| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Net Command ?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
25.03.2016, 13:42
| #1 |
 |  Net Command ? Hallo, ich nutze mein Laptop meist in einem eingeschränkten Konto, und nicht als Admin. Seit kurzem öffnet sich ein Windows Fenster, dass Net Command etwas verändern will und die Berechtigung dazu möchte, was ich natürlich erstmal ablehne da mir das nichts sagt. Muss ich mir Sorgen machen, oder muss ich -mit eurer Hilfe- lieber das System scannen? |
|
25.03.2016, 15:22
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Net Command ? moin
__________________ Was heißt seit kurzem und welcher Befehl genau soll da ausgeführt werden?
__________________ |
|
25.03.2016, 15:42
| #3 |
| | Net Command Ah sorry, seit kurzem bedeutet seit gestern, ja wie beschreibe ich dieses Fenster wenn das Admin Passwort benötigt wird - ich hänge mal einen Screenshot an. Da steht zwar Herausgeber 'Microsoft Windows', aber wer weiß .. ich habe noch nicht davon gehört..
__________________ |
|
25.03.2016, 15:43
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Net Command ? Scan mit Farbar's Recovery Scan Tool (FRST) Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
 Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
25.03.2016, 15:58
| #5 |
| | Net Command ?Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01 durchgeführt von master of desaster (Administrator) auf LENOVOX220 (25-03-2016 15:48:19) Gestartet von C:\Users\master of desaster\Desktop Geladene Profile: master of desaster (Verfügbare Profile: master of desaster & master & DefaultAppPool) Platform: Windows 10 Pro (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe (Lenovo.) C:\Windows\System32\ibmpmsvc.exe (QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe (Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe () C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe (Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe (Lenovo Group Limited) C:\Program Files\Lenovo\iMController\Service\Lenovo.Modern.ImController.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe (IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Oki Data Corporation) C:\Program Files\Okidata\Print Job Accounting\oklogsvc.exe (Oki Data Corporation) C:\Program Files\Okidata\Print Job Accounting\okwchsvc.exe (Oki Data Corporation) C:\Program Files\Okidata\Print Job Accounting\opja0004.exe (Oki Data Corporation) C:\Program Files (x86)\Okidata\Web Driver Installer\opwpisv.exe (Oki Data Corporation) C:\Program Files\Okidata\Common\Extend3\portmgrsrv.exe (Oki Data Americas, Inc.) C:\Program Files (x86)\PrintSuperVision\www\bin\PSVEngine.exe (Paramount Software UK Ltd) C:\Program Files\Macrium\Reflect\ReflectService.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\mDNSResponder.exe () C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe () C:\Program Files (x86)\XSManager\WTGService.exe (Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\tunmgr.exe (QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (BlackBerry Limited) C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\BbDevMgr.exe (Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe (Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (360.cn) C:\Program Files (x86)\360\360WangPan\360WangPan.exe (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Research In Motion) C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.Helper.exe (QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Research In Motion) C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.AutoUpdate.exe (Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\PeerManager.exe (Lenovo Group Limited) C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe (Lenovo) C:\Users\master of desaster\AppData\Local\Apps\2.0\P6E8ZCAN.N4C\1TAZRD06.W1W\lsb...tion_91a10ba61c75c82d_0001.0006_f185aae74f563194\LSB.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [63728 2015-06-08] (Lenovo) HKLM\...\Run: [SynLenovoHelper] => C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe [163960 2015-12-21] (Synaptics) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15009400 2015-10-14] (Logitech Inc.) HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2011-04-01] () HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [326264 2016-02-01] (QIHU 360 SOFTWARE CO. LIMITED) HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2745544 2016-01-09] (Dominik Reichl) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25577864 2016-03-12] (Dropbox, Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5371168 2016-03-10] (IObit) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\ScCertProp: wlnotify.dll [X] HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\Run: [360cloud] => C:\Program Files (x86)\360\360WangPan\360WangPan.exe [14513272 2016-02-18] (360.cn) HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\Run: [Advanced SystemCare 9] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2019616 2016-01-11] (IObit) HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\Run: [BlackBerryLink.exe] => C:\Program Files (x86)\Research In Motion\BlackBerry Link \BlackBerryLink.exe [1463824 2014-05-08] (Research In Motion) HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\RunOnce: [Uninstall C:\Users\master D�ll\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\master of desaster\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64" HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\RunOnce: [Uninstall C:\Users\master D�ll\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\master of desaster\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64" HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\RunOnce: [Uninstall C:\Users\master D�ll\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\master of desaster\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64" HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\RunOnce: [Uninstall C:\Users\master D�ll\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\master of desaster\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64" Lsa: [Notification Packages] scecli ACGina SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation) SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation) ShellIconOverlayIdentifiers: [ 360Cloud1] -> {39BCBD41-7296-410c-8870-7F285C7713C3} => C:\Program Files (x86)\360\360WangPan\CloudMini \360CloudShellExt64.dll [2014-04-18] (360.cn) ShellIconOverlayIdentifiers: [ 360Cloud2] -> {39BCBD42-7296-410c-8870-7F285C7713C3} => C:\Program Files (x86)\360\360WangPan\CloudMini \360CloudShellExt64.dll [2014-04-18] (360.cn) ShellIconOverlayIdentifiers: [ 360Cloud3] -> {39BCBD43-7296-410c-8870-7F285C7713C3} => C:\Program Files (x86)\360\360WangPan\CloudMini \360CloudShellExt64.dll [2014-04-18] (360.cn) ShellIconOverlayIdentifiers: [ 360Cloud4] -> {39BCBD44-7296-410c-8870-7F285C7713C3} => C:\Program Files (x86)\360\360WangPan\CloudMini \360CloudShellExt64.dll [2014-04-18] (360.cn) ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [1EldosIconOverlay] -> {A786E080-E576-469D-8A39-E1CF47517117} => C:\Windows\System32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation) ShellIconOverlayIdentifiers: [DownloadIcon] -> {A8502600-B272-4F68-A67B-A0305D46D298} => Keine Datei ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation) ShellIconOverlayIdentifiers-x32: [ 360Cloud1] -> {39BCBD41-7296-410c-8870-7F285C7713C3} => C:\Program Files (x86)\360\360WangPan\CloudMini \360CloudShellExt.dll [2014-04-18] (360.cn) ShellIconOverlayIdentifiers-x32: [ 360Cloud2] -> {39BCBD42-7296-410c-8870-7F285C7713C3} => C:\Program Files (x86)\360\360WangPan\CloudMini \360CloudShellExt.dll [2014-04-18] (360.cn) ShellIconOverlayIdentifiers-x32: [ 360Cloud3] -> {39BCBD43-7296-410c-8870-7F285C7713C3} => C:\Program Files (x86)\360\360WangPan\CloudMini \360CloudShellExt.dll [2014-04-18] (360.cn) ShellIconOverlayIdentifiers-x32: [ 360Cloud4] -> {39BCBD44-7296-410c-8870-7F285C7713C3} => C:\Program Files (x86)\360\360WangPan\CloudMini \360CloudShellExt.dll [2014-04-18] (360.cn) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [1EldosIconOverlay] -> {A786E080-E576-469D-8A39-E1CF47517117} => C:\Windows\SysWow64\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation) ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\SysWOW64\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) AutoConfigURL: [.DEFAULT] => hxxp://127.0.0.1:8445/okf.pac Tcpip\..\Interfaces\{138a9c8a-a3fa-4776-8f5d-14a9c23ae785}: [NameServer] 212.23.115.132 212.23.115.150 Tcpip\..\Interfaces\{a79c6fce-5348-4028-b0d6-9bbc4635b64e}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{b4f3ccec-8901-4d39-910c-eb142d04fd1b}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{c647e28a-b5a7-48eb-9966-19bb73eb627d}: [NameServer] 193.189.244.225 193.189.244.206 Internet Explorer: ================== HKU\S-1-5-21-2113504872-800665639-2394083016-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie HKU\S-1-5-21-2113504872-800665639-2394083016-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie HKU\S-1-5-21-2113504872-800665639-2394083016-1000\Software\Microsoft\Internet Explorer\Main,Start Page = www.hao123.com/?tn=97023167_hao_pg SearchScopes: HKLM -> DefaultScope {7BC7A817-5540-4FD0-9D36-37C2AF2DCBE1} URL = hxxp://www.sm.de/?q={searchTerms} SearchScopes: HKLM -> {7BC7A817-5540-4FD0-9D36-37C2AF2DCBE1} URL = hxxp://www.sm.de/?q={searchTerms} SearchScopes: HKU\S-1-5-21-2113504872-800665639-2394083016-1000 -> DefaultScope {B8E20CD7-BAC2-4820-9AA6-1060B3AF25E2} URL = hxxp://www.baidu.com/s? wd={searchTerms}&ie={inputEncoding}&oe={outputEncoding}&abar=2&tn=33059180_oem_dg&ch=33 SearchScopes: HKU\S-1-5-21-2113504872-800665639-2394083016-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear SearchScopes: HKU\S-1-5-21-2113504872-800665639-2394083016-1000 -> {B8E20CD7-BAC2-4820-9AA6-1060B3AF25E2} URL = hxxp://www.baidu.com/s?wd= {searchTerms}&ie={inputEncoding}&oe={outputEncoding}&abar=2&tn=33059180_oem_dg&ch=33 BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12] (IObit) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-04-19] (Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon64.dll [2016-02-01] (Qihu 360 Software Co., Ltd.) BHO: AusweisApp 1.12.0.0 -> {C9EE92B7-EDD5-4ad9-8029-2EC6818E653A} -> C:\Program Files (x86)\AusweisApp\siqeCardClientIE64.ols [2014-04-11] (OpenLimit SignCubes AG) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-04-19] (Oracle Corporation) BHO: 360ÔÆÅÌ״̬À¸ -> {FF8EF35D-7990-4DF6-A9E5-F7D548C298AE} -> C:\Program Files (x86)\360\360WangPan\CloudMini\360CloudBar64.dll [2014-04-18] (360.cn) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-04-19] (Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon.dll [2016-02-01] (Qihu 360 Software Co., Ltd.) BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection \BrowerProtect\ASCPlugin_Protection.dll [2015-07-09] (IObit) BHO-x32: AusweisApp 1.12.0.0 -> {C9EE92B7-EDD5-4ad9-8029-2EC6818E653A} -> C:\Program Files (x86)\AusweisApp\siqeCardClientIE32.ols [2014-04-11] (OpenLimit SignCubes AG) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-04-19] (Oracle Corporation) BHO-x32: 360ÔÆÅÌ״̬À¸ -> {FF8EF35D-7990-4DF6-A9E5-F7D548C298AE} -> C:\Program Files (x86)\360\360WangPan\CloudMini\360CloudBar.dll [2014-04-18] (360.cn) Toolbar: HKLM-x32 - Kein Name - {3D98AD1A-707C-4FA7-AE98-C4039B8231EB} - Keine Datei DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab FireFox: ======== FF ProfilePath: C:\Users\master of desaster\AppData\Roaming\Mozilla\Firefox\Profiles\kr4jb1f6.default FF Plugin: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-04-19] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-04-19] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-04-19] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-04-19] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2014- 05-07] () FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-17] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) FF user.js: detected! => C:\Users\master of desaster\AppData\Roaming\Mozilla\Firefox\Profiles\kr4jb1f6.default\user.js [2016-03-07] FF Extension: AusweisApp - C:\Program Files (x86)\AusweisApp\mozilla\eCardClientPIn_FFxx_Win [2014-05-20] [ist nicht signiert] FF Extension: Kein Name - C:\Users\master of desaster\AppData\Roaming\Mozilla\Firefox\Profiles\kr4jb1f6.default\extensions \iobitascsurfingprotection@iobit.com [nicht gefunden] Chrome: ======= CHR Profile: C:\Users\master of desaster\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\master of desaster\AppData\Local\Google\Chrome\User Data\Default\Extensions \nmmhkkegccagdldgiimedpiccmgmieda [2015-09-20] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [446240 2016-01-05] (IObit) R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2255064 2015-07-31] (Broadcom Corporation.) R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2014-01-21] (BlackBerry Limited) [Datei ist nicht signiert] R2 