Habe von 1und1 eine Email bekommen wegen Befall von Zeus ! Was tun ?

tschack666 · 18.04.2016, 21:15

Hallo zusammen,

ich habe heute von 1und1 eine Email bekommen das ich den Zeus auf meinem PC hätte. Email ist auch "echt". Hatte schon Kontakt mit den Leuten von 1und1. Wie krieg ich raus ob es wirklich so ist und wie kriege ich den Rechner wieder Zeus-frei ?

cosinus · 18.04.2016, 22:37

moin

Und wir sollen jetzt erraten was in der Mail steht sowie welche (wie viele) Rechner mit welchen Betriebssystemen du hast und ob da auch schonmal Virenfunde zu verzeichnen waren?

tschack666 · 19.04.2016, 06:01

Sorry. Folgend die Mail. Rechner Laptop Lenovo mit Win7....

Ihre Kundennummer:
Ihre Vertragsnummer:
Hinweis: Ihre Kundennummer und Ihr Name zeigen Ihnen, dass diese Nachricht von der 1&1 Telecom GmbH verschickt wurde.

Sehr geehrter Herr Klug,

heute erhalten Sie eine dringende Nachricht zu Ihrem 1&1 DSL-Anschluss.

Unser Expertenteam hat Hinweise erhalten, dass sich auf einem Computer an Ihrem Anschluss der gefährliche Virus "Zeus" befindet.

Datum und Uhrzeit des Hinweises: 2016-04-15 16:33:20 MEST Tipp: Sind mehrere Computer an Ihrem 1&1 DSL-Anschluss angeschlossen, gibt Ihnen dieses Datum einen Hinweis darauf, welcher Computer betroffen ist.

Von dem Virus "Zeus" geht eine erhebliche Gefahr aus. Er spioniert gezielt Bankdaten aus und leitet sie an die Angreifer weiter. Nach und nach plündern diese mithilfe der Bankdaten die Konten ihrer Opfer aus.

So stellen Sie die Sicherheit Ihres 1&1 DSL-Anschlusses und Ihrer Daten wieder her:

1.* "Zeus" von Ihrem Computer entfernen:
Der Virus nimmt tiefgreifende Veränderungen im Betriebssystem des Computers vor. Ihn restlos von einem einmal befallenen Computer zu entfernen ist sehr schwierig.

Nach unserer Kenntnis gibt es aktuell keine Anti-Viren-Software, die ihn zuverlässig entfernt. Daher empfehlen wir Ihnen den Computer neu zu installieren.

Wir sind uns bewusst darüber, dass dies Aufwand für Sie bedeutet. Der Rat unseres Expertenteams ist dennoch eindeutig - die Gefahr, die vom "Zeus" ausgeht, rechtfertigt diesen Aufwand. Er dient Ihrer Sicherheit.

2.* Passwörter ändern:
Ändern Sie anschließend alle Ihre Passwörter. Denken Sie an die Passwörter zu:
- Ihrem Online-Bankingzugang
- Ihrem 1&1 Control-Center
- Ihren 1&1 Mailboxen
- Ihrem WEB.DE, GMX-Postfach oder anderen E-Mail-Konten
- Ihrem eBay-Mitglieds-Konto
- Ihrem PayPal-Konto

3.* Computer künftig optimal schützen:
Um Ihren Computer zukünftig vor schädlichen Viren zu schützen, empfehlen wir Ihnen die Installation einer professionellen Anti-Viren-Software, wie dem Norton 360.

Das 1&1 Sicherheitspaket Norton 360 schützt Sie umfassend vor allen Gefahren des Internets - auch vor einer Neuinfektion mit dem Zeus. Es enthält drei* Lizenzen, damit Sie auf bis zu drei Computern unbeschwert im Internet surfen können.

Haben Sie noch Fragen? Dann antworten Sie einfach auf diese E-Mail und belassen Sie bitte unsere Referenz [Ticket AB96905133] in Ihrer Nachricht.

Oder rufen Sie uns einfach an. Wir sind gerne für Sie da.

Sie erreichen uns montags bis freitags von 08:30 bis 17:00 Uhr - kostenfrei aus dem Fest- und Mobilfunknetz der 1&1 Telecom GmbH - unter: 0721 96 00

Wir freuen uns, mit Ihnen gemeinsam für einen sicheren 1&1 DSL-Anschluss zu sorgen - vielen Dank für Ihre Mitarbeit.

Mit freundlichen Grüßen

Ihr 1&1 Kundenservice
--
1&1 Telecom GmbH
Elgendorfer Str. 57, 56410 Montabaur
Amtsgericht Montabaur HRB 22331 · WEEE-Reg.-Nr. DE13470330 · Geschäftsführer: Markus Huhn, Alessandro Nava, Moritz Roth, Ludger Sieverding, Martin Witt

cosinus · 19.04.2016, 08:24

war ja klar, dass die keine Gelegenheit auslassen, um ihren Norton SPAM loszuwerden

Zitat:

Rechner Laptop Lenovo mit Win7....

Nur dieses Gerät oder noch andere?

tschack666 · 19.04.2016, 08:55

Nur dieses.....

cosinus · 19.04.2016, 09:52

Ja schön, was ist mit meiner anderen Frage, gab es auf diesem Rechner schonmal Virenfunde oder nicht? Wenn ja, Logs dazu?

tschack666 · 19.04.2016, 10:22

Nichts.....

cosinus · 19.04.2016, 10:59

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

tschack666 · 19.04.2016, 11:46

Das Log-File der FRST:

tschack666 · 19.04.2016, 11:48

Und das Log-File der Addition:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:18-04-2016
durchgeführt von M.Klug (2016-04-19 12:40:25)
Gestartet von C:\Users\M.Klug.LEISS\Desktop
Windows 7 Professional Service Pack 1 (X64) (2014-11-21 18:09:26)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3134854043-1757775680-3440901618-500 - Administrator - Disabled)
Gast (S-1-5-21-3134854043-1757775680-3440901618-501 - Limited - Disabled)
M.Klug (S-1-5-21-3134854043-1757775680-3440901618-1001 - Limited - Enabled) => C:\Users\M.Klug
UpdatusUser (S-1-5-21-3134854043-1757775680-3440901618-1000 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Endpoint Security 10 für Windows (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Endpoint Security 10 für Windows (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Kaspersky Endpoint Security 10 für Windows (Disabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

