDCE270F4-B966-A246-9A05-8B926EE3D512        File: C:\Windows\temp\iocDCE270F4-B966-A246-9A05-8B926EE3D512        Object name: HEUR:Trojan-Downloader.Script.Generic
19.03.2017 15.31.46        Detected object (file) deleted        C:\Windows\temp\iocC3BCC405-2DAB-7F4C-B352-1F4D0802E76D        File: C:\Windows\temp\iocC3BCC405-2DAB-7F4C-B352-1F4D0802E76D        Object name: HEUR:Trojan-Downloader.Script.Generic
19.03.2017 15.31.46        Detected object (file) moved to Quarantine        C:\Windows\temp\iocC3BCC405-2DAB-7F4C-B352-1F4D0802E76D        File: C:\Windows\temp\iocC3BCC405-2DAB-7F4C-B352-1F4D0802E76D        Object name: HEUR:Trojan-Downloader.Script.Generic
19.03.2017 15.18.18        Object (file) not processed        C:\Windows\temp\ioc36A25284-7940-1243-BF80-AD0ECB27B7C0        File: C:\Windows\temp\ioc36A25284-7940-1243-BF80-AD0ECB27B7C0        Object name: HEUR:Trojan-Downloader.Script.Generic        Reason: Postponed
19.03.2017 15.18.18        Object (file) detected        C:\Windows\temp\ioc36A25284-7940-1243-BF80-AD0ECB27B7C0        File: C:\Windows\temp\ioc36A25284-7940-1243-BF80-AD0ECB27B7C0        Object name: HEUR:Trojan-Downloader.Script.Generic
19.03.2017 15.18.18        Object (file) not processed        C:\Windows\temp\iocF32CC871-A4C4-3B42-BEDD-A8A849B694EE        File: C:\Windows\temp\iocF32CC871-A4C4-3B42-BEDD-A8A849B694EE        Object name: HEUR:Trojan-Downloader.Script.Generic        Reason: Postponed
19.03.2017 15.18.18        Object (file) detected        C:\Windows\temp\iocF32CC871-A4C4-3B42-BEDD-A8A849B694EE        File: C:\Windows\temp\iocF32CC871-A4C4-3B42-BEDD-A8A849B694EE        Object name: HEUR:Trojan-Downloader.Script.Generic
19.03.2017 15.18.18        Object (file) not processed        C:\Windows\temp\iocDCE270F4-B966-A246-9A05-8B926EE3D512        File: C:\Windows\temp\iocDCE270F4-B966-A246-9A05-8B926EE3D512        Object name: HEUR:Trojan-Downloader.Script.Generic        Reason: Postponed
19.03.2017 15.18.18        Object (file) detected        C:\Windows\temp\iocDCE270F4-B966-A246-9A05-8B926EE3D512        File: C:\Windows\temp\iocDCE270F4-B966-A246-9A05-8B926EE3D512        Object name: HEUR:Trojan-Downloader.Script.Generic
19.03.2017 15.18.18        Object (file) not processed        C:\Windows\temp\iocC3BCC405-2DAB-7F4C-B352-1F4D0802E76D        File: C:\Windows\temp\iocC3BCC405-2DAB-7F4C-B352-1F4D0802E76D        Object name: HEUR:Trojan-Downloader.Script.Generic        Reason: Postponed
19.03.2017 15.18.18        Object (file) detected        C:\Windows\temp\iocC3BCC405-2DAB-7F4C-B352-1F4D0802E76D        File: C:\Windows\temp\iocC3BCC405-2DAB-7F4C-B352-1F4D0802E76D        Object name: HEUR:Trojan-Downloader.Script.Generic
19.03.2017 14.33.40        Object (file) detected        C:\Users\*****\AppData\Local\Temp\DMR\dmr_72.exe        File: C:\Users\*****\AppData\Local\Temp\DMR\dmr_72.exe        Object name: not-a-virus:Downloader.Win32.DownloadSponsor.pe        Reason: Information
19.03.2017 14.33.24        Object (file) detected        C:\Users\*****\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.9.789.exe        File: C:\Users\*****\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.9.789.exe        Object name: not-a-virus:Client-P2P.Win32.Hola.a        Reason: Information
19.03.2017 14.33.23        Object (file) detected        C:\Users\*****\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.9.624.exe        File: C:\Users\*****\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.9.624.exe        Object name: not-a-virus:Client-P2P.Win32.Hola.a        Reason: Information
19.03.2017 14.33.23        Object (file) detected        C:\Users\*****\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.11.272.exe        File: C:\Users\*****\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.11.272.exe        Object name: not-a-virus:Client-P2P.Win32.Hola.a        Reason: Information
19.03.2017 14.33.23        Object (file) detected        C:\Users\*****\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.10.317.exe        File: C:\Users\*****\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.10.317.exe        Object name: not-a-virus:Client-P2P.Win32.Hola.a        Reason: Information
19.03.2017 14.11.48        Object (file) detected        C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir        File: C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir        Object name: not-a-virus:RiskTool.Win32.SystemTweaker.ae        Reason: Information
19.03.2017 14.11.44        Object (file) detected        C:\AdwCleaner\Quarantine\C\Users\*****\AppData\Local\Hola\local\app\image\Hola-Setup-x64-1.9.510.1.exe.vir        File: C:\AdwCleaner\Quarantine\C\Users\*****\AppData\Local\Hola\local\app\image\Hola-Setup-x64-1.9.510.1.exe.vir        Object name: not-a-virus:Client-P2P.Win32.Hola.a        Reason: Information
19.03.2017 14.11.44        Object (file) detected        C:\AdwCleaner\Quarantine\C\Users\*****\AppData\Local\Hola\local\app\image\Hola-Setup-x64-1.9.510.exe.vir        File: C:\AdwCleaner\Quarantine\C\Users\*****\AppData\Local\Hola\local\app\image\Hola-Setup-x64-1.9.510.exe.vir        Object name: not-a-virus:Client-P2P.Win32.Hola.a        Reason: Information
19.03.2017 14.11.41        Object (file) detected        C:\AdwCleaner\Quarantine\C\Users\*****\AppData\Local\Hola\local\app\hola_setup.exe.vir        File: C:\AdwCleaner\Quarantine\C\Users\*****\AppData\Local\Hola\local\app\hola_setup.exe.vir        Object name: not-a-virus:Client-P2P.Win32.Hola.a        Reason: Information
19.03.2017 14.11.41        Object (file) detected        C:\AdwCleaner\Quarantine\C\Users\*****\AppData\Local\Hola\local\app\hola_svc.exe.vir        File: C:\AdwCleaner\Quarantine\C\Users\*****\AppData\Local\Hola\local\app\hola_svc.exe.vir        Object name: not-a-virus:Client-P2P.Win32.Hola.a        Reason: Information
19.03.2017 14.11.41        Object (file) detected        C:\AdwCleaner\Quarantine\C\Users\*****\AppData\Local\Hola\local\app\zplugin.dll.vir        File: C:\AdwCleaner\Quarantine\C\Users\*****\AppData\Local\Hola\local\app\zplugin.dll.vir        Object name: not-a-virus:Client-P2P.Win32.Hola.a        Reason: Information
19.03.2017 14.11.41        Object (file) detected        C:\AdwCleaner\Quarantine\C\Users\*****\AppData\Local\Hola\local\app\hola_updater.exe.vir        File: C:\AdwCleaner\Quarantine\C\Users\*****\AppData\Local\Hola\local\app\hola_updater.exe.vir        Object name: not-a-virus:Client-P2P.Win32.Hola.a        Reason: Information
19.03.2017 14.11.41        Object (file) detected        C:\AdwCleaner\Quarantine\C\Users\*****\AppData\Local\Hola\local\app\hola.exe.vir        File: C:\AdwCleaner\Quarantine\C\Users\*****\AppData\Local\Hola\local\app\hola.exe.vir        Object name: not-a-virus:Client-P2P.Win32.Hola.a        Reason: Information
19.03.2017 14.11.41        Object (file) detected        C:\AdwCleaner\Quarantine\C\Users\*****\AppData\Local\Hola\local\app\7za.exe.vir        File: C:\AdwCleaner\Quarantine\C\Users\*****\AppData\Local\Hola\local\app\7za.exe.vir        Object name: not-a-virus:Client-P2P.Win32.Hola.a        Reason: Information
19.03.2017 14.11.38        Object (file) detected        C:\AdwCleaner\Quarantine\C\Users\*****\AppData\Local\Hola\firefox_hola\app\hola_plugin.exe.vir        File: C:\AdwCleaner\Quarantine\C\Users\*****\AppData\Local\Hola\firefox_hola\app\hola_plugin.exe.vir        Object name: not-a-virus:Client-P2P.Win32.Hola.a        Reason: Information
19.03.2017 14.11.38        Object (file) detected        C:\AdwCleaner\Quarantine\C\Users\*****\AppData\Local\Hola\firefox_hola\app\zplugin.dll.vir        File: C:\AdwCleaner\Quarantine\C\Users\*****\AppData\Local\Hola\firefox_hola\app\zplugin.dll.vir        Object name: not-a-virus:Client-P2P.Win32.Hola.a        Reason: Information
19.03.2017 14.11.38        Object (file) detected        C:\AdwCleaner\Quarantine\C\Users\*****\AppData\Local\Hola\firefox_hola\app\7za.exe.vir        File: C:\AdwCleaner\Quarantine\C\Users\*****\AppData\Local\Hola\firefox_hola\app\7za.exe.vir        Object name: not-a-virus:Client-P2P.Win32.Hola.a        Reason: Information
19.03.2017 14.11.37        Object (file) detected        C:\AdwCleaner\Quarantine\C\Users\*****\AppData\Local\Hola\firefox\app\image\Hola-Setup-x64-1.9.624.exe.vir        File: C:\AdwCleaner\Quarantine\C\Users\*****\AppData\Local\Hola\firefox\app\image\Hola-Setup-x64-1.9.624.exe.vir        Object name: not-a-virus:Client-P2P.Win32.Hola.a        Reason: Information
19.03.2017 14.11.37        Object (file) detected        C:\AdwCleaner\Quarantine\C\Users\*****\AppData\Local\Hola\firefox\app\image\Hola-Setup-x64-1.9.624.2.exe.vir        File: C:\AdwCleaner\Quarantine\C\Users\*****\AppData\Local\Hola\firefox\app\image\Hola-Setup-x64-1.9.624.2.exe.vir        Object name: not-a-virus:Client-P2P.Win32.Hola.a        Reason: Information
19.03.2017 14.11.37        Object (file) detected        C:\AdwCleaner\Quarantine\C\Users\*****\AppData\Local\Hola\firefox\app\image\Hola-Setup-x64-1.9.624.1.exe.vir        File: C:\AdwCleaner\Quarantine\C\Users\*****\AppData\Local\Hola\firefox\app\image\Hola-Setup-x64-1.9.624.1.exe.vir        Object name: not-a-virus:Client-P2P.Win32.Hola.a        Reason: Information
19.03.2017 14.11.37        Object (file) detected        C:\AdwCleaner\Quarantine\C\Users\*****\AppData\Local\Hola\firefox\app\image\Hola-Setup-x64-1.9.567.exe.vir        File: C:\AdwCleaner\Quarantine\C\Users\*****\AppData\Local\Hola\firefox\app\image\Hola-Setup-x64-1.9.567.exe.vir        Object name: not-a-virus:Client-P2P.Win32.Hola.a        Reason: Information
19.03.2017 14.11.29        Object (file) detected        C:\AdwCleaner\Quarantine\C\Users\*****\AppData\Local\Hola\firefox\app\zplugin.dll.vir        File: C:\AdwCleaner\Quarantine\C\Users\*****\AppData\Local\Hola\firefox\app\zplugin.dll.vir        Object name: not-a-virus:Client-P2P.Win32.Hola.a        Reason: Information
19.03.2017 14.11.29        Object (file) detected        C:\AdwCleaner\Quarantine\C\Users\*****\AppData\Local\Hola\firefox\app\hola_plugin.exe.vir        File: C:\AdwCleaner\Quarantine\C\Users\*****\AppData\Local\Hola\firefox\app\hola_plugin.exe.vir        Object name: not-a-virus:Client-P2P.Win32.Hola.a        Reason: Information
19.03.2017 14.11.29        Object (file) detected        C:\AdwCleaner\Quarantine\C\Users\*****\AppData\Local\Hola\firefox\app\7za.exe.vir        File: C:\AdwCleaner\Quarantine\C\Users\*****\AppData\Local\Hola\firefox\app\7za.exe.vir        Object name: not-a-virus:Client-P2P.Win32.Hola.a        Reason: Information
19.03.2017 14.07.31        Full Scan        Task started        Time: Today, 3/19/2017 2:07 PM
Hier noch ein FRST mit Addition.