BRA_Scheduler; C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe [99328 2015-06-22] () [Datei ist nicht signiert] S3 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-10] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-10] (Dropbox, Inc.) S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [320560 2014-06-24] (Lenovo.) S3 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [413848 2015-07-16] () R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [35784 2015-10-22] (Lenovo Group Limited) S3 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [1576736 2016-03-10] (IObit) R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit) R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193144 2015-10-14] (Logitech Inc.) S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272864 2015-12-10] (Lenovo) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes) R2 OkiJaSvc; C:\Program Files\Okidata\Print Job Accounting\oklogsvc.exe [420864 2015-06-30] (Oki Data Corporation) [Datei ist nicht signiert] R2 OkiWchSvc; C:\Program Files\Okidata\Print Job Accounting\okwchsvc.exe [55808 2012-02-15] (Oki Data Corporation) [Datei ist nicht signiert] R2 opja0004; C:\Program Files\Okidata\Print Job Accounting\opja0004.exe [219136 2015-01-20] (Oki Data Corporation) [Datei ist nicht signiert] R2 OpLclSrv; C:\Program Files\Okidata\Common\Extend3\portmgrsrv.exe [182784 2014-11-20] (Oki Data Corporation) [Datei ist nicht signiert] R2 opwpisv; C:\Program Files (x86)\Okidata\Web Driver Installer\opwpisv.exe [220680 2014-11-20] (Oki Data Corporation) R2 PrintSuperVision Engine; C:\Program Files (x86)\PrintSuperVision\www\bin\PSVEngine.exe [57344 2015-09-21] (Oki Data Americas, Inc.) [Datei ist nicht signiert] R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [907384 2016-02-01] (QIHU 360 SOFTWARE CO. LIMITED) R2 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [3272656 2014-07-21] (Paramount Software UK Ltd) R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [389632 2014-05-07] (Apple Inc.) [Datei ist nicht signiert] R2 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1324544 2014-05-07] (Research In Motion Limited) [Datei ist nicht signiert] S4 sfcdpsrv; C:\Program Files (x86)\Common Files\Seagate\CDP\afcdpsrv.exe [3246040 2014-07-05] (Acronis) S4 SgtSch2Svc; C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe [1114688 2012-10-31] () S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [21536 2016-01-13] () R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255096 2015-12-21] (Synaptics Incorporated) R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [105112 2015-07-16] () R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-02] (TeamViewer GmbH) S4 ThinkVantage Registry Monitor Service; C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe [1028096 2010-08-31] (Lenovo Group Limited) [Datei ist nicht signiert] S3 TVT Backup Service; C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe [1526120 2013-09-25] (Lenovo Group Limited) S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [413848 2015-07-16] () S3 wampapache64; c:\wamp\bin\apache\apache2.4.9\bin\httpd.exe [24576 2014-05-01] (Apache Software Foundation) [Datei ist nicht signiert] S3 wampmysqld64; c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe [12942848 2014-05-01] () [Datei ist nicht signiert] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation) R2 WTGService; C:\Program Files (x86)\XSManager\WTGService.exe [327392 2012-01-14] () ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [137808 2015-11-20] (360.cn) R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [77904 2015-12-11] (360.cn) R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [77904 2016-02-01] (360.cn) R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [319568 2016-02-01] (360.cn) R1 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2014-08-01] (360.cn) R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [368720 2016-02-01] (360.cn) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21600 2013-03-14] (Advanced Micro Devices, Inc.) S3 ampa; C:\Windows\system32\ampa.sys [17008 2013-11-29] () S3 ampa; C:\Windows\SysWOW64\ampa.sys [17008 2013-11-29] () R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [181328 2015-12-11] (360.cn) R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2015-07-31] (Broadcom Corporation.) S3 blackberryncm; C:\Windows\System32\drivers\blackberryncm6_AMD64.sys [24576 2014-02-20] (BlackBerry) R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17088 2014-01-22] (Glarysoft Ltd) S3 C2XXCOM; C:\Windows\system32\DRIVERS\C2XXCOM76.sys [49920 2010-08-09] (Samsung Electronics) S3 C2xxUSB; C:\Windows\system32\DRIVERS\C2xxUSB76.sys [46080 2010-11-04] (Samsung Electronics) S3 C2xxUsbStorage; C:\Windows\system32\DRIVERS\C2xSTR76.sys [9216 2010-06-10] (Samsung Electronics) R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [352144 2012-04-09] (EldoS Corporation) S3 cmntnet; C:\Windows\System32\drivers\cmntnet.sys [141824 2014-04-18] (Wireless Data Device) S3 cmnuusbser; C:\Windows\system32\DRIVERS\cmnuusbser.sys [123904 2014-04-18] (Wireless Device) R3 e1cexpress; C:\Windows\system32\DRIVERS\e1c65x64.sys [471312 2015-07-31] (Intel Corporation) R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2011-10-05] (Ericsson AB) R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [29736 2011-10-05] (Ericsson AB) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-27] (REALiX(tm)) R3 l36wgps; C:\Windows\system32\DRIVERS\l36wgps64.sys [101416 2011-07-01] (Ericsson AB) R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech) R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.) S3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.) S3 LGSUsbFilt; C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.) R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [140672 2016-03-10] (Malwarebytes) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-03-25] (Malwarebytes) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation) R3 Mbm3CBus; C:\Windows\System32\drivers\Mbm3CBus.sys [443648 2013-04-22] (MCCI Corporation) R3 Mbm3DevMt; C:\Windows\system32\DRIVERS\Mbm3DevMt.sys [455936 2013-04-22] (MCCI Corporation) R3 Mbm3mdfl; C:\Windows\system32\DRIVERS\Mbm3mdfl.sys [22272 2013-04-22] (MCCI Corporation) R3 Mbm3Mdm; C:\Windows\system32\DRIVERS\Mbm3Mdm.sys [508160 2013-04-22] (MCCI Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [126976 2014-09-03] (Intel Corporation) R3 NETwNe64; C:\Windows\System32\drivers\NETwew01.sys [3354384 2015-08-15] (Intel Corporation) S3 PGRUSB; C:\Windows\System32\DRIVERS\PGRXHCI.sys [123392 2013-12-18] (Point Grey Research) S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2013-12-02] (BlackBerry Limited) R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2014-05-07] (Research in Motion Limited) R3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd) S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2015-06-04] () S3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [52912 2015-08-23] (Synaptics Incorporated) S3 tapoas; C:\Windows\System32\DRIVERS\tapoas.sys [30720 2010-08-03] (The OpenVPN Project) R3 Tvti2c; C:\Windows\system32\DRIVERS\Tvti2c.sys [40248 2011-05-30] (Lenovo Information Product(ShenZhen China) Inc.) S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] () U5 UnlockerDriver5; C:\Users\master\Downloads\unlocker1.9.0-portable\x64\UnlockerDriver5.sys [12352 2010-07-01] () S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation) R3 WwanUsbServ; C:\Windows\System32\drivers\WwanUsbMp64.sys [284912 2014-04-25] (Ericsson AB) S3 XHCIdrv; C:\Windows\System32\DRIVERS\XHCIdrv.sys [119720 2013-10-24] (Windows (R) Win 7 DDK provider) U3 idsvc; kein ImagePath S3 VMSVSP; \SystemRoot\system32\DRIVERS\vmswitch.sys [X] S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] U3 wpcsvc; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-03-25 15:48 - 2016-03-25 15:48 - 00033911 _____ C:\Users\master of desaster\Desktop\FRST.txt 2016-03-25 15:48 - 2016-03-25 15:48 - 00000000 ____D C:\FRST 2016-03-25 15:47 - 2016-03-25 15:48 - 02374144 _____ (Farbar) C:\Users\master of desaster\Desktop\FRST64.exe 2016-03-25 15:45 - 2016-03-25 15:45 - 00016148 _____ C:\Windows\system32\LENOVOX220_master_HistoryPrediction.bin 2016-03-25 15:45 - 2016-03-25 15:45 - 00016148 _____ C:\Windows\system32\LENOVOX220_master of desaster_HistoryPrediction.bin 2016-03-25 13:25 - 2016-03-25 15:45 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-03-25 13:25 - 2016-03-25 13:25 - 00001171 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-03-25 13:25 - 2016-03-25 13:25 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-03-25 13:25 - 2016-03-25 13:25 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-03-25 13:25 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2016-03-25 13:25 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-03-25 13:25 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2016-03-25 13:24 - 2016-03-25 13:25 - 22851472 _____ (Malwarebytes ) C:\Users\master of desaster\Downloads\mbam-setup-2.2.1.1043.exe 2016-03-25 13:18 - 2016-03-25 13:18 - 00321848 _____ (Malwarebytes Corporation) C:\Users\master of desaster\Downloads\mbam-clean-2.1.1.1001.exe 2016-03-24 14:21 - 2016-03-24 14:43 - 10814104 _____ (Dovado Europe AB) C:\Users\master\Downloads\TINY_7_3_14.exe 2016-03-24 12:17 - 2016-03-24 12:17 - 00019705 _____ C:\Users\master\Downloads\image (17).pdf 2016-03-24 11:33 - 2016-03-24 11:33 - 00257424 _____ C:\Users\master\Downloads\image (16).pdf 2016-03-24 11:33 - 2016-03-24 11:33 - 00257424 _____ C:\Users\master\Downloads\image (15).pdf 2016-03-24 10:06 - 2016-03-24 10:06 - 00140878 _____ C:\Users\master\Downloads\DHL-Marke-SDX3FGM34K.pdf 2016-03-23 17:05 - 2016-03-23 17:05 - 00144941 _____ C:\Users\master\Downloads\DHL-Marke-4RPES8HX9B.pdf 2016-03-23 16:16 - 2016-03-23 16:16 - 00266437 _____ C:\Users\master\Downloads\2309_pdf.pdf 2016-03-23 14:09 - 2016-03-23 14:09 - 00782727 _____ C:\Users\master\Downloads\rotatedpdf270.pdf 2016-03-23 14:08 - 2016-03-23 14:08 - 00779931 _____ C:\Users\master\Downloads\image (14).pdf 2016-03-23 12:41 - 2016-03-23 12:41 - 01786304 _____ C:\Users\master\Downloads\kombiniert_datei_4.pdf 2016-03-23 12:38 - 2016-03-23 12:38 - 01782645 _____ C:\Users\master\Downloads\kombiniert_datei_3.pdf 2016-03-23 12:36 - 2016-03-23 12:36 - 01785763 _____ C:\Users\master\Downloads\kombiniert_datei_2.pdf 2016-03-23 12:33 - 2016-03-23 12:33 - 01785763 _____ C:\Users\master\Downloads\kombiniert_datei.pdf 2016-03-22 19:15 - 2016-03-22 19:15 - 00001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Market Samurai.lnk 2016-03-22 19:15 - 2016-03-22 19:15 - 00001000 _____ C:\Users\Public\Desktop\Market Samurai.lnk 2016-03-22 19:15 - 2016-03-22 19:15 - 00000000 ____D C:\Program Files (x86)\Market Samurai 2016-03-21 22:20 - 2016-03-21 22:20 - 00248375 _____ C:\Users\master\Downloads\Modulliste_Caritas_022016.pdf 2016-03-20 17:42 - 2016-03-20 17:42 - 00003539 _____ C:\Users\master\AppData\Local\recently-used.xbel 2016-03-20 14:03 - 2016-03-20 14:03 - 00000000 ____D C:\Users\master of desaster\Documents\BLACKBERRY-12AB 2016-03-20 13:58 - 2016-03-20 14:03 - 00000000 ____D C:\Users\master of desaster\AppData\Roaming\Research In Motion 2016-03-20 13:58 - 2016-03-20 13:58 - 00000000 ____D C:\Users\master of desaster\Documents\BlackBerry 2016-03-20 13:58 - 2016-03-20 13:58 - 00000000 ____D C:\Users\master of desaster\AppData\Roaming\XCPCSync.OEM 2016-03-20 13:56 - 2016-03-20 13:56 - 00000000 ____D C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705} 2016-03-20 13:42 - 2016-03-20 13:42 - 00001246 _____ C:\Users\Public\Desktop\IObit Malware Fighter.lnk 2016-03-20 13:42 - 2016-03-20 13:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter 2016-03-19 21:22 - 2016-03-19 21:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-03-19 16:38 - 2016-03-19 16:38 - 00141507 _____ C:\Users\master\Downloads\DHL-Marke-9SZB5BP4S2.pdf 2016-03-19 11:14 - 2016-03-19 11:14 - 00343279 _____ C:\Users\master\Downloads\sparkasse erlangen Steuerbescheinigung_Bestaetigung.PDF 2016-03-19 09:55 - 2016-03-20 14:41 - 00000000 ____D C:\Users\master\AppData\Roaming\TeamViewer 2016-03-18 15:59 - 2016-03-18 15:59 - 00140881 _____ C:\Users\master\Downloads\Düll_Rechnung.pdf 2016-03-18 15:59 - 2016-03-18 15:59 - 00137389 _____ C:\Users\master\Downloads\image (12).pdf 2016-03-18 15:33 - 2016-03-18 15:36 - 00067584 _____ C:\Users\master\Downloads\master of desaster_Prov_180316.xls 2016-03-18 14:33 - 2016-03-18 14:33 - 11458824 _____ C:\Users\master\Downloads\Amazon_FBA_v1.7.pdf 2016-03-18 11:43 - 2016-03-18 11:43 - 00580550 _____ C:\Users\master\Downloads\HTA711_01_Bedienungsanleitung.pdf 2016-03-17 16:35 - 2016-03-17 16:35 - 00001112 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk 2016-03-17 16:35 - 2016-03-17 16:35 - 00001100 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk 2016-03-17 16:35 - 2016-03-17 16:35 - 00000000 ____D C:\Users\master of