3Dconnexion 3DxWare 10 (64-bit) (HKLM-x32\...\{BAFCA6AC-8B37-405B-B57E-C1D45DE70ACC}) (Version: 10.2.0 - 3Dconnexion)
3Dconnexion 3DxWinCore (Version: 17.2.0.11011 - 3Dconnexion) Hidden
3Dconnexion Add-In for AutoCAD (Version: 5.0.0 - 3Dconnexion) Hidden
3Dconnexion Add-In for Inventor 11 - 2015 (Version: 2.1.0 - 3Dconnexion) Hidden
3Dconnexion Add-In for Solid Edge V18 - ST7 (Version: 3.2.0 - 3Dconnexion) Hidden
3Dconnexion Add-In for SolidWorks 2005 - 2015 (Version: 3.2.0 - 3Dconnexion) Hidden
3Dconnexion Add-On for XSI v5.0 - 2015 (Version: 3.0.3 - 3Dconnexion) Hidden
3Dconnexion Collage (x32 Version: 1.3.0 - 3Dconnexion) Hidden
3Dconnexion Extension for SketchUp (Version: 4.1.0 - 3Dconnexion) Hidden
3Dconnexion LCD Applets for SpacePilot Pro (Version: 1.3.3 - 3Dconnexion) Hidden
3Dconnexion Plug-In for 3ds Max 2008 - 2015 (Version: 6.1.0 - 3Dconnexion) Hidden
3Dconnexion Plug-in for Acrobat 3D (x32 Version: 1.3.0 - 3Dconnexion) Hidden
3Dconnexion Plug-In for Maya v8.5 - 2015 (Version: 5.1.0 - 3Dconnexion) Hidden
3Dconnexion Plug-In for NX v4.0 - v10.0 (Version: 3.2.0 - 3Dconnexion) Hidden
3Dconnexion Plug-In for Photoshop CS3 - CS6 and CC (Version: 2.4.0 - 3Dconnexion) Hidden
3Dconnexion Plug-In for Pro/ENGINEER Wildfire 3.0 - Creo 3.0 (Version: 2.2.0 - 3Dconnexion) Hidden
3Dconnexion Trainer (x32 Version: 3.2.2 - 3Dconnexion) Hidden
64 Bit HP CIO Components Installer (Version: 18.2.4 - Hewlett-Packard) Hidden
7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.241 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\Amazon Amazon Music) (Version: 4.0.0.1205 - Amazon Services LLC)
Capture One 8.3 (HKLM\...\CaptureOne8_is1) (Version: 8.3.4.19 - Phase One A/S)
CatalystEX 4.3 for 64 Bit (HKLM\...\{F4C1316F-F96F-4982-8286-BD8FB9652636}) (Version: 4.3 - Ihr Firmenname)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
david® Client  (HKLM-x32\...\david® Client) (Version: 12.00a - Tobit.Software)
Delcam Exchange 2015 R2 (64-bit) (HKLM\...\Delcam Exchange 7.9.10) (Version: 7.9.10 - Delcam)
Delcam PostProcessor 2014 (64-bit) (HKLM\...\{1BD1D20C-7970-4E68-8CEE-60861AB12E4F}) (Version: 6.6.3518 - Delcam)
Delcam PowerMILL 2015 (64-bit) (HKLM\...\Delcam PowerMILL 18.0.09) (Version: 18.0.09 - Delcam)
Delcam PowerMILL 2016 (64-bit) (HKLM\...\Delcam PowerMILL 20.0.10) (Version: 20.0.10 - Delcam)
Delcam PowerSHAPE 2016 (64-bit) (HKLM\...\Delcam PowerSHAPE16126) (Version: 16.1.26 - Delcam)
Delcam PS-Tutorials 2011 R3 (64-bit) (HKLM-x32\...\Delcam PS-Tutorials11300) (Version: 11.3.00 - Delcam)
Delcam Shell Extensions for PostProcessor 2014 (64-bit) (HKLM\...\{3D9482F4-FF0A-48DF-85CD-8477F079943D}) (Version: 6.6.3518 - Delcam)
Delcam TrodeExtension 2014 R2 (64-bit) (HKLM\...\Delcam TrodeExtension14200) (Version: 14.2.00 - Delcam) <==== ACHTUNG
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7/8 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
DisplayLink Core Software (HKLM\...\{73CF7443-C49F-4A11-BD78-F6D691CDDB72}) (Version: 7.6.55673.0 - DisplayLink Corp.)
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 6.1.2 - CEWE Stiftung u Co. KGaA)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
DongleDriver (HKLM-x32\...\{CB7C7334-3D32-4F79-BAFB-79B16C4E6BEB}) (Version: 6.64.0.0 - Messerli Informatik)
Dropbox (HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\Dropbox) (Version: 3.18.1 - Dropbox, Inc.)
EliteCAD13ME (HKLM-x32\...\{601238EF-32E5-11D4-AF89-0000E81E0E01}) (Version: 13.0 - Messerli Informatik)
EliteViewer12 (HKLM-x32\...\{A1F759AE-551E-4F05-93E3-21CA07BE9A50}) (Version:  - )
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.1.16835 - Landesfinanzdirektion Thüringen)
Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.67.5 - Lenovo Group Limited)
Festo - Produktkatalog (HKLM-x32\...\{85DDDA5B-B85D-4033-B1F5-52F60D709F9C}) (Version: 3.2008.805 - Festo)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
IGEMS R2015 (HKLM-x32\...\IGEMS R2015_is1) (Version:  - IGEMS Software AB)
Inst5676 (Version: 8.01.42 - Softex Inc.) Hidden
Integrated Camera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.7.36 - SunplusIT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.22.1760 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 19.5 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1412.3) (HKLM\...\{302600C1-6BDF-4FD1-1401-148929CC1385}) (Version: 17.0.1401.0428 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.1.28 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{F949AE30-83D1-41B2-92D2-F44478DD058A}) (Version: 4.2.24.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{a9888f41-68ae-43df-bd7d-d93405a44106}) (Version: 17.13.11 - Intel Corporation)
Kaspersky Endpoint Security 10 für Windows (HKLM-x32\...\{7A4192A1-84C4-4E90-A31B-B4847CA8E23A}) (Version: 10.2.2.10535 - Kaspersky Lab)
Kaspersky Security Center Administrationsagent (HKLM-x32\...\InstallWIX_{2F383CB3-6D7C-449D-9874-164E49E1E0F5}) (Version: 10.2.434 - Kaspersky Lab ZAO)
Kaspersky Security Center Administrationsagent (x32 Version: 10.2.434 - Kaspersky Lab ZAO) Hidden
Lenovo Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 8.72.10 - Lenovo)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.13 - )
Lenovo Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 3.1.17.0 - Lenovo)
Lenovo Fingerprint Manager Pro (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.42(x64) - Lenovo)
Lenovo Fingerprint Manager Pro (Version: 8.01.42(x64) - Lenovo) Hidden
Lenovo Patch Utility (x32 Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Patch Utility (x32 Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Peer Connect SDK (HKLM\...\{75C87855-9CBB-4892-B1A9-74C73A19CACA}_is1) (Version: 1.0.0.7 - Lenovo)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.10.02 - )
Lenovo QuickControl (HKLM-x32\...\{04128C8C-7812-4DCC-816E-9C8AB1D6EECE}) (Version: 2.40 - Lenovo Group Limited)
Lenovo QuickDisplay (HKLM\...\{ADEEC90C-A033-4596-ACA1-97327055F9CB}) (Version: 1.2.6.0 - Lenovo Group Limited)
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.3 - Lenovo Inc.)
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.4.0 - Lenovo Group Limited)
Lenovo Solution Center (HKLM\...\{49277B39-D2E8-4342-9CE8-FC080C3FA344}) (Version: 2.8.007.00 - Lenovo Group Limited)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0019 - Lenovo)
Lenovo USB Graphics (HKLM\...\{E6B1FE9A-CB1E-4096-A0AF-163419CB971C}) (Version: 7.5.54614.0 - Lenovo)
Lenovo USB3.0 to DVI VGA Monitor Adapter (HKLM-x32\...\{454D32AD-C149-49BE-9F2E-8C089C3D6620}) (Version: 1.07.17 - Lenovo)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0009.00 - Lenovo Group Limited)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0011.00 - Lenovo)
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Message Center Plus (HKLM\...\{C2C2DB64-1BCE-4FA7-962D-457795ECCEC0}) (Version: 3.3.0004.00 - Lenovo Group Limited)
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Meusburger Katalog 5.8 (HKLM-x32\...\Meusburger Katalog) (Version: 5.8 - Meusburger Georg GmbH & Co KG)
Microsoft .NET Framework 4.6 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{DD6FD594-53B0-467C-8C46-F6F99BCE7C97}) (Version: 9.00.5259.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Applications - ENU (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Applications - ENU) (Version:  - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MySQL Connector/ODBC 5.1 (HKLM\...\{583E320A-F7F7-4A23-A80E-26995A5371CC}) (Version: 5.1.10 - Oracle Corporation)
MySQL Connector/ODBC 5.1 (HKLM-x32\...\{C36A15FB-9882-4CB7-B128-239AACBB9BCD}) (Version: 5.1.10 - Oracle Corporation)
NetDA (HKLM\...\{5897AD96-FA2A-484E-9B91-433CCD65ED43}) (Version: 6.3.38442.0 - silex technology, Inc.)
NetDA Manager (HKLM\...\NetDA Manager) (Version: 1.4.0 - silex technology, Inc.)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
Nitro Pro 9 (HKLM\...\{941C6E5F-363B-4121-A374-3B2E0DEF877C}) (Version: 9.5.1.5 - Nitro)
NVIDIA 3D Vision Treiber 312.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 312.69 - NVIDIA Corporation)
NVIDIA Grafiktreiber 312.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 312.69 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.24.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.24.2 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
O2Micro Flash Memory Card Windows Driver (HKLM-x32\...\InstallShield_{C4D2B63B-A435-433A-AD02-7D26ACD23DF0}) (Version: 3.3.00.73 - O2Micro International LTD.)
O2Micro Flash Memory Card Windows Driver (Version: 3.3.00.73 - O2Micro International LTD.) Hidden
Oce WPD (HKLM-x32\...\{3597d6bd-0e73-11d5-ab8a-00d0b7a62d54}) (Version: 1.19 - Oce)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC)
PANTONE Color Calibrator 1.2.0 (HKLM-x32\...\PANTONE Color Calibrator_is1) (Version:  - X-Rite)
PDF Writer - bioPDF 10.11.0.2338 (HKLM\...\PDF Writer - bioPDF_is1) (Version: 10.11.0.2338 - bioPDF)
RatioPlus 1941-3.0.11 (HKLM-x32\...\schubertRatio.RatioPlus_is1) (Version:  - Schubert Software & Systeme, Top-In-Form GmbH)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7188 - Realtek Semiconductor Corp.)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
schubertRatio.BDETerminal 1.3.0.808 (HKLM-x32\...\schubertRatio.BDETerminal_is1) (Version:  - Schubert Software & Systeme, Top-In-Form GmbH)
Sentinel System Driver Installer 7.5.1 (HKLM-x32\...\{BF9E346B-5ECE-4A18-9510-55729FD08323}) (Version: 7.5.1 - SafeNet, Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
SHARP Pen Software (HKLM-x32\...\{A7D5AAA9-7C58-45D6-BBA4-FF9002F5BBE1}) (Version: 2.08.213 - SHARP)
SHARP Pen Software (x32 Version: 2.08.213 - SHARP) Hidden
SHARP Touch-Panel-Treiber (HKLM\...\{7626BF3E-02BF-4896-8E71-4342BD67ED8E}) (Version: 2.03.0203 - SHARP)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16014.12 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.16014.12 - Samsung Electronics Co., Ltd.) Hidden
SnagIt 9 (HKLM-x32\...\{ADDD6985-3A28-44D0-A1BA-FDD19A820491}) (Version: 9.0.2 - TechSmith Corporation)
SolidWorks 2013 Interface (HKLM-x32\...\SolidWorks 2013 Interface) (Version:  - )
SolidWorks 2014 Interface (HKLM-x32\...\SolidWorks 2014 Interface) (Version:  - )
SolidWorks 2014 x64 Edition SP0 (HKLM-x32\...\SolidWorks Installation Manager 20140-40000-1100-100) (Version: 22.0.0.5018 - SolidWorks Corporation)
SolidWorks 2014 x64 Edition SP0 (Version: 22.100.5018 - SolidWorks) Hidden
SolidWorks 2014 x64 German Resources (Version: 22.100.5018 - SolidWorks Corporation) Hidden
SolidWorks Composer Player 2014 SP0 x64 Edition (Version: 22.00.5018 - Dassault Systemes SolidWorks) Hidden
SolidWorks eDrawings 2014 x64 Edition SP0 (Version: 14.0.5006 - Dassault Systèmes SolidWorks Corp) Hidden
SolidWorks Explorer 2014 SP0 x64 Edition (Version: 22.00.5018 - SolidWorks Corporation) Hidden
SolidWorks Plastics 2014 SP0 x64 Edition (Version: 22.00.5018 - SolidWorks Corporation) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.7.103 - Synaptics Incorporated)
Synaptics WBF DDK 5011 (HKLM\...\{4D70781C-36A9-4335-9568-565C6F61B5EB}) (Version: 4.5.285.0 - )
Synaptics WBF DDK 5011 (HKLM\...\{D6FED322-4EA0-48AE-A5AC-BC381D7048CF}) (Version: 4.5.285.0 - Synaptics)
ThinkDesign 2014.1 (64-bit) (HKLM-x32\...\{FEF8FF3A-137A-4A49-B803-448CA1E2B3BE}) (Version: 2014.1 - think3)
ThinkDesign 2014.1 (x32 Version: 2014.1 - think3) Hidden
ThinkDesign 2015.2 (64-bit) (HKLM-x32\...\{F05A4D2E-FEE7-4F4A-B75F-39651485E90F}) (Version: 2015.2 - think3)
ThinkDesign 2015.2 (x32 Version: 2015.2 - think3) Hidden
ThinkDesign2009 Interface (HKLM-x32\...\ThinkDesign2009 Interface) (Version:  - )
Thinkpad USB 3.0 Ethernet Adapter Driver (HKLM-x32\...\{D8102684-7BA1-4948-88B9-535F84E6E588}) (Version: 7.4.911.2013 - Lenovo)
ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.80.08.00 - Lenovo)
ThinkVantage Fingerprint Software (HKLM\...\{F58DA859-016E-492D-A588-317D9BB28002}) (Version: 5.9.9.7282 - Authentec Inc.)
ThinkVantage Password Manager (HKLM-x32\...\{70EE2BAA-F82A-4B8A-950E-649EFD64D5B9}) (Version: 4.70.2.0 - Lenovo Group Limited)
Thunderbolt(TM) Software (HKLM\...\{BED2816F-D47A-41DA-AFCF-44E1B257C368}) (Version: 2.0.4.250 - Intel(R) Corporation)
tiptoi® Manager 3.0.9 (HKLM-x32\...\9978-5763-2995-5228) (Version: 3.0.9 - Ravensburger AG)
Tools 2014.1 (64-bit) (HKLM-x32\...\{2B7DC97F-FB9C-4CDC-9C46-785BB38AE579}) (Version: 2014.1 - think3)
Tools 2015.2 (64-bit) (HKLM-x32\...\{16828765-4596-469F-856C-D2C7F15C3074}) (Version: 2015.2 - think3)
USB Enhanced Performance Keyboard (HKLM\...\{989DC5D9-A776-430D-9E16-D36E5B81CD86}) (Version: 2.0.2.2 - Lenovo)
Windows-Treiberpaket - Intel (e1dexpress) Net  (03/13/2014 12.11.77.1) (HKLM\...\0E9686B99C91E380CCB49060633DCDE5ED79DE7E) (Version: 03/13/2014 12.11.77.1 - Intel)
Windows-Treiberpaket - Intel Corporation (iaStorA) HDC  (11/15/2013 12.8.10.1005) (HKLM\...\D25E6F494D3225DFE05884186452E2C79AF2E506) (Version: 11/15/2013 12.8.10.1005 - Intel Corporation)
Windows-Treiberpaket - Leaf Imaging Ltd. Image  (12/03/2014 1.2.0.0) (HKLM\...\B758007C752D28F7C3542875CEEBDADCAE5941AE) (Version: 12/03/2014 1.2.0.0 - Leaf Imaging Ltd.)
Windows-Treiberpaket - Lenovo 1.67.04.04 (11/07/2013 1.67.04.04) (HKLM\...\70FB73D983446AEE2932B0ED51A770D1BD1348DA) (Version: 11/07/2013 1.67.04.04 - Lenovo)
Windows-Treiberpaket - Phase One / Mamiya V-Grip USB Driver (12/03/2014 1.2.0.0) (HKLM\...\3F504CC0B024052107934E093CC26DA720256A7A) (Version: 12/03/2014 1.2.0.0 - Phase One / Mamiya)
Windows-Treiberpaket - Phase One A/S (WinUSB) USBDevice  (12/03/2014 1.13.0.0) (HKLM\...\7C6570ABBEB2F08EFBC23ED7925AE72DA6167BD8) (Version: 12/03/2014 1.13.0.0 - Phase One A/S)
Windows-Treiberpaket - Synaptics (SmbDrv) System  (04/07/2014 18.0.7.40) (HKLM\...\FB2627FE59EA6DAD058B4A4C82647DC162F8723D) (Version: 04/07/2014 18.0.7.40 - Synaptics)
Windows-Treiberpaket - Synaptics (SynTP) Mouse  (04/07/2014 18.0.7.40) (HKLM\...\5879A8A324E612CD4CB110632BF1186381FA46F0) (Version: 04/07/2014 18.0.7.40 - Synaptics)
WinZip 12.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}) (Version: 12.0.8252 - WinZip Computing, S.L. )
X-Rite Device Services Manager (HKLM-x32\...\{28D1ED2A-6E9C-4C72-917B-E9F01688E7EF}) (Version: 2.1.14 - X-Rite)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {00CADF60-DB01-484B-88D2-AF616D23C7EC} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2015-11-11] ()
Task: {065F34AB-A2D5-49D7-8BF2-BD509853A8B1} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-02-25] (Realtek Semiconductor)
Task: {135363C9-0A78-4CB4-93DF-4A706AABA5FE} - System32\Tasks\{457C0309-6FA1-4DA9-BF92-99D91339B3A0} => pcalua.exe -a "D:\Markus\Externe Festplatte\Alter Rechner\Markus\Sonstiges\Alter Rechner\catia\downloads\O2CSetupOCX.exe" -d "D:\Markus\Externe Festplatte\Alter Rechner\Markus\Sonstiges\Alter Rechner\catia\downloads"
Task: {16EEDC93-F526-44B3-8346-C3989324C548} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-02-24] (Realtek Semiconductor)
Task: {173FFE2D-A0E4-493B-9279-6310B4184DEA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {20D395F9-6648-4906-A467-1C1532D8F3B9} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {261D4130-23A2-4DF5-97C7-EC0083FBB485} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe [2015-04-17] (Lenovo Group Limited)
Task: {2BFA2080-1880-4AB8-BF49-4D89A5364290} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => Thunderbolt.exe
Task: {409860ED-05BC-4E66-8ED8-E7C942E67B36} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2016-01-08] (Lenovo)
Task: {45BA1E89-8065-4E7F-873E-7394B20356D6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {495EC11C-B0D4-427D-98CF-756BD364C83C} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => start ThunderboltService
Task: {589B5D2C-B06E-42A7-889E-C95BA437168C} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-01-08] (Lenovo)
Task: {5FD71564-F597-4C82-ADB0-7B8DFF959784} - System32\Tasks\Lenovo\Message Center Plus Launcher => C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe [2014-09-13] (Lenovo)
Task: {689FEF3E-4E8B-4431-94BE-8CBC040A00F6} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-01-08] ()
Task: {698F05FE-4B50-45FD-BACC-CF143E728237} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {6D969690-9966-42E6-B723-157F5AEB6B52} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {750CFD6C-09CE-4438-9D1E-C2E506092A9B} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {859B8D1F-C401-4D98-887D-8AA3B7E3FD9F} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2013-04-26] (Lenovo)
Task: {9E2B6BD0-5358-44D6-AFC6-1C2B6D2457B5} - System32\Tasks\Amazon Music Helper => C:\Users\M.Klug.LEISS\AppData\Local\Amazon Music\Amazon Music Helper.exe [2015-12-15] ()
Task: {9E3F6264-6B9A-400E-B866-B3602F6B073C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-08] (Adobe Systems Incorporated)
Task: {AAB699EC-92E2-47C4-846E-8C3C23E7B337} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => tbtsvc.exe
Task: {ABDE2B86-969B-41EB-A176-1C21445BFE8A} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-08-17] (Lenovo)
Task: {B144E4E9-A6FE-4C4B-8210-5725F376C06B} - System32\Tasks\TVT\Lenovo QuickDisplay Agent => C:\Program Files\Lenovo\QuickDisplay\QuickDisplayAgent.exe [2014-03-26] (Lenovo Corporation)
Task: {B2E2C5B4-B3F0-44F8-AA4A-6103E221F663} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {B3192A8B-1DAF-42D5-B330-CECEB3736EDF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {CD0DB0C5-997F-4BB5-928E-CCB6823AA819} - System32\Tasks\RtHDVBg_LENOVO_MICPKEY => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-02-25] (Realtek Semiconductor)
Task: {D30D6A55-286A-463E-BE04-BA947E5AEEC9} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1060284298-1326574676-1801674531-1129Core => C:\Users\M.Klug.LEISS\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)
Task: {D4F0FC58-A947-48CC-A98A-CF4A2F744EBC} - System32\Tasks\{9A366608-BB0F-4986-9E10-51B563C613B1} => pcalua.exe -a D:\Markus\Software\CP2020\Setup.exe -d D:\Markus\Software\CP2020
Task: {E56A8765-B17E-4EAE-8F9B-A10892C85D4E} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => Thunderbolt.exe
Task: {E98245DD-1140-4147-BF6C-7A035F01AAC2} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-01-08] ()
Task: {EE15F6EF-5003-49B9-B980-3F151F278145} - System32\Tasks\3DconnexionCreateProcess_3DxService.exe => C:\Program Files\3Dconnexion\3DxWare\3DxWinCore64\3DxService.exe [2014-11-13] (3Dconnexion, INC)
Task: {EE49A721-7C02-4F3E-90F9-9BC60F55A2A3} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1060284298-1326574676-1801674531-1129UA => C:\Users\M.Klug.LEISS\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1060284298-1326574676-1801674531-1129Core.job => C:\Users\M.Klug.LEISS\AppData\Local\Dropbox\Update\DropboxUpdate.exe/cM.Klu
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1060284298-1326574676-1801674531-1129UA.job => C:\Users\M.Klug.LEISS\AppData\Local\Dropbox\Update\DropboxUpdate.exe/ua /installsource schedulerM.Klu
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Public\Desktop\EliteCAD 13 ME-2D.lnk -> C:\Program Files\EliteCAD13ME\u\1300\me\glob\scr\me2ddll_x64.bat ()