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
durchgeführt von ****** (Administrator) auf THINK (19-03-2017 23:43:26)
Gestartet von C:\Users\******\Downloads
Geladene Profile: ****** (Verfügbare Profile: ******)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Intel® Corporation) C:\Program Files\Intel\CAM\bin\CAMService.exe
() C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe
() C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Ericsson AB) C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
() C:\Program Files\MATLAB\R2015b\bin\win64\MATLABStartupAccelerator.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Spotify Ltd) C:\Users\******\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Dropbox, Inc.) C:\Users\******\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(SunplusIT, Inc.) C:\Program Files (x86)\Integrated Camera\Monitor.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(Dropbox, Inc.) C:\Users\******\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc.) C:\Users\******\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synology Inc.) C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\cloud-backup-ui.exe
(Synology Inc.) C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-ui.exe
(Synology Inc.) C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-connect.exe
(Synology Inc.) C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\cloud-backup-connect.exe
(Synology Inc.) C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\cloud-backup-daemon.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Synology Inc.) C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-daemon.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\wmi64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTStackServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\******\Downloads\FRST64 (2).exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13653208 2013-09-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916592 2014-07-28] (Synaptics Incorporated)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-07-18] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [132920 2013-05-30] (Intel Corporation)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2013-06-19] (Intel Corporation)
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
HKLM-x32\...\Run: [Lenovo App Shop] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2013-06-19] (Intel Corporation)
HKLM-x32\...\Run: [Integrated Camera_Monitor] => C:\Program Files (x86)\Integrated Camera\monitor.exe [1719456 2013-12-10] (SunplusIT, Inc.)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Run: [Dropbox Update] => C:\Users\******\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Run: [Spotify Web Helper] => C:\Users\******\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-03-10] (Spotify Ltd)
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Run: [Google Update] => C:\Users\******\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2016-12-17] (Google Inc.)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [  01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [  02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [  03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [  04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [  05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [CeDesktopIntegration] -> {3CEC3E6D-ECF2-4B49-8A41-3B16DF8B9C3F} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\******\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\******\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\******\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll -> Keine Datei
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-07-27]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-03-09]
ShortcutTarget: Dropbox.lnk -> C:\Users\******\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Cloud Station Backup.lnk [2017-03-19]
ShortcutTarget: Synology Cloud Station Backup.lnk -> C:\Program Files (x86)\Synology\CloudStationBackup\bin\launcher.exe (Synology Inc.)
Startup: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Cloud Station Drive.lnk [2017-03-19]
ShortcutTarget: Synology Cloud Station Drive.lnk -> C:\Program Files (x86)\Synology\CloudStation\bin\launcher.exe (Synology Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 62.179.104.196 213.46.228.196 192.168.192.1
Tcpip\..\Interfaces\{377520F3-E7C7-403B-997E-42BDEC38E4BC}: [DhcpNameServer] 62.179.104.196 213.46.228.196 192.168.192.1
Tcpip\..\Interfaces\{88C1C209-1539-42ED-838C-A4BD8376D044}: [DhcpNameServer] 10.15.0.1
Tcpip\..\Interfaces\{8A21F8CE-5324-4563-A4A5-D47CF1CBA83B}: [DhcpNameServer] 172.168.111.2
Tcpip\..\Interfaces\{B524442D-7D83-4ED0-A93C-096812422175}: [DhcpNameServer] 62.179.104.196 213.46.228.196 192.168.192.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-03-15] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll [2012-04-18] (Symantec Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-03-15] (Oracle Corporation)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll [2012-04-18] (Symantec Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
Toolbar: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000 -> Kein Name - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} -  Keine Datei
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/NL/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: HKLM-x32 {538793D5-659C-4639-A56C-A179AD87ED44} hxxps://solisvpn.uu.nl/CACHE/stc/20/binaries/vpnweb.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)

FireFox:
========
FF DefaultProfile: n12tz17e.default-1421155951383
FF ProfilePath: C:\Users\******\AppData\Roaming\Zotero\Zotero\Profiles\9jq04p59.default [2017-03-07]
FF Extension: (Zotero LibreOffice Integration) - C:\Program Files (x86)\Zotero Standalone\extensions\zoteroOpenOfficeIntegration@zotero.org [2016-11-14] [ist nicht signiert]
FF Extension: (Zotero Word for Windows Integration) - C:\Program Files (x86)\Zotero Standalone\extensions\zoteroWinWordIntegration@zotero.org [2016-11-14] [ist nicht signiert]
FF ProfilePath: C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-1480473739-3576749651-3455334848-1000\FireFox [2015-12-01]
FF user.js: detected! => C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-1480473739-3576749651-3455334848-1000\FireFox\user.js [2015-04-23]
FF Extension: (Kein Name) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [nicht gefunden]
FF ProfilePath: C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\n12tz17e.default-1421155951383 [2017-03-19]
FF Extension: (Zotero) - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\n12tz17e.default-1421155951383\Extensions\zotero@chnm.gmu.edu.xpi [2017-02-08]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-12-08]
FF HKLM-x32\...\Firefox\Extensions: [VIP2X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF Extension: (Symantec VIP Access Add-On) - C:\Program Files (x86)\Symantec\VIP Access Client [2013-06-04] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF HKLM-x32\...\Firefox\Extensions: [VIP5X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-15] ()
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-03-15] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-03-15] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-15] ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2015-12-10] (Citrix Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-13] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-13] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll [2012-05-23] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\******\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1312180-0-npoctoshape.dll [2013-12-18] (Octoshape ApS)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\******\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @talk.google.com/O1DPlugin -> C:\Users\******\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @tools.google.com/Google Update;version=3 -> C:\Users\******\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @tools.google.com/Google Update;version=9 -> C:\Users\******\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\******\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2016-09-08] (Zoom Video Communications, Inc.)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: google.com/WidevineMediaOptimizer -> C:\Users\******\AppData\Roaming\IDM\bin\npwidevinemediaoptimizer.dll [2014-06-09] (Google Inc.)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll [2013-06-19] (Intel)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: intel.com/AppUpx64 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll [2013-06-19] (Intel)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\******\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\******\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\******\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2014-05-15] (Octoshape ApS)