desaster\AppData\Roaming\TeamViewer 2016-03-17 16:35 - 2016-03-17 16:35 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2016-03-17 16:33 - 2016-03-17 16:34 - 09786224 _____ (TeamViewer GmbH) C:\Users\master\Downloads\TeamViewer_Setup_de-jfa.exe 2016-03-16 19:08 - 2016-03-24 09:41 - 00344832 _____ C:\Windows\system32\FNTCACHE.DAT 2016-03-16 12:41 - 2016-03-16 12:41 - 00186438 _____ C:\Users\master\Downloads\DHL-Marke-UDG9XDE43K.pdf 2016-03-14 21:16 - 2016-03-14 21:16 - 00498185 _____ C:\Users\master\Documents\FRITZ.Box 7490 113.06.51_14.03.16_2116.export 2016-03-14 11:42 - 2016-03-14 11:59 - 00151309 _____ C:\Users\master\Documents\myBetreuung_Anzeige_93_42.pdf 2016-03-14 11:34 - 2016-03-14 11:54 - 00015618 _____ C:\Users\master\Documents\myBetreuung_Anzeige_93_42.sla.autosave 2016-03-14 11:26 - 2016-03-14 11:59 - 00015899 _____ C:\Users\master\Documents\myBetreuung_Anzeige_93_42.sla 2016-03-13 22:33 - 2016-03-13 22:33 - 00073658 _____ C:\Users\master\Documents\Animated Logo Oster.pptx 2016-03-12 10:07 - 2016-03-12 10:07 - 00135580 _____ C:\Users\master\Downloads\Pearl-Retoureschein-6730999 (1).pdf 2016-03-12 09:58 - 2016-03-12 09:58 - 00135580 _____ C:\Users\master\Downloads\Pearl-Retoureschein-6730999.pdf 2016-03-10 19:47 - 2016-03-10 19:47 - 00190019 _____ C:\Users\master\Downloads\DHL-Marke-787BCMTPLN.pdf 2016-03-10 13:35 - 2016-03-10 13:35 - 00027814 _____ C:\Users\master\Downloads\11-Mobilfunk-Kuendigung.pdf 2016-03-09 16:05 - 2016-03-09 16:05 - 04643711 _____ C:\Users\master\Downloads\Testdruck_Vollflächen_OKI_c531dn_Neuzustand2016.pdf 2016-03-09 14:34 - 2016-03-09 14:34 - 00000000 ____D C:\Users\master of desaster\AppData\Local\gtk-2.0 2016-03-09 14:32 - 2016-03-09 14:32 - 00000000 ____D C:\Users\master of desaster\AppData\Local\fontconfig 2016-03-09 14:31 - 2016-03-13 11:05 - 00000000 ____D C:\Users\master of desaster\.gimp-2.8 2016-03-09 14:31 - 2016-03-09 14:31 - 00000000 ____D C:\Users\master of desaster\AppData\Local\gegl-0.2 2016-03-09 14:02 - 2016-03-09 14:02 - 00953543 _____ C:\Users\master\Downloads\List of computer-animated films - Wikipedia, the free encyclopedia.pdf 2016-03-09 11:05 - 2016-03-09 11:05 - 00000000 ____D C:\Users\master of desaster\Downloads\ger 2016-03-09 11:04 - 2016-03-09 11:05 - 10854289 _____ (A.I.SOFT,INC.) C:\Users\master of desaster\Downloads\Y09D_C1-hostm-win8-64-A1-de.EXE 2016-03-09 10:56 - 2016-03-09 10:56 - 17709823 _____ C:\Users\master of desaster\Downloads\Brother_9320_manual.pdf 2016-03-09 10:11 - 2016-03-09 10:11 - 00856870 _____ C:\Users\master\Downloads\Brother_Verbrauchsmaterialstatus.pdf 2016-03-09 10:10 - 2016-03-09 10:10 - 00853379 _____ C:\Users\master\Downloads\image (13).pdf 2016-03-09 10:09 - 2016-03-09 10:09 - 01523393 _____ C:\Users\master\Downloads\Testdruck_Brother_Einstellg_Normalpapier.pdf 2016-03-09 10:08 - 2016-03-09 10:08 - 01519900 _____ C:\Users\master\Downloads\Testdruck_Brother_Einstellg_Recyclingpapier.pdf 2016-03-09 10:00 - 2016-03-09 10:00 - 01518058 _____ C:\Users\master\Downloads\Testdruck_2.pdf 2016-03-09 09:36 - 2016-02-23 15:53 - 01314496 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2016-03-09 09:36 - 2016-02-23 15:51 - 00633184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys 2016-03-09 09:36 - 2016-02-23 15:41 - 00299600 _____ (Microsoft Corporation) C:\Windows\system32\WMASF.DLL 2016-03-09 09:36 - 2016-02-23 15:07 - 22322624 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2016-03-09 09:36 - 2016-02-23 14:23 - 00952968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2016-03-09 09:36 - 2016-02-23 14:11 - 00249976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMASF.DLL 2016-03-09 09:36 - 2016-02-23 13:38 - 20858360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2016-03-09 09:36 - 2016-02-23 13:16 - 02237952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2016-03-09 09:36 - 2016-02-23 12:55 - 24592896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-03-09 09:36 - 2016-02-23 12:45 - 12504576 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-03-09 09:36 - 2016-02-23 12:45 - 06788608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll 2016-03-09 09:36 - 2016-02-23 12:38 - 02663424 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll 2016-03-09 09:36 - 2016-02-23 12:14 - 00841728 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2016-03-09 09:36 - 2016-02-23 12:04 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe 2016-03-09 09:36 - 2016-02-23 12:02 - 03587584 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys 2016-03-09 09:36 - 2016-02-23 11:55 - 19326464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-03-09 09:36 - 2016-02-23 11:55 - 14241792 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2016-03-09 09:36 - 2016-02-23 11:51 - 00915456 _____ (Microsoft Corporation) C:\Windows\system32\configurationclient.dll 2016-03-09 09:36 - 2016-02-23 11:51 - 00678912 _____ (Microsoft Corporation) C:\Windows\system32\scapi.dll 2016-03-09 09:36 - 2016-02-23 11:48 - 21859840 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll 2016-03-09 09:36 - 2016-02-23 11:48 - 05157376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll 2016-03-09 09:36 - 2016-02-23 11:46 - 00400384 _____ (Microsoft Corporation) C:\Windows\system32\sharemediacpl.dll 2016-03-09 09:36 - 2016-02-23 11:45 - 01844736 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe 2016-03-09 09:36 - 2016-02-23 11:45 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll 2016-03-09 09:36 - 2016-02-23 11:44 - 01821696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll 2016-03-09 09:36 - 2016-02-23 11:38 - 07524864 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll 2016-03-09 09:36 - 2016-02-23 11:11 - 12589056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2016-03-09 09:36 - 2016-02-23 11:03 - 01495040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe 2016-03-09 09:36 - 2016-02-23 11:00 - 11263488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-03-09 09:36 - 2016-02-23 11:00 - 05457408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll 2016-03-09 09:36 - 2016-02-23 10:58 - 18800640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll 2016-03-09 09:35 - 2016-02-23 15:52 - 00858408 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2016-03-09 09:35 - 2016-02-23 15:51 - 00146784 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe 2016-03-09 09:35 - 2016-02-23 15:50 - 00630160 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2016-03-09 09:35 - 2016-02-23 15:48 - 08022368 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-03-09 09:35 - 2016-02-23 15:48 - 01294352 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2016-03-09 09:35 - 2016-02-23 15:48 - 01123952 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2016-03-09 09:35 - 2016-02-23 15:41 - 01150816 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2016-03-09 09:35 - 2016-02-23 15:41 - 00078040 _____ (Microsoft Corporation) C:\Windows\system32\wkscli.dll 2016-03-09 09:35 - 2016-02-23 15:40 - 00110584 _____ (Microsoft Corporation) C:\Windows\system32\srvcli.dll 2016-03-09 09:35 - 2016-02-23 15:38 - 00272752 _____ (Microsoft Corporation) C:\Windows\system32\sqmapi.dll 2016-03-09 09:35 - 2016-02-23 15:36 - 00080128 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll 2016-03-09 09:35 - 2016-02-23 15:11 - 00781984 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll 2016-03-09 09:35 - 2016-02-23 15:11 - 00658784 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll 2016-03-09 09:35 - 2016-02-23 15:11 - 00103776 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupApi.dll 2016-03-09 09:35 - 2016-02-23 15:08 - 03622272 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-03-09 09:35 - 2016-02-23 14:39 - 00607416 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe 2016-03-09 09:35 - 2016-02-23 14:30 - 01643872 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2016-03-09 09:35 - 2016-02-23 14:25 - 01085632 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2016-03-09 09:35 - 2016-02-23 14:21 - 00529456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2016-03-09 09:35 - 2016-02-23 14:21 - 00141152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe 2016-03-09 09:35 - 2016-02-23 14:11 - 00073360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srvcli.dll 2016-03-09 09:35 - 2016-02-23 14:11 - 00055808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wkscli.dll 2016-03-09 09:35 - 2016-02-23 14:09 - 00229352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqmapi.dll 2016-03-09 09:35 - 2016-02-23 14:06 - 00069232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll 2016-03-09 09:35 - 2016-02-23 13:58 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe 2016-03-09 09:35 - 2016-02-23 13:50 - 00395264 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupShim.dll 2016-03-09 09:35 - 2016-02-23 13:50 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\NetCfgNotifyObjectHost.exe 2016-03-09 09:35 - 2016-02-23 13:42 - 00658536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll 2016-03-09 09:35 - 2016-02-23 13:42 - 00467296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll 2016-03-09 09:35 - 2016-02-23 13:42 - 00078176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupApi.dll 2016-03-09 09:35 - 2016-02-23 13:39 - 02879024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2016-03-09 09:35 - 2016-02-23 13:35 - 00365568 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2016-03-09 09:35 - 2016-02-23 13:20 - 00138240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys 2016-03-09 09:35 - 2016-02-23 13:17 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll 2016-03-09 09:35 - 2016-02-23 13:15 - 00539728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe 2016-03-09 09:35 - 2016-02-23 13:15 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2016-03-09 09:35 - 2016-02-23 12:59 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\NetworkBindingEngineMigPlugin.dll 2016-03-09 09:35 - 2016-02-23 12:59 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys 2016-03-09 09:35 - 2016-02-23 12:57 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll 2016-03-09 09:35 - 2016-02-23 12:42 - 00771072 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll 2016-03-09 09:35 - 2016-02-23 12:42 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll 2016-03-09 09:35 - 2016-02-23 12:37 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetCfgNotifyObjectHost.exe 2016-03-09 09:35 - 2016-02-23 12:36 - 00281600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupShim.dll 2016-03-09 09:35 - 2016-02-23 12:25 - 00303104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2016-03-09 09:35 - 2016-02-23 12:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll 2016-03-09 09:35 - 2016-02-23 12:17 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll 2016-03-09 09:35 - 2016-02-23 12:17 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll 2016-03-09 09:35 - 2016-02-23 12:08 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll 2016-03-09 09:35 - 2016-02-23 12:03 - 00450560 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll 2016-03-09 09:35 - 2016-02-23 12:03 - 00045568 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2016-03-09 09:35 - 2016-02-23 11:45 - 00574464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll 2016-03-09 09:35 - 2016-02-23 11:45 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll 2016-03-09 09:35 - 2016-02-23 11:29 - 00043520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll 2016-03-09 09:35 - 2016-02-23 11:17 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll 2016-03-09 09:35 - 2016-02-23 11:17 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2016-03-07 19:00 - 2016-03-07 19:00 - 00144510 _____ C:\Users\master\Downloads\DHL-Marke-AP8MXGYVKA.pdf 2016-03-07 14:42 - 2016-03-07 14:42 - 00141668 _____ C:\Users\master\Downloads\DHL-Marke-3TVWT4BXTA.pdf 2016-03-07 10:04 - 2016-03-07 10:04 - 00000000 ____H C:\asc_rdflag 2016-03-06 23:22 - 2016-03-06 23:22 - 00144110 _____ C:\Users\master\Downloads\DHL-Marke-ET6R57MZ7X.pdf 2016-03-05 11:37 - 2016-03-05 11:37 - 00511469 _____ C:\Users\master of desaster\Downloads\oki_anleitung_probleme_und_lösungen_tcm3-122304.pdf 2016-03-04 22:34 - 2016-03-04 22:34 - 10854289 _____ (A.I.SOFT,INC.) C:\Users\master\Downloads\Y09D_C1-hostm-win8-64-A1-de.EXE 2016-03-04 22:34 - 2016-03-04 22:34 - 00000000 ____D C:\Users\master\Downloads\ger 2016-03-04 21:33 - 2016-03-04 21:33 - 00002085 _____ C:\Users\Public\Desktop\Web Driver Installer.lnk 2016-03-04 21:33 - 2016-03-04 21:33 - 00000132 _____ C:\Windows\ODBC.INI 2016-03-04 21:30 - 2016-03-04 21:33 - 18692296 _____ (Acresso Software Inc. ) C:\Users\master\Downloads\WDI_ALL_010505_0_tcm3-53706.exe 2016-03-04 21:29 - 2016-03-04 21:30 - 05943904 _____ (Acresso Software Inc. ) C:\Users\master\Downloads\PSHT_ALL_010204_0_tcm3-53361.exe 2016-03-04 21:26 - 2016-03-04 21:26 - 00000000 ____D C:\Program Files\Microsoft Synchronization Services 