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-10-13 19:00 - 2013-10-29 02:53 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-11-21 14:20 - 2006-07-19 11:01 - 00099840 _____ () C:\Windows\IMGMSGMO.dll
2015-04-29 14:38 - 2006-07-31 09:46 - 04444160 ____N () C:\Program Files (x86)\MySQL\1300\Program\bin\mysqld-nt.exe
2014-05-15 18:39 - 2014-05-15 18:39 - 00417800 _____ () C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe
2014-10-13 19:01 - 2015-04-17 06:07 - 00118272 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-11-13 20:50 - 2014-11-13 20:50 - 00038912 _____ () C:\Windows\system32\SPWINI.dll
2015-05-19 15:43 - 2014-10-21 10:29 - 00601376 _____ () C:\Program Files\Lenovo\Password Manager\pwm_website_config.dll
2015-12-23 12:55 - 2015-12-15 02:43 - 05890368 _____ () C:\Users\M.Klug.LEISS\AppData\Local\Amazon Music\Amazon Music Helper.exe
2014-12-01 15:50 - 2010-10-29 11:42 - 00090488 ____N () C:\Program Files\silex technology\NetDA Manager\Jcpcfgsrv.dll
2014-10-13 19:00 - 2013-10-29 02:17 - 00004096 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-09-03 11:33 - 2015-06-22 17:20 - 00068096 ____R () C:\Program Files\think3\2015.2\thinkdesign\bin\zlib.dll
2015-09-03 11:33 - 2015-05-28 09:56 - 01306624 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\uifiles\tt.dll
2014-11-21 14:47 - 2011-04-03 12:26 - 02874880 _____ () C:\Program Files (x86)\schubertRatio\RatioPlus\bin\RatioPlus.exe
2014-10-13 19:02 - 2011-08-02 20:58 - 02201088 _____ () C:\Program Files\Lenovo\Communications Utility\cxcore210.dll
2014-10-13 19:02 - 2011-08-02 20:58 - 02085888 _____ () C:\Program Files\Lenovo\Communications Utility\cv210.dll
2016-04-18 22:19 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-04-18 22:19 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-04-18 22:19 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-04-18 22:19 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2016-04-18 22:19 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2011-10-11 15:46 - 2011-10-11 15:46 - 01588560 _____ () C:\Program Files (x86)\X-Rite\Devices\rm200\GoldenEye.dll
2011-10-11 15:45 - 2011-10-11 15:45 - 00902992 _____ () C:\Program Files (x86)\X-Rite\Devices\i1pro\i1Fun.dll
2011-10-11 15:46 - 2011-10-11 15:46 - 02639696 _____ () C:\Program Files (x86)\X-Rite\Devices\colormunki\colormunki.dll
2015-01-08 18:03 - 2015-01-08 18:03 - 01309880 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP1\kpcengine.2.2.dll
2014-10-21 10:26 - 2014-10-21 10:26 - 00546592 _____ () C:\Program Files (x86)\Lenovo\Password Manager\pwm_website_config.dll
2015-12-13 10:26 - 2016-03-21 23:50 - 00034768 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-04-15 06:44 - 2016-03-21 23:51 - 00019408 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-04-15 06:44 - 2016-03-21 23:50 - 00116688 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-13 10:26 - 2016-03-21 23:50 - 00093640 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-13 10:26 - 2016-03-21 23:50 - 00018376 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-13 10:26 - 2016-04-08 20:20 - 00019760 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-12-13 10:26 - 2016-03-21 23:52 - 00105928 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-04-15 06:44 - 2016-03-21 23:50 - 00392144 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2015-12-13 10:26 - 2016-04-08 20:20 - 00381752 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-13 10:26 - 2016-03-21 23:50 - 00692688 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-04-15 06:44 - 2016-04-08 20:19 - 00020816 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-13 10:26 - 2016-03-21 23:51 - 00112592 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-04-15 06:44 - 2016-04-08 20:19 - 01682760 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-04-15 06:44 - 2016-04-08 20:19 - 00020808 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2015-12-13 10:26 - 2016-04-08 20:20 - 00021840 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-04-15 06:44 - 2016-04-08 20:19 - 00038696 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-04-15 06:44 - 2016-03-21 23:52 - 00020936 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-13 10:26 - 2016-03-21 23:52 - 00024528 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-12-13 10:26 - 2016-03-21 23:52 - 00114640 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-13 10:26 - 2016-03-21 23:52 - 00124880 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-02-18 12:11 - 2016-04-08 20:20 - 00021832 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2015-12-13 10:26 - 2016-03-21 23:52 - 00024016 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-13 10:26 - 2016-03-21 23:52 - 00175560 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-13 10:26 - 2016-03-21 23:52 - 00030160 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-13 10:26 - 2016-03-21 23:52 - 00043472 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-13 10:26 - 2016-03-21 23:52 - 00028616 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32ts.pyd
2015-12-13 10:26 - 2016-03-21 23:52 - 00048592 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-04-15 06:44 - 2016-04-08 20:19 - 00026456 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2015-12-13 10:26 - 2016-03-21 23:52 - 00057808 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2015-12-13 10:26 - 2016-03-21 23:52 - 00024016 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-04-15 06:44 - 2016-04-08 20:19 - 00117056 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2015-12-13 10:26 - 2016-04-08 20:20 - 00023376 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-13 10:26 - 2016-03-21 23:50 - 00134608 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-04-15 06:44 - 2016-03-21 23:50 - 00134088 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-04-15 06:44 - 2016-03-21 23:51 - 00240584 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-04-15 06:44 - 2016-04-08 20:19 - 00024392 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-04-15 06:44 - 2016-03-21 23:52 - 00036296 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\librsync.dll
2016-04-15 06:44 - 2016-04-08 20:19 - 00052024 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-02-18 12:11 - 2016-04-08 20:20 - 00020800 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-18 12:11 - 2016-04-08 20:20 - 00021824 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-02-18 12:11 - 2016-04-08 20:20 - 00019776 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-02-18 12:11 - 2016-04-08 20:20 - 00020800 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-04-15 06:44 - 2016-04-08 20:19 - 00020280 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-12-13 10:26 - 2016-03-21 23:52 - 00350152 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-02-18 12:11 - 2016-04-08 20:20 - 00022352 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-04-15 06:44 - 2016-04-08 20:19 - 00084280 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-04-15 06:44 - 2016-04-08 20:20 - 01826096 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-13 10:26 - 2016-03-21 23:51 - 00083912 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\sip.pyd
2016-04-15 06:44 - 2016-04-08 20:20 - 03928880 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-04-15 06:44 - 2016-04-08 20:20 - 01971504 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-04-15 06:44 - 2016-04-08 20:20 - 00531248 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-04-15 06:44 - 2016-04-08 20:20 - 00132912 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-04-15 06:44 - 2016-04-08 20:20 - 00223544 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-04-15 06:44 - 2016-04-08 20:20 - 00207672 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-04-15 06:44 - 2016-04-08 20:20 - 00158008 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-04-15 06:44 - 2016-04-08 20:20 - 00042808 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-04-15 06:44 - 2016-03-21 23:54 - 00017864 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-04-15 06:44 - 2016-03-21 23:54 - 01631184 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-12-13 10:26 - 2016-04-08 20:20 - 00024904 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-04-15 06:44 - 2016-04-08 20:20 - 00546096 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-04-15 06:44 - 2016-04-08 20:20 - 00357680 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2015-03-04 23:45 - 2016-03-21 23:56 - 00697304 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2014-10-13 19:00 - 2013-10-29 02:17 - 00004096 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2015-09-23 14:02 - 2015-08-24 17:18 - 10396160 _____ () C:\Windows\TOBITCLT.dll
2015-09-23 14:02 - 2005-12-01 18:24 - 00548864 _____ () C:\Program Files (x86)\Tobit InfoCenter\ASPELL.DLL
2014-10-13 18:49 - 2013-12-03 07:36 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-09-03 11:33 - 2015-06-22 15:39 - 00749317 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\TTPyBridge.dll
2015-09-03 11:33 - 2004-02-20 17:02 - 00061497 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\win32api.pyd
2015-09-03 11:33 - 2004-02-20 17:01 - 00065536 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\PyWinTypes22.dll
2015-09-03 11:33 - 2004-02-20 17:02 - 00061484 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\zlib.pyd
2015-09-03 11:33 - 2004-02-20 17:01 - 00299073 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\pythoncom22.dll
2015-09-03 11:33 - 2004-02-20 17:01 - 00053292 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\_sre.pyd
2015-09-03 11:33 - 2004-02-20 17:02 - 00036916 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\win32com.shell.shell.pyd
2015-09-03 11:33 - 2015-06-22 15:30 - 00073728 ____R () C:\Program Files\think3\2015.2\PLM\common\zlib.dll
2015-09-03 11:33 - 2004-02-20 17:02 - 00135168 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\xml.parsers.pyexpat.pyd
2015-09-03 11:33 - 2004-02-20 17:01 - 00045103 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\_socket.pyd
2015-09-03 11:33 - 2004-02-20 17:02 - 00028731 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\win32event.pyd
2015-09-03 11:33 - 2004-02-20 17:02 - 00032829 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\win32process.pyd
2014-11-21 14:47 - 2010-12-30 15:31 - 00366016 _____ () C:\Program Files (x86)\schubertRatio\RatioPlus\lib\libjcc.dll
2014-11-21 14:48 - 2010-12-30 15:31 - 00062912 _____ () C:\Program Files (x86)\schubertRatio\RatioPlus\lib\libjutils.dll
2014-11-21 14:47 - 2007-07-02 22:40 - 00204800 _____ () C:\Program Files (x86)\schubertRatio\RatioPlus\lib\coolmenu25.dll
2014-11-21 14:47 - 2008-06-13 11:39 - 00795136 _____ () C:\Program Files (x86)\schubertRatio\RatioPlus\lib\StringUtils.dll
2016-04-11 07:01 - 2016-04-06 12:04 - 01675928 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libglesv2.dll
2016-04-11 07:01 - 2016-04-06 12:04 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libegl.dll
2014-12-05 08:48 - 2015-10-15 06:54 - 09499136 _____ () C:\Users\M.Klug.LEISS\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_rdlang32.deu
2014-12-05 08:48 - 2015-10-15 06:54 - 01319424 _____ () C:\Users\M.Klug.LEISS\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_AcroForm.DEU
2014-12-05 08:48 - 2015-10-15 06:54 - 00316416 _____ () C:\Users\M.Klug.LEISS\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_DigSig.DEU
2014-12-05 08:48 - 2015-10-15 06:54 - 01180160 _____ () C:\Users\M.Klug.LEISS\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_PPKLite.DEU
2014-12-05 08:48 - 2015-10-15 06:54 - 00100352 _____ () C:\Users\M.Klug.LEISS\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_EScript.DEU
2014-12-05 08:48 - 2015-10-15 06:54 - 03066880 _____ () C:\Users\M.Klug.LEISS\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_Annots.DEU
2015-09-24 17:40 - 2015-09-24 17:40 - 00305544 _____ () C:\Program Files (x86)\Adobe\Reader 10.0\Reader\sqlite.dll
2014-12-05 08:48 - 2015-10-15 06:57 - 00014336 _____ () C:\Users\M.Klug.LEISS\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_Updater.DEU

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Windows:nlsPreferences [386]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7887 mehr Seiten.

IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\123simsen.com -> www.123simsen.com

Da befinden sich 7887 mehr Seiten.

IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\123simsen.com -> www.123simsen.com

Da befinden sich 7887 mehr Seiten.


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2016-04-18 23:02 - 00451800 ____R C:\Windows\system32\Drivers\etc\hosts

127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com
127.0.0.1	www.123moviedownload.com

Da befinden sich 15500 zusätzliche Einträge.