Chrome:
=======
CHR Profile: C:\Users\******\AppData\Local\Google\Chrome\User Data\Default [2017-03-19]
CHR Extension: (Google Präsentationen) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-26]
CHR Extension: (Google Docs) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-26]
CHR Extension: (Google Drive) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-26]
CHR Extension: (YouTube) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-26]
CHR Extension: (Google Cast) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-10-27]
CHR Extension: (Zotero Connector) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2016-12-09]
CHR Extension: (Google Tabellen) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-26]
CHR Extension: (Kaspersky Protection) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2017-01-31]
CHR Extension: (Google Docs Offline) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-26]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-11]
CHR Extension: (Google Mail) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-26]
CHR Extension: (Chrome Media Router) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-08]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 CAMService; C:\Program Files\Intel\CAM\bin\CAMService.exe [1243344 2014-09-03] (Intel® Corporation)
R2 Cloud Station Backup VSS Service x64; C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe [287240 2016-04-12] () [Datei ist nicht signiert]
R2 Cloud Station Drive VSS Service x64; C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe [287240 2016-04-12] () [Datei ist nicht signiert]
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [326160 2016-04-14] (Lenovo.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-05-30] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [115184 2014-07-08] (Lenovo Group Limited)
R2 lnvDiscoveryWinSvc; C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [20984 2013-10-18] (Lenovo)
S2 LPlatSvc; C:\Windows\system32\LPlatSvc.exe [710144 2016-09-06] (Lenovo.)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (Lenovo)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265936 2014-10-29] ()
R2 NitroDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [216072 2012-05-23] (Nitro PDF Software)
R3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [23416 2017-01-18] ()
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248840 2016-03-18] () [Datei ist nicht signiert]
R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84080 2012-04-18] (Symantec Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WMCoreService; C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe [689560 2012-10-18] (Ericsson AB)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3818704 2014-10-29] (Intel® Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [170200 2013-03-27] (Broadcom Corporation.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
S3 e.dentifier2; C:\Windows\System32\DRIVERS\aabed2.sys [28672 2008-03-20] (Todos Data System AB)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2011-10-05] (Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [29736 2011-10-05] (Ericsson AB)
S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [39504 2013-04-11] (ThreatTrack Security)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-08-31] (GFI Software)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-06-04] (REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-16] (Intel Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [86352 2016-06-14] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [195296 2017-03-14] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [313112 2017-03-14] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1035488 2017-03-14] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [57936 2016-12-08] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [52144 2016-05-18] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [75696 2016-05-17] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [135904 2017-03-14] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [199392 2017-03-14] (AO Kaspersky Lab)
R3 l36wgps; C:\Windows\System32\DRIVERS\l36wgps64.sys [103184 2012-03-01] (Ericsson AB)
R3 l36wscard; C:\Windows\System32\DRIVERS\l36wscard.sys [61992 2011-01-14] (Ericsson AB)
S3 LenLan; C:\Windows\System32\DRIVERS\LenLan.sys [98816 2012-05-29] (Lenovo Corporation)
R3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [443208 2012-10-02] (MCCI Corporation)
R3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [453960 2012-10-02] (MCCI Corporation)
R3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [21832 2012-10-02] (MCCI Corporation)
R3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [506184 2012-10-02] (MCCI Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [45296 2014-07-28] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1514144 2013-12-10] (Sunplus)
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2012-12-05] (Seiko Epson Corporation)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-29] (Lenovo Information Product(ShenZhen China) Inc.)
S3 tvtvcamd; C:\Windows\System32\DRIVERS\tvtvcamd.sys [27432 2011-12-07] (ThinkVantage Communications Utility)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2015-10-23] (Cisco Systems, Inc.)
R3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [281840 2013-02-19] (Ericsson AB)
S3 ALSysIO; \??\C:\Users\******\AppData\Local\Temp\ALSysIO64.sys [X] <==== ACHTUNG
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz137; \??\C:\Users\******\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X] <==== ACHTUNG
S2 smihlp2; \??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-19 23:42 - 2017-03-19 23:43 - 00000000 ___HD C:\Users\******\Downloads\.SynologyWorkingDirectory
2017-03-19 23:42 - 2017-03-19 23:42 - 00000000 ___HD C:\Users\******\Documents\.SynologyWorkingDirectory
2017-03-19 23:42 - 2017-03-19 23:42 - 00000000 ___HD C:\Users\******\Desktop\.SynologyWorkingDirectory
2017-03-19 22:57 - 2017-03-19 22:57 - 02424832 _____ (Farbar) C:\Users\******\Downloads\FRST64 (2).exe
2017-03-19 22:55 - 2017-03-19 22:55 - 00010830 _____ C:\Users\******\Downloads\kaspersky report.txt
2017-03-19 16:26 - 2017-03-19 16:26 - 00003211 _____ C:\Users\******\Documents\malwarebytes result.txt
2017-03-19 15:51 - 2017-03-19 15:51 - 00216879 _____ C:\Users\******\Downloads\Manual_PrognosticModelTool.pdf
2017-03-15 20:47 - 2017-03-04 18:24 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-03-15 20:47 - 2017-03-04 17:39 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-03-15 20:47 - 2017-03-04 09:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-03-15 20:47 - 2017-03-04 09:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-03-15 20:47 - 2017-03-04 09:02 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-03-15 20:47 - 2017-03-04 09:01 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-03-15 20:47 - 2017-03-04 09:01 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-03-15 20:47 - 2017-03-04 09:01 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-03-15 20:47 - 2017-03-04 09:01 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-03-15 20:47 - 2017-03-04 08:59 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-03-15 20:47 - 2017-03-04 08:52 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-03-15 20:47 - 2017-03-04 08:51 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-03-15 20:47 - 2017-03-04 08:48 - 25746944 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-03-15 20:47 - 2017-03-04 08:46 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-03-15 20:47 - 2017-03-04 08:45 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-03-15 20:47 - 2017-03-04 08:45 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-03-15 20:47 - 2017-03-04 08:45 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-03-15 20:47 - 2017-03-04 08:44 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-03-15 20:47 - 2017-03-04 08:36 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-03-15 20:47 - 2017-03-04 08:32 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-03-15 20:47 - 2017-03-04 08:31 - 06045696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-03-15 20:47 - 2017-03-04 08:23 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-03-15 20:47 - 2017-03-04 08:21 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-03-15 20:47 - 2017-03-04 08:16 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-03-15 20:47 - 2017-03-04 08:16 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-03-15 20:47 - 2017-03-04 08:13 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-03-15 20:47 - 2017-03-04 08:11 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-03-15 20:47 - 2017-03-04 07:57 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-03-15 20:47 - 2017-03-04 07:55 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-03-15 20:47 - 2017-03-04 07:54 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-03-15 20:47 - 2017-03-04 07:52 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-03-15 20:47 - 2017-03-04 07:52 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-03-15 20:47 - 2017-03-04 07:26 - 15259648 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-03-15 20:47 - 2017-03-04 07:25 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-03-15 20:47 - 2017-03-04 07:12 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-03-15 20:47 - 2017-03-04 07:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-03-15 20:47 - 2017-03-04 05:18 - 20281856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-03-15 20:47 - 2017-03-02 19:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-03-15 20:47 - 2017-03-02 19:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-03-15 20:47 - 2017-03-02 19:01 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-03-15 20:47 - 2017-03-02 19:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-03-15 20:47 - 2017-03-02 19:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-03-15 20:47 - 2017-03-02 19:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-03-15 20:47 - 2017-03-02 18:55 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-03-15 20:47 - 2017-03-02 18:54 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-03-15 20:47 - 2017-03-02 18:53 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-03-15 20:47 - 2017-03-02 18:51 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-03-15 20:47 - 2017-03-02 18:50 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-03-15 20:47 - 2017-03-02 18:49 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-03-15 20:47 - 2017-03-02 18:49 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-03-15 20:47 - 2017-03-02 18:41 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-03-15 20:47 - 2017-03-02 18:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-03-15 20:47 - 2017-03-02 18:35 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-03-15 20:47 - 2017-03-02 18:32 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-03-15 20:47 - 2017-03-02 18:31 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-03-15 20:47 - 2017-03-02 18:29 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-03-15 20:47 - 2017-03-02 18:28 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-03-15 20:47 - 2017-03-02 18:22 - 04604416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-03-15 20:47 - 2017-03-02 18:21 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-03-15 20:47 - 2017-03-02 18:19 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-03-15 20:47 - 2017-03-02 18:17 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-03-15 20:47 - 2017-03-02 18:17 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-03-15 20:47 - 2017-03-02 18:11 - 13654528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-03-15 20:47 - 2017-03-02 17:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-03-15 20:47 - 2017-03-02 17:50 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-03-15 20:47 - 2017-03-02 17:50 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-03-15 20:47 - 2017-02-23 00:42 - 00084712 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-03-15 20:47 - 2017-02-23 00:37 - 01285632 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-03-15 20:47 - 2017-02-18 15:05 - 01609216 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-03-15 20:47 - 2017-02-18 15:05 - 00646656 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-03-15 20:47 - 2017-02-11 16:58 - 00462848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-03-15 20:47 - 2017-02-11 16:58 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-03-15 20:47 - 2017-02-11 16:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-03-15 20:47 - 2017-02-10 17:32 - 00803328 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-03-15 20:47 - 2017-02-10 17:32 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-03-15 20:47 - 2017-02-10 17:17 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-03-15 20:47 - 2017-02-10 17:17 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-03-15 20:47 - 2017-02-10 15:33 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-03-15 20:47 - 2017-02-09 17:36 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-03-15 20:47 - 2017-02-09 17:35 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-03-15 20:47 - 2017-02-09 17:35 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-03-15 20:47 - 2017-02-09 17:35 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-03-15 20:47 - 2017-02-09 17:35 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-03-15 20:47 - 2017-02-09 17:33 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-03-15 20:47 - 2017-02-09 17:32 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-03-15 20:47 - 2017-02-09 17:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-03-15 20:47 - 2017-02-09 17:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-03-15 20:47 - 2017-02-09 17:32 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-03-15 20:47 - 2017-02-09 17:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-03-15 20:47 - 2017-02-09 17:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-03-15 20:47 - 2017-02-09 17:32 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-03-15 20:47 - 2017-02-09 17:32 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-03-15 20:47 - 2017-02-09 17:32 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-03-15 20:47 - 2017-02-09 17:32 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-03-15 20:47 - 2017-02-09 17:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-03-15 20:47 - 2017-02-09 17:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-03-15 20:47 - 2017-02-09 17:32 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2017-03-15 20:47 - 2017-02-09 17:32 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-03-15 20:47 - 2017-02-09 17:32 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-03-15 20:47 - 2017-02-09 17:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-03-15 20:47 - 2017-02-09 17:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:19 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-03-15 20:47 - 2017-02-09 17:19 - 03945192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-03-15 20:47 - 2017-02-09 17:16 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 17:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-03-15 20:47 - 2017-02-09 17:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-03-15 20:47 - 2017-02-09 17:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-03-15 20:47 - 2017-02-09 17:02 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-03-15 20:47 - 2017-02-09 17:00 - 03220480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-03-15 20:47 - 2017-02-09 16:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-03-15 20:47 - 2017-02-09 16:58 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-03-15 20:47 - 2017-02-09 16:55 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-03-15 20:47 - 2017-02-09 16:55 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-03-15 20:47 - 2017-02-09 16:55 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-03-15 20:47 - 2017-02-09 16:54 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-03-15 20:47 - 2017-02-09 16:54 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-03-15 20:47 - 2017-02-09 16:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-03-15 20:47 - 2017-02-09 16:51 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
2017-03-15 20:47 - 2017-02-09 16:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-03-15 20:47 - 2017-02-09 16:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-03-15 20:47 - 2017-02-09 16:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-03-15 20:47 - 2017-02-09 16:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-03-15 20:47 - 2017-02-09 16:49 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-03-15 20:47 - 2017-02-09 16:49 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 16:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 16:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 16:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-03-15 20:47 - 2017-02-09 15:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-03-15 20:47 - 2017-02-09 15:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-03-15 20:47 - 2017-02-06 17:14 - 00733696 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-03-15 20:47 - 2017-01-13 19:00 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-03-15 20:47 - 2017-01-13 19:00 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2017-03-15 20:47 - 2017-01-13 18:45 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2017-03-15 20:47 - 2017-01-13 18:45 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2017-03-15 20:47 - 2017-01-11 19:01 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2017-03-15 20:47 - 2017-01-11 19:01 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2017-03-15 20:47 - 2017-01-11 18:43 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2017-03-15 20:47 - 2017-01-11 18:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2017-03-15 20:47 - 2017-01-06 19:00 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-03-15 20:47 - 2017-01-06 18:44 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-03-15 20:47 - 2016-12-31 16:36 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-03-15 20:47 - 2016-12-31 16:36 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-03-15 20:47 - 2016-12-31 16:36 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-03-15 20:47 - 2016-12-31 16:36 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-03-15 20:47 - 2016-12-31 16:36 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-03-15 20:38 - 2017-03-15 20:38 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2017-03-15 20:38 - 2017-03-15 20:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-03-15 20:37 - 2017-03-15 20:37 - 64153152 _____ (Oracle Corporation) C:\Users\******\Downloads\jre-8u121-windows-x64.exe
2017-03-15 15:59 - 2017-03-15 15:59 - 00452355 _____ C:\Users\******\Downloads\BOARDING PASS_RECEIPT_******001 (1).pdf
2017-03-15 15:47 - 2017-03-15 15:48 - 00452355 _____ C:\Users\******\Downloads\BOARDING PASS_RECEIPT_******001.pdf
2017-03-13 20:40 - 2017-03-13 20:40 - 00000000 ____D C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2017-03-09 00:34 - 2017-03-09 00:34 - 00057689 _____ C:\Users\******\Downloads\jegyek_2017_02_19.pdf
2017-03-09 00:34 - 2017-03-09 00:34 - 00000000 ____D C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-03-08 12:37 - 2017-03-08 12:37 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\******\Downloads\Zoom_launcher (6).exe
2017-03-07 23:35 - 2017-03-07 23:35 - 00204329 _____ C:\Users\******\Downloads\BD2Decide_13032017_******_Ven.pptx
2017-03-07 18:59 - 2017-03-07 18:59 - 00002003 _____ C:\Users\******\Downloads\VlVNQy5WVW1jIERlc2t0b3AgJFMxLTE- (9).ica
2017-03-06 00:07 - 2017-03-06 00:07 - 00009693 _____ C:\Users\******\Documents\recent costs 0317.xlsx
2017-03-03 17:06 - 2017-03-03 17:06 - 00057842 _____ C:\Users\******\Downloads\Confetti.pdf
2017-03-01 11:09 - 2017-03-01 11:09 - 00002004 _____ C:\Users\******\Downloads\VlVNQy5WVW1jIERlc2t0b3AgJFMxLTE- (8).ica
2017-03-01 11:08 - 2017-03-01 11:08 - 00002004 _____ C:\Users\******\Downloads\VlVNQy5WVW1jIERlc2t0b3AgJFMxLTE- (7).ica
2017-03-01 10:55 - 2017-03-01 10:55 - 00002005 _____ C:\Users\******\Downloads\VlVNQy5WVW1jIERlc2t0b3AgJFMxLTE- (5).ica
2017-03-01 10:55 - 2017-03-01 10:55 - 00002004 _____ C:\Users\******\Downloads\VlVNQy5WVW1jIERlc2t0b3AgJFMxLTE- (6).ica
2017-02-25 15:46 - 2017-02-25 15:46 - 01383403 _____ C:\Users\******\Documents\Unbenannt (8).wma
2017-02-24 23:18 - 2017-02-24 23:18 - 00097908 _____ C:\Users\******\Desktop\TAP Portugal.pdf
2017-02-23 23:12 - 2017-02-23 23:12 - 00554548 _____ C:\Users\******\Downloads\noscript_security_suite-2.9.5.3-fx_sm.zip
2017-02-23 23:12 - 2017-02-23 23:12 - 00000000 ____D C:\Users\******\Downloads\noscript_security_suite-2.9.5.3-fx_sm
2017-02-23 21:32 - 2017-02-23 21:32 - 00468750 _____ C:\Users\******\Downloads\adjusting-measurement-bias (2).pdf
2017-02-23 21:16 - 2017-02-23 21:16 - 00468608 _____ C:\Users\******\Downloads\adjusting-measurement-bias (1).pdf
2017-02-21 23:40 - 2017-02-21 23:41 - 01416411 _____ C:\Users\******\Downloads\IMG-20170221-WA0013.jpeg
2017-02-20 22:49 - 2017-02-20 22:49 - 06071496 _____ C:\Users\******\Downloads\AVR-X1300WE2_DEU_PDF_IM_v00.pdf
2017-02-17 00:32 - 2017-02-17 00:32 - 00555119 _____ C:\Users\******\Downloads\noscript_security_suite-2.9.5.3-fx+sm.xpi