2016-03-04 21:26 - 2016-03-04 21:26 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition 2016-03-04 21:26 - 2016-03-04 21:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services 2016-03-04 21:26 - 2016-03-04 21:26 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2016-03-04 21:25 - 2016-03-04 21:26 - 00000000 ____D C:\Program Files (x86)\PrintSuperVision 2016-03-04 21:25 - 2016-03-04 21:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintSuperVision 2016-03-04 21:20 - 2016-03-04 21:25 - 13804504 _____ (Oki Data Americas, Inc.) C:\Users\master\Downloads\Oki-PSVPE-4-0-6021-2_tcm3-74854.exe 2016-03-04 21:17 - 2016-03-04 21:18 - 10471488 _____ (Acresso Software Inc. ) C:\Users\master\Downloads\PJA_WW_040410_0-cp3440_3480_tcm3-53624.exe 2016-03-04 21:17 - 2016-03-04 21:16 - 00052141 _____ C:\Windows\system32\OKDRTPRN.chm 2016-03-04 21:17 - 2016-03-04 21:16 - 00040960 _____ C:\Windows\system32\OkDPnRes.dll 2016-03-04 21:17 - 2015-03-09 12:41 - 00743704 _____ (Oki Data Corporation) C:\Windows\system32\OkDrtPrn.exe 2016-03-04 21:17 - 2014-10-13 18:01 - 00267264 _____ (Oki Data Corporation) C:\Windows\system32\OkDrtPrn.dll 2016-03-04 21:17 - 2014-07-11 15:25 - 00005120 _____ (Oki Data Corporation) C:\Windows\system32\okComDLL.dll 2016-03-04 21:17 - 2012-05-28 16:54 - 00004096 _____ (Oki Data Corporation) C:\Windows\system32\fxComDLL.dll 2016-03-04 21:17 - 2012-05-28 16:54 - 00004096 _____ (Oki Data Corporation) C:\Windows\system32\efComDLL.dll 2016-03-04 21:15 - 2016-03-04 21:16 - 06816512 _____ (Acresso Software Inc. ) C:\Users\master\Downloads\PDFP_ALL_040200_1_tcm3-53582.exe 2016-03-04 21:13 - 2016-03-04 21:13 - 00000000 ____D C:\Users\master\Downloads\CT_010621_0-0-ALWEB163025 2016-03-04 21:12 - 2016-03-04 21:15 - 05769392 _____ (Acresso Software Inc. ) C:\Users\master\Downloads\NETX_ALL_0103010_0_tcm3-53403.exe 2016-03-04 21:00 - 2016-03-04 21:11 - 26799640 _____ C:\Users\master\Downloads\CT_010621_0-0-ALWEB163025_tcm3-124644.exe 2016-03-04 20:50 - 2016-03-04 20:59 - 85424184 _____ (Acresso Software Inc. ) C:\Users\master\Downloads\CCU_021900_1_tcm3-53252.exe 2016-03-04 20:42 - 2016-03-04 21:33 - 00000000 ____D C:\Program Files (x86)\Okidata 2016-03-04 20:42 - 2016-03-04 20:42 - 00002093 _____ C:\Users\Public\Desktop\Template Manager.lnk 2016-03-04 20:42 - 2016-03-04 20:42 - 00000000 ____D C:\Users\master of desaster\Documents\Template Manager 2016-03-04 20:42 - 2016-03-04 20:42 - 00000000 ____D C:\ProgramData\Template Manager 2016-03-04 20:37 - 2016-03-04 20:41 - 31060384 _____ (Acresso Software Inc. ) C:\Users\master\Downloads\TM_040408_0_tcm3-74981.exe 2016-03-04 17:41 - 2016-03-04 17:41 - 00013449 _____ C:\Users\master\Downloads\Nivea_Deo.pdf 2016-03-04 12:37 - 2016-03-20 18:34 - 00018376 _____ C:\Users\master\Documents\mybetreuung_brosch_8s-01.sla.autosave 2016-03-04 12:20 - 2016-03-04 12:21 - 00005596 _____ C:\Users\master\Documents\mybetreuung_brosch_8s-01.pdf 2016-03-04 12:04 - 2016-03-04 12:04 - 17410183 _____ C:\Users\master\Downloads\eci_offset_2009.zip 2016-03-04 12:04 - 2016-03-04 12:04 - 00000000 ____D C:\Users\master\Downloads\eci_offset_2009 2016-03-04 11:55 - 2016-03-20 18:38 - 00018376 _____ C:\Users\master\Documents\mybetreuung_brosch_8s-01.sla 2016-03-03 22:57 - 2016-03-03 22:57 - 00138866 _____ C:\Users\master\Downloads\DHL-Marke-QC6TNAVEEC.pdf 2016-03-03 17:51 - 2016-03-03 17:51 - 00099768 _____ C:\Users\master\Downloads\Kreditkartenabrechnung-2016-02-03.pdf 2016-03-03 14:29 - 2015-05-05 10:15 - 00004329 _____ C:\Windows\system32\opnedef.str 2016-03-03 14:29 - 2015-04-02 18:07 - 00143360 _____ (Oki Data Corporation) C:\Windows\system32\opnetext.dll 2016-03-03 14:29 - 2012-01-05 12:21 - 00005832 _____ C:\Windows\system32\license.txt 2016-03-03 14:29 - 2011-11-03 17:37 - 00010359 _____ C:\Windows\SysWOW64\opnetext.hlp 2016-03-03 14:29 - 2011-11-03 17:37 - 00010359 _____ C:\Windows\system32\OPNETEXT.HLP 2016-03-03 14:29 - 2011-11-03 17:37 - 00000141 _____ C:\Windows\SysWOW64\opnetext.cnt 2016-03-03 14:29 - 2011-11-03 17:37 - 00000141 _____ C:\Windows\system32\opnetext.cnt 2016-03-03 14:29 - 2011-11-03 17:37 - 00000000 _____ C:\Windows\SysWOW64\opnetext.gid 2016-03-03 14:29 - 2011-11-03 17:37 - 00000000 _____ C:\Windows\system32\OPNETEXT.GID 2016-03-03 14:27 - 2016-03-03 14:27 - 00000042 _____ C:\Windows\okiopt.dat 2016-03-03 14:27 - 2016-03-03 14:27 - 00000000 ____D C:\ProgramData\Okidata 2016-03-03 14:22 - 2016-03-04 21:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Okidata 2016-03-03 14:22 - 2016-03-04 21:30 - 00000000 ____D C:\Program Files\Okidata 2016-03-03 14:21 - 2009-06-25 19:00 - 00027648 _____ (Oki Data Corporation) C:\Windows\system32\OKLMON64.DLL 2016-03-03 11:27 - 2016-03-03 11:27 - 00017880 _____ C:\Users\master\Downloads\Paketschein_46063035005_Print_Klex_GmbH_030316.pdf 2016-03-03 09:49 - 2016-03-03 09:49 - 00045364 _____ C:\Users\master\Downloads\boss_Faxspam4.tif 2016-03-03 00:15 - 2016-03-03 00:15 - 00143776 _____ C:\Users\master\Downloads\DHL-Marke-5H55R8L77H.pdf 2016-03-02 18:23 - 2016-03-02 18:23 - 00146306 _____ C:\Users\master\Downloads\DHL-Marke-XZKQWCZ96K.pdf 2016-03-02 09:40 - 2016-03-02 09:40 - 00141454 _____ C:\Users\master\Downloads\DHL-Marke-3452XB936R.pdf 2016-02-29 10:08 - 2016-02-29 10:08 - 00140833 _____ C:\Users\master\Downloads\DHL-Marke-BAB446PRV9.pdf 2016-02-28 22:10 - 2016-02-28 22:10 - 00140025 _____ C:\Users\master\Downloads\DHL-Marke-P239D3DKZ4.pdf 2016-02-27 13:38 - 2016-02-27 13:38 - 00561539 _____ C:\Users\master\Downloads\Kozłowska Janina (1).pdf 2016-02-27 13:35 - 2016-02-27 13:35 - 00561539 _____ C:\Users\master\Downloads\Kozłowska Janina.pdf 2016-02-27 13:31 - 2016-02-27 13:31 - 00023524 _____ C:\Users\master\Downloads\Arbeitszeugnis.pdf 2016-02-27 11:57 - 2016-02-27 11:57 - 00000000 ____D C:\Users\master\Downloads\145307-Advertisement 2016-02-27 11:56 - 2016-02-27 11:56 - 00332234 _____ C:\Users\master\Downloads\145307-Advertisement.tar.gz 2016-02-26 16:52 - 2016-02-26 16:52 - 00000000 ____D C:\Users\master\AppData\Roaming\LSC 2016-02-26 08:41 - 2016-02-26 08:41 - 00002064 _____ C:\Users\Public\Desktop\Lenovo Solution Center.lnk 2016-02-24 22:27 - 2016-02-24 22:27 - 00493522 _____ C:\Users\master\Downloads\FRITZ.Box 7490 113.06.50_24.02.16_2227.export ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-03-25 15:46 - 2015-06-21 12:40 - 00000000 ___RD C:\Users\master of desaster\Dropbox 2016-03-25 15:46 - 2015-06-10 09:25 - 00000000 ____D C:\Users\master of desaster\AppData\Local\Dropbox 2016-03-25 15:45 - 2015-07-31 11:07 - 00000000 ___RD C:\Users\master\OneDrive 2016-03-25 15:45 - 2015-06-10 09:25 - 00001222 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job 2016-03-25 15:45 - 2015-05-20 22:33 - 00000000 ____D C:\Users\master\AppData\Roaming\KeePass 2016-03-25 15:43 - 2014-06-19 09:43 - 00000000 ____D C:\Users\master\AppData\LocalLow\360WD 2016-03-25 15:39 - 2015-07-17 10:38 - 00000596 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2113504872-800665639-2394083016-1003.job 2016-03-25 15:38 - 2015-06-10 09:25 - 00001226 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job 2016-03-25 15:37 - 2015-07-31 10:52 - 02094386 _____ C:\Windows\system32\PerfStringBackup.INI 2016-03-25 15:37 - 2015-07-10 17:34 - 00892680 _____ C:\Windows\system32\perfh007.dat 2016-03-25 15:37 - 2015-07-10 17:34 - 00198382 _____ C:\Windows\system32\perfc007.dat 2016-03-25 15:37 - 2015-07-10 12:02 - 00000000 ____D C:\Windows\INF 2016-03-25 15:33 - 2013-12-12 21:09 - 00000000 ___RD C:\Users\master\Dropbox 2016-03-25 15:33 - 2013-12-12 21:07 - 00000000 ____D C:\Users\master\AppData\Roaming\Dropbox 2016-03-25 15:32 - 2015-07-10 13:21 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-03-25 15:30 - 2015-07-10 10:05 - 08126464 ___SH C:\Windows\system32\config\BBI 2016-03-25 15:06 - 2015-07-17 10:38 - 00000692 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-2113504872-800665639-2394083016-1003.job 2016-03-25 13:32 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\AppReadiness 2016-03-25 13:27 - 2016-01-30 00:25 - 00004174 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{C056573A-C45D-4CC7-A3F2-82D62D93D2E1} 2016-03-25 13:15 - 2014-08-10 12:10 - 00000000 ____D C:\Users\master of desaster\AppData\LocalLow\360WD 2016-03-25 12:59 - 2016-02-08 17:52 - 00000448 __RSH C:\ProgramData\ntuser.pol 2016-03-25 12:57 - 2016-02-19 12:11 - 00002474 _____ C:\Windows\System32\Tasks\ASC9_SkipUac_master of desaster 2016-03-25 12:57 - 2016-02-19 12:11 - 00000274 _____ C:\Windows\Tasks\ASC9_SkipUac_master of desaster.job 2016-03-25 12:46 - 2013-12-25 17:21 - 00000000 ____D C:\Users\master\AppData\Roaming\vlc 2016-03-25 11:43 - 2015-07-10 12:04 - 00000000 ___HD C:\Program Files\WindowsApps 2016-03-25 11:42 - 2015-08-16 14:50 - 00004164 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{CDC91857-6445-4164-AA74-16D99DDC4E7A} 2016-03-23 15:32 - 2015-07-17 10:38 - 00003854 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-2113504872-800665639-2394083016-1003 2016-03-23 15:32 - 2015-07-17 10:38 - 00003758 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-2113504872-800665639-2394083016-1003 2016-03-22 23:57 - 2015-04-02 20:22 - 00000000 ____D C:\Users\master\.gimp-2.8 2016-03-22 13:59 - 2016-02-19 12:11 - 00002236 _____ C:\Users\Public\Desktop\Advanced SystemCare 9.lnk 2016-03-21 20:57 - 2015-11-11 17:54 - 00000000 ____D C:\ProgramData\ProductData 2016-03-21 19:30 - 2014-12-19 17:03 - 00000000 ____D C:\Users\master\Documents\_myBetreuung24 2016-03-20 17:14 - 2015-04-02 20:28 - 00000000 ____D C:\Users\master\AppData\Local\gtk-2.0 2016-03-20 15:55 - 2014-06-18 09:35 - 00000000 ____D C:\Users\master\AppData\Roaming\360CloudUI 2016-03-20 14:51 - 2014-06-18 09:35 - 00000000 ____D C:\Users\master of desaster\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\360安全中心 2016-03-20 14:51 - 2014-06-18 09:34 - 00000000 ____D C:\Program Files (x86)\360 2016-03-20 13:42 - 2014-12-25 18:37 - 00000000 ____D C:\ProgramData\IObit 2016-03-19 21:22 - 2015-06-10 09:25 - 00000000 ____D C:\Program Files (x86)\Dropbox 2016-03-13 11:03 - 2016-02-19 12:11 - 00002494 _____ C:\Windows\System32\Tasks\ASC9_PerformanceMonitor 2016-03-13 11:03 - 2015-11-11 18:03 - 00002588 _____ C:\Windows\System32\Tasks\CreateExplorerShellUnelevatedTask 2016-03-13 11:03 - 2015-07-31 14:04 - 00002444 _____ C:\Users\master of desaster\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-03-13 11:03 - 2015-07-31 14:04 - 00000000 ___RD C:\Users\master of desaster\OneDrive 2016-03-13 11:03 - 2015-04-20 16:52 - 00002954 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2016-03-11 17:47 - 2015-12-14 11:37 - 00002429 _____ C:\Users\master\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-03-11 12:50 - 2015-07-10 11:55 - 00000000 ____D C:\Windows\CbsTemp 2016-03-09 18:37 - 2015-08-18 21:03 - 00333824 ___SH C:\Users\master\Downloads\Thumbs.db 2016-03-09 14:34 - 2015-07-31 16:18 - 00000000 ____D C:\Users\master of desaster\AppData\Roaming\KeePass 2016-03-09 14:31 - 2015-07-31 10:53 - 00000000 ____D C:\Users\master of desaster 2016-03-09 11:25 - 2015-07-31 11:04 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-03-09 11:13 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files\Windows Portable Devices 2016-03-09 11:13 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files\Windows Multimedia Platform 2016-03-09 11:13 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices 2016-03-09 11:13 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform 2016-03-09 10:52 - 2015-04-20 16:52 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-03-09 10:00 - 2013-12-12 16:28 - 00000000 ____D C:\Windows\system32\MRT 2016-03-09 09:51 - 2013-12-12 16:28 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2016-03-08 08:10 - 2015-07-10 12:06 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-03-08 08:10 - 2015-07-10 12:06 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-03-07 12:27 - 2013-12-12 14:12 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-03-07 12:27 - 2013-12-12 14:12 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-03-07 10:04 - 2016-02-12 13:05 - 99684352 _____ C:\Windows\system32\config\SOFTWARE.iodefrag.bak 2016-03-07 10:04 - 2016-02-12 13:05 - 00491520 _____ C:\Windows\system32\config\DEFAULT.iodefrag.bak 2016-03-07 10:04 - 2016-02-12 13:05 - 00073728 _____ C:\Windows\system32\config\SAM.iodefrag.bak 2016-03-07 10:04 - 2016-02-12 13:05 - 00040960 _____ C:\Windows\system32\config\SECURITY.iodefrag.bak 2016-03-07 10:04 - 2015-07-31 10:53 - 00000000 ____D C:\Users\master 2016-03-07 10:04 - 2014-06-20 08:58 - 00000000 _RSHD C:\360SANDBOX 2016-03-06 11:06 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\rescache 2016-03-04 22:51 - 2015-01-23 10:25 - 00001222 _____ C:\Users\Public\Desktop\360 Total Security.lnk 2016-03-04 22:51 - 2014-08-10 13:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center 2016-03-04 21:34 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\SysWOW64\inetsrv 2016-03-04 21:34 