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\Control Panel\Desktop\\Wallpaper -> C:\Users\M.Klug.LEISS\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.1.1.41 - 192.1.1.42
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{CBA49235-FCF4-4A36-9DFE-F94BDB790403}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{818EE814-B4AD-4F0C-8FE6-EB52F3D2F49D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{43944A31-ADCC-459B-A423-869A6FE40142}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{CE2532C4-03A9-4F25-AA44-F9FD25D8F0D2}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{EB373F14-6C0C-42EB-A81A-424069557AF1}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{38EAA061-8187-4AD8-9C36-89DE5AED1BBF}] => (Allow) LPort=15000
FirewallRules: [{EC1B6F1A-FA7A-41E8-99BB-A4AAC9E8484D}] => (Allow) LPort=15000
FirewallRules: [{8265501D-EA60-4D91-8A3F-D35C2F6AD2A8}] => (Allow) LPort=15000
FirewallRules: [{B0196F04-DC6E-42A7-A056-F48F3B86802B}] => (Allow) C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{1ADD0F48-735E-48AF-8446-58B926C16A89}] => (Allow) C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{58DE1A7E-F959-4FC0-8379-4335F2BEBC77}] => (Allow) C:\Program Files\Dimension\CatalystEX 4.3\nt\CatalystEX.exe
FirewallRules: [{ED822D31-E216-41DF-9A4D-BA8347944ADA}] => (Allow) C:\Program Files\Dimension\CatalystEX 4.3\nt\CatalystEX.exe
FirewallRules: [{814D8CAB-B716-487D-A229-8EBD95FC2E3A}] => (Allow) C:\Program Files\silex technology\NetDA Manager\Connect.exe
FirewallRules: [{A47FBF91-3E04-48EC-B356-99B6C1A4390F}] => (Allow) LPort=19540
FirewallRules: [{2F2E1B69-F49D-42E1-AF73-3BAF57BD14D9}] => (Allow) LPort=5454
FirewallRules: [{A44DDBF9-D320-44A9-BE17-035DA74192C1}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{882C8420-998F-4F9D-9ABE-B20C3BE32CD3}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{15DBE098-FC93-4B0B-A55E-1A41E19A9348}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360.exe
FirewallRules: [{60348C89-440E-444F-9F35-F0F6912660D3}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360.exe
FirewallRules: [{AF513F76-609D-420C-9D61-24C5085EDD20}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360_cl.exe
FirewallRules: [{1A74B4FF-ED0C-4E62-BA4C-F769FDA45885}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360_cl.exe
FirewallRules: [{972E0A6F-B7EB-4AAC-8AD4-5565E615FB9A}] => (Allow) C:\Program Files (x86)\MySQL\1300\Program\bin\mysqld-nt.exe
FirewallRules: [{8837E981-13F1-4AEF-993A-6F3F7B68FD41}] => (Allow) C:\Program Files (x86)\MySQL\1300\Program\bin\mysqld-nt.exe
FirewallRules: [{BFFD77FC-E8E1-49B2-A280-34A08E034C39}] => (Allow) C:\Program Files (x86)\MySQL\1300\Program\bin\mysqld-nt.exe
FirewallRules: [{2FCCB561-6D50-4F2D-9CAA-598D82DE8004}] => (Allow) C:\Program Files (x86)\MySQL\1300\Program\bin\mysqld-nt.exe
FirewallRules: [{3CD933D5-A171-48B7-B64F-92C67B411D7B}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{CD96ADD2-AD26-406F-ACEF-79D1AE686ABB}] => (Allow) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
FirewallRules: [{12A4FE65-2ACB-4B97-AEAE-FE5D01249913}] => (Allow) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
FirewallRules: [{95809377-70EC-43AE-B16D-DABA126FF17D}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe
FirewallRules: [{D207F641-DBAF-490F-9B5C-1857C95EC9C6}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe
FirewallRules: [{AEDC3625-F1D7-4739-8F10-FE207F325C53}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe
FirewallRules: [{A8612968-67F0-43D3-AFD7-62538D036F98}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe
FirewallRules: [{33B5013C-2E59-4829-B731-B3E91FF0533E}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe
FirewallRules: [{83743DE6-23A6-4C01-9687-9240E9168D6E}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe
FirewallRules: [TCP Query User{D84CE3A1-B372-462D-9AB1-DAD32079C1C9}C:\users\m.klug.leiss\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\m.klug.leiss\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{1DDB2AF5-98FA-42E8-8C47-A53E8F8AA670}C:\users\m.klug.leiss\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\m.klug.leiss\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{4387E6D6-F54A-44A1-9C09-35BB13D39CCF}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{016E46E6-AA1C-41E0-A759-08BF6D17A45F}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{EECD114B-7675-4543-B629-8BA5E4C57DCE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E18DE270-37F7-400E-9B93-22C862A1419B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{72321C50-B62F-4230-B0A8-1FBF9E6FC123}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9CCC6B38-2C71-4AB3-B714-8B8E133F2871}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{80BC78E1-CEE4-4D67-8BA5-C29A5C36B79A}C:\users\m.klug.leiss\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\m.klug.leiss\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{6BA8982E-AB0C-4478-9764-CFC8EA0DEFCA}C:\users\m.klug.leiss\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\m.klug.leiss\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{F9B0A80F-47EC-4E28-AA38-5735DB4BB5C9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{DBF1FD2E-0870-4164-8AA7-04DEBA366218}] => (Allow) C:\Program Files (x86)\pandasecuritytb\cleanupie.exe
FirewallRules: [{75916072-A518-4435-96F6-27C4BCFE70A6}] => (Allow) C:\Program Files (x86)\pandasecuritytb\cleanupie.exe
FirewallRules: [{B1DFB7EE-15D8-49C8-813C-97C44DFFC420}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe
FirewallRules: [{0AD31EAB-08C6-4646-88BB-482CB19DD434}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Wiederherstellungspunkte =========================

15-04-2016 17:35:10 DirectX wurde installiert
18-04-2016 06:44:05 Windows Update
18-04-2016 12:54:20 Prüfpunkt von HitmanPro
18-04-2016 13:36:56 Prüfpunkt von HitmanPro
18-04-2016 17:44:24 Prüfpunkt von HitmanPro
18-04-2016 17:59:51 Prüfpunkt von HitmanPro
18-04-2016 20:01:11 Removed Google Earth Plug-in
19-04-2016 07:39:51 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Lenovo Connect Device 1.0
Description: Lenovo Connect Device 1.0
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/19/2016 07:59:03 AM) (Source: PerfNet) (EventID: 2005) (User: )
Description: 

Error: (04/19/2016 07:59:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2016 07:14:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DVWIN32.EXE, Version: 12.0.0.5740, Zeitstempel: 0x55eed84c
Name des fehlerhaften Moduls: mshtml.dll, Version: 11.0.9600.18283, Zeitstempel: 0x56fc68fd
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0043c977
ID des fehlerhaften Prozesses: 0x29c8
Startzeit der fehlerhaften Anwendung: 0xDVWIN32.EXE0
Pfad der fehlerhaften Anwendung: DVWIN32.EXE1
Pfad des fehlerhaften Moduls: DVWIN32.EXE2
Berichtskennung: DVWIN32.EXE3

Error: (04/19/2016 06:40:31 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2016 06:40:30 AM) (Source: PerfNet) (EventID: 2005) (User: )
Description: 

Error: (04/18/2016 10:16:19 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.


Systemfehler:
=============
Error: (04/19/2016 11:19:31 AM) (Source: LEqdUsb) (EventID: 12289) (User: )
Description: WDF call failed.

Error: (04/19/2016 11:19:28 AM) (Source: LEqdUsb) (EventID: 12289) (User: )
Description: WDF call failed.

Error: (04/19/2016 11:12:44 AM) (Source: LEqdUsb) (EventID: 12289) (User: )
Description: WDF call failed.

Error: (04/19/2016 11:12:08 AM) (Source: LEqdUsb) (EventID: 12289) (User: )
Description: WDF call failed.

Error: (04/19/2016 11:11:20 AM) (Source: LEqdUsb) (EventID: 12289) (User: )
Description: WDF call failed.

Error: (04/19/2016 11:11:17 AM) (Source: LEqdUsb) (EventID: 12289) (User: )
Description: WDF call failed.

Error: (04/19/2016 11:10:15 AM) (Source: LEqdUsb) (EventID: 12289) (User: )
Description: WDF call failed.

Error: (04/19/2016 11:06:07 AM) (Source: LEqdUsb) (EventID: 12289) (User: )
Description: WDF call failed.

Error: (04/19/2016 10:59:48 AM) (Source: LEqdUsb) (EventID: 12289) (User: )
Description: WDF call failed.

Error: (04/19/2016 10:46:59 AM) (Source: LEqdUsb) (EventID: 12289) (User: )
Description: WDF call failed.


CodeIntegrity:
===================================
  Date: 2015-01-22 12:41:30.394
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Slotman\gwiopm.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-01-22 12:41:30.343
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Slotman\gwiopm.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-12-12 06:39:38.333
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-12 06:39:37.366
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 für Windows\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-12 06:36:57.890
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-12 06:36:51.922
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 für Windows\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-03 13:03:28.429
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-03 13:03:28.414
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-03 13:03:28.320
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 für Windows\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-03 13:03:28.320
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 für Windows\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4810MQ CPU @ 2.80GHz
Prozentuale Nutzung des RAM: 41%
Installierter physikalischer RAM: 16009.21 MB
Verfügbarer physikalischer RAM: 9332.47 MB
Summe virtueller Speicher: 32016.61 MB
Verfügbarer virtueller Speicher: 24473.5 MB

==================== Laufwerke ================================

Drive c: (Windows7_OS) (Fixed) (Total:213.74 GB) (Free:62.86 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Data2) (Fixed) (Total:931.51 GB) (Free:441.53 GB) NTFS
Drive e: (SolidWorks1) (CDROM) (Total:7.76 GB) (Free:0 GB) CDFS
Drive f: (Daten) (Network) (Total:2048 GB) (Free:1004.32 GB) NTFS
Drive h: (Daten) (Network) (Total:2048 GB) (Free:1004.32 GB) NTFS
Drive o: (Daten) (Network) (Total:600 GB) (Free:438.55 GB) NTFS
Drive q: (Lenovo_Recovery) (Fixed) (Total:16.27 GB) (Free:4.64 GB) NTFS
Drive r: (Daten) (Network) (Total:195.28 GB) (Free:166.86 GB) NTFS
Drive u: (Daten) (Network) (Total:600 GB) (Free:438.55 GB) NTFS
Drive z: (Daten) (Network) (Total:2048 GB) (Free:1004.32 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: B3D09BFF)
Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=213.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=16.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=7 GB) - (Type=84)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: B3D0A64B)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

tschack666 · 19.04.2016, 11:54

Sorry, nochmal der FRST.....

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:18-04-2016
durchgeführt von M.Klug (2016-04-19 12:40:25)
Gestartet von C:\Users\M.Klug.LEISS\Desktop
Windows 7 Professional Service Pack 1 (X64) (2014-11-21 18:09:26)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3134854043-1757775680-3440901618-500 - Administrator - Disabled)
Gast (S-1-5-21-3134854043-1757775680-3440901618-501 - Limited - Disabled)
M.Klug (S-1-5-21-3134854043-1757775680-3440901618-1001 - Limited - Enabled) => C:\Users\M.Klug
UpdatusUser (S-1-5-21-3134854043-1757775680-3440901618-1000 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Endpoint Security 10 für Windows (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Endpoint Security 10 für Windows (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Kaspersky Endpoint Security 10 für Windows (Disabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