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-19 23:43 - 2017-02-01 20:51 - 00038023 _____ C:\Users\******\Downloads\FRST.txt
2017-03-19 23:43 - 2017-02-01 20:40 - 00000000 ____D C:\FRST
2017-03-19 23:43 - 2014-01-21 14:54 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-03-19 23:42 - 2016-07-03 00:05 - 00000000 ___RD C:\Users\******\******drive
2017-03-19 23:42 - 2016-04-23 21:51 - 00000000 ___RD C:\Users\******\CloudStation
2017-03-19 23:42 - 2016-04-23 21:36 - 00000000 ____D C:\Users\******\AppData\Local\CloudStation
2017-03-19 23:42 - 2016-04-23 10:20 - 00000000 ____D C:\Users\******\AppData\Local\CloudStationBackup
2017-03-19 23:42 - 2015-10-17 18:42 - 00000548 _____ C:\Windows\Tasks\MATLAB R2015b Startup Accelerator.job
2017-03-19 23:42 - 2013-06-26 17:26 - 00000000 ___RD C:\Users\******\Dropbox
2017-03-19 23:42 - 2013-06-26 16:49 - 00000000 ____D C:\Users\******
2017-03-19 23:41 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-19 22:54 - 2015-06-17 15:27 - 00001228 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000UA.job
2017-03-19 22:48 - 2014-08-04 08:15 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-03-19 16:35 - 2009-07-14 05:45 - 00034432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-19 16:35 - 2009-07-14 05:45 - 00034432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-19 16:31 - 2013-06-05 09:15 - 00703214 _____ C:\Windows\system32\perfh007.dat
2017-03-19 16:31 - 2013-06-05 09:15 - 00150822 _____ C:\Windows\system32\perfc007.dat
2017-03-19 16:31 - 2009-07-14 06:13 - 01629436 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-19 16:31 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-03-19 16:27 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\schemas
2017-03-19 16:26 - 2015-04-23 17:48 - 00000000 ____D C:\ProgramData\IObit
2017-03-19 13:04 - 2016-11-26 11:28 - 00000000 ____D C:\Users\******\AppData\LocalLow\Mozilla
2017-03-19 12:23 - 2015-06-17 15:27 - 00001176 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000Core.job
2017-03-18 12:47 - 2013-06-26 16:52 - 00000000 ____D C:\Users\******\AppData\Roaming\Nitro PDF
2017-03-17 01:59 - 2016-01-24 16:52 - 00000000 ____D C:\Users\******\AppData\Local\Citrix
2017-03-16 21:49 - 2015-04-20 10:31 - 00000000 ____D C:\Windows\system32\appraiser
2017-03-16 21:49 - 2014-04-26 00:33 - 00000000 ___SD C:\Windows\system32\CompatTel
2017-03-16 21:49 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\DVD Maker
2017-03-16 21:49 - 2009-07-14 05:45 - 00508192 _____ C:\Windows\system32\FNTCACHE.DAT
2017-03-15 23:18 - 2013-07-15 10:32 - 00000000 ____D C:\Windows\system32\MRT
2017-03-15 23:12 - 2013-06-27 08:26 - 138634176 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-03-15 23:12 - 2013-06-27 08:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-03-15 23:11 - 2013-06-27 08:24 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-03-15 23:11 - 2013-06-27 08:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-03-15 20:48 - 2013-06-27 19:37 - 00007644 _____ C:\Users\******\AppData\Local\Resmon.ResmonCfg
2017-03-15 20:37 - 2014-03-19 21:07 - 00000000 ____D C:\Program Files\Java
2017-03-15 20:35 - 2015-01-27 22:41 - 00004366 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-03-15 20:35 - 2013-12-14 16:24 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-03-15 20:35 - 2013-12-14 16:24 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-15 20:35 - 2013-06-26 17:24 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-03-15 20:35 - 2013-06-26 17:24 - 00000000 ____D C:\Windows\system32\Macromed
2017-03-15 20:35 - 2013-06-26 17:10 - 00000000 ____D C:\Users\******\AppData\Local\Adobe
2017-03-15 13:40 - 2016-02-07 11:28 - 00004500 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-03-14 15:06 - 2016-05-16 22:52 - 00012593 _____ C:\Users\******\Documents\.Rhistory
2017-03-14 15:06 - 2015-04-23 19:22 - 00000000 ____D C:\Users\******\AppData\Roaming\RStudio
2017-03-14 15:06 - 2015-04-23 19:04 - 00000000 ____D C:\Users\******\AppData\Local\RStudio-Desktop
2017-03-14 13:40 - 2016-10-03 18:01 - 01035488 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2017-03-14 13:40 - 2016-10-03 18:01 - 00195296 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2017-03-14 13:40 - 2016-06-14 16:47 - 00199392 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\kneps.sys
2017-03-14 13:40 - 2016-06-02 21:39 - 00135904 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klwtp.sys
2017-03-14 13:39 - 2016-06-20 16:51 - 00313112 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2017-03-14 11:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2017-03-13 16:10 - 2013-08-14 00:37 - 00000000 ____D C:\Users\******\AppData\Local\Spotify
2017-03-13 16:10 - 2013-08-14 00:35 - 00000000 ____D C:\Users\******\AppData\Roaming\Spotify
2017-03-11 02:01 - 2015-03-31 10:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Apps Migration
2017-03-09 12:47 - 2014-11-22 14:10 - 00000000 ____D C:\ProgramData\Sonos,_Inc
2017-03-09 00:34 - 2013-06-26 17:15 - 00000000 ____D C:\Users\******\AppData\Roaming\Dropbox
2017-03-08 12:37 - 2015-06-17 15:27 - 00000000 ____D C:\Users\******\AppData\Local\Dropbox
2017-03-07 20:07 - 2015-01-14 13:15 - 00000000 ____D C:\Users\******\Documents\Zotero Workspace
2017-03-05 22:21 - 2013-06-26 18:24 - 00000000 ____D C:\Program Files (x86)\Opera
2017-03-02 22:21 - 2015-01-09 00:55 - 00003862 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1420761345
2017-03-02 22:17 - 2016-04-21 19:39 - 00001964 _____ C:\Users\Public\Desktop\Sonos.lnk
2017-03-02 22:17 - 2014-11-22 14:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonos
2017-03-02 22:17 - 2014-11-22 14:10 - 00000000 ____D C:\Program Files (x86)\Sonos
2017-03-02 22:16 - 2013-10-10 11:21 - 00000000 ____D C:\Users\******\AppData\Local\Downloaded Installations
2017-02-25 02:36 - 2015-12-03 21:54 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-17 00:21 - 2014-10-21 20:08 - 00000000 ____D C:\Program Files (x86)\Java

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-12-30 21:09 - 2016-12-30 21:09 - 0000000 _____ () C:\Users\******\AppData\Roaming\06614afc-e1da-4f66-8e25-9cdde7f40bc0.storage
2016-12-30 21:28 - 2016-12-30 21:28 - 0000000 _____ () C:\Users\******\AppData\Roaming\0b0b642d-bad1-4a42-ae39-e04d3dfd24eb.storage
2016-12-30 21:28 - 2016-12-30 21:28 - 0000000 _____ () C:\Users\******\AppData\Roaming\232b9fac-fc4c-42d2-aa1f-7e61e087d91d.storage
2016-12-30 21:28 - 2016-12-30 21:28 - 0000000 _____ () C:\Users\******\AppData\Roaming\69052423-4e19-425b-9aed-d51266bff2bc.storage
2013-10-03 23:29 - 2013-10-03 23:29 - 0000000 _____ () C:\Users\******\AppData\Roaming\AbsoluteReminder.xml
2013-10-16 20:22 - 2013-10-16 20:58 - 0000132 _____ () C:\Users\******\AppData\Roaming\Adobe CS5-Voreinstellungen für BMP-Format
2013-08-08 00:21 - 2013-08-08 00:21 - 0000037 ___SH () C:\Users\******\AppData\Local\70149b02515b3bb20dd492.47983420
2013-06-27 19:37 - 2017-03-15 20:48 - 0007644 _____ () C:\Users\******\AppData\Local\Resmon.ResmonCfg
2013-06-04 23:36 - 2013-06-04 23:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-03-06 19:19 - 2016-03-17 14:59 - 0000941 _____ () C:\ProgramData\GADump.txt
2014-07-21 09:47 - 2014-07-21 09:47 - 0000337 _____ () C:\ProgramData\hpzinstall.log
2013-06-26 16:52 - 2013-07-07 18:31 - 0000227 _____ () C:\ProgramData\LastUpdate.xml

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-03-14 23:58

==================== Ende von FRST.txt ============================

tomka 20.03.2017 00:24
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-03-2017
durchgeführt von ****** (19-03-2017 23:44:31)
Gestartet von C:\Users\******\Downloads
Windows 7 Professional Service Pack 1 (X64) (2013-06-26 15:49:52)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1480473739-3576749651-3455334848-500 - Administrator - Disabled)
Gast (S-1-5-21-1480473739-3576749651-3455334848-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1480473739-3576749651-3455334848-1004 - Limited - Enabled)
Sonos (S-1-5-21-1480473739-3576749651-3455334848-1005 - Limited - Enabled)
****** (S-1-5-21-1480473739-3576749651-3455334848-1000 - Administrator - Enabled) => C:\Users\******