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\system32\inetsrv 2016-03-04 21:34 - 2015-07-10 12:01 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspperf.dll 2016-03-04 21:34 - 2015-07-10 12:00 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\aspperf.dll 2016-03-04 21:33 - 2013-12-12 22:35 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-03-04 20:41 - 2015-11-23 21:00 - 00000000 ____D C:\Users\master\AppData\Roaming\InstallShield Installation Information 2016-03-04 12:06 - 2015-01-23 14:44 - 00000000 ____D C:\Users\master\AppData\Roaming\Scribus 2016-03-03 14:21 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\Web 2016-03-03 09:52 - 2015-11-15 11:06 - 00000734 _____ C:\Users\master\Downloads\Boch_Faxspam_Addr.txt 2016-02-27 20:20 - 2015-07-10 12:04 - 00000000 ____D C:\Windows\system32\NDF 2016-02-26 08:41 - 2014-03-26 17:06 - 00000000 ____D C:\Windows\System32\Tasks\Lenovo 2016-02-26 08:41 - 2013-12-12 13:14 - 00000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools 2016-02-26 08:41 - 2013-12-12 13:14 - 00000000 ____D C:\Program Files (x86)\Lenovo 2016-02-26 08:40 - 2014-01-01 13:18 - 00000000 ____D C:\Windows\Downloaded Installations 2016-02-26 08:40 - 2013-12-12 13:14 - 00000000 ____D C:\ProgramData\Lenovo ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-12-01 17:40 - 2015-12-01 17:52 - 508961890 _____ () C:\Program Files\PhotoDirector5_Deluxe_win_mac.zip 2014-09-18 10:57 - 2014-09-13 12:29 - 7885584 _____ (360安全中心) C:\Program Files (x86)\360DrvMgrInstaller_2.0.0.1040.exe 2014-06-19 22:30 - 2014-06-19 22:30 - 0120996 _____ () C:\Users\master of desaster\AppData\Local\ars.cache 2014-06-19 22:30 - 2014-06-19 22:30 - 0272862 _____ () C:\Users\master of desaster\AppData\Local\census.cache 2015-05-27 15:21 - 2015-05-27 15:21 - 0121768 _____ () C:\Users\master of desaster\AppData\Local\extension_1_1_0_2.crx 2014-06-19 14:55 - 2014-06-19 14:55 - 0000036 _____ () C:\Users\master of desaster\AppData\Local\housecall.guid.cache 2014-09-23 11:41 - 2015-08-09 12:51 - 0007626 _____ () C:\Users\master of desaster\AppData\Local\Resmon.ResmonCfg 2015-11-23 23:12 - 2015-11-23 23:12 - 0000016 _____ () C:\ProgramData\mntemp 2015-11-23 23:12 - 2015-11-23 23:12 - 0005054 _____ () C:\ProgramData\mtbjfghn.xbe Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\master\setup_Pixum_Fotobuch.exe Einige Dateien in TEMP: ==================== C:\Users\master\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzdbnja.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-03-19 06:55 ==================== Ende von FRST.txt ============================ |
|
25.03.2016, 15:59
| #6 |
| | Net Command ?Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von master of desaster (2016-03-25 15:49:10)
Gestartet von C:\Users\master of desaster\Desktop
Windows 10 Pro (X64) (2015-07-31 10:04:31)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2113504872-800665639-2394083016-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2113504872-800665639-2394083016-503 - Limited - Disabled)
Gast (S-1-5-21-2113504872-800665639-2394083016-501 - Limited - Disabled)
master (S-1-5-21-2113504872-800665639-2394083016-1003 - Limited - Enabled) => C:\Users\Hermann
master of desaster (S-1-5-21-2113504872-800665639-2394083016-1000 - Administrator - Enabled) => C:\Users\master of desaster
HomeGroupUser$ (S-1-5-21-2113504872-800665639-2394083016-1031 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: IObit Malware Fighter (Disabled - Out of date) {4D381C57-3C7A-6F22-07EB-639F49E836D4}
AV: 360 Total Security (Enabled - Up to date) {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}
AS: 360 Total Security (Enabled - Up to date) {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Disabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 8.2.0.1098 - 360 Security Center)
360云盘 (HKLM-x32\...\360云盘(网盘版)) (Version: 6.5.5.1260 - 360安全中心)
360看图 (HKLM-x32\...\360网络相册) (Version: 1.0.1.1050 - 360安全中心)
7-PDF Printer 10.10.0.2307 (HKLM\...\7-PDF Printer_is1) (Version: 10.10.0.2307 - 7-PDF, Germany - Th. Hodes)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.176 - Adobe Systems Incorporated)
Advanced SystemCare 9 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 9.1.0 - IObit)
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 6.73.01 - )
AOMEI Partition Assistant Pro Edition 5.5 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-5498165BF300}_is1) (Version: - AOMEI Technology Co., Ltd.)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
AusweisApp (HKLM-x32\...\{BA6CDB7A-F5D7-4341-99E1-1FF0AAEAF1D8}) (Version: 1.13.0 - OpenLimit SignCubes AG)
Biet-O-Matic v2.14.12 (HKLM-x32\...\Biet-O-Matic v2.14.12) (Version: 2.14.12 - BOM Development Team)
BlackArmor Discovery (HKLM-x32\...\InstallShield_{B52480BF-CCED-4DD4-8DC2-28BB750D703E}) (Version: 1.20.0931.004 - Seagate)
BlackArmor Discovery (x32 Version: 1.20.0931.004 - Seagate) Hidden
BlackBerry Link (HKLM-x32\...\BlackBerry_10_Desktop) (Version: 1.2.3.48 - BlackBerry Ltd.)
BlackBerry Link (x32 Version: 1.2.3.48 - BlackBerry Ltd.) Hidden
Bonjour (HKLM\...\{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}) (Version: 2.0.4.0 - Apple Inc.)
BRAdmin Professional 3 (HKLM-x32\...\{75C885D4-C758-4896-A3B4-90DA34B44C31}) (Version: 3.61.0000 - Brother)
Citrix Online Launcher (HKLM-x32\...\{DB014C85-A264-4BCA-A66F-6DD1FCF8EC36}) (Version: 1.0.335 - Citrix)
Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.44.0 - Conexant)
CyberLink PhotoDirector 5 (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.6312.0 - CyberLink Corp.)
CyberLink PhotoDirector 5 (Version: 5.0.6312.0 - Ihr Firmenname) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.16.1 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.33 - Dropbox, Inc.) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.0.20150113 - Landesfinanzdirektion Thüringen)
Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.65.2 - Lenovo Group Limited)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Evernote v. 5.8.12 (HKLM-x32\...\{C5F59C16-1EA5-11E5-AF29-0050569584E9}) (Version: 5.8.12.8127 - Evernote Corp.)
FFmpeg (Windows) for Audacity Version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
FormatFactory 3.3.5.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.5.0 - Format Factory)
Free Screen Video Recorder version 3.0.4.713 (HKLM-x32\...\Free Screen Video Recorder_is1) (Version: 3.0.4.713 - DVDVideoSoft Ltd.)
FRITZ!Box-Fernzugang einrichten (HKLM-x32\...\{EFADD989-D9F2-49F6-A280-675951CC78D3}) (Version: 1.0.3 - AVM Berlin)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Glary Utilities PRO 4.5 (HKLM-x32\...\Glary Utilities 4) (Version: 4.5.0.89 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.75 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.15) (Version: 9.15 - Artifex Software Inc.)
HDR projects 2 (64-Bit) (HKLM\...\HDR_PROJECTS_2_2_3BF7CE82_is1) (Version: 2.26 - Franzis Verlag GmbH)
Icecream PDF Split and Merge Version 3.02 (HKLM-x32\...\{95DC4DB4-99FB-4FB2-ADBD-97F194EDEB4D}_is1) (Version: 3.02 - Icecream Apps)
Intel Driver Update Utility (HKLM-x32\...\{ca4bc3a8-b99c-4416-90d8-351a8ceab458}) (Version: 2.2.0.2 - Intel)
Intel(R) Driver Update Utility 2.2 (x32 Version: 2.2.0.1 - Intel) Hidden
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 16.8 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IObit Malware Fighter 4 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 4.0 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.2.1.126 - IObit)
Ipswitch WS_FTP 12 (HKLM-x32\...\{AD88355B-A4E0-4DA1-BAC3-EA4FEA930691}) (Version: 12.3 - Ipswitch)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 7 Update 80 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417080FF}) (Version: 7.0.800 - Oracle)
Java 7 Update 80 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217080FF}) (Version: 7.0.800 - Oracle)
KeePass Password Safe 2.31 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.31 - Dominik Reichl)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Lenovo Patch Utility 64 bit (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.10.15 - Lenovo)
Lenovo Service Bridge (HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\cbe8636f7dd0cf1d) (Version: 1.6.2.0 - Lenovo)
Lenovo Solution Center (HKLM\...\{4386A5EF-BD23-49F4-9DAD-CD76B4F6A8BF}) (Version: 2.8.006.00 - Lenovo Group Limited)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.051.00 - Lenovo)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0022 - Lenovo)
LibreOffice 5.0.4.2 (HKLM-x32\...\{14B5DDCF-61C4-4F1E-A621-844685D60B5A}) (Version: 5.0.4.2 - The Document Foundation)
Logitech Gaming Software 8.75 (HKLM\...\Logitech Gaming Software) (Version: 8.75.30 - Logitech Inc.)
Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 5.3 - Paramount Software (UK) Ltd.)
Macrium Reflect Free Edition (Version: 5.3.7170 - Paramount Software (UK) Ltd.) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Market Samurai (HKLM-x32\...\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1) (Version: 0.93.89 - Alliance Software Pty Ltd)
Market Samurai (x32 Version: 0.93.89 - Alliance Software Pty Ltd) Hidden
Mein CEWE FOTOBUCH (HKLM-x32\...\Mein CEWE FOTOBUCH) (Version: 6.0.4 - CEWE Stiftung u Co. KGaA)
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft Office Home and Student 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Pro Photo Tools (HKLM-x32\...\{A05CF147-BEED-4880-BF9B-4EAF22C77FFD}) (Version: 2.2 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{4fd02573-5f12-4ae4-8027-c63f8e1115af}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 11.302.06.07.40 - Huawei Technologies Co.,Ltd)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.1.0 - Vitalwerks Internet Solutions LLC)
OKI Alert Info (HKLM-x32\...\{9427081E-AC7E-49D4-964F-E2E27C7175BF}) (Version: 1.3.6 - Okidata)
OKI Color Correct Utility (HKLM-x32\...\{5D729200-F340-4A74-A1E9-32387CDC63EF}) (Version: 2.19.0 - Okidata)
OKI Color Swatch-Dienstprogramm (HKLM-x32\...\{A344F95E-E51A-450C-8F84-C940BF61903E}) (Version: 2.1.11 - Okidata)
OKI Configuration Tool (HKLM-x32\...\{0F55DD09-15EC-4F5D-B517-94852884AEF5}) (Version: 1.6.21 - Okidata)
OKI Device Setting (HKLM-x32\...\{D4E9C626-14A8-4AEB-92F3-BE65EC4CFAEF}) (Version: 1.6.20 - Okidata)
OKI Network Extension (HKLM-x32\...\{38ADB9A6-798C-11D6-A855-00105A80791C}) (Version: 1.00.000 - Okidata)
OKI Network Setting (HKLM-x32\...\{099DE9EF-2781-4A72-BD0F-53AAC78A93B2}) (Version: 1.0.7 - Okidata)
OKI PDF Print Direct (HKLM-x32\...\{2CA86624-3491-4B2D-B64E-01D2D25AA732}) (Version: 4.2.0 - Okidata)
OKI Print Job Accounting (HKLM-x32\...\{17190520-1717-11D5-A854-00105A80791C}) (Version: 1.00.000 - Okidata)
OKI PS Gamma Adjuster (HKLM-x32\...\{8F93941C-2ECF-40C6-A0AC-D0BE40E7911E}) (Version: 1.2.4 - Okidata)
OKI Storage Manager (HKLM-x32\...\{C7BCF2EA-4AE1-4AF0-9EAB-2252015C4DF2}) (Version: 1.0.12 - Okidata)
OKI User Setting (HKLM-x32\...\{C8244493-32A4-4275-8145-D16FFE1D8E36}) (Version: 1.4.13 - Okidata)
OKI Web Driver Installer (HKLM-x32\...\{5F218892-184E-4F22-B757-317224835A63}) (Version: 1.5.5 - Okidata)
Opera Stable 30.0.1835.125 (HKLM-x32\...\Opera 30.0.1835.125) (Version: 30.0.1835.125 - Opera Software)
paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pixum Fotobuch (HKLM-x32\...\Pixum Fotobuch) (Version: 5.1.7 - CEWE Stiftung u Co. KGaA)
Pixum Fotowelt (HKLM-x32\...\Pixum Fotowelt) (Version: 6.0.4 - CEWE Stiftung u Co. KGaA)
PresentationTube Recorder 3.0 (HKLM-x32\...\{91F8441B-E7A7-4513-9D7C-080B643D2FD6}_is1) (Version: 3.0 - PresentationTube)
PrintSuperVision 4.0.6021.2 (HKLM-x32\...\{BB14497F-0E1B-4E79-8B02-DEC377154856}) (Version: 4.0.6021.2 - Oki Data Americas, Inc.)
Rescue and Recovery (HKLM-x32\...\{BDB3E73F-5ECA-441D-96E1-F1CFCF3D427D}) (Version: 4.52.0005.00 - Lenovo Group Limited)
Samsung Connection Manager (HKLM-x32\...\{F3F95061-0427-4386-AB03-1556CBE52927}) (Version: 112.6 - Samsung Electronics)
Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 3.0 - Samsung)
ScanIt (HKLM-x32\...\{B6302A53-A66D-4DD0-994F-BB8DD7C6CF97}) (Version: 2.0.0.1 - JBSoftware)
SCL011 Contactless Reader (HKLM-x32\...\{101A21B2-E102-4F64-A7FA-CEF7182D0E2D}) (Version: 1.01 - SCM Microsystems)
Scribus 1.4.4 (64bit) (HKLM\...\Scribus 1.4.4) (Version: 1.4.4 - The Scribus Team)
Sdrive (HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\Sdrive) (Version: 1.0.5.0 - Seagate Technology LLC)
Sdrive CBFS (HKLM-x32\...\Sdrive CBFS) (Version: 3.2.107.0 - Seagate Technology LLC)
Seagate BlackArmor Backup 2011 (HKLM-x32\...\{5607090E-B8B1-4E1E-ADA2-426522CED33C}) (Version: 14.0.4076 - Seagate)
Seagate NAS Discovery (HKLM-x32\...\{58053C71-35D9-4F16-9E5A-50C97504B2D0}) (Version: 1.00.0020 - Seagate)
Seagate Network Assistant (HKLM\...\{BA94B525-1469-4E00-AFE4-50ADEB8B3993}_is1) (Version: 1.2.1 - Seagate)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
Should I Remove It (HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\Should I Remove It 1.0.4) (Version: 1.0.4 - Reason Software Company Inc.)