3Dconnexion 3DxWare 10 (64-bit) (HKLM-x32\...\{BAFCA6AC-8B37-405B-B57E-C1D45DE70ACC}) (Version: 10.2.0 - 3Dconnexion)
3Dconnexion 3DxWinCore (Version: 17.2.0.11011 - 3Dconnexion) Hidden
3Dconnexion Add-In for AutoCAD (Version: 5.0.0 - 3Dconnexion) Hidden
3Dconnexion Add-In for Inventor 11 - 2015 (Version: 2.1.0 - 3Dconnexion) Hidden
3Dconnexion Add-In for Solid Edge V18 - ST7 (Version: 3.2.0 - 3Dconnexion) Hidden
3Dconnexion Add-In for SolidWorks 2005 - 2015 (Version: 3.2.0 - 3Dconnexion) Hidden
3Dconnexion Add-On for XSI v5.0 - 2015 (Version: 3.0.3 - 3Dconnexion) Hidden
3Dconnexion Collage (x32 Version: 1.3.0 - 3Dconnexion) Hidden
3Dconnexion Extension for SketchUp (Version: 4.1.0 - 3Dconnexion) Hidden
3Dconnexion LCD Applets for SpacePilot Pro (Version: 1.3.3 - 3Dconnexion) Hidden
3Dconnexion Plug-In for 3ds Max 2008 - 2015 (Version: 6.1.0 - 3Dconnexion) Hidden
3Dconnexion Plug-in for Acrobat 3D (x32 Version: 1.3.0 - 3Dconnexion) Hidden
3Dconnexion Plug-In for Maya v8.5 - 2015 (Version: 5.1.0 - 3Dconnexion) Hidden
3Dconnexion Plug-In for NX v4.0 - v10.0 (Version: 3.2.0 - 3Dconnexion) Hidden
3Dconnexion Plug-In for Photoshop CS3 - CS6 and CC (Version: 2.4.0 - 3Dconnexion) Hidden
3Dconnexion Plug-In for Pro/ENGINEER Wildfire 3.0 - Creo 3.0 (Version: 2.2.0 - 3Dconnexion) Hidden
3Dconnexion Trainer (x32 Version: 3.2.2 - 3Dconnexion) Hidden
64 Bit HP CIO Components Installer (Version: 18.2.4 - Hewlett-Packard) Hidden
7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.241 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\Amazon Amazon Music) (Version: 4.0.0.1205 - Amazon Services LLC)
Capture One 8.3 (HKLM\...\CaptureOne8_is1) (Version: 8.3.4.19 - Phase One A/S)
CatalystEX 4.3 for 64 Bit (HKLM\...\{F4C1316F-F96F-4982-8286-BD8FB9652636}) (Version: 4.3 - Ihr Firmenname)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
david® Client  (HKLM-x32\...\david® Client) (Version: 12.00a - Tobit.Software)
Delcam Exchange 2015 R2 (64-bit) (HKLM\...\Delcam Exchange 7.9.10) (Version: 7.9.10 - Delcam)
Delcam PostProcessor 2014 (64-bit) (HKLM\...\{1BD1D20C-7970-4E68-8CEE-60861AB12E4F}) (Version: 6.6.3518 - Delcam)
Delcam PowerMILL 2015 (64-bit) (HKLM\...\Delcam PowerMILL 18.0.09) (Version: 18.0.09 - Delcam)
Delcam PowerMILL 2016 (64-bit) (HKLM\...\Delcam PowerMILL 20.0.10) (Version: 20.0.10 - Delcam)
Delcam PowerSHAPE 2016 (64-bit) (HKLM\...\Delcam PowerSHAPE16126) (Version: 16.1.26 - Delcam)
Delcam PS-Tutorials 2011 R3 (64-bit) (HKLM-x32\...\Delcam PS-Tutorials11300) (Version: 11.3.00 - Delcam)
Delcam Shell Extensions for PostProcessor 2014 (64-bit) (HKLM\...\{3D9482F4-FF0A-48DF-85CD-8477F079943D}) (Version: 6.6.3518 - Delcam)
Delcam TrodeExtension 2014 R2 (64-bit) (HKLM\...\Delcam TrodeExtension14200) (Version: 14.2.00 - Delcam) <==== ACHTUNG
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7/8 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
DisplayLink Core Software (HKLM\...\{73CF7443-C49F-4A11-BD78-F6D691CDDB72}) (Version: 7.6.55673.0 - DisplayLink Corp.)
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 6.1.2 - CEWE Stiftung u Co. KGaA)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
DongleDriver (HKLM-x32\...\{CB7C7334-3D32-4F79-BAFB-79B16C4E6BEB}) (Version: 6.64.0.0 - Messerli Informatik)
Dropbox (HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\Dropbox) (Version: 3.18.1 - Dropbox, Inc.)
EliteCAD13ME (HKLM-x32\...\{601238EF-32E5-11D4-AF89-0000E81E0E01}) (Version: 13.0 - Messerli Informatik)
EliteViewer12 (HKLM-x32\...\{A1F759AE-551E-4F05-93E3-21CA07BE9A50}) (Version:  - )
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.1.16835 - Landesfinanzdirektion Thüringen)
Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.67.5 - Lenovo Group Limited)
Festo - Produktkatalog (HKLM-x32\...\{85DDDA5B-B85D-4033-B1F5-52F60D709F9C}) (Version: 3.2008.805 - Festo)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
IGEMS R2015 (HKLM-x32\...\IGEMS R2015_is1) (Version:  - IGEMS Software AB)
Inst5676 (Version: 8.01.42 - Softex Inc.) Hidden
Integrated Camera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.7.36 - SunplusIT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.22.1760 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 19.5 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1412.3) (HKLM\...\{302600C1-6BDF-4FD1-1401-148929CC1385}) (Version: 17.0.1401.0428 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.1.28 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{F949AE30-83D1-41B2-92D2-F44478DD058A}) (Version: 4.2.24.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{a9888f41-68ae-43df-bd7d-d93405a44106}) (Version: 17.13.11 - Intel Corporation)
Kaspersky Endpoint Security 10 für Windows (HKLM-x32\...\{7A4192A1-84C4-4E90-A31B-B4847CA8E23A}) (Version: 10.2.2.10535 - Kaspersky Lab)
Kaspersky Security Center Administrationsagent (HKLM-x32\...\InstallWIX_{2F383CB3-6D7C-449D-9874-164E49E1E0F5}) (Version: 10.2.434 - Kaspersky Lab ZAO)
Kaspersky Security Center Administrationsagent (x32 Version: 10.2.434 - Kaspersky Lab ZAO) Hidden
Lenovo Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 8.72.10 - Lenovo)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.13 - )
Lenovo Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 3.1.17.0 - Lenovo)
Lenovo Fingerprint Manager Pro (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.42(x64) - Lenovo)
Lenovo Fingerprint Manager Pro (Version: 8.01.42(x64) - Lenovo) Hidden
Lenovo Patch Utility (x32 Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Patch Utility (x32 Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Peer Connect SDK (HKLM\...\{75C87855-9CBB-4892-B1A9-74C73A19CACA}_is1) (Version: 1.0.0.7 - Lenovo)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.10.02 - )
Lenovo QuickControl (HKLM-x32\...\{04128C8C-7812-4DCC-816E-9C8AB1D6EECE}) (Version: 2.40 - Lenovo Group Limited)
Lenovo QuickDisplay (HKLM\...\{ADEEC90C-A033-4596-ACA1-97327055F9CB}) (Version: 1.2.6.0 - Lenovo Group Limited)
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.3 - Lenovo Inc.)
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.4.0 - Lenovo Group Limited)
Lenovo Solution Center (HKLM\...\{49277B39-D2E8-4342-9CE8-FC080C3FA344}) (Version: 2.8.007.00 - Lenovo Group Limited)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0019 - Lenovo)
Lenovo USB Graphics (HKLM\...\{E6B1FE9A-CB1E-4096-A0AF-163419CB971C}) (Version: 7.5.54614.0 - Lenovo)
Lenovo USB3.0 to DVI VGA Monitor Adapter (HKLM-x32\...\{454D32AD-C149-49BE-9F2E-8C089C3D6620}) (Version: 1.07.17 - Lenovo)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0009.00 - Lenovo Group Limited)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0011.00 - Lenovo)
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Message Center Plus (HKLM\...\{C2C2DB64-1BCE-4FA7-962D-457795ECCEC0}) (Version: 3.3.0004.00 - Lenovo Group Limited)
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Meusburger Katalog 5.8 (HKLM-x32\...\Meusburger Katalog) (Version: 5.8 - Meusburger Georg GmbH & Co KG)
Microsoft .NET Framework 4.6 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{DD6FD594-53B0-467C-8C46-F6F99BCE7C97}) (Version: 9.00.5259.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Applications - ENU (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Applications - ENU) (Version:  - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MySQL Connector/ODBC 5.1 (HKLM\...\{583E320A-F7F7-4A23-A80E-26995A5371CC}) (Version: 5.1.10 - Oracle Corporation)
MySQL Connector/ODBC 5.1 (HKLM-x32\...\{C36A15FB-9882-4CB7-B128-239AACBB9BCD}) (Version: 5.1.10 - Oracle Corporation)
NetDA (HKLM\...\{5897AD96-FA2A-484E-9B91-433CCD65ED43}) (Version: 6.3.38442.0 - silex technology, Inc.)
NetDA Manager (HKLM\...\NetDA Manager) (Version: 1.4.0 - silex technology, Inc.)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
Nitro Pro 9 (HKLM\...\{941C6E5F-363B-4121-A374-3B2E0DEF877C}) (Version: 9.5.1.5 - Nitro)
NVIDIA 3D Vision Treiber 312.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 312.69 - NVIDIA Corporation)
NVIDIA Grafiktreiber 312.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 312.69 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.24.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.24.2 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
O2Micro Flash Memory Card Windows Driver (HKLM-x32\...\InstallShield_{C4D2B63B-A435-433A-AD02-7D26ACD23DF0}) (Version: 3.3.00.73 - O2Micro International LTD.)
O2Micro Flash Memory Card Windows Driver (Version: 3.3.00.73 - O2Micro International LTD.) Hidden
Oce WPD (HKLM-x32\...\{3597d6bd-0e73-11d5-ab8a-00d0b7a62d54}) (Version: 1.19 - Oce)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC)
PANTONE Color Calibrator 1.2.0 (HKLM-x32\...\PANTONE Color Calibrator_is1) (Version:  - X-Rite)
PDF Writer - bioPDF 10.11.0.2338 (HKLM\...\PDF Writer - bioPDF_is1) (Version: 10.11.0.2338 - bioPDF)
RatioPlus 1941-3.0.11 (HKLM-x32\...\schubertRatio.RatioPlus_is1) (Version:  - Schubert Software & Systeme, Top-In-Form GmbH)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7188 - Realtek Semiconductor Corp.)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
schubertRatio.BDETerminal 1.3.0.808 (HKLM-x32\...\schubertRatio.BDETerminal_is1) (Version:  - Schubert Software & Systeme, Top-In-Form GmbH)
Sentinel System Driver Installer 7.5.1 (HKLM-x32\...\{BF9E346B-5ECE-4A18-9510-55729FD08323}) (Version: 7.5.1 - SafeNet, Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
SHARP Pen Software (HKLM-x32\...\{A7D5AAA9-7C58-45D6-BBA4-FF9002F5BBE1}) (Version: 2.08.213 - SHARP)
SHARP Pen Software (x32 Version: 2.08.213 - SHARP) Hidden
SHARP Touch-Panel-Treiber (HKLM\...\{7626BF3E-02BF-4896-8E71-4342BD67ED8E}) (Version: 2.03.0203 - SHARP)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16014.12 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.16014.12 - Samsung Electronics Co., Ltd.) Hidden
SnagIt 9 (HKLM-x32\...\{ADDD6985-3A28-44D0-A1BA-FDD19A820491}) (Version: 9.0.2 - TechSmith Corporation)
SolidWorks 2013 Interface (HKLM-x32\...\SolidWorks 2013 Interface) (Version:  - )
SolidWorks 2014 Interface (HKLM-x32\...\SolidWorks 2014 Interface) (Version:  - )
SolidWorks 2014 x64 Edition SP0 (HKLM-x32\...\SolidWorks Installation Manager 20140-40000-1100-100) (Version: 22.0.0.5018 - SolidWorks Corporation)
SolidWorks 2014 x64 Edition SP0 (Version: 22.100.5018 - SolidWorks) Hidden
SolidWorks 2014 x64 German Resources (Version: 22.100.5018 - SolidWorks Corporation) Hidden
SolidWorks Composer Player 2014 SP0 x64 Edition (Version: 22.00.5018 - Dassault Systemes SolidWorks) Hidden
SolidWorks eDrawings 2014 x64 Edition SP0 (Version: 14.0.5006 - Dassault Systèmes SolidWorks Corp) Hidden
SolidWorks Explorer 2014 SP0 x64 Edition (Version: 22.00.5018 - SolidWorks Corporation) Hidden
SolidWorks Plastics 2014 SP0 x64 Edition (Version: 22.00.5018 - SolidWorks Corporation) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.7.103 - Synaptics Incorporated)
Synaptics WBF DDK 5011 (HKLM\...\{4D70781C-36A9-4335-9568-565C6F61B5EB}) (Version: 4.5.285.0 - )
Synaptics WBF DDK 5011 (HKLM\...\{D6FED322-4EA0-48AE-A5AC-BC381D7048CF}) (Version: 4.5.285.0 - Synaptics)
ThinkDesign 2014.1 (64-bit) (HKLM-x32\...\{FEF8FF3A-137A-4A49-B803-448CA1E2B3BE}) (Version: 2014.1 - think3)
ThinkDesign 2014.1 (x32 Version: 2014.1 - think3) Hidden
ThinkDesign 2015.2 (64-bit) (HKLM-x32\...\{F05A4D2E-FEE7-4F4A-B75F-39651485E90F}) (Version: 2015.2 - think3)
ThinkDesign 2015.2 (x32 Version: 2015.2 - think3) Hidden
ThinkDesign2009 Interface (HKLM-x32\...\ThinkDesign2009 Interface) (Version:  - )
Thinkpad USB 3.0 Ethernet Adapter Driver (HKLM-x32\...\{D8102684-7BA1-4948-88B9-535F84E6E588}) (Version: 7.4.911.2013 - Lenovo)
ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.80.08.00 - Lenovo)
ThinkVantage Fingerprint Software (HKLM\...\{F58DA859-016E-492D-A588-317D9BB28002}) (Version: 5.9.9.7282 - Authentec Inc.)
ThinkVantage Password Manager (HKLM-x32\...\{70EE2BAA-F82A-4B8A-950E-649EFD64D5B9}) (Version: 4.70.2.0 - Lenovo Group Limited)
Thunderbolt(TM) Software (HKLM\...\{BED2816F-D47A-41DA-AFCF-44E1B257C368}) (Version: 2.0.4.250 - Intel(R) Corporation)
tiptoi® Manager 3.0.9 (HKLM-x32\...\9978-5763-2995-5228) (Version: 3.0.9 - Ravensburger AG)
Tools 2014.1 (64-bit) (HKLM-x32\...\{2B7DC97F-FB9C-4CDC-9C46-785BB38AE579}) (Version: 2014.1 - think3)
Tools 2015.2 (64-bit) (HKLM-x32\...\{16828765-4596-469F-856C-D2C7F15C3074}) (Version: 2015.2 - think3)
USB Enhanced Performance Keyboard (HKLM\...\{989DC5D9-A776-430D-9E16-D36E5B81CD86}) (Version: 2.0.2.2 - Lenovo)
Windows-Treiberpaket - Intel (e1dexpress) Net  (03/13/2014 12.11.77.1) (HKLM\...\0E9686B99C91E380CCB49060633DCDE5ED79DE7E) (Version: 03/13/2014 12.11.77.1 - Intel)
Windows-Treiberpaket - Intel Corporation (iaStorA) HDC  (11/15/2013 12.8.10.1005) (HKLM\...\D25E6F494D3225DFE05884186452E2C79AF2E506) (Version: 11/15/2013 12.8.10.1005 - Intel Corporation)
Windows-Treiberpaket - Leaf Imaging Ltd. Image  (12/03/2014 1.2.0.0) (HKLM\...\B758007C752D28F7C3542875CEEBDADCAE5941AE) (Version: 12/03/2014 1.2.0.0 - Leaf Imaging Ltd.)
Windows-Treiberpaket - Lenovo 1.67.04.04 (11/07/2013 1.67.04.04) (HKLM\...\70FB73D983446AEE2932B0ED51A770D1BD1348DA) (Version: 11/07/2013 1.67.04.04 - Lenovo)
Windows-Treiberpaket - Phase One / Mamiya V-Grip USB Driver (12/03/2014 1.2.0.0) (HKLM\...\3F504CC0B024052107934E093CC26DA720256A7A) (Version: 12/03/2014 1.2.0.0 - Phase One / Mamiya)
Windows-Treiberpaket - Phase One A/S (WinUSB) USBDevice  (12/03/2014 1.13.0.0) (HKLM\...\7C6570ABBEB2F08EFBC23ED7925AE72DA6167BD8) (Version: 12/03/2014 1.13.0.0 - Phase One A/S)
Windows-Treiberpaket - Synaptics (SmbDrv) System  (04/07/2014 18.0.7.40) (HKLM\...\FB2627FE59EA6DAD058B4A4C82647DC162F8723D) (Version: 04/07/2014 18.0.7.40 - Synaptics)
Windows-Treiberpaket - Synaptics (SynTP) Mouse  (04/07/2014 18.0.7.40) (HKLM\...\5879A8A324E612CD4CB110632BF1186381FA46F0) (Version: 04/07/2014 18.0.7.40 - Synaptics)
WinZip 12.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}) (Version: 12.0.8252 - WinZip Computing, S.L. )
X-Rite Device Services Manager (HKLM-x32\...\{28D1ED2A-6E9C-4C72-917B-E9F01688E7EF}) (Version: 2.1.14 - X-Rite)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {00CADF60-DB01-484B-88D2-AF616D23C7EC} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2015-11-11] ()
Task: {065F34AB-A2D5-49D7-8BF2-BD509853A8B1} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-02-25] (Realtek Semiconductor)
Task: {135363C9-0A78-4CB4-93DF-4A706AABA5FE} - System32\Tasks\{457C0309-6FA1-4DA9-BF92-99D91339B3A0} => pcalua.exe -a "D:\Markus\Externe Festplatte\Alter Rechner\Markus\Sonstiges\Alter Rechner\catia\downloads\O2CSetupOCX.exe" -d "D:\Markus\Externe Festplatte\Alter Rechner\Markus\Sonstiges\Alter Rechner\catia\downloads"
Task: {16EEDC93-F526-44B3-8346-C3989324C548} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-02-24] (Realtek Semiconductor)
Task: {173FFE2D-A0E4-493B-9279-6310B4184DEA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {20D395F9-6648-4906-A467-1C1532D8F3B9} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {261D4130-23A2-4DF5-97C7-EC0083FBB485} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe [2015-04-17] (Lenovo Group Limited)
Task: {2BFA2080-1880-4AB8-BF49-4D89A5364290} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => Thunderbolt.exe
Task: {409860ED-05BC-4E66-8ED8-E7C942E67B36} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2016-01-08] (Lenovo)
Task: {45BA1E89-8065-4E7F-873E-7394B20356D6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {495EC11C-B0D4-427D-98CF-756BD364C83C} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => start ThunderboltService
Task: {589B5D2C-B06E-42A7-889E-C95BA437168C} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-01-08] (Lenovo)
Task: {5FD71564-F597-4C82-ADB0-7B8DFF959784} - System32\Tasks\Lenovo\Message Center Plus Launcher => C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe [2014-09-13] (Lenovo)
Task: {689FEF3E-4E8B-4431-94BE-8CBC040A00F6} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-01-08] ()
Task: {698F05FE-4B50-45FD-BACC-CF143E728237} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {6D969690-9966-42E6-B723-157F5AEB6B52} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {750CFD6C-09CE-4438-9D1E-C2E506092A9B} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {859B8D1F-C401-4D98-887D-8AA3B7E3FD9F} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2013-04-26] (Lenovo)
Task: {9E2B6BD0-5358-44D6-AFC6-1C2B6D2457B5} - System32\Tasks\Amazon Music Helper => C:\Users\M.Klug.LEISS\AppData\Local\Amazon Music\Amazon Music Helper.exe [2015-12-15] ()
Task: {9E3F6264-6B9A-400E-B866-B3602F6B073C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-08] (Adobe Systems Incorporated)
Task: {AAB699EC-92E2-47C4-846E-8C3C23E7B337} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => tbtsvc.exe
Task: {ABDE2B86-969B-41EB-A176-1C21445BFE8A} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-08-17] (Lenovo)
Task: {B144E4E9-A6FE-4C4B-8210-5725F376C06B} - System32\Tasks\TVT\Lenovo QuickDisplay Agent => C:\Program Files\Lenovo\QuickDisplay\QuickDisplayAgent.exe [2014-03-26] (Lenovo Corporation)
Task: {B2E2C5B4-B3F0-44F8-AA4A-6103E221F663} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {B3192A8B-1DAF-42D5-B330-CECEB3736EDF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {CD0DB0C5-997F-4BB5-928E-CCB6823AA819} - System32\Tasks\RtHDVBg_LENOVO_MICPKEY => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-02-25] (Realtek Semiconductor)
Task: {D30D6A55-286A-463E-BE04-BA947E5AEEC9} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1060284298-1326574676-1801674531-1129Core => C:\Users\M.Klug.LEISS\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)
Task: {D4F0FC58-A947-48CC-A98A-CF4A2F744EBC} - System32\Tasks\{9A366608-BB0F-4986-9E10-51B563C613B1} => pcalua.exe -a D:\Markus\Software\CP2020\Setup.exe -d D:\Markus\Software\CP2020
Task: {E56A8765-B17E-4EAE-8F9B-A10892C85D4E} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => Thunderbolt.exe
Task: {E98245DD-1140-4147-BF6C-7A035F01AAC2} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-01-08] ()
Task: {EE15F6EF-5003-49B9-B980-3F151F278145} - System32\Tasks\3DconnexionCreateProcess_3DxService.exe => C:\Program Files\3Dconnexion\3DxWare\3DxWinCore64\3DxService.exe [2014-11-13] (3Dconnexion, INC)
Task: {EE49A721-7C02-4F3E-90F9-9BC60F55A2A3} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1060284298-1326574676-1801674531-1129UA => C:\Users\M.Klug.LEISS\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1060284298-1326574676-1801674531-1129Core.job => C:\Users\M.Klug.LEISS\AppData\Local\Dropbox\Update\DropboxUpdate.exe/cM.Klu
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1060284298-1326574676-1801674531-1129UA.job => C:\Users\M.Klug.LEISS\AppData\Local\Dropbox\Update\DropboxUpdate.exe/ua /installsource schedulerM.Klu
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Public\Desktop\EliteCAD 13 ME-2D.lnk -> C:\Program Files\EliteCAD13ME\u\1300\me\glob\scr\me2ddll_x64.bat ()