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Aangifte inkomstenbelasting 2011 (HKLM-x32\...\Aangifte inkomstenbelasting 2011) (Version:  - Belastingdienst)
Aangifte inkomstenbelasting 2013 (HKLM-x32\...\Aangifte inkomstenbelasting 2013) (Version:  - Belastingdienst)
ActivePerl 5.20.2 Build 2002 (64-bit) (HKLM\...\{C07C5E6C-2225-4668-896C-31A7D105A9BB}) (Version: 5.20.2002 - ActiveState)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 23.0.0.257 - Adobe Systems Incorporated)
Adobe Connect 9 Add-in (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Adobe Connect 9 Add-in) (Version: 11,9,972,8 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Flash Player 25 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.12020 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.12020 - Cisco Systems, Inc.) Hidden
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.4.0.8014 - Citrix Systems, Inc.)
Crayon Physics Deluxe Demo version 55_demo (HKLM-x32\...\{1AB2519C-B340-4B0C-9F81-BCF32A842EBF}_is1) (Version: 55_demo - Kloonigames, Ltd)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Dropbox) (Version: 21.4.25 - Dropbox, Inc.)
Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.68.10 - Lenovo Group Limited)
EPSON BX620FWD Series Printer Uninstall (HKLM\...\EPSON BX620FWD Series) (Version:  - SEIKO EPSON Corporation)
EPSON BX635FWD Series Printer Uninstall (HKLM\...\EPSON BX635FWD Series) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EpsonNet Config V4 (HKLM-x32\...\{08013FB5-DF8B-4D29-9B5E-B3DE88EBA6CA}) (Version: 4.1.1 - SEIKO EPSON CORPORATION)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
ExpressVPN v3.305 (HKLM-x32\...\ExpressVPN) (Version: v3.305 - )
Free WMA to MP3 Converter 1.16 (HKLM-x32\...\Free WMA to MP3 Converter_is1) (Version:  - Jodix Technologies Ltd.)
G*Power 3.1.9.2 (HKLM-x32\...\{F9C59D86-6F65-4EDB-89A2-FBA1F78762D2}) (Version: 3.1.92 - Franz Faul, Uni Kiel, Germany)
GOG.com Heroes of Might and Magic 3 (HKLM\...\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb) (Version:  - )
Google Apps Migration For Microsoft Outlook® 4.0.30.10 (HKLM-x32\...\{141D6939-CB21-419F-9FCC-506A2CD03110}) (Version: 4.0.30.10 - Google, Inc.)
Google Apps Sync™ for Microsoft Outlook® 3.8.440.1250 (HKLM-x32\...\{091C294E-F243-432C-93E1-DEC4C2B9635B}) (Version: 3.8.440.1250 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Hema Fotoalbum (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\{83EF9202-135C-4AFC-A083-DE9D09C6BC46}_is1) (Version:  - Hema)
Heroes of Might and Magic 3 Complete (HKLM-x32\...\GOGPACKHOMM3COMPLETE_is1) (Version: 2.0.0.16 - GOG.com)
IBM SPSS Statistics 20 (HKLM\...\{2AF8017B-E503-408F-AACE-8A335452CAD2}) (Version: 20.0.0.0 - IBM Corp)
inSSIDer 3 (HKLM-x32\...\{A80CEA4E-74C1-4F9F-806B-E1D9AFC01768}) (Version: 3.0.7.48 - MetaGeek, LLC)
Integrated Camera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.7.31 - SunplusIT)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.9.254 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{728985C5-A04B-457C-9D62-15360F3EAF85}) (Version: 3.1.29.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Intel® PROSet/Wireless Software (HKLM-x32\...\{9bffdf20-c3a3-4e93-9cbf-61712c6a38be}) (Version: 17.13.2 - Intel Corporation)
JabRef 2.10 (HKLM-x32\...\JabRef 2.10) (Version: 2.10 - JabRef Team)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Lenovo Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 8.80.10 - Lenovo)
Lenovo App Shop (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 44154 - Intel)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.13 - )
Lenovo Mobile Broadband Activation (HKLM-x32\...\{A95D9DF7-CF34-421A-A1DC-936A49A4DAEA}) (Version: 4.2.1003.00 - Lenovo Group Limited)
Lenovo Patch Utility (HKLM-x32\...\{6E6E7725-C7BC-4C39-8B3F-14B67331A120}) (Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Patch Utility (x32 Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (HKLM\...\{0369F866-2CE0-4EB9-B426-88FA122C6E82}) (Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Peer Connect SDK (HKLM\...\{75C87855-9CBB-4892-B1A9-74C73A19CACA}_is1) (Version: 1.0.0.1 - Lenovo)
Lenovo Power Management Driver (Version: 1.67.12.16 - Lenovo) Hidden
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.4 - Lenovo Inc.)
Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - Lenovo)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0045 - Lenovo)
Lenovo USB 2.0 Ethernet Adapter (HKLM-x32\...\{29584513-DC7F-4EB9-8654-7C541DF0DDCE}) (Version: 1.11 - Lenovo)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0009.00 - Lenovo Group Limited)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)
Lenovo Welcome (HKLM-x32\...\{2DC26D10-CC6A-494F-BEA3-B5BC21126D5E}) (Version: 3.1.0021.00 - Lenovo Group Limited)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Master of Orion 2 (HKLM-x32\...\1207661633_is1) (Version: 2.1.0.18 - GOG.com)
MATLAB R2015b (HKLM\...\Matlab R2015b) (Version: 8.6 - MathWorks)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 - Nederlands (HKLM\...\{90150000-001F-0413-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 - Nederlands (HKLM-x32\...\{90150000-001F-0413-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50905.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mobile Broadband Drivers (HKLM-x32\...\{EA9640BE-414E-4195-B53B-7905BF1A5A09}) (Version: 7.2.5.4 - Ericsson AB)
Mozilla Firefox 51.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 de)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
Mplus Version 7.3 Demo (64-bit) (HKLM\...\{BA273660-8C9F-4835-A906-3B5686BE7AB4}) (Version: 7.3.0 - Muthen & Muthen)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
Nitro Pro 7 (HKLM\...\{36710189-55DF-4D75-8B6A-523CC61B7047}) (Version: 7.4.1.4 - Nitro PDF Software)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.3.3 - Notepad++ Team)
Octave 4.0.0 (HKLM-x32\...\Octave-4.0.0) (Version: 4.0.0 - GNU Octave)
Octoshape Streaming Services (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Octoshape Streaming Services) (Version:  - Octoshape ApS)
Online Plug-in (x32 Version: 14.4.0.8014 - Citrix Systems, Inc.) Hidden
Opera Stable 43.0.2442.1144 (HKLM-x32\...\Opera 43.0.2442.1144) (Version: 43.0.2442.1144 - Opera Software)
PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Python 2.7.10 (Anaconda 2.3.0 64-bit) (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Python 2.7.10 (Anaconda 2.3.0 64-bit)) (Version: 2.3.0 - Continuum Analytics, Inc.)
Python 3.4.3 (HKLM-x32\...\{CCD588A7-8D55-49F1-A30C-47FAB40889ED}) (Version: 3.4.16490 - Python Software Foundation)
Python 3.5.2 (Anaconda3 4.1.1 64-bit) (HKLM\...\Python 3.5.2 (Anaconda3 4.1.1 64-bit)) (Version: 4.1.1 - Continuum Analytics, Inc.)
R for Windows 3.0.1 (HKLM\...\R for Windows 3.0.1_is1) (Version: 3.0.1 - R Core Team)
R for Windows 3.0.3 (HKLM\...\R for Windows 3.0.3_is1) (Version: 3.0.3 - R Core Team)
R for Windows 3.2.0 (HKLM\...\R for Windows 3.2.0_is1) (Version: 3.2.0 - R Core Team)
R for Windows 3.2.2 (HKLM\...\R for Windows 3.2.2_is1) (Version: 3.2.2 - R Core Team)
R for Windows 3.3.1 (HKLM\...\R for Windows 3.3.1_is1) (Version: 3.3.1 - R Core Team)
RapidBoot Shield (HKLM\...\{5E2652DF-743F-482B-A593-C95F431A5769}) (Version: 1.23 - Lenovo)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7040 - Realtek Semiconductor Corp.)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
RICOH_Media_Driver_v2.14.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH)
RStudio (HKLM-x32\...\RStudio) (Version: 0.99.489 - RStudio)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.43.0 - SAMSUNG Electronics Co., Ltd.)
Self-Service Plug-in (x32 Version: 4.4.0.11833 - Citrix Systems, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
Sonos Controller (HKLM-x32\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 34.16.37101 - Sonos, Inc.)
Spotify (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Spotify) (Version: 1.0.50.41368.gbd68dbef - Spotify AB)
SRWare Iron version 48.2550.2 (HKLM-x32\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: 48.2550.2 - SRWare)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version:  - )
Synology Cloud Station Backup (remove only) (HKLM\...\Synology Cloud Station Backup) (Version: 4.0.4204 - Synology, Inc.)
Synology Cloud Station Drive (HKLM-x32\...\{A2E63753-A06C-40ED-902E-BBD8250B1CAD}) (Version: 4.0.4204 - Synology)