Should I Remove It (x32 Version: 1.0.4 - Reason Software Company Inc.) Hidden
Site Visualizer Professional 1.5.10 (HKLM-x32\...\Site Visualizer Professional_is1) (Version: 1.5.10 - Elphsoft)
Sublime Text 2.0.2 (HKLM\...\Sublime Text 2_is1) (Version: - )
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.3 - IObit)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.27 - Synaptics Incorporated)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.56083 - TeamViewer)
Template Manager (HKLM-x32\...\{D360A313-4656-4A1F-929A-243F668C12DA}) (Version: 4.4.8.0 - Okidata)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.3200 - Broadcom Corporation)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.42 - )
ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 6.25.65 - Lenovo)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Video to Picture (HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\VideoToPicture) (Version: - Watermark Software. All Rights Reserved.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WampServer 2.5 (HKLM-x32\...\WampServer 2_is1) (Version: - Hervé Leclerc (HeL))
Webocton - Scriptly 0.8.95.6 (HKLM-x32\...\Webocton - Scriptly_is1) (Version: 0.8.95.6 - Webocton)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - Broadcom (BTHUSB) Bluetooth (04/08/2010 6.3.5.430) (HKLM\...\DE7217D2A8B057F15EC6E52329FDAB84231521E8) (Version: 04/08/2010 6.3.5.430 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows-Treiberpaket - FTDI CDM Driver Package - Bus/D2XX Driver (01/18/2013 2.08.28) (HKLM\...\9E24492CE9279512BD465F61DB8523641BB7BBFC) (Version: 01/18/2013 2.08.28 - FTDI)
Windows-Treiberpaket - FTDI CDM Driver Package - VCP Driver (01/18/2013 2.08.28) (HKLM\...\E61B77ECE57113AE1CA028BC7A8AD6C137BD13DD) (Version: 01/18/2013 2.08.28 - FTDI)
Windows-Treiberpaket - FTDI FTDI D2XX (03/21/2011 2.08.14) (HKLM\...\D6BC3CBE8968CB6351105F9D2EEC52CE24F2C99D) (Version: 03/21/2011 2.08.14 - FTDI)
Windows-Treiberpaket - FTDI FTDI VCP (03/20/2011 2.08.14) (HKLM\...\9FCA89337DAC5D4196D98BF2F17E831E1EE83336) (Version: 03/20/2011 2.08.14 - FTDI)
Windows-Treiberpaket - MPP FTDI MPP FTDI D2XX (05/23/2013 2.08.28) (HKLM\...\7179001CFD2B32971C9902F02EA01225C83D6181) (Version: 05/23/2013 2.08.28 - MPP FTDI)
Windows-Treiberpaket - MPP FTDI MPP FTDI VCP (05/23/2013 2.08.28) (HKLM\...\1D76E4AE71F40C949254202D92503849C8E9BF6E) (Version: 05/23/2013 2.08.28 - MPP FTDI)
Windows-Treiberpaket - MPP USB CDC Virtual COM Port (05/23/2013 2.0.0) (HKLM\...\66DD18691EC6886B537A726978F65EF1E8D2D83C) (Version: 05/23/2013 2.0.0 - MPP)
Windows-Treiberpaket - MPP USB CDC Virtual COM Port (09/16/2011 1.5.0) (HKLM\...\6D3D1B84986E536339ED6F2B2A381D13597CD69C) (Version: 09/16/2011 1.5.0 - MPP)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
XSManager (HKLM-x32\...\XSManager) (Version: 3.0 - XSManager)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2113504872-800665639-2394083016-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\master of desaster\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {00AD2B19-E0F1-4598-B8F6-FB81D7D0C95B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {0148D66F-4402-478C-981D-4DD1E7CF5046} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {0362078B-8A5D-4076-8502-214291637CA0} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe [2014-06-24] (Lenovo Group Limited)
Task: {130F3993-0806-4245-83F5-AAB974269AE6} - System32\Tasks\Lenovo\LSC\LSCTaskService => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCTaskService.exe [2015-12-10] (Lenovo)
Task: {1B340F71-B5C5-4759-9DB2-B3BE418D496F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {1E512CAA-8FBA-4F0E-85C2-79FD59D7CD53} - System32\Tasks\GlaryInitialize 4 => C:\Program Files\GlaryUtilitiesPRO44\Glary Utilities 4\Initialize.exe [2014-01-22] (Glarysoft Ltd)
Task: {2CA72F58-C84E-4F09-A444-AA58BC6F5262} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {2D0C4A97-E354-489C-A4F2-EA05FA4D6E2C} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-10] (Dropbox, Inc.)
Task: {314267E5-0ECD-469E-ADB2-FED09B68FDED} - System32\Tasks\googleupdatetaskmachinecore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-09] (Google Inc.)
Task: {3283DBA3-D400-40B8-86DC-34C1D39EAD21} - System32\Tasks\G2MUpdateTask-S-1-5-21-2113504872-800665639-2394083016-1003 => C:\Users\Hermann\AppData\Local\Citrix\GoToMeeting\4670\g2mupdate.exe [2016-03-23] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {3A90E392-8D43-49D1-A73A-B7943A2F9FA0} - System32\Tasks\G2MUploadTask-S-1-5-21-2113504872-800665639-2394083016-1003 => C:\Users\Hermann\AppData\Local\Citrix\GoToMeeting\4670\g2mupload.exe [2016-03-23] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {440299AD-80BA-4739-A075-06BE27058FE1} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {4B78C40C-5D78-4F30-9963-A94C362D6D87} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {4D2DEAB9-2143-4FB0-9093-1F4A7F59ACDA} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {4F74F6F1-6E21-4930-AE1A-1C1F00AAC6CE} - System32\Tasks\Uninstaller_SkipUac_master => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-01-12] (IObit)
Task: {4FD6BD7F-7041-44E8-BBA6-D7C6C1BC6620} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {536C646E-D588-46D9-AF02-87FFB60D9E21} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {53F29ED5-EF5F-4E7C-8C0B-C188DA6E3322} - System32\Tasks\TVT\ChangePWD => C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrcmd.exe [2013-09-25] (Lenovo Limited Group Corporation)
Task: {5561D17D-8CF0-4AC8-B464-D7C5913DC6D5} - System32\Tasks\ASC9_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [2016-01-15] (IObit)
Task: {590ADF76-CBFF-401E-B894-34FAE8C501D4} - System32\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c => C:\Program Files (x86)\Innovative Solutions\DriverMax\innostp.exe
Task: {63B37499-263F-4C1A-A0AF-C532FF0FD740} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {7A90B7BE-374C-4F1B-82F3-364C63F3B5B0} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-03-09] (Microsoft Corporation)
Task: {7C05B167-F13B-4DBC-86C8-E54838174520} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {7CFD924D-D5BF-499A-9445-7D4E964DC927} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {7EB4168F-CB7B-42DE-84C1-05DBBA81DE8C} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {7EF8B6C1-988C-495E-A807-36331F24251E} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {8995E6EC-DC82-4DD3-B523-D21822198A29} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {90F8D2E3-709F-4949-920E-54CE0D58E009} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {91213A2B-84BF-4386-8404-84D1F803206C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {9317F042-6CDD-4897-810A-66EB0720861F} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2016-01-13] ()
Task: {98012973-2E04-4626-857F-26C5F2A4C194} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {9E3077C3-DFA7-4ECA-982E-31621F39ED09} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-12-10] (Lenovo)
Task: {A014BFD9-8C38-4C83-B26E-FE74FD79476B} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {A843A8BF-7B48-451A-92F7-1B5DB775FFA6} - System32\Tasks\googleupdatetaskmachineua => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-09] (Google Inc.)
Task: {B17B6364-1134-4886-9C04-67D77C9D50EE} - System32\Tasks\ASC9_SkipUac_master of desaster => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [2016-01-18] (IObit)
Task: {B2F6E1B5-78A0-449B-B236-BDA0ACFBDF1F} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-10] (Dropbox, Inc.)
Task: {B318A255-439B-4AB9-B09D-5508CA1B56AB} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {B5730A8C-C8C9-4B30-BFA5-9BE87567FF51} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-12-10] (Lenovo)
Task: {BDFFD7C8-223A-4703-936E-6A7C6BDBFBF0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {C2738BBD-FF5B-40F1-814C-B6751672AF18} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-12-10] (Lenovo)
Task: {C289FE81-0197-4192-B24E-4118283698D5} - System32\Tasks\TVT\UpdateRnR => C:\Program Files (x86)\Common Files\Lenovo\Scheduler\tvtsetsched.exe [2013-09-25] ()
Task: {C6A65C86-1A8F-4AC6-AB5E-FB7D82F8CA41} - System32\Tasks\GU4SkipUAC => C:\Program Files\GlaryUtilitiesPRO44\Glary Utilities 4\Integrator.exe [2014-01-22] (Glarysoft Ltd)
Task: {D2992D69-F311-416B-9F95-F05A158E41A0} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-2113504872-800665639-2394083016-1000 => Rundll32.exe dfshim.dll,ShOpenVerbShortcut C:\Users\master of desaster\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms
Task: {D3DE109C-D785-4FF8-B417-9F659A7A01F8} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {D914DECA-FEB1-41F3-9F30-F194C3962AE5} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-12-10] (Lenovo)
Task: {DC2A5D41-AE96-4D70-9C0A-E083019BEA1D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-21] (Adobe Systems Incorporated)
Task: {E503D894-230F-49C4-BAFD-FBA24F8C10CA} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-12-10] (Lenovo)
Task: {E530BDF8-9011-4771-98C5-049AFF1202DB} - System32\Tasks\TVT\LaunchRnR => C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrcmd.exe [2013-09-25] (Lenovo Limited Group Corporation)
Task: {E7DD67A2-CB44-47E8-BE25-449C6081C644} - System32\Tasks\Opera scheduled Autoupdate 1437039558 => C:\Program Files (x86)\Opera\launcher.exe [2015-07-10] (Opera Software)
Task: {E8879E5F-A05D-4882-A81B-1CA267E75846} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {F163ECD2-B097-46E4-BB5C-515DE85A7A9E} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask => reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {F3356CE2-7C78-4E87-9FEC-A1EC844F1D8B} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {F44B8F9C-B62D-4994-9A53-27B63E5A21C8} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {F5BF44D4-6D85-422C-B3C1-26762DC35829} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {FA17A770-6747-4617-8A41-76CB26706EF8} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {FDC2A1A1-A90F-4431-B9D3-38C239B47FA6} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => control iMControllerService 128
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\ASC9_SkipUac_master of desaster.job => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2113504872-800665639-2394083016-1003.job => C:\Users\Hermann\AppData\Local\Citrix\GoToMeeting\4670\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-2113504872-800665639-2394083016-1003.job => C:\Users\Hermann\AppData\Local\Citrix\GoToMeeting\4670\g2mupload.exe
Task: C:\Windows\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: C:\Windows\Tasks\Uninstaller_SkipUac_Hermann.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-07-10 12:00 - 2015-07-10 12:00 - 00028160 _____ () C:\Windows\SYSTEM32\efsext.dll
2015-07-31 11:45 - 2015-07-31 11:45 - 00032768 _____ () C:\Windows\SYSTEM32\licensemanagerapi.dll
2015-08-01 11:58 - 2015-08-01 11:58 - 00254880 _____ () C:\Windows\System32\iMDriverHelper.dll
2016-02-19 12:23 - 2015-06-22 10:14 - 00099328 ____N () C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe
2015-08-19 09:55 - 2015-08-11 10:14 - 00404480 _____ () C:\Windows\System32\diagtrack_wininternal.dll
2016-03-04 21:19 - 2012-05-31 22:37 - 00194560 _____ () C:\Program Files\Okidata\Print Job Accounting\snmp_pp.dll
2016-03-04 21:19 - 2012-05-31 22:45 - 00685568 _____ () C:\Program Files\Okidata\Print Job Accounting\sqlite3.dll
2013-12-12 22:35 - 2005-04-22 13:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2015-07-16 04:45 - 2015-07-16 04:45 - 00105112 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
2014-04-18 12:47 - 2012-01-14 07:26 - 00327392 ____N () C:\Program Files (x86)\XSManager\WTGService.exe
2015-10-01 08:25 - 2015-09-17 07:48 - 02494712 _____ () C:\Windows\system32\CoreUIComponents.dll
2014-07-16 08:32 - 2014-06-24 05:05 - 00117760 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2015-10-01 08:25 - 2015-09-17 07:48 - 02494712 _____ () C:\Windows\System32\CoreUIComponents.dll
2015-10-01 08:24 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-08 23:22 - 2015-11-25 05:20 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-08 23:22 - 2015-11-25 05:17 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-08 23:22 - 2015-11-25 05:17 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 08:25 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-01 20:00 - 2015-06-01 20:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-10-14 17:35 - 2015-10-14 17:35 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-10-14 17:35 - 2015-10-14 17:35 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2014-08-10 13:27 - 2016-02-01 07:20 - 00088184 _____ () C:\Program Files (x86)\360\Total Security\deepscan\qutmload.dll
2015-02-21 11:34 - 2015-12-23 17:17 - 00625440 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2015-06-08 12:07 - 2015-06-08 12:07 - 00065776 _____ () C:\Program Files (x86)\Lenovo\Access Connections\ACSonyEricssonHlpr.dll
2016-03-04 21:33 - 2012-10-16 09:38 - 00045056 _____ () C:\Program Files (x86)\Okidata\Web Driver Installer\Res\enu\wpires.dll
2016-02-19 12:11 - 2015-12-23 18:32 - 00355616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madExcept_.bpl
2016-02-19 12:11 - 2015-12-23 18:32 - 00190240 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madBasic_.bpl
2016-02-19 12:11 - 2015-12-23 18:32 - 00057632 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madDisAsm_.bpl
2016-02-19 12:11 - 2015-12-28 13:50 - 00899872 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\webres.dll
2016-02-19 12:11 - 2015-12-28 13:49 - 00629536 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\ProductStatistics.dll
2013-12-12 22:35 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-08-10 13:27 - 2016-02-01 07:20 - 00578168 _____ () C:\Program Files (x86)\360\Total Security\safemon\wdui2.dll