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-10-13 19:00 - 2013-10-29 02:53 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-11-21 14:20 - 2006-07-19 11:01 - 00099840 _____ () C:\Windows\IMGMSGMO.dll
2015-04-29 14:38 - 2006-07-31 09:46 - 04444160 ____N () C:\Program Files (x86)\MySQL\1300\Program\bin\mysqld-nt.exe
2014-05-15 18:39 - 2014-05-15 18:39 - 00417800 _____ () C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe
2014-10-13 19:01 - 2015-04-17 06:07 - 00118272 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-11-13 20:50 - 2014-11-13 20:50 - 00038912 _____ () C:\Windows\system32\SPWINI.dll
2015-05-19 15:43 - 2014-10-21 10:29 - 00601376 _____ () C:\Program Files\Lenovo\Password Manager\pwm_website_config.dll
2015-12-23 12:55 - 2015-12-15 02:43 - 05890368 _____ () C:\Users\M.Klug.LEISS\AppData\Local\Amazon Music\Amazon Music Helper.exe
2014-12-01 15:50 - 2010-10-29 11:42 - 00090488 ____N () C:\Program Files\silex technology\NetDA Manager\Jcpcfgsrv.dll
2014-10-13 19:00 - 2013-10-29 02:17 - 00004096 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-09-03 11:33 - 2015-06-22 17:20 - 00068096 ____R () C:\Program Files\think3\2015.2\thinkdesign\bin\zlib.dll
2015-09-03 11:33 - 2015-05-28 09:56 - 01306624 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\uifiles\tt.dll
2014-11-21 14:47 - 2011-04-03 12:26 - 02874880 _____ () C:\Program Files (x86)\schubertRatio\RatioPlus\bin\RatioPlus.exe
2014-10-13 19:02 - 2011-08-02 20:58 - 02201088 _____ () C:\Program Files\Lenovo\Communications Utility\cxcore210.dll
2014-10-13 19:02 - 2011-08-02 20:58 - 02085888 _____ () C:\Program Files\Lenovo\Communications Utility\cv210.dll
2016-04-18 22:19 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-04-18 22:19 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-04-18 22:19 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-04-18 22:19 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2016-04-18 22:19 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2011-10-11 15:46 - 2011-10-11 15:46 - 01588560 _____ () C:\Program Files (x86)\X-Rite\Devices\rm200\GoldenEye.dll
2011-10-11 15:45 - 2011-10-11 15:45 - 00902992 _____ () C:\Program Files (x86)\X-Rite\Devices\i1pro\i1Fun.dll
2011-10-11 15:46 - 2011-10-11 15:46 - 02639696 _____ () C:\Program Files (x86)\X-Rite\Devices\colormunki\colormunki.dll
2015-01-08 18:03 - 2015-01-08 18:03 - 01309880 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP1\kpcengine.2.2.dll
2014-10-21 10:26 - 2014-10-21 10:26 - 00546592 _____ () C:\Program Files (x86)\Lenovo\Password Manager\pwm_website_config.dll
2015-12-13 10:26 - 2016-03-21 23:50 - 00034768 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-04-15 06:44 - 2016-03-21 23:51 - 00019408 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-04-15 06:44 - 2016-03-21 23:50 - 00116688 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-13 10:26 - 2016-03-21 23:50 - 00093640 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-13 10:26 - 2016-03-21 23:50 - 00018376 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-13 10:26 - 2016-04-08 20:20 - 00019760 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-12-13 10:26 - 2016-03-21 23:52 - 00105928 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-04-15 06:44 - 2016-03-21 23:50 - 00392144 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2015-12-13 10:26 - 2016-04-08 20:20 - 00381752 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-13 10:26 - 2016-03-21 23:50 - 00692688 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-04-15 06:44 - 2016-04-08 20:19 - 00020816 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-13 10:26 - 2016-03-21 23:51 - 00112592 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-04-15 06:44 - 2016-04-08 20:19 - 01682760 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-04-15 06:44 - 2016-04-08 20:19 - 00020808 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2015-12-13 10:26 - 2016-04-08 20:20 - 00021840 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-04-15 06:44 - 2016-04-08 20:19 - 00038696 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-04-15 06:44 - 2016-03-21 23:52 - 00020936 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-13 10:26 - 2016-03-21 23:52 - 00024528 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-12-13 10:26 - 2016-03-21 23:52 - 00114640 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-13 10:26 - 2016-03-21 23:52 - 00124880 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-02-18 12:11 - 2016-04-08 20:20 - 00021832 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2015-12-13 10:26 - 2016-03-21 23:52 - 00024016 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-13 10:26 - 2016-03-21 23:52 - 00175560 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-13 10:26 - 2016-03-21 23:52 - 00030160 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-13 10:26 - 2016-03-21 23:52 - 00043472 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-13 10:26 - 2016-03-21 23:52 - 00028616 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32ts.pyd
2015-12-13 10:26 - 2016-03-21 23:52 - 00048592 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-04-15 06:44 - 2016-04-08 20:19 - 00026456 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2015-12-13 10:26 - 2016-03-21 23:52 - 00057808 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2015-12-13 10:26 - 2016-03-21 23:52 - 00024016 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-04-15 06:44 - 2016-04-08 20:19 - 00117056 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2015-12-13 10:26 - 2016-04-08 20:20 - 00023376 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-13 10:26 - 2016-03-21 23:50 - 00134608 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-04-15 06:44 - 2016-03-21 23:50 - 00134088 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-04-15 06:44 - 2016-03-21 23:51 - 00240584 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-04-15 06:44 - 2016-04-08 20:19 - 00024392 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-04-15 06:44 - 2016-03-21 23:52 - 00036296 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\librsync.dll
2016-04-15 06:44 - 2016-04-08 20:19 - 00052024 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-02-18 12:11 - 2016-04-08 20:20 - 00020800 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-18 12:11 - 2016-04-08 20:20 - 00021824 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-02-18 12:11 - 2016-04-08 20:20 - 00019776 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-02-18 12:11 - 2016-04-08 20:20 - 00020800 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-04-15 06:44 - 2016-04-08 20:19 - 00020280 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-12-13 10:26 - 2016-03-21 23:52 - 00350152 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-02-18 12:11 - 2016-04-08 20:20 - 00022352 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-04-15 06:44 - 2016-04-08 20:19 - 00084280 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-04-15 06:44 - 2016-04-08 20:20 - 01826096 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-13 10:26 - 2016-03-21 23:51 - 00083912 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\sip.pyd
2016-04-15 06:44 - 2016-04-08 20:20 - 03928880 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-04-15 06:44 - 2016-04-08 20:20 - 01971504 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-04-15 06:44 - 2016-04-08 20:20 - 00531248 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-04-15 06:44 - 2016-04-08 20:20 - 00132912 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-04-15 06:44 - 2016-04-08 20:20 - 00223544 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-04-15 06:44 - 2016-04-08 20:20 - 00207672 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-04-15 06:44 - 2016-04-08 20:20 - 00158008 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-04-15 06:44 - 2016-04-08 20:20 - 00042808 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-04-15 06:44 - 2016-03-21 23:54 - 00017864 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-04-15 06:44 - 2016-03-21 23:54 - 01631184 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-12-13 10:26 - 2016-04-08 20:20 - 00024904 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-04-15 06:44 - 2016-04-08 20:20 - 00546096 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-04-15 06:44 - 2016-04-08 20:20 - 00357680 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2015-03-04 23:45 - 2016-03-21 23:56 - 00697304 _____ () C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2014-10-13 19:00 - 2013-10-29 02:17 - 00004096 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2015-09-23 14:02 - 2015-08-24 17:18 - 10396160 _____ () C:\Windows\TOBITCLT.dll
2015-09-23 14:02 - 2005-12-01 18:24 - 00548864 _____ () C:\Program Files (x86)\Tobit InfoCenter\ASPELL.DLL
2014-10-13 18:49 - 2013-12-03 07:36 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-09-03 11:33 - 2015-06-22 15:39 - 00749317 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\TTPyBridge.dll
2015-09-03 11:33 - 2004-02-20 17:02 - 00061497 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\win32api.pyd
2015-09-03 11:33 - 2004-02-20 17:01 - 00065536 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\PyWinTypes22.dll
2015-09-03 11:33 - 2004-02-20 17:02 - 00061484 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\zlib.pyd
2015-09-03 11:33 - 2004-02-20 17:01 - 00299073 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\pythoncom22.dll
2015-09-03 11:33 - 2004-02-20 17:01 - 00053292 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\_sre.pyd
2015-09-03 11:33 - 2004-02-20 17:02 - 00036916 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\win32com.shell.shell.pyd
2015-09-03 11:33 - 2015-06-22 15:30 - 00073728 ____R () C:\Program Files\think3\2015.2\PLM\common\zlib.dll
2015-09-03 11:33 - 2004-02-20 17:02 - 00135168 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\xml.parsers.pyexpat.pyd
2015-09-03 11:33 - 2004-02-20 17:01 - 00045103 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\_socket.pyd
2015-09-03 11:33 - 2004-02-20 17:02 - 00028731 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\win32event.pyd
2015-09-03 11:33 - 2004-02-20 17:02 - 00032829 ____R () C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\win32process.pyd
2014-11-21 14:47 - 2010-12-30 15:31 - 00366016 _____ () C:\Program Files (x86)\schubertRatio\RatioPlus\lib\libjcc.dll
2014-11-21 14:48 - 2010-12-30 15:31 - 00062912 _____ () C:\Program Files (x86)\schubertRatio\RatioPlus\lib\libjutils.dll
2014-11-21 14:47 - 2007-07-02 22:40 - 00204800 _____ () C:\Program Files (x86)\schubertRatio\RatioPlus\lib\coolmenu25.dll
2014-11-21 14:47 - 2008-06-13 11:39 - 00795136 _____ () C:\Program Files (x86)\schubertRatio\RatioPlus\lib\StringUtils.dll
2016-04-11 07:01 - 2016-04-06 12:04 - 01675928 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libglesv2.dll
2016-04-11 07:01 - 2016-04-06 12:04 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libegl.dll
2014-12-05 08:48 - 2015-10-15 06:54 - 09499136 _____ () C:\Users\M.Klug.LEISS\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_rdlang32.deu
2014-12-05 08:48 - 2015-10-15 06:54 - 01319424 _____ () C:\Users\M.Klug.LEISS\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_AcroForm.DEU
2014-12-05 08:48 - 2015-10-15 06:54 - 00316416 _____ () C:\Users\M.Klug.LEISS\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_DigSig.DEU
2014-12-05 08:48 - 2015-10-15 06:54 - 01180160 _____ () C:\Users\M.Klug.LEISS\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_PPKLite.DEU
2014-12-05 08:48 - 2015-10-15 06:54 - 00100352 _____ () C:\Users\M.Klug.LEISS\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_EScript.DEU
2014-12-05 08:48 - 2015-10-15 06:54 - 03066880 _____ () C:\Users\M.Klug.LEISS\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_Annots.DEU
2015-09-24 17:40 - 2015-09-24 17:40 - 00305544 _____ () C:\Program Files (x86)\Adobe\Reader 10.0\Reader\sqlite.dll
2014-12-05 08:48 - 2015-10-15 06:57 - 00014336 _____ () C:\Users\M.Klug.LEISS\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_Updater.DEU

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Windows:nlsPreferences [386]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7887 mehr Seiten.

IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\123simsen.com -> www.123simsen.com

Da befinden sich 7887 mehr Seiten.

IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3134854043-1757775680-3440901618-1000\...\123simsen.com -> www.123simsen.com

Da befinden sich 7887 mehr Seiten.


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2016-04-18 23:02 - 00451800 ____R C:\Windows\system32\Drivers\etc\hosts

127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com
127.0.0.1	www.123moviedownload.com

Da befinden sich 15500 zusätzliche Einträge.


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\Control Panel\Desktop\\Wallpaper -> C:\Users\M.Klug.LEISS\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.1.1.41 - 192.1.1.42
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{CBA49235-FCF4-4A36-9DFE-F94BDB790403}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{818EE814-B4AD-4F0C-8FE6-EB52F3D2F49D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{43944A31-ADCC-459B-A423-869A6FE40142}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{CE2532C4-03A9-4F25-AA44-F9FD25D8F0D2}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{EB373F14-6C0C-42EB-A81A-424069557AF1}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{38EAA061-8187-4AD8-9C36-89DE5AED1BBF}] => (Allow) LPort=15000
FirewallRules: [{EC1B6F1A-FA7A-41E8-99BB-A4AAC9E8484D}] => (Allow) LPort=15000
FirewallRules: [{8265501D-EA60-4D91-8A3F-D35C2F6AD2A8}] => (Allow) LPort=15000
FirewallRules: [{B0196F04-DC6E-42A7-A056-F48F3B86802B}] => (Allow) C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{1ADD0F48-735E-48AF-8446-58B926C16A89}] => (Allow) C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{58DE1A7E-F959-4FC0-8379-4335F2BEBC77}] => (Allow) C:\Program Files\Dimension\CatalystEX 4.3\nt\CatalystEX.exe
FirewallRules: [{ED822D31-E216-41DF-9A4D-BA8347944ADA}] => (Allow) C:\Program Files\Dimension\CatalystEX 4.3\nt\CatalystEX.exe
FirewallRules: [{814D8CAB-B716-487D-A229-8EBD95FC2E3A}] => (Allow) C:\Program Files\silex technology\NetDA Manager\Connect.exe
FirewallRules: [{A47FBF91-3E04-48EC-B356-99B6C1A4390F}] => (Allow) LPort=19540
FirewallRules: [{2F2E1B69-F49D-42E1-AF73-3BAF57BD14D9}] => (Allow) LPort=5454
FirewallRules: [{A44DDBF9-D320-44A9-BE17-035DA74192C1}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{882C8420-998F-4F9D-9ABE-B20C3BE32CD3}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{15DBE098-FC93-4B0B-A55E-1A41E19A9348}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360.exe
FirewallRules: [{60348C89-440E-444F-9F35-F0F6912660D3}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360.exe
FirewallRules: [{AF513F76-609D-420C-9D61-24C5085EDD20}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360_cl.exe
FirewallRules: [{1A74B4FF-ED0C-4E62-BA4C-F769FDA45885}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360_cl.exe
FirewallRules: [{972E0A6F-B7EB-4AAC-8AD4-5565E615FB9A}] => (Allow) C:\Program Files (x86)\MySQL\1300\Program\bin\mysqld-nt.exe
FirewallRules: [{8837E981-13F1-4AEF-993A-6F3F7B68FD41}] => (Allow) C:\Program Files (x86)\MySQL\1300\Program\bin\mysqld-nt.exe
FirewallRules: [{BFFD77FC-E8E1-49B2-A280-34A08E034C39}] => (Allow) C:\Program Files (x86)\MySQL\1300\Program\bin\mysqld-nt.exe
FirewallRules: [{2FCCB561-6D50-4F2D-9CAA-598D82DE8004}] => (Allow) C:\Program Files (x86)\MySQL\1300\Program\bin\mysqld-nt.exe
FirewallRules: [{3CD933D5-A171-48B7-B64F-92C67B411D7B}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{CD96ADD2-AD26-406F-ACEF-79D1AE686ABB}] => (Allow) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
FirewallRules: [{12A4FE65-2ACB-4B97-AEAE-FE5D01249913}] => (Allow) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
FirewallRules: [{95809377-70EC-43AE-B16D-DABA126FF17D}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe
FirewallRules: [{D207F641-DBAF-490F-9B5C-1857C95EC9C6}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe
FirewallRules: [{AEDC3625-F1D7-4739-8F10-FE207F325C53}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe
FirewallRules: [{A8612968-67F0-43D3-AFD7-62538D036F98}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe
FirewallRules: [{33B5013C-2E59-4829-B731-B3E91FF0533E}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe
FirewallRules: [{83743DE6-23A6-4C01-9687-9240E9168D6E}] => (Allow) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagwds.exe
FirewallRules: [TCP Query User{D84CE3A1-B372-462D-9AB1-DAD32079C1C9}C:\users\m.klug.leiss\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\m.klug.leiss\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{1DDB2AF5-98FA-42E8-8C47-A53E8F8AA670}C:\users\m.klug.leiss\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\m.klug.leiss\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{4387E6D6-F54A-44A1-9C09-35BB13D39CCF}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{016E46E6-AA1C-41E0-A759-08BF6D17A45F}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{EECD114B-7675-4543-B629-8BA5E4C57DCE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E18DE270-37F7-400E-9B93-22C862A1419B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{72321C50-B62F-4230-B0A8-1FBF9E6FC123}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9CCC6B38-2C71-4AB3-B714-8B8E133F2871}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{80BC78E1-CEE4-4D67-8BA5-C29A5C36B79A}C:\users\m.klug.leiss\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\m.klug.leiss\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{6BA8982E-AB0C-4478-9764-CFC8EA0DEFCA}C:\users\m.klug.leiss\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\m.klug.leiss\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{F9B0A80F-47EC-4E28-AA38-5735DB4BB5C9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{DBF1FD2E-0870-4164-8AA7-04DEBA366218}] => (Allow) C:\Program Files (x86)\pandasecuritytb\cleanupie.exe
FirewallRules: [{75916072-A518-4435-96F6-27C4BCFE70A6}] => (Allow) C:\Program Files (x86)\pandasecuritytb\cleanupie.exe
FirewallRules: [{B1DFB7EE-15D8-49C8-813C-97C44DFFC420}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe
FirewallRules: [{0AD31EAB-08C6-4646-88BB-482CB19DD434}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Wiederherstellungspunkte =========================

15-04-2016 17:35:10 DirectX wurde installiert
18-04-2016 06:44:05 Windows Update
18-04-2016 12:54:20 Prüfpunkt von HitmanPro
18-04-2016 13:36:56 Prüfpunkt von HitmanPro
18-04-2016 17:44:24 Prüfpunkt von HitmanPro
18-04-2016 17:59:51 Prüfpunkt von HitmanPro
18-04-2016 20:01:11 Removed Google Earth Plug-in
19-04-2016 07:39:51 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Lenovo Connect Device 1.0
Description: Lenovo Connect Device 1.0
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/19/2016 07:59:03 AM) (Source: PerfNet) (EventID: 2005) (User: )
Description: 

Error: (04/19/2016 07:59:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2016 07:14:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DVWIN32.EXE, Version: 12.0.0.5740, Zeitstempel: 0x55eed84c
Name des fehlerhaften Moduls: mshtml.dll, Version: 11.0.9600.18283, Zeitstempel: 0x56fc68fd
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0043c977
ID des fehlerhaften Prozesses: 0x29c8
Startzeit der fehlerhaften Anwendung: 0xDVWIN32.EXE0
Pfad der fehlerhaften Anwendung: DVWIN32.EXE1
Pfad des fehlerhaften Moduls: DVWIN32.EXE2
Berichtskennung: DVWIN32.EXE3

Error: (04/19/2016 06:40:31 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2016 06:40:30 AM) (Source: PerfNet) (EventID: 2005) (User: )
Description: 

Error: (04/18/2016 10:16:19 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.


Systemfehler:
=============
Error: (04/19/2016 11:19:31 AM) (Source: LEqdUsb) (EventID: 12289) (User: )
Description: WDF call failed.

Error: (04/19/2016 11:19:28 AM) (Source: LEqdUsb) (EventID: 12289) (User: )
Description: WDF call failed.

Error: (04/19/2016 11:12:44 AM) (Source: LEqdUsb) (EventID: 12289) (User: )
Description: WDF call failed.

Error: (04/19/2016 11:12:08 AM) (Source: LEqdUsb) (EventID: 12289) (User: )
Description: WDF call failed.

Error: (04/19/2016 11:11:20 AM) (Source: LEqdUsb) (EventID: 12289) (User: )
Description: WDF call failed.

Error: (04/19/2016 11:11:17 AM) (Source: LEqdUsb) (EventID: 12289) (User: )
Description: WDF call failed.

Error: (04/19/2016 11:10:15 AM) (Source: LEqdUsb) (EventID: 12289) (User: )
Description: WDF call failed.

Error: (04/19/2016 11:06:07 AM) (Source: LEqdUsb) (EventID: 12289) (User: )
Description: WDF call failed.

Error: (04/19/2016 10:59:48 AM) (Source: LEqdUsb) (EventID: 12289) (User: )
Description: WDF call failed.

Error: (04/19/2016 10:46:59 AM) (Source: LEqdUsb) (EventID: 12289) (User: )
Description: WDF call failed.


CodeIntegrity:
===================================
  Date: 2015-01-22 12:41:30.394
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Slotman\gwiopm.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-01-22 12:41:30.343
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Slotman\gwiopm.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-12-12 06:39:38.333
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-12 06:39:37.366
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 für Windows\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-12 06:36:57.890
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-12 06:36:51.922
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 für Windows\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-03 13:03:28.429
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-03 13:03:28.414
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-03 13:03:28.320
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 für Windows\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-03 13:03:28.320
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 für Windows\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4810MQ CPU @ 2.80GHz
Prozentuale Nutzung des RAM: 41%
Installierter physikalischer RAM: 16009.21 MB
Verfügbarer physikalischer RAM: 9332.47 MB
Summe virtueller Speicher: 32016.61 MB
Verfügbarer virtueller Speicher: 24473.5 MB

==================== Laufwerke ================================

Drive c: (Windows7_OS) (Fixed) (Total:213.74 GB) (Free:62.86 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Data2) (Fixed) (Total:931.51 GB) (Free:441.53 GB) NTFS
Drive e: (SolidWorks1) (CDROM) (Total:7.76 GB) (Free:0 GB) CDFS
Drive f: (Daten) (Network) (Total:2048 GB) (Free:1004.32 GB) NTFS
Drive h: (Daten) (Network) (Total:2048 GB) (Free:1004.32 GB) NTFS
Drive o: (Daten) (Network) (Total:600 GB) (Free:438.55 GB) NTFS
Drive q: (Lenovo_Recovery) (Fixed) (Total:16.27 GB) (Free:4.64 GB) NTFS
Drive r: (Daten) (Network) (Total:195.28 GB) (Free:166.86 GB) NTFS
Drive u: (Daten) (Network) (Total:600 GB) (Free:438.55 GB) NTFS
Drive z: (Daten) (Network) (Total:2048 GB) (Free:1004.32 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: B3D09BFF)
Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=213.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=16.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=7 GB) - (Type=84)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: B3D0A64B)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

cosinus · 19.04.2016, 12:11

du hast 2x die addition.txt gepostet

tschack666 · 19.04.2016, 12:28

Jetzt aber......