TeXnicCenter Version 2.02 Stable (HKLM\...\TeXnicCenter_is1) (Version: 2.02 Stable - The TeXnicCenter Team)
TeXstudio 2.6.2 (HKLM-x32\...\TeXstudio_is1) (Version: 2.6.2 - Benito van der Zander)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.4500 - Broadcom Corporation)
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.14 - )
ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 6.25.65 - Lenovo)
ThinkVantage Access Connections (HKLM-x32\...\{A62AEB2B-E2A0-4E77-8AAE-9645FE3B5487}) (Version: 5.95 - Lenovo)
ThinkVantage Fingerprint Software (HKLM\...\{F58DA859-016E-492D-A588-317D9BB28002}) (Version: 5.9.9.7282 - Authentec Inc.)
ThinkVantage GPS (HKLM-x32\...\{6DB21B2C-2BEF-44B4-B264-8EC2BC2369C6}) (Version: 2.81 - Lenovo)
VIP Access (HKLM-x32\...\{E8D46836-CD55-453C-A107-A59EC51CB8DC}) (Version: 2.0.5.13 - VeriSign)
****** Desktop (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\storeservi-ee876895@@******.****** Desktop $S1-1) (Version: 1.0 - Delivered by Citrix)
Web Companion (HKLM-x32\...\{6ece3bf6-3694-4acf-b158-16f51a2c6b56}) (Version: 2.1.1265.2535 - Lavasoft)
Widevine Media Optimizer Chrome 6.0.0 (HKLM-x32\...\optimizer_chrome) (Version: 6.0.0.12442 - Widevine Technologies)
Widevine Media Optimizer Chrome 6.0.0 (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\optimizer_chrome) (Version: 6.0.0.12442 - Widevine Technologies)
Widevine Media Optimizer IE 6.0.0 (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\optimizer_ie) (Version: 6.0.0.12757 - Widevine Technologies)
WinDirStat 1.1.2 (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\WinDirStat) (Version:  - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-Treiberpaket - Intel (ISCT) System  (08/23/2011 1.0.5.0) (HKLM\...\8D1FA6162A87496A05284A0C76A3B76705965B62) (Version: 08/23/2011 1.0.5.0 - Intel)
Windows-Treiberpaket - Intel System  (01/11/2012 9.3.0.1020) (HKLM\...\09839A9B5EDA69DA2DCC34637B5140AAF8A53B44) (Version: 01/11/2012 9.3.0.1020 - Intel)
Windows-Treiberpaket - Intel System  (08/26/2011 9.3.0.1011) (HKLM\...\9D7CD466F7FC8B18FF1B84943B7BB8648D17FCE8) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Intel System  (08/26/2011 9.3.0.1011) (HKLM\...\D8EF6CACF49BD33CC1FACD124C8CC2B1A8E8AE35) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Intel USB  (08/26/2011 9.3.0.1011) (HKLM\...\97EE1802A0385A37DE6323FA39EC76BEB2D73E41) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Lenovo 1.65.05.20 (02/29/2012 1.65.05.20) (HKLM\...\E3535F123E7F666D573665142F90D3E5004DC326) (Version: 02/29/2012 1.65.05.20 - Lenovo)
Windows-Treiberpaket - Synaptics (SmbDrv) System  (07/05/2012 16.2.5.0) (HKLM\...\99334E0BAA64ED1D117794050F2AA7D3951D9A7D) (Version: 07/05/2012 16.2.5.0 - Synaptics)
Windows-Treiberpaket - Synaptics (SynTP) Mouse  (07/05/2012 16.2.5.0) (HKLM\...\0395D83D6A2C0E110509B9E80E9BC5F29238FA82) (Version: 07/05/2012 16.2.5.0 - Synaptics)
Zoom (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\ZoomUMX) (Version: 3.5 - Zoom Video Communications, Inc.)
Zotero Standalone 4.0.29.10 (x86 en-US) (HKLM-x32\...\Zotero Standalone 4.0.29.10 (x86 en-US)) (Version: 4.0.29.10 - Zotero)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\******\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AC}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
CustomCLSID: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AD}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {04B8EF9D-CD39-4182-8842-9B08430F0197} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2017-01-18] ()
Task: {0604997D-52D6-4514-AE28-F1DE449BF276} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {11257F63-5297-4886-AFC6-2211F6C9B8A3} - System32\Tasks\{AD1218B3-DC59-4081-8A45-2014706A72CC} => pcalua.exe -a "C:\Users\******\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4EH50OQF\AVM_FRITZ!WLAN_Repeater_310_Assistent.exe" -d C:\Users\******\Desktop
Task: {13D992D7-888A-4AAF-B17E-0ED000690458} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_127_pepper.exe [2017-03-15] (Adobe Systems Incorporated)
Task: {16D76F82-AC80-4041-BCAC-6798F30CD84B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000UA => C:\Users\******\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {223DFF31-BFCA-43FF-8339-C43B221A089F} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe [2016-04-14] (Lenovo Group Limited)
Task: {23E62AD8-63C7-49C4-8D88-568E37D12038} - System32\Tasks\{E661EA14-4831-4DC9-BA24-1F58FD3A9520} => C:\Users\******\Downloads\alfatest.exe
Task: {2A225316-1432-459F-9552-0F316D99B9BB} - System32\Tasks\MATLAB R2015b Startup Accelerator => C:\Program Files\MATLAB\R2015b\bin\win64\MATLABStartupAccelerator.exe [2015-07-30] ()
Task: {4ED24D9E-64F9-4EFD-8D62-2A46AB7FD6F4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000Core => C:\Users\******\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {5101C02D-4ACA-41E8-A6F5-210953BD81F2} - System32\Tasks\{9F4FBCB7-441F-4042-8998-402A08F71CD7} => C:\Users\******\Downloads\alfatest.exe
Task: {51527F61-8136-4602-9BBD-7F6A3386DE9E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-15] (Adobe Systems Incorporated)
Task: {516DE39E-4BC8-46DC-98B3-4E384F30F3C3} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000UA => C:\Users\******\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {544E4E1D-B75D-4BB3-A0C9-D1FF08669CC2} - System32\Tasks\{96C4092B-3E36-4FFF-A252-679948D94E24} => C:\Users\******\Downloads\alfatest.exe
Task: {646D7B7F-B14A-469C-8AD8-BB0FB8EC24F5} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [2016-06-02] ()
Task: {7A94AD62-0252-460D-9461-2AECDE893A62} - System32\Tasks\{B5103088-5AA1-4ED1-B052-EE1CD81AA67F} => C:\Users\******\Downloads\alfatest.exe
Task: {7ED977C3-E5A3-4DF8-A891-8CAC05FDC42C} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {81950FA3-3AF2-4847-B96B-94549F81FE8A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {8B1A1E8D-C0C0-4103-A1F3-3F622D197ACF} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000Core => C:\Users\******\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {A0C547F0-617C-40D8-9079-033C06E2AFA0} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {A66A4169-D399-41CB-8193-6621E49CB98E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {A9A553D2-A554-44FC-95C8-5FA6297B2471} - System32\Tasks\{396E50AE-0DBA-4615-A96F-CFE4DC2D9EF1} => C:\Users\******\Downloads\alfatest.exe
Task: {ACA06C7F-29C4-4B82-9EE4-5D7963A33E65} - System32\Tasks\{7389CD34-2D3B-4788-99E0-2FA2C4B12C48} => C:\Users\******\Downloads\alfatest.exe
Task: {AE958A85-104F-49B4-BB51-ED3F76BFD594} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => %ProgramFiles(x86)%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {C6BF3026-2C4E-4AA4-BC5A-B1168C431C62} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-01] (Lenovo)
Task: {CE9FB232-A20A-4B40-BDDE-6185834DBC42} - System32\Tasks\{1D30A00C-6ED6-4D93-B8A1-4E559F3B335B} => C:\Users\******\Downloads\alfatest.exe
Task: {D2A57E6F-F90F-4E0A-8870-20C421B5B0C3} - System32\Tasks\{BC072FDB-9C95-45AD-8328-17D7B8A4868E} => C:\Users\******\Downloads\alfatest.exe
Task: {D63B89A4-B7CE-47C3-9233-92909828A987} - System32\Tasks\{010A5FF7-A151-4825-B0EA-879607C5D583} => C:\Users\******\Downloads\alfatest.exe
Task: {D7CDE812-B353-455D-8286-DE0FC7CFEE28} - System32\Tasks\{D82A1DC1-78A4-4231-BB44-53D94432F129} => C:\Users\******\Downloads\alfatest.exe
Task: {D878A05F-D674-4915-8F9F-E9E7706D7DE1} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2017-01-18] ()
Task: {E3C18149-1EC2-429A-83A7-E2C63EA57782} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-06-02] (Lenovo)
Task: {E6402E65-A275-44D8-AAFA-BF21A3E4F87B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {F48E1F98-29F4-41DA-BD62-3A2D7F31EB1D} - System32\Tasks\Opera scheduled Autoupdate 1420761345 => C:\Program Files (x86)\Opera\launcher.exe [2017-02-27] (Opera Software)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000Core.job => C:\Users\******\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000UA.job => C:\Users\******\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\MATLAB R2015b Startup Accelerator.job => C:\Program Files\MATLAB\R2015b\bin\win64\MATLABStartupAccelerator.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\******\Documents\Studium\Hiwi\Medieninhaltsforschung\Eigene Websites auf MSN\target.lnk -> hxxp://de.msnusers.co
Shortcut: C:\Users\******\Documents\Studium\Hiwi\Hiwi\Medieninhaltsforschung\Eigene Websites auf MSN\target.lnk -> hxxp://de.msnusers.co