2015-12-12 01:41 - 2016-02-23 19:19 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-03-19 21:22 - 2016-02-23 19:20 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-03-19 21:22 - 2016-02-23 19:19 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2015-12-12 01:41 - 2016-02-23 19:19 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2015-12-12 01:41 - 2016-02-23 19:19 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2015-12-12 01:41 - 2016-03-12 01:18 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2015-12-12 01:41 - 2016-02-23 19:21 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-03-19 21:22 - 2016-02-23 19:19 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2015-12-12 01:41 - 2016-03-12 01:18 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2015-12-12 01:41 - 2016-02-23 19:19 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-03-19 21:22 - 2016-03-12 01:18 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2015-12-12 01:41 - 2016-02-23 19:20 - 00112592 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-03-19 21:22 - 2016-03-12 01:18 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-03-19 21:22 - 2016-03-12 01:18 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2015-12-12 01:41 - 2016-03-12 01:18 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-12 01:41 - 2016-03-12 01:18 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-03-19 21:22 - 2016-03-12 01:18 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-03-19 21:22 - 2016-02-23 19:21 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2015-12-12 01:41 - 2016-02-23 19:21 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2015-12-12 01:41 - 2016-02-23 19:21 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2015-12-12 01:41 - 2016-02-23 19:21 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-02-18 17:59 - 2016-03-12 01:18 - 00021832 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2015-12-12 01:41 - 2016-02-23 19:21 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2015-12-12 01:41 - 2016-02-23 19:21 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2015-12-12 01:41 - 2016-02-23 19:21 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2015-12-12 01:41 - 2016-02-23 19:21 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2015-12-12 01:41 - 2016-02-23 19:21 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2015-12-12 01:41 - 2016-02-23 19:21 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-03-19 21:22 - 2016-03-12 01:18 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2015-12-12 01:41 - 2016-02-23 19:21 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2015-12-12 01:41 - 2016-02-23 19:21 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-03-19 21:22 - 2016-03-12 01:18 - 00117056 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-03-19 21:22 - 2016-03-12 01:18 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-03-19 21:22 - 2016-02-23 19:21 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-03-19 21:22 - 2016-03-12 01:18 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2016-03-19 21:22 - 2016-02-13 01:24 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2015-12-12 01:41 - 2016-03-12 01:18 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-12 01:41 - 2016-02-23 19:19 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2016-03-19 21:22 - 2016-02-23 19:19 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-03-19 21:22 - 2016-02-23 19:20 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd
2016-03-19 21:22 - 2016-03-12 01:18 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-02-18 17:59 - 2016-03-12 01:18 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-18 17:59 - 2016-03-12 01:18 - 00021824 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32._winffi_kernel32.pyd
2016-02-18 17:59 - 2016-03-12 01:18 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-02-18 17:59 - 2016-03-12 01:18 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-03-19 21:22 - 2016-03-12 01:18 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2015-12-12 01:41 - 2016-02-23 19:21 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-02-18 17:59 - 2016-03-12 01:18 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-03-19 21:22 - 2016-03-12 01:18 - 00084792 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-03-19 21:22 - 2016-03-12 01:18 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2015-12-12 01:41 - 2016-02-23 19:20 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-03-19 21:22 - 2016-03-12 01:18 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-03-19 21:22 - 2016-03-12 01:18 - 01971504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-03-19 21:22 - 2016-03-12 01:18 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-03-19 21:22 - 2016-03-12 01:18 - 00132912 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-03-19 21:22 - 2016-03-12 01:18 - 00223544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-03-19 21:22 - 2016-03-12 01:18 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-03-19 21:22 - 2016-03-12 01:18 - 00158008 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2016-03-19 21:22 - 2016-03-12 01:18 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2016-03-19 21:22 - 2016-02-23 19:23 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2016-03-19 21:22 - 2016-02-23 19:23 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2015-12-12 01:41 - 2016-03-12 01:18 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-03-19 21:22 - 2016-03-12 01:18 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-03-19 21:22 - 2016-03-12 01:18 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2015-06-10 09:25 - 2016-02-23 19:25 - 00697304 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-03-07 12:27 - 2016-03-02 05:47 - 01675928 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.75\libglesv2.dll
2016-03-07 12:27 - 2016-03-02 05:47 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.75\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\Hermann\Documents\24 stunden senioren betreuung.msam:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Hermann\Documents\360 Microsoft Partner.jpg:com.dropbox.attributes [420]
AlternateDataStreams: C:\Users\Hermann\Documents\9320 Handbuch.pdf:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Hermann\Documents\Australien Pass Antrag Nr1300t.pdf:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Hermann\Documents\BeschV - Verordnung über die Beschäftigung von Ausländerinnen und Ausländern.htm:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Hermann\Documents\BeschV - Verordnung über die Beschäftigung von Ausländerinnen und Ausländern_files:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Hermann\Documents\Betreuungsrecht Patientenverfügg Infos.xps:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Hermann\Documents\Bewertungen:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Hermann\Documents\Bewertungen_myBetreuung24:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Hermann\Documents\CHIP_eBook_Webdesign_2013 - Kopie (2).pdf:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Hermann\Documents\CHIP_eBook_Webdesign_2013 - Kopie.pdf:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Hermann\Documents\CHIP_eBook_Webdesign_2013.pdf:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Hermann\Documents\Diagramm Sprachkenntnisse:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Hermann\Documents\ebay Problem Anschreiben Acrobat.jpg:com.dropbox.attributes [414]
AlternateDataStreams: C:\Users\Hermann\Documents\english_user_handbook dreambox 7000s.pdf:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Hermann\Documents\Fragebogen:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Hermann\Documents\Google Adwords_Lastschrift_Mandat.JPG:com.dropbox.attributes [426]
AlternateDataStreams: C:\Users\Hermann\Documents\Google Analytics Datenschutzerklärung.pdf:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Hermann\Documents\Handyliga Angebot Tarif m Auszahlg Eplus_3.jpg:com.dropbox.attributes [426]
AlternateDataStreams: C:\Users\Hermann\Documents\Handyliga Angebot Tarif m Auszahlg Eplus_mydealz_4.jpg:com.dropbox.attributes [426]
AlternateDataStreams: C:\Users\Hermann\Documents\Handyliga_Mobilfunk_Vertrag_Tarif_m_Auszahlg_Eplus_3.pdf:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Hermann\Documents\Homepage_alt_weebly:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Hermann\Documents\HTML Lernen.pdf:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Hermann\Documents\HUAWEI R201 Wireless Modem Quick Start-(V100R001_01,German,Vodafone_Germany).pdf:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Hermann\Documents\Hyundai_i30:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Hermann\Documents\Joomla_3.pdf:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Hermann\Documents\Logitel_Angebot_S2_Eplus_Mai2014.jpg:com.dropbox.attributes [420]
AlternateDataStreams: C:\Users\Hermann\Documents\Lokale_Allianz_Broschüre:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Hermann\Documents\NEATO-VACUUM-USER-GUIDE_Europe.pdf:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Hermann\Documents\neato_programmersmanual_20140305.pdf:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Hermann\Documents\Partnerschaften Bilder:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Hermann\Documents\Powerpoint myBetreuung24:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Hermann\Documents\QR Codes:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Hermann\Documents\Rechnungen andere Empfänger:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Hermann\Documents\Software_Seriennummern_LenovoX220_2014Juni05_a.jpg:com.dropbox.attributes [211]
AlternateDataStreams: C:\Users\Hermann\Documents\Software_Seriennummern_LenovoX220_2014Juni05_b.jpg:com.dropbox.attributes [212]
AlternateDataStreams: C:\Users\Hermann\Documents\Solac Bügeleisen Manual.pdf:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Hermann\Documents\stundenweise Betreuer:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Hermann\Documents\Swissvoice_Eurit_748_de_manual.pdf:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Hermann\Documents\Talkthisway Vodafone Angebotsseite12_Fussnoten Mai 2014_nur Ausz_anders.jpg:com.dropbox.attributes [210]
AlternateDataStreams: C:\Users\Hermann\Documents\TL-MR3020_V1_user_guide.pdf:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Hermann\Documents\TL-MR3420_V1_user_guide.pdf:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Hermann\Documents\TL-MR3420_V1_user_guide2.pdf:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Hermann\Documents\TL-MR3420_V2_User_Guide.pdf:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Hermann\Documents\TP-Link-WA850RE_V1_User_Guide_19100.pdf:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Hermann\Documents\Vertrag_1860926_notebooksbilliger.pdf:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Hermann\Documents\Vodafone InfoDok 548 Selbständige Nachweis.pdf:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Hermann\Documents\Vodafone_R201 Manual.pdf:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Hermann\Documents\Vodafone_Smart_4G_UM_DE_0127_Manual.pdf:com.dropbox.attributes [168]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2015-08-15 15:08 - 00000822 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: SecurityUtility => 2
MSCONFIG\Services: sfcdpsrv => 2
MSCONFIG\Services: SgtSch2Svc => 2
HKLM\...\StartupApproved\Run: => "Seagate Scheduler2 Service"
HKLM\...\StartupApproved\Run32: => "BlackArmorBackupMonitor.exe"
HKLM\...\StartupApproved\Run32: => "RIM PeerManager"
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\StartupApproved\StartupFolder: => "CarPort Updater.lnk"
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\StartupApproved\Run: => "AusweisApp"
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_0E3695195675395E5979719587D6866A"
HKU\S-1-5-21-2113504872-800665639-2394083016-1000\...\StartupApproved\Run: => "LaCie Ethernet Agent Startup"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [UDP Query User{9BBA8AE2-60B1-449F-B0C8-A8D6EBAC3C3F}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [TCP Query User{2DC30472-04D7-4ADA-8A74-39C8911698C2}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{44473BBF-B713-43A1-A601-BC9D714FAA29}C:\program files\ws_ftp\ws_ftp95.exe] => (Allow) C:\program files\ws_ftp\ws_ftp95.exe
FirewallRules: [TCP Query User{1486917C-13A9-495C-82ED-0B1F8E62E679}C:\program files\ws_ftp\ws_ftp95.exe] => (Allow) C:\program files\ws_ftp\ws_ftp95.exe
FirewallRules: [UDP Query User{A55812BB-7AFA-4D1B-A484-CE74A1E804EF}C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe] => (Allow) C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe
FirewallRules: [TCP Query User{9595CBB4-343A-4D15-8366-10A23B8553E4}C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe] => (Allow) C:\wamp\bin\apache\apache2.4.9\bin\httpd.exe
FirewallRules: [UDP Query User{5F356977-FC1D-45BE-ADF5-CD1E1CC761C2}C:\users\hermann\appdata\roaming\steganos\okayfreedom\proxy\node.exe] => (Block) C:\users\hermann\appdata\roaming\steganos\okayfreedom\proxy\node.exe
FirewallRules: [TCP Query User{D2C89F43-D2A6-480D-8BC3-267860D1D87A}C:\users\hermann\appdata\roaming\steganos\okayfreedom\proxy\node.exe] => (Block) C:\users\hermann\appdata\roaming\steganos\okayfreedom\proxy\node.exe
FirewallRules: [{27E23C90-D868-4387-B1CF-418198D8BEA3}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{C6AFF9DE-EAF1-4834-8BF5-2C430DB942E6}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [UDP Query User{0177E90C-3D40-481F-B475-0960A015FA60}C:\users\hermann\appdata\roaming\sdrive\sdrive.exe] => (Allow) C:\users\hermann\appdata\roaming\sdrive\sdrive.exe
FirewallRules: [TCP Query User{978A4F66-BA03-41FD-93C4-45654DFDB4AD}C:\users\hermann\appdata\roaming\sdrive\sdrive.exe] => (Allow) C:\users\hermann\appdata\roaming\sdrive\sdrive.exe
FirewallRules: [{B584D037-D8A2-45EB-A17A-3EF00B205025}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E6001E6A-70AB-4647-8DEF-845F3AB63954}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [UDP Query User{0AD2DE51-673C-4785-884B-A4A0BFA5B062}C:\program files (x86)\seagate\blackarmor discovery\blackarmor discovery.exe] => (Allow) C:\program files (x86)\seagate\blackarmor discovery\blackarmor discovery.exe
FirewallRules: [TCP Query User{A0C4CFD6-4C52-481F-88ED-62F789FF8646}C:\program files (x86)\seagate\blackarmor discovery\blackarmor discovery.exe] => (Allow) C:\program files (x86)\seagate\blackarmor discovery\blackarmor discovery.exe
FirewallRules: [{4FDCFC07-427E-4AFD-9038-1854B3CB7C7C}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe
FirewallRules: [{9F2DC1DA-D58F-4BBA-9E45-F9CF4733332C}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
FirewallRules: [{C22272E4-BDCA-4A7C-8485-994A7A37620F}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
FirewallRules: [{1B3E4BC4-34D8-4742-BED9-39C139DC30C4}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
FirewallRules: [{341B0FCC-9200-4E26-A9D8-3C2D89772815}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
FirewallRules: [{17D47B71-5D2D-4EB0-BF62-B3C10C3D9DDD}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
FirewallRules: [{DF89E086-8385-408A-B94C-7153CFA39D2C}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{84C54662-6DD3-42D6-84A6-E24AB39DBA55}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{BCF06202-BC1E-4360-912E-EC79D30AE8DB}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{087FB769-BBB0-421D-AA54-462BE5B79B23}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [UDP Query User{7925891A-1A80-4FE3-BD3A-9C681C833E2E}C:\program files (x86)\seagate\blackarmorbackup\blackarmorbackup.exe] => (Allow) C:\program files (x86)\seagate\blackarmorbackup\blackarmorbackup.exe
FirewallRules: [TCP Query User{475B49EB-89EF-4512-AC1A-A661533109BF}C:\program files (x86)\seagate\blackarmorbackup\blackarmorbackup.exe] => (Allow) C:\program files (x86)\seagate\blackarmorbackup\blackarmorbackup.exe