ShortcutWithArgument: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda (64-bit)\Anaconda Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k "C:\Users\******\AppData\Local\Dato\Dato Launcher\Scripts\anaconda.bat"
ShortcutWithArgument: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda (64-bit)\Wakari (in the cloud).lnk -> C:\Users\******\AppData\Local\Dato\Dato Launcher\pythonw.exe () -> -m webbrowser -t "hxxps://www.wakari.io/"

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-04-12 07:15 - 2016-04-12 07:15 - 00287240 _____ () C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe
2016-04-12 14:47 - 2016-04-12 14:47 - 00287240 _____ () C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe
2016-03-18 06:41 - 2016-03-18 06:41 - 00248840 _____ () C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
2015-10-17 18:41 - 2015-07-30 17:57 - 00045056 _____ () C:\Program Files\MATLAB\R2015b\bin\win64\MATLABStartupAccelerator.exe
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2013-06-04 23:37 - 2016-03-02 00:52 - 00102904 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-06-04 23:38 - 2016-04-14 05:08 - 00119808 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2017-02-07 21:13 - 2017-02-01 10:47 - 02459992 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-07 21:13 - 2017-02-01 10:47 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
2017-01-30 10:02 - 2017-01-18 16:36 - 00023416 _____ () C:\Program Files (x86)\Lenovo\System Update\SUService.exe
2015-10-23 09:15 - 2015-10-23 09:15 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2016-06-27 23:19 - 2016-06-27 23:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll
2013-06-04 23:36 - 2011-07-13 09:10 - 00065576 ____R () C:\Program Files (x86)\Mobile Broadband drivers\WMCore\MBMDebug.dll
2017-03-09 00:34 - 2017-03-06 21:59 - 00807232 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\dropbox_watchdog.dll
2015-12-12 12:27 - 2017-02-09 03:19 - 00035792 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2015-12-12 12:27 - 2017-02-09 03:19 - 00100296 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-12 12:27 - 2017-02-09 03:19 - 00018888 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-12 12:27 - 2017-03-06 22:01 - 00019776 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-12-12 12:27 - 2017-02-09 03:19 - 00694224 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2017-03-09 00:34 - 2017-03-06 22:01 - 00020824 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-12 12:27 - 2017-02-09 03:20 - 00123856 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2017-03-09 00:34 - 2017-03-06 22:01 - 01682768 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2017-03-09 00:34 - 2017-03-06 22:01 - 00020816 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2017-03-09 00:34 - 2017-02-09 03:19 - 00145864 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2017-03-09 00:34 - 2017-02-09 03:20 - 00019408 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2017-03-09 00:34 - 2017-02-09 03:19 - 00116688 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-12 12:27 - 2017-02-09 03:22 - 00105928 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-08-06 17:40 - 2017-03-06 22:01 - 00022864 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2017-03-09 00:34 - 2017-03-06 22:01 - 00038712 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\fastpath.pyd
2017-03-09 00:34 - 2017-03-06 22:01 - 00060736 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2015-12-12 12:27 - 2017-02-09 03:22 - 00024528 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-12-12 12:27 - 2017-02-09 03:22 - 00175560 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32gui.pyd
2017-03-09 00:34 - 2017-02-09 03:19 - 00392144 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2017-03-09 00:34 - 2017-02-09 03:22 - 00020936 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-12 12:27 - 2017-02-09 03:22 - 00116176 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-12 12:27 - 2017-03-06 22:01 - 00381760 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-12 12:27 - 2017-02-09 03:22 - 00124880 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-08-06 17:40 - 2017-03-06 22:01 - 00026456 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2015-12-12 12:27 - 2017-02-09 03:22 - 00024016 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-12 12:27 - 2017-02-09 03:22 - 00030160 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-12 12:27 - 2017-02-09 03:22 - 00043472 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-12 12:27 - 2017-02-09 03:22 - 00048592 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32service.pyd
2015-12-12 12:27 - 2017-02-09 03:22 - 00057808 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2015-12-12 12:27 - 2017-02-09 03:22 - 00024016 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32profile.pyd
2017-03-09 00:34 - 2017-03-06 22:01 - 00246608 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2017-03-09 00:34 - 2017-03-06 22:01 - 00027488 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-08-06 17:40 - 2017-02-09 03:21 - 00241104 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\_jpegtran.pyd
2017-03-09 00:34 - 2017-03-06 22:01 - 00022336 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-12-12 12:27 - 2017-03-06 22:01 - 00025432 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-12 12:27 - 2017-02-09 03:22 - 00028616 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32ts.pyd
2017-03-09 00:34 - 2017-03-06 22:01 - 01826104 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-12 12:27 - 2017-02-09 03:20 - 00083912 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\sip.pyd
2017-03-09 00:34 - 2017-03-06 22:01 - 01972536 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2017-03-09 00:34 - 2017-03-06 22:01 - 03928896 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2017-03-09 00:34 - 2017-03-06 22:01 - 00531264 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2017-02-28 01:43 - 2017-03-06 22:01 - 00053072 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\winrpcserver.compiled._RPCServer.pyd
2017-03-09 00:34 - 2017-03-06 22:01 - 00133432 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2017-03-09 00:34 - 2017-03-06 22:01 - 00224064 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2017-03-09 00:34 - 2017-03-06 22:01 - 00207680 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2017-01-25 08:40 - 2017-03-06 22:01 - 00022864 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\winffi.user32.compiled._winffi_user32.pyd
2017-01-25 08:40 - 2017-03-06 22:01 - 00022872 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-01-25 08:40 - 2017-03-06 22:01 - 00021848 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\winffi.winerror.compiled._winffi_winerror.pyd
2017-01-25 08:40 - 2017-03-06 22:01 - 00022872 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\winffi.wininet.compiled._winffi_wininet.pyd
2015-12-12 12:27 - 2017-02-09 03:22 - 00350152 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-02-11 22:03 - 2017-03-06 22:01 - 00023896 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2017-03-09 00:34 - 2017-03-06 22:01 - 00025936 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2017-03-09 00:34 - 2017-02-09 03:17 - 00036296 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\librsync.dll
2017-03-09 00:34 - 2017-03-06 22:01 - 00084288 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2017-03-09 00:34 - 2017-02-09 03:27 - 00017864 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\libEGL.dll
2017-03-09 00:34 - 2017-02-09 03:27 - 01631184 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2017-03-09 00:34 - 2017-03-06 22:01 - 00042816 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2017-03-09 00:34 - 2017-03-06 22:01 - 00171336 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2017-03-09 00:34 - 2017-03-06 22:01 - 00357688 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2015-12-12 12:27 - 2017-02-09 03:22 - 00060880 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32print.pyd
2016-08-06 17:40 - 2017-03-06 22:01 - 00026456 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-03-09 00:34 - 2017-03-06 22:01 - 00546104 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2013-06-04 23:41 - 2013-06-19 19:10 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
2013-06-04 23:41 - 2013-06-19 19:10 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
2013-06-04 23:41 - 2013-06-19 19:10 - 00016896 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
2013-06-04 23:41 - 2013-06-19 19:10 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
2013-06-04 23:41 - 2013-06-19 19:10 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
2013-06-04 23:41 - 2013-06-19 19:10 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
2013-06-04 23:41 - 2013-06-19 19:10 - 00020480 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
2013-06-04 23:41 - 2013-06-19 19:10 - 00446976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll
2013-06-04 23:41 - 2013-06-19 19:10 - 00064512 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll
2017-03-02 22:17 - 2017-03-02 22:17 - 00123918 _____ () C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\libgcc_s_dw2-1.dll
2017-03-02 22:17 - 2017-03-02 22:17 - 01026062 _____ () C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\libstdc++-6.dll
2017-03-02 22:17 - 2017-03-02 22:17 - 00524460 _____ () C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\libcurl-4.dll
2017-03-02 22:17 - 2017-03-02 22:17 - 00115214 _____ () C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\zlib1.dll
2017-03-02 22:17 - 2017-03-02 22:17 - 03095505 _____ () C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\icuin53.dll
2017-03-02 22:17 - 2017-03-02 22:17 - 01798570 _____ () C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\icuuc53.dll
2017-03-02 22:17 - 2017-03-02 22:17 - 21565192 _____ () C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\icudt53.dll
2017-03-02 22:17 - 2017-03-02 22:17 - 03036942 _____ () C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\libsqlite3-0.dll
2017-03-02 22:17 - 2017-03-02 22:17 - 00712704 _____ () C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\platforms\qwindows.dll
2017-03-02 22:17 - 2017-03-02 22:17 - 00031744 _____ () C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\imageformats\qgif.dll
2017-03-02 22:17 - 2017-03-02 22:17 - 00046080 _____ () C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\imageformats\qicns.dll
2017-03-02 22:17 - 2017-03-02 22:17 - 00032768 _____ () C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\imageformats\qico.dll
2017-03-02 22:17 - 2017-03-02 22:17 - 00516608 _____ () C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\imageformats\qjp2.dll
2017-03-02 22:17 - 2017-03-02 22:17 - 00243200 _____ () C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\imageformats\qjpeg.dll
2017-03-02 22:17 - 2017-03-02 22:17 - 00431616 _____ () C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\imageformats\qtiff.dll
2017-03-02 22:16 - 2017-03-02 22:16 - 00123918 _____ () C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\libgcc_s_dw2-1.dll
2017-03-02 22:16 - 2017-03-02 22:16 - 01026062 _____ () C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\libstdc++-6.dll
2017-03-02 22:16 - 2017-03-02 22:16 - 00524460 _____ () C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\libcurl-4.dll
2017-03-02 22:16 - 2017-03-02 22:16 - 00115214 _____ () C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\zlib1.dll
2017-03-02 22:16 - 2017-03-02 22:16 - 03095505 _____ () C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\icuin53.dll
2017-03-02 22:16 - 2017-03-02 22:16 - 01798570 _____ () C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\icuuc53.dll
2017-03-02 22:16 - 2017-03-02 22:16 - 21565192 _____ () C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\icudt53.dll
2017-03-02 22:16 - 2017-03-02 22:16 - 03036430 _____ () C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\libsqlite3-0.dll
2017-03-02 22:16 - 2017-03-02 22:16 - 00712704 _____ () C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\platforms\qwindows.dll
2017-03-02 22:16 - 2017-03-02 22:16 - 00031744 _____ () C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qgif.dll
2017-03-02 22:16 - 2017-03-02 22:16 - 00046080 _____ () C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qicns.dll
2017-03-02 22:16 - 2017-03-02 22:16 - 00032768 _____ () C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qico.dll
2017-03-02 22:16 - 2017-03-02 22:16 - 00516608 _____ () C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qjp2.dll
2017-03-02 22:16 - 2017-03-02 22:16 - 00243200 _____ () C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qjpeg.dll
2017-03-02 22:16 - 2017-03-02 22:16 - 00431616 _____ () C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qtiff.dll
2013-06-27 09:41 - 2013-05-13 14:15 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\AdwCleaner:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Boot:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Config.Msi:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Documents and Settings:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Dokumente und Einstellungen:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\DRIVERS:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Intel:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\MSOCache:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\PerfLogs:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Program Files:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Program Files (x86):IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Programme:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\swshare:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\SWTOOLS:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\System Volume Information:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Workspace R:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\All Users:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Adobe:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Application Data:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Brother:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Cisco:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Desktop:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Documents:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Dokumente:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Downloaded Installations:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\EPSON:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Favoriten:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Favorites:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\FileOpen:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\IDM:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Intel:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Lenovo:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\MacheenService:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Malwarebytes:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\McAfee:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft Help:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Mozilla:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Nitro PDF:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Norton:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\NortonInstaller:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Oracle:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Package Cache:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\regid.1986-12.com.adobe:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\SafeNet Sentinel:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Samsung:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Simply Super Software:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Skype:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Sophos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\SPSS:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Spybot - Search & Destroy:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Start Menu:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Startmenü:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\TEMP:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Templates:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Vorlagen:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programme:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EpsonNet:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo App Shop:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeXstudio:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Anwendungsdaten:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Application Data:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Desktop:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Documents:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Downloads:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Druckumgebung:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Eigene Dateien:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Favorites:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Links:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Local Settings:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Lokale Einstellungen:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Music:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\My Documents:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\NetHood:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Netzwerkumgebung:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Pictures:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\PrintHood:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Recent:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Roaming:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Saved Games:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\SendTo:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Start Menu:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Startmenü:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Templates:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Vorlagen:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Local:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Roaming:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Roaming\IMAT:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Macromedia:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Media Center Programs:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Microsoft:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Local\Anwendungsdaten:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Local\Application Data:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Local\History:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Local\Microsoft:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Local\Microsoft Help:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Local\Temporary Internet Files:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Local\Verlauf:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Documents\Eigene Bilder:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Documents\Eigene Musik:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Documents\Eigene Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Documents\My Music:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Documents\My Pictures:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Documents\My Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Local:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Roaming:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\IMAT:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Macromedia:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Media Center Programs:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Microsoft:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Local\Anwendungsdaten:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Local\Application Data:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Local\History:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Local\Microsoft:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Local\Microsoft Help:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Local\Temporary Internet Files:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Local\Verlauf:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\Documents\Eigene Bilder:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\Documents\Eigene Musik:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\Documents\Eigene Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\Documents\My Music:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\Documents\My Pictures:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\Documents\My Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Desktop:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Documents:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Downloads:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Favorites:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Lenovo:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Libraries:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Music:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Pictures:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Recorded TV:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Roaming:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Symantec:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Downloads\Norton:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Documents\Eigene Bilder:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Documents\Eigene Musik:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Documents\Eigene Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Documents\My Music:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Documents\My Pictures:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Documents\My Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\.spss:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Anwendungsdaten:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Application Data:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Contacts:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Cookies:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Desktop:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Documents:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Downloads:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Dropbox:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Druckumgebung:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Eigene Dateien:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Favorites:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Links:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Lokale Einstellungen:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Music:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Netzwerkumgebung:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Pictures:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Recent:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Roaming:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Searches:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\SendTo:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Startmenü:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Vorlagen:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Desktop\project_description draft 29_TK.docx:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\******\Downloads\VlVNQy5WVW1jIERlc2t0b3AgJFMxLTE- (1).ica:icasource [223]
AlternateDataStreams: C:\Users\******\Downloads\VlVNQy5WVW1jIERlc2t0b3AgJFMxLTE- (2).ica:icasource [223]
AlternateDataStreams: C:\Users\******\Downloads\VlVNQy5WVW1jIERlc2t0b3AgJFMxLTE- (3).ica:icasource [223]
AlternateDataStreams: C:\Users\******\Downloads\VlVNQy5WVW1jIERlc2t0b3AgJFMxLTE- (4).ica:icasource [223]
AlternateDataStreams: C:\Users\******\Downloads\VlVNQy5WVW1jIERlc2t0b3AgJFMxLTE- (5).ica:icasource [224]
AlternateDataStreams: C:\Users\******\Downloads\VlVNQy5WVW1jIERlc2t0b3AgJFMxLTE- (6).ica:icasource [224]
AlternateDataStreams: C:\Users\******\Downloads\VlVNQy5WVW1jIERlc2t0b3AgJFMxLTE- (7).ica:icasource [224]
AlternateDataStreams: C:\Users\******\Downloads\VlVNQy5WVW1jIERlc2t0b3AgJFMxLTE- (8).ica:icasource [224]
AlternateDataStreams: C:\Users\******\Downloads\VlVNQy5WVW1jIERlc2t0b3AgJFMxLTE- (9).ica:icasource [224]
AlternateDataStreams: C:\Users\******\Downloads\VlVNQy5WVW1jIERlc2t0b3AgJFMxLTE-.ica:icasource [223]
AlternateDataStreams: C:\Users\******\AppData\Local:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\LocalLow:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Adobe:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\CoSoSys:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Dropbox:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\EPSON:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\FileOpen:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Identities:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\IDM:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Intel:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\LavasoftStatistics:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Leadertech:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Lenovo:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Macromedia:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Malwarebytes:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Media Center Programs:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Mozilla:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\MyPhoneExplorer:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Nitro PDF:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Notepad++:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Opera:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\PDAppFlex:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\PwrMgr:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Samsung:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Skype:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Spotify:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\texstudio:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Adobe:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Anwendungsdaten:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Broadcom:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Cisco:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Diagnostics:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Downloaded Installations:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\ElevatedDiagnostics:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Google:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\GPSENABLER:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Hema Fotoalbum:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\IBM:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\javasharedresources:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Lenovo:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\LSC:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Macromedia:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\MetaGeek,_LLC:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Microsoft:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Microsoft Help:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\MobileAccess:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Mozilla:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\ms-drivers:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Opera:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\PDF24:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Programs:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\RStudio-Desktop.bu:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Samsung:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Spotify:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Temp:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Temporary Internet Files:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\VeriSign:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Verlauf:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\VirtualStore:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\LocalLow\Adobe:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\LocalLow\IDM:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\LocalLow\Intel:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\LocalLow\Microsoft:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\LocalLow\PlayReady:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\LocalLow\Sun:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\LocalLow\Symantec:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\LocalLow\VeriSign:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Documents\Eigene Bilder:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Documents\Eigene Musik:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Documents\Eigene Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Documents\Finanzen:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Documents\R:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Documents\Studium:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programme:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hema Fotoalbum:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MetaGeek:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup:IMAT__DS_DIR_HDR [6146]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\100sexlinks.com -> 100sexlinks.com

Da befinden sich 4788 mehr Seiten.