FirewallRules: [UDP Query User{6E9B9D91-82A2-428E-B90F-45005D9AAFE4}C:\program files (x86)\seagate\blackarmorbackup\blackarmorbackuptools.exe] => (Allow) C:\program files (x86)\seagate\blackarmorbackup\blackarmorbackuptools.exe
FirewallRules: [TCP Query User{1A437E71-1C68-44E9-A07C-BCDB388811B0}C:\program files (x86)\seagate\blackarmorbackup\blackarmorbackuptools.exe] => (Allow) C:\program files (x86)\seagate\blackarmorbackup\blackarmorbackuptools.exe
FirewallRules: [UDP Query User{63344FA5-0F1C-49A1-A424-F3037397870A}C:\program files (x86)\seagate\seagate nas discovery\seagate nas discovery.exe] => (Allow) C:\program files (x86)\seagate\seagate nas discovery\seagate nas discovery.exe
FirewallRules: [TCP Query User{F64D5CDF-3655-4330-815B-A0C3839E9A67}C:\program files (x86)\seagate\seagate nas discovery\seagate nas discovery.exe] => (Allow) C:\program files (x86)\seagate\seagate nas discovery\seagate nas discovery.exe
FirewallRules: [{0BF2FC45-FCB6-4BEF-BA5E-473AFF3260A6}] => (Allow) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\mDNSResponder.exe
FirewallRules: [{934CE094-D316-4221-BA19-C2DD50E69315}] => (Allow) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\mDNSResponder.exe
FirewallRules: [{2FAE4540-5DA7-4778-A99F-29193705FE87}] => (Allow) LPort=54925
FirewallRules: [{B5801201-1FB0-42FF-9A45-32203A0786CD}] => (Allow) C:\Program Files (x86)\Brother\Brmfl08j\FAXRX.exe
FirewallRules: [{02471316-AD65-401F-AF62-4006C171B5BE}] => (Allow) C:\Program Files (x86)\Brother\Brmfl08j\FAXRX.exe
FirewallRules: [{CE58AE7F-28D8-465A-B3D2-085716D53DD0}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{73D3B00E-AC67-414F-943E-4335CB44AAFB}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{EF914F2D-8950-40E2-AD76-F29511D2F58E}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{412381B7-96BC-4CE9-AA4F-3F3A56351093}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{B94DC76A-4C20-4FD9-9D11-093834BBDF9F}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{FA337B1D-F312-4A88-B186-29096D8900CD}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{38262D1D-2864-4243-A684-F4B08FBD2CC3}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{C6685876-FAA7-4C13-85DF-A66664A6487B}] => (Allow) C:\Program Files (x86)\Brother\BRAdmin Professional 3\discover.exe
FirewallRules: [{1BCA55CE-F323-4F4A-9192-4957904A6290}] => (Allow) C:\Program Files (x86)\Brother\BRAdmin Professional 3\discover.exe
FirewallRules: [{1E506F61-4DD6-40AA-B12D-04C45F99A492}] => (Allow) C:\Program Files (x86)\Brother\BRAdmin Professional 3\auditorserver.exe
FirewallRules: [{75A5D7D8-ADEF-423F-8685-4023473C2F5A}] => (Allow) C:\Program Files (x86)\Brother\BRAdmin Professional 3\auditorserver.exe
FirewallRules: [{60B809B0-5360-4499-8CA0-DAB710CC5A71}] => (Allow) C:\Program Files (x86)\Brother\BRAdmin Professional 3\bradminv3.exe
FirewallRules: [{D6CCFFBB-0B40-4D2D-9AB9-D08357EE73A7}] => (Allow) C:\Program Files (x86)\Brother\BRAdmin Professional 3\bradminv3.exe
FirewallRules: [TCP Query User{FBC2283A-5DFA-4725-B658-F7D344597D1F}C:\program files (x86)\printsupervision\setup\psvconf.exe] => (Allow) C:\program files (x86)\printsupervision\setup\psvconf.exe
FirewallRules: [UDP Query User{F74577CD-DE83-41B4-9924-FB674F89C9E9}C:\program files (x86)\printsupervision\setup\psvconf.exe] => (Allow) C:\program files (x86)\printsupervision\setup\psvconf.exe
FirewallRules: [{BEEA1E53-4031-4AEB-8400-FD75EC7B6908}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{0FCA74B4-8E42-4DAB-8BBA-E034A0C38118}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{CEBFD808-DC00-4538-9AD3-70FDD3394B44}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{556A935D-8F60-4F2A-9625-403D01E3CAF9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{46D3B255-BAA7-4BA4-AF37-422322B9EA1D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{460CB8B1-7FA3-4ABC-A667-B54182AD3F28}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{18CE097A-FD12-4F10-AEEB-2CBCE473C3CD}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{6914F034-9880-4C18-86E8-EAD5167C5144}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
==================== Wiederherstellungspunkte =========================
09-03-2016 09:48:58 Windows Update
15-03-2016 12:34:26 Windows Update
20-03-2016 13:45:46 System vor Anwendung IObit Reparatur
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: USB-xHCI-kompatibler Hostcontroller
Description: USB-xHCI-kompatibler Hostcontroller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Generischer USB-xHCI-Hostcontroller
Service: USBXHCI
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft Hosted Network Virtual Adapter
Description: Von Microsoft gehosteter, virtueller Netzwerkadapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (03/25/2016 03:45:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LenovoX220)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (03/25/2016 03:37:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Lenovo.Modern.ImController.PluginHost.exe, Version: 1.0.69.0, Zeitstempel: 0x56294781
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.10240.16683, Zeitstempel: 0x56ad9410
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000b3fc8
ID des fehlerhaften Prozesses: 0xc20
Startzeit der fehlerhaften Anwendung: 0xLenovo.Modern.ImController.PluginHost.exe0
Pfad der fehlerhaften Anwendung: Lenovo.Modern.ImController.PluginHost.exe1
Pfad des fehlerhaften Moduls: Lenovo.Modern.ImController.PluginHost.exe2
Berichtskennung: Lenovo.Modern.ImController.PluginHost.exe3
Vollständiger Name des fehlerhaften Pakets: Lenovo.Modern.ImController.PluginHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Lenovo.Modern.ImController.PluginHost.exe5
Error: (03/25/2016 03:37:22 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Lenovo.Modern.ImController.PluginHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.BadImageFormatException
Stapel:
bei LenovoAudioPlugin.AudioAccess.RunCustomMonitor(IntPtr, IntPtr, System.String, Int32)
bei LenovoAudioPlugin.AudioAccess+<>c.<RespondToEventAsync>b__13_0()
bei System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ThreadHelper.ThreadStart()
Error: (03/25/2016 01:32:25 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LenovoX220)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (03/25/2016 01:31:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm mbam.exe, Version 2.3.173.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2390
Startzeit: 01d1869178a37623
Beendigungszeit: 6099
Anwendungspfad: C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
Berichts-ID: 6b59e9a9-f285-11e5-9c0f-7ce9d3baac23
Vollständiger Name des fehlerhaften Pakets:
Auf das fehlerhafte Paket bezogene Anwendungs-ID:
Error: (03/25/2016 01:26:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Lenovo.Modern.ImController.PluginHost.exe, Version: 1.0.69.0, Zeitstempel: 0x56294781
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.10240.16683, Zeitstempel: 0x56ad9410
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000b3fc8
ID des fehlerhaften Prozesses: 0x20f0
Startzeit der fehlerhaften Anwendung: 0xLenovo.Modern.ImController.PluginHost.exe0
Pfad der fehlerhaften Anwendung: Lenovo.Modern.ImController.PluginHost.exe1
Pfad des fehlerhaften Moduls: Lenovo.Modern.ImController.PluginHost.exe2
Berichtskennung: Lenovo.Modern.ImController.PluginHost.exe3
Vollständiger Name des fehlerhaften Pakets: Lenovo.Modern.ImController.PluginHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Lenovo.Modern.ImController.PluginHost.exe5
Error: (03/25/2016 01:26:44 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Lenovo.Modern.ImController.PluginHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.BadImageFormatException
Stapel:
bei LenovoAudioPlugin.AudioAccess.RunCustomMonitor(IntPtr, IntPtr, System.String, Int32)
bei LenovoAudioPlugin.AudioAccess+<>c.<RespondToEventAsync>b__13_0()
bei System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ThreadHelper.ThreadStart()
Error: (03/25/2016 01:20:43 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Ignoring response received before we even began probing: 4 LenovoX220.local. Addr 192.168.178.112
Error: (03/25/2016 01:20:43 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: ResolveSimultaneousProbe: 00B78DC0 Our Record 3 lost: 0035BD80 4 LenovoX220.local. Addr 192.168.178.112
Error: (03/25/2016 01:20:43 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: ResolveSimultaneousProbe: 00B78DC0 Pkt Record: 909080D6 16 LenovoX220.local. AAAA FE80:0000:0000:0000:FC93:4C26:B397:43C3
Systemfehler:
=============
Error: (03/25/2016 03:47:04 PM) (Source: DCOM) (EventID: 10016) (User: LenovoX220)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}LenovoX220HermannS-1-5-21-2113504872-800665639-2394083016-1003LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (03/25/2016 03:45:12 PM) (Source: DCOM) (EventID: 10010) (User: LenovoX220)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca
Error: (03/25/2016 03:45:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/25/2016 03:45:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/25/2016 03:45:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/25/2016 03:45:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/25/2016 03:32:06 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Net.Tcp-Listeneradapter" ist vom Dienst "Net.Tcp-Portfreigabedienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (03/25/2016 03:32:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "mbamchameleon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%31
Error: (03/25/2016 03:32:03 PM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT-AUTORITÄT)
Description: Fehler "126" beim Laden der Kennwortbenachrichtigungs-DLL "ACGina". Stellen Sie sicher, dass der in der Registrierung definierte DLL-Pfad "HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages" sich auf einen korrekten und absoluten Pfad (<Laufwerk>:\<Pfad>\<Dateiname>.<Erw.>) bezieht und nicht auf einen relativen oder ungültigen Pfad. Wenn der DLL-Pfad falsch ist, stellen Sie sicher, dass sich alle Hilfsdateien im gleichen Verzeichnis befinden und dass das Systemkonto sowohl auf den DLL-Pfad als auch die Hilfsdateien Lesezugriff hat. Wenden Sie sich an den Anbieter der Benachrichtigungs-DLL, um weitere Unterstützung zu erhalten. Weitere Informationen finden Sie im Internet unter "hxxp://go.microsoft.com/fwlink/?LinkId=245898".
Error: (03/25/2016 03:30:38 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "WWAN - automatische Konfiguration" wurde mit folgendem Fehler beendet:
%%997
CodeIntegrity:
===================================
Date: 2016-03-09 13:37:47.444
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2016-03-09 13:37:47.393
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2016-03-09 13:37:47.289
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2016-03-09 13:37:47.080
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2016-03-09 13:37:47.025
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2016-03-09 13:37:46.961
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2016-03-09 13:37:45.405
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2016-03-09 13:37:44.844
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2016-03-09 13:30:09.000
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2016-03-09 13:30:08.944
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-2640M CPU @ 2.80GHz
Prozentuale Nutzung des RAM: 32%
Installierter physikalischer RAM: 8075.23 MB
Verfügbarer physikalischer RAM: 5461.08 MB
Summe virtueller Speicher: 16267.23 MB
Verfügbarer virtueller Speicher: 13414.99 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:219.06 GB) (Free:122.51 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (SYSTEM_DRV) (Fixed) (Total:3.48 GB) (Free:2.59 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (Lenovo_Recovery) (Fixed) (Total:10.34 GB) (Free:1.18 GB) NTFS
Drive f: (SONYCAMERA) (Fixed) (Total:3.72 GB) (Free:3.58 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: C17982EE)
Partition 1: (Active) - (Size=219.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=3.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=10.3 GB) - (Type=OF Extended)
========================================================
Disk: 1 (Size: 3.7 GB) (Disk ID: DDD41A57)
Partition 1: (Not Active) - (Size=3.7 GB) - (Type=0B)
==================== Ende von Addition.txt ============================
|
|
25.03.2016, 16:11
| #7 |
| | Net Command ? Als ich mich vorhin als Admin anmeldete um wie empfohlen die weiteren Scans hier durchzuführen, kam die Meldung übrigens auch, siehe Screenshot anbei. Ich klick mal auf Details, und mach noch ein Bild: Geändert von hardyxy9 (25.03.2016 um 16:18 Uhr) Grund: . |
|
25.03.2016, 16:25
| #8 |
| | Net Command ? Ist offenbar eine Microsoft Sache, ich habe etwas bei answers.microsoft gefunden aus 2013, und les mir das mal durch ('perform a clean boot'): "Net Command for Windows 7 continually asks to reinstall each time I reboot my computer everyday" Empf.Lösung: kb/929135 Geändert von hardyxy9 (25.03.2016 um 16:31 Uhr) |
|
25.03.2016, 16:30
| #9 | |||||||||||
| /// Winkelfunktion /// TB-Süch-Tiger™ | Net Command ?Zitat:
Lesestoff:Virenscanner Verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:
Microsoft Security Essentials (MSE) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE entschieden hast, brauchst du nicht extra MSE zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür. Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und/oder mit dem ESET Online Scanner scannen. Optional:  NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. NoScript kann gerade bei technisch nicht allzu versierten Nutzern beim Surfen zum Nervfaktor werden; ob das Tool geeignet ist, muss jeder selbst mal ausprobieren und dann für sich entscheiden. Alternativen zu NoScript (wenn um das das Verhindern von Usertracking und Werbung auf Webseiten) geht wären da Ghostery oder uBlock. Ghostery ist eine sehr bekannte Erweiterung, die aber auch in Kritik geraten ist, vgl. dazu bitte diesen Thread => Ghostery schleift Werbung durch Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
25.03.2016, 16:34
| #10 |
| | Virenscanner uups danke .. hätte ich von 360 Total Security nicht gedacht, da es u.a. ja auch von Microsoft empfohlen wird.. und IOBit, ja wo kommt das nur wieder her .. ok also weg damit, Ihr müsst es ja wissen. - Die Security Esssentials heißen bei mir Windows Defender, werde ich nun aktivieren. Geändert von hardyxy9 (25.03.2016 um 16:42 Uhr) |
|
| Themen zu Net Command ? |
| berechtigung, command, eingeschränkte, eingeschränkten, eurer, fenster, konto, kurzem, laptop, lieber, natürlich, net command, netcommand, nicht, nichts, nutze, scan, scanne, scannen, sorge, sorgen, system, verändern, windows, öffnet |
Linear-Darstellung