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2015-10-16 12:47 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1      localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\******\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 62.179.104.196 - 213.46.228.196
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupfolder: C:^Users^******^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Citrix Receiver.lnk => C:\Windows\pss\Citrix Receiver.lnk.Startup
MSCONFIG\startupreg: AcWin7Hlpr => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: ConnectionCenter => "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
MSCONFIG\startupreg: Google Update => "C:\Users\******\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: Integrated Camera_Monitor => C:\Program Files (x86)\Integrated Camera\monitor.exe
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LENOVO.TPKNRRES => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
MSCONFIG\startupreg: LenovoNal => C:\Program Files\Lenovo\Lenovo Peer Connect\NalService.exe
MSCONFIG\startupreg: Octoshape Streaming Services => "C:\Users\******\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: PWMTRV => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
MSCONFIG\startupreg: Redirector => "C:\Program Files (x86)\Citrix\ICA Client\redirector.exe" /startup
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\******\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\******\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{2B063FA6-477F-48FA-9D1E-3BDBBDEB2DE6}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{EDD477BC-C5F1-4E0C-AD2F-EAB87CBE2016}] => (Allow) LPort=2869
FirewallRules: [{03D5C4C4-1599-4012-AD49-5002A9EA33DD}] => (Allow) LPort=1900
FirewallRules: [{34A60A08-403E-4FD9-86AE-64718FB480EF}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{EF5C29A3-17C3-46AC-91A1-F104C6D38372}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{7BA793EC-F5F6-4071-992C-E69FEA754B68}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{44D10574-CC59-4D88-A295-485DA2832F38}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F6FD2F10-D1DB-47D9-8902-2643C5E69F79}] => (Allow) C:\Users\******\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{36428086-0079-4F5C-BAA1-ADC33A93C5A4}] => (Allow) C:\Users\******\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{0E310144-12A2-4304-B85D-67C0B79B1E3E}] => (Allow) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
FirewallRules: [{EF0AF0CC-7E9B-400C-AF5B-4BEA2C18386F}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{658B0361-312C-421C-8ECA-CA0C1E879717}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{22E03A7D-DA2D-4C2A-ABF2-8C8A40C6CFF1}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Config V4\ENConfig.exe
FirewallRules: [{C7DB25E6-D90E-4F4A-A745-29D1622204C1}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Config V4\ENConfig.exe
FirewallRules: [TCP Query User{5837FA49-EC04-4CE2-A17F-5469621E5F70}C:\users\******\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\******\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{C81CF274-8D28-4900-94C1-2F1891831C07}C:\users\******\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\******\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{E3EF79E9-FE81-445C-9358-86918EBEBB9E}C:\users\******\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\******\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{1C160363-0105-456F-B3D6-8A10B374F511}C:\users\******\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\******\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{E2ECEC31-40B6-4B15-B912-4E7378DF0193}C:\users\******\appdata\local\hola\firefox\app\hola_plugin.exe] => (Allow) C:\users\******\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [UDP Query User{4CA88648-4EDA-4AF1-95D5-B3B155D7CCFB}C:\users\******\appdata\local\hola\firefox\app\hola_plugin.exe] => (Allow) C:\users\******\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [{575915FC-4116-470F-8057-4C9DFAC272F6}] => (Allow) C:\Program Files (x86)\Sonos\Sonos.exe
FirewallRules: [{AE4AA11B-7BE4-4429-9D7B-BCF8EC179EC1}] => (Allow) C:\Program Files (x86)\Sonos\Sonos.exe
FirewallRules: [{522142AE-B1C9-423A-B3CD-8ED4EA0DBE7A}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{6844444C-9084-4822-A681-A85969309E62}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8CE040F5-BCF4-4718-86D9-4A0CA9DFC42F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{26696B35-988E-4352-AB60-6F6A3533F30F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{295B1CB8-60F5-4973-A4E9-D9183FF7D7E7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{EEE28765-7988-4C32-8C15-18C3985B6C3B}C:\program files\rstudio\bin\x64\rsession.exe] => (Block) C:\program files\rstudio\bin\x64\rsession.exe
FirewallRules: [UDP Query User{855EC420-ECEE-40AD-AF0E-577EAC717B99}C:\program files\rstudio\bin\x64\rsession.exe] => (Block) C:\program files\rstudio\bin\x64\rsession.exe
FirewallRules: [TCP Query User{7350319E-0F08-45DE-8720-778FAE3F4BE2}C:\program files\rstudio\bin\x64\rsession.exe] => (Allow) C:\program files\rstudio\bin\x64\rsession.exe
FirewallRules: [UDP Query User{0BBBA499-F433-4961-A3EC-B78DFE79ACED}C:\program files\rstudio\bin\x64\rsession.exe] => (Allow) C:\program files\rstudio\bin\x64\rsession.exe
FirewallRules: [TCP Query User{B5E8254B-666F-4F3F-AAC6-44B00DF7DB05}C:\program files\ibm\spss\statistics\20\stats.exe] => (Block) C:\program files\ibm\spss\statistics\20\stats.exe
FirewallRules: [UDP Query User{BA67F580-5769-4870-949B-2ED14217B91D}C:\program files\ibm\spss\statistics\20\stats.exe] => (Block) C:\program files\ibm\spss\statistics\20\stats.exe
FirewallRules: [TCP Query User{29E361B7-DAC4-4E87-BF0D-A19A1120F3DB}C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe] => (Block) C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe
FirewallRules: [UDP Query User{02FB5303-C161-4D8E-AE4D-97E3B2304D45}C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe] => (Block) C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe
FirewallRules: [{240CDADA-91DD-4300-BFCE-2DF6624EC536}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{EEAA9EF9-4B6D-4402-8DB2-3DFD925F37D6}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{385AB514-2CAE-424D-9881-1356F0AF0BD5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{A13725DC-B167-4403-8A11-75C886382120}] => (Allow) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe
FirewallRules: [{58CEBFBC-2BEB-4001-9541-E8BC71C08C7C}] => (Allow) C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe

==================== Wiederherstellungspunkte =========================

15-03-2017 22:05:00 Geplanter Prüfpunkt
15-03-2017 23:11:14 Windows Update
19-03-2017 19:00:11 Windows-Sicherung

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Lenovo Connect Device 1.0
Description: Lenovo Connect Device 1.0
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/19/2017 11:41:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (03/19/2017 10:55:19 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\******\Downloads\esetsmartinstaller_deu.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (03/19/2017 04:27:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CAMService.exe, Version: 1.0.0.1, Zeitstempel: 0x54077d08
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.23677, Zeitstempel: 0x589c99e1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000048f24
ID des fehlerhaften Prozesses: 0x95c
Startzeit der fehlerhaften Anwendung: 0x01d2a0c551268d34
Pfad der fehlerhaften Anwendung: C:\Program Files\Intel\CAM\bin\CAMService.exe
Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll
Berichtskennung: a1566bd6-0cb8-11e7-829d-b8763fa86bbd

Error: (03/19/2017 04:27:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (03/19/2017 12:42:44 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\r\r-3.3.1\tcl\bin64\tk85.dll". Fehler in Manifest- oder Richtliniendatei "c:\program files\r\r-3.3.1\tcl\bin64\tk85.dll" in Zeile 9.
Der Wert "x64" des "processorArchitecture"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (03/19/2017 12:42:06 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (03/19/2017 12:39:42 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\r\r-3.2.0\tcl\bin64\tk85.dll". Fehler in Manifest- oder Richtliniendatei "c:\program files\r\r-3.2.0\tcl\bin64\tk85.dll" in Zeile 9.
Der Wert "x64" des "processorArchitecture"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (03/19/2017 12:32:55 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\r\r-3.0.1\tcl\bin64\tk85.dll". Fehler in Manifest- oder Richtliniendatei "c:\program files\r\r-3.0.1\tcl\bin64\tk85.dll" in Zeile 9.
Der Wert "x64" des "processorArchitecture"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (03/19/2017 12:32:24 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\r\r-3.0.3\tcl\bin64\tk85.dll". Fehler in Manifest- oder Richtliniendatei "c:\program files\r\r-3.0.3\tcl\bin64\tk85.dll" in Zeile 9.
Der Wert "x64" des "processorArchitecture"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (03/19/2017 12:28:37 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\r\r-3.2.2\tcl\bin64\tk85.dll". Fehler in Manifest- oder Richtliniendatei "c:\program files\r\r-3.2.2\tcl\bin64\tk85.dll" in Zeile 9.
Der Wert "x64" des "processorArchitecture"-Attributs im assemblyIdentity-Element ist ungültig.


Systemfehler:
=============
Error: (03/19/2017 11:42:27 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-18) für Benutzer NT-AUTORITÄT\SYSTEM von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 und APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.

Error: (03/19/2017 11:41:28 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (03/19/2017 11:41:24 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Lenovo Platform Service erreicht.

Error: (03/19/2017 11:41:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SMI Helper Driver (smihlp2)" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.

Error: (03/19/2017 06:01:53 PM) (Source: iaStor) (EventID: 9) (User: )
Description: Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht geantwortet.

Error: (03/19/2017 04:28:28 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-18) für Benutzer NT-AUTORITÄT\SYSTEM von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 und APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.

Error: (03/19/2017 04:28:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "CAM Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/19/2017 04:27:29 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (03/19/2017 04:27:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Lenovo Platform Service erreicht.

Error: (03/19/2017 04:27:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SMI Helper Driver (smihlp2)" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.


CodeIntegrity:
===================================
  Date: 2017-03-08 12:40:28.381
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-03-08 12:38:03.530
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-02-25 15:51:41.838
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-02-25 15:51:36.149
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-02-25 15:48:44.518
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-02-25 15:46:04.663
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-02-25 15:44:07.943
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-02-25 15:43:42.642
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-02-25 15:41:35.774
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-02-25 15:41:30.442
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i7-3667U CPU @ 2.00GHz
Prozentuale Nutzung des RAM: 55%
Installierter physikalischer RAM: 7888.92 MB
Verfügbarer physikalischer RAM: 3487.76 MB
Summe virtueller Speicher: 15776.02 MB
Verfügbarer virtueller Speicher: 11615.66 MB

==================== Laufwerke ================================

Drive c: (Windows7_OS) (Fixed) (Total:200.43 GB) (Free:45.8 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive q: (Lenovo_Recovery) (Fixed) (Total:13.67 GB) (Free:3.23 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: B605DD09)
Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=200.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=8 GB) - (Type=84)

==================== Ende von Addition.txt ============================
Danke!

cosinus 20.03.2017 12:29
hi,

Zitat:
AV: Kaspersky Internet Security
Bitte deinstallieren wenn möglich.

1. wird Kaspersky nicht mehr hier empfohlen, 2. ist sowas wie "Internet Security" idR kontraproduktiv und zu aufgedunsen, 3. stören solche Programme bei der Analyse und Bereinigung.

Dass Virenscanner nicht perfekt sind dürftest du ja selbst gemerkt haben.

tomka 20.03.2017 22:39
Okay. Ich kann es deinstallieren bzw. reicht es wenn ich den erstmal für die Bereinigung ausschalte? Muss ich sonst noch etwas tun oder ist es ein Fehlalarm? Danke!


Alle Zeitangaben in WEZ +1. Es ist jetzt 01:54 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131