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:18-04-2016
durchgeführt von M.Klug (Administrator) auf NB-MKLUG (19-04-2016 12:40:07)
Gestartet von C:\Users\M.Klug.LEISS\Desktop
Geladene Profile: M.Klug & UpdatusUser (Verfügbare Profile: M.Klug & Administrator & UpdatusUser & M.Klug)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Softex Inc.) C:\Program Files\Lenovo\Fingerprint Manager Pro\OmniServ.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(%CFullName%) C:\Program Files\Lenovo\Fingerprint Manager Pro\opvapp.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP1\avpsus.exe
(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagent.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(3Dconnexion) C:\Program Files\3Dconnexion\3DxWare\3DxWinCore64\Mgl3DCtlrRPCService.exe
() C:\Program Files (x86)\MySQL\1300\Program\bin\mysqld-nt.exe
(Nitro PDF Software) C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe
() C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(SHARP CORPORATION) C:\Program Files\SHARP\SHARP Touch Panel Driver\SHTSV.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(X-Rite Inc.) C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP1\avp.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Tobit Software) C:\Program Files (x86)\Tobit InfoCenter\David\Apps\Replica\CODE\replica.exe
(Tobit Software) C:\Program Files (x86)\Tobit InfoCenter\David\Code\SL.EXE
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\vapm.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(3Dconnexion, INC) C:\Program Files\3Dconnexion\3DxWare\3DxWinCore64\3DxService.exe
(LITE-ON TECHNOLOGY CORP.) C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\Skdaemon.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Password Manager\password_manager.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(3Dconnexion) C:\Program Files\3Dconnexion\3DxWare\3DxWinCore64\3dxpiemenus.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dropbox, Inc.) C:\Users\M.Klug.LEISS\AppData\Local\Dropbox\Update\DropboxUpdate.exe
() C:\Users\M.Klug.LEISS\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_desktop.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(SHARP CORPORATION) C:\Program Files (x86)\SHARP\SHARP Pen Software\PrsnSptTool.exe
(SHARP CORPORATION) C:\Program Files\SHARP\SHARP Touch Panel Driver\TPUtility.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
(Dropbox, Inc.) C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(silex technology, Inc.) C:\Program Files\silex technology\NetDA Manager\Connect.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(SunplusIT, Inc.) C:\Program Files (x86)\Integrated Camera\Monitor.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP1\avp.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Tobit.Software) C:\Program Files (x86)\Tobit InfoCenter\DVWIN32.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Lenovo Corporation) C:\Program Files\Lenovo\QuickDisplay\QuickDisplayAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(BayHubTech/O2Micro International) C:\Windows\System32\drivers\o2flash.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(DPT SARL) C:\Program Files\think3\2015.2\thinkdesign\bin\tdesign.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(DPT SARL) C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\TTComApi.exe
(DPT SARL) C:\Program Files\think3\2015.2\PLM\common\utilities\T3Tracer\T3TraceSrv.exe
(DPT SARL) C:\Program Files\think3\2015.2\PLM\thinkteam\api\com\release\PyServers\TTConnection.exe
(DPT SARL) C:\Program Files\think3\2015.2\PLM\common\tteam.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Top-In-Form GmbH) C:\Program Files (x86)\schubertRatio\BDETerminal\BDE_Terminal.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
() C:\Program Files (x86)\schubertRatio\RatioPlus\bin\RatioPlus.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\SnagIt 9\SnagIt32.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\SnagIt 9\TscHelp.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\SnagIt 9\SnagPriv.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\SnagIt 9\SnagItEditor.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184632 2013-11-13] (Motorola Solutions, Inc.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [555760 2015-03-23] (Lenovo.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [295664 2014-12-08] (Lenovo Group Limited)
HKLM\...\Run: [3DxWare Service] => C:\Program Files\3Dconnexion\3DxWare\3DxWinCore64\3DxService.exe [1990016 2014-11-13] (3Dconnexion, INC)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [PSQLLauncher] => C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe [86312 2013-03-05] (Authentec Inc.)
HKLM\...\Run: [Enhanced Performance Keyboard] => C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\SKDaemon.exe [4013056 2014-08-17] (LITE-ON TECHNOLOGY CORP.)
HKLM\...\Run: [PasswordManager] => C:\Program Files\Lenovo\Password Manager\password_manager.exe [1792800 2014-10-21] (Lenovo Group Limited)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2823848 2015-02-05] (Synaptics Incorporated)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-12-03] (Intel Corporation)
HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
HKLM-x32\...\Run: [Integrated Camera_Monitor] => C:\Program Files (x86)\Integrated Camera\monitor.exe [1723040 2014-09-01] (SunplusIT, Inc.)
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP1\avp.exe [1193536 2015-04-10] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\Run: [Dropbox Update] => C:\Users\M.Klug.LEISS\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-19] (Dropbox, Inc.)
HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\Run: [Amazon Music] => C:\Users\M.Klug.LEISS\AppData\Local\Amazon Music\Amazon Music Helper.exe [5890368 2015-12-15] ()
HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\MountPoints2: {8abc1af5-52f8-11e4-a48c-806e6f6e6963} - Q:\LenovoQDrive.exe
HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\DAVIDC~1.SCR
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-10-29] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-10-29] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\david®.LNK [2016-04-18]
ShortcutTarget: david®.LNK -> C:\Program Files (x86)\Tobit InfoCenter\DVWIN32.EXE (Tobit.Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Presentation Support Tool.lnk [2016-04-18]
ShortcutTarget: Presentation Support Tool.lnk -> C:\Program Files (x86)\SHARP\SHARP Pen Software\PrsnSptTool.exe (SHARP CORPORATION)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SHARP Touch-Panel-Hilfsprogramm.lnk [2016-04-18]
ShortcutTarget: SHARP Touch-Panel-Hilfsprogramm.lnk -> C:\Program Files\SHARP\SHARP Touch Panel Driver\TPUtility.exe (SHARP CORPORATION)
Startup: C:\Users\M.Klug.LEISS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-04-18]
ShortcutTarget: Dropbox.lnk -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\M.Klug.LEISS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NetDA Manager.lnk [2016-04-18]
ShortcutTarget: NetDA Manager.lnk -> C:\Program Files\silex technology\NetDA Manager\Connect.exe (silex technology, Inc.)
Startup: C:\Users\M.Klug.LEISS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-04-18]
ShortcutTarget: Dropbox.lnk -> C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\M.Klug.LEISS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NetDA Manager.lnk [2016-04-18]
ShortcutTarget: NetDA Manager.lnk -> C:\Program Files\silex technology\NetDA Manager\Connect.exe (silex technology, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicyScripts: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

ProxyEnable: [S-1-5-21-1060284298-1326574676-1801674531-1129] => Proxy ist aktiviert.
ProxyServer: [S-1-5-21-1060284298-1326574676-1801674531-1129] => localhost:21320
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.1.1.41 192.1.1.42
Tcpip\..\Interfaces\{E06193FA-3D29-4AA8-B5D6-D4F9972D7695}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{F630331D-4E74-42EE-B76E-29F569380EBD}: [DhcpNameServer] 192.1.1.41 192.1.1.42

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129 -> DefaultScope {91F160EF-6AC2-4B98-8E10-E2403C52E2C3} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129 -> {91F160EF-6AC2-4B98-8E10-E2403C52E2C3} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\SnagIt 9\DLLx64\SnagItBHO64.dll [2008-09-22] (TechSmith Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-22] (Google Inc.)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\SnagIt 9\SnagItBHO.dll [2008-09-22] (TechSmith Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-22] (Google Inc.)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\SnagIt 9\DLLx64\SnagItIEAddin64.dll [2008-09-22] (TechSmith Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-22] (Google Inc.)
Toolbar: HKLM-x32 - SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\SnagIt 9\SnagItIEAddin.dll [2008-09-22] (TechSmith Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-22] (Google Inc.)
Toolbar: HKU\S-1-5-21-1060284298-1326574676-1801674531-1129 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-22] (Google Inc.)

FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-03] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2014-05-15] (Nitro PDF)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-10-28] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-10-28] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-01-21] [ist nicht signiert]
FF HKU\S-1-5-21-1060284298-1326574676-1801674531-1129\...\Firefox\Extensions: [{FCF36B88-1BBA-487f-B64B-D2E8980A9293}] - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension
FF Extension: Kein Name - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension [2015-05-19] [ist nicht signiert]

Chrome: 
=======
CHR Profile: C:\Users\M.Klug.LEISS\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\M.Klug.LEISS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-29]
CHR Extension: (Google Präsentationen) - C:\Users\M.Klug.LEISS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-29]
CHR Extension: (Google Drive) - C:\Users\M.Klug.LEISS\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\M.Klug.LEISS\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (Google-Suche) - C:\Users\M.Klug.LEISS\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Google Präsentationen) - C:\Users\M.Klug.LEISS\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-29]
CHR Extension: (Google Präsentationen) - C:\Users\M.Klug.LEISS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17]
CHR Extension: (Google Präsentationen) - C:\Users\M.Klug.LEISS\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpdfbkehegfmedglgemnhbnpmfmioggj [2015-09-29]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\M.Klug.LEISS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Google Mail) - C:\Users\M.Klug.LEISS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-29]
CHR HKLM-x32\...\Chrome\Extension: [lpdfbkehegfmedglgemnhbnpmfmioggj] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avp; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP1\avp.exe [1193536 2015-04-10] (Kaspersky Lab ZAO)
R2 avpsus; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows SP1\avpsus.exe [2065568 2015-04-10] (Kaspersky Lab ZAO)
R2 DavidReplica; C:\Program Files (x86)\Tobit InfoCenter\David\Apps\Replica\CODE\replica.exe [1666048 2012-10-05] (Tobit Software) [Datei ist nicht signiert]
R2 DavidServiceLayer; C:\Program Files (x86)\Tobit InfoCenter\David\Code\SL.EXE [2785080 2015-09-14] (Tobit Software)
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [10571056 2014-06-02] (DisplayLink Corp.)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [319536 2015-04-17] (Lenovo.)
R2 hasplms; C:\Windows\system32\hasplms.exe [4630352 2015-05-21] (SafeNet Inc.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-03] (Intel Corporation)
R2 klnagent; C:\Program Files (x86)\Kaspersky Lab\NetworkAgent\klnagent.exe [105960 2014-11-19] (Kaspersky Lab ZAO)
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] () [Datei ist nicht signiert]
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [197360 2014-12-08] (Lenovo Group Limited)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [115184 2014-07-08] (Lenovo Group Limited)
R2 lnvDiscoveryWinSvc; C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [21552 2014-02-21] (Lenovo)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272864 2016-01-08] (Lenovo)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 Mgl3DCtlrRPCService; C:\Program Files\3Dconnexion\3DxWare\3DxWinCore64\Mgl3DCtlrRPCService.exe [57856 2014-11-13] (3Dconnexion) [Datei ist nicht signiert]
R2 mysql_3306; C:\Program Files (x86)\MySQL\1300\Program\bin\mysqld-nt.exe [4444160 2006-07-31] () [Datei ist nicht signiert]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2014-12-04] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2014-11-17] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NitroDriverReadSpool9; C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe [230920 2014-05-15] (Nitro PDF Software)
R2 NitroUpdateService; C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe [417800 2014-05-15] ()
R2 O2FLASH; C:\Windows\system32\DRIVERS\o2flash.exe [65536 2014-03-07] (BayHubTech/O2Micro International)
R2 omniserv; C:\Program Files\Lenovo\Fingerprint Manager Pro\OmniServ.exe [103936 2015-04-02] (Softex Inc.) [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2014-11-17] (Hewlett-Packard) [Datei ist nicht signiert]
S2 QuickControlMasterSvc; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [61232 2014-12-05] (Lenovo Group Limited)
R3 QuickControlService; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [317224 2014-12-05] (Lenovo Group Limited)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SHTSV; C:\Program Files\SHARP\SHARP Touch Panel Driver\SHTSV.exe [115200 2012-12-19] (SHARP CORPORATION) [Datei ist nicht signiert]
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2014-12-18] (SolidWorks) [Datei ist nicht signiert]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [21536 2015-11-11] ()
S3 ThunderboltService; C:\Program Files\Intel\Thunderbolt Software\tbtsvc.exe [1179944 2014-03-06] (Intel Corporation)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [49968 2015-01-29] (Synaptics Incorporated)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 xrdd.exe; C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe [203088 2011-10-11] (X-Rite Inc.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2014-12-04] (Intel® Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 3dxhid; C:\Windows\System32\DRIVERS\3dxhid.sys [38672 2014-11-07] (3Dconnexion SAM)
R3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [69208 2015-05-21] (SafeNet Inc.)
R3 akshhl; C:\Windows\System32\DRIVERS\akshhl.sys [72664 2015-05-21] (SafeNet Inc.)
R3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [312344 2015-05-21] (SafeNet Inc.)
S3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [140600 2013-11-07] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1419576 2013-12-11] (Motorola Solutions, Inc.)
S3 DisplayLinkUsbIo_x64; C:\Windows\System32\DRIVERS\DisplayLinkUsbIo_x64_7.6.55673.0.sys [46384 2014-06-03] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-12-18] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [378136 2015-03-24] (Intel Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-04-18] ()
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [30424 2015-04-10] (Sony Mobile Communications)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [340336 2015-05-21] (SafeNet Inc.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-15] (Intel Corporation)
S3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [169680 2014-04-02] (Intel Corporation)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [103112 2014-11-11] (Kaspersky Lab ZAO)
R1 KLFLTDEV; C:\Windows\System32\DRIVERS\klfltdev.sys [29792 2013-12-03] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [681672 2014-12-29] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30920 2014-11-20] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [57032 2014-10-09] (Kaspersky Lab ZAO)
R3 KMJHidMini; C:\Windows\System32\DRIVERS\3dxkmj.sys [18944 2013-10-08] (3Dconnextion Inc.)
R3 KMJShim; C:\Windows\System32\DRIVERS\3dxshim.sys [7168 2013-10-08] (3Dconnextion Inc.)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [176840 2014-09-10] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-04-19] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100824 2013-12-03] (Intel Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [3437848 2014-12-08] (Intel Corporation)
R3 O2FJ2RDR; C:\Windows\System32\DRIVERS\O2FJ2w7x64.sys [209720 2014-03-25] (BayHubTech/O2Micro )
R1 OMNISMI; C:\Windows\SysWOW64\drivers\omnismi.sys [14776 2014-03-31] ()
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
S3 shtmd702; C:\Windows\System32\DRIVERS\shtmd702.sys [34656 2011-08-22] (SHARP CORPORATION)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [32936 2015-02-05] (Synaptics Incorporated)
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13128 2011-05-30] (Authentec Inc.)
R3 SNTUSB64; C:\Windows\System32\DRIVERS\SNTUSB64.SYS [58792 2009-09-17] (SafeNet, Inc.)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [682272 2014-09-04] (Sunplus)
R2 sxhidflt; C:\Windows\System32\DRIVERS\sxhidflt.sys [34744 2011-11-02] (silex technology, Inc.)
R2 sxuptp; C:\Windows\System32\DRIVERS\sxuptp.sys [303928 2011-11-02] (silex technology, Inc.)
R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [206744 2013-06-20] (Windows (R) Win 7 DDK provider)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Apple, Inc.) [Datei ist nicht signiert]
R3 WinDriver6; C:\Windows\System32\drivers\NE_UsbDriver_Win64.sys [254976 2011-12-01] (Jungo)
S3 gwiopm; \??\C:\Program Files (x86)\Slotman\gwiopm.sys [X]
S3 TDKLIB; \??\C:\Users\MKLUG~1.LEI\AppData\Local\Temp\TdkLib64.sys [X]
S3 tpflhlp; \??\C:\PROGRA~3\Lenovo\SYSTEM~1\session\REPOSI~1\gnuj18us\securedfolder\tpflhlp.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-19 12:40 - 2016-04-19 12:40 - 00040600 _____ C:\Users\M.Klug.LEISS\Desktop\FRST.txt
2016-04-19 12:40 - 2016-04-19 12:40 - 00000000 ____D C:\FRST
2016-04-19 12:39 - 2016-04-19 12:39 - 02375680 _____ (Farbar) C:\Users\M.Klug.LEISS\Desktop\FRST64.exe
2016-04-19 08:54 - 2016-04-19 08:54 - 00008379 _____ C:\Users\M.Klug.LEISS\Downloads\Mitgliederdaten1461048872036.csv
2016-04-19 08:52 - 2016-04-19 08:52 - 84893696 _____ C:\Users\M.Klug\Documents\060280216_Z.e3.3.bak
2016-04-19 08:45 - 2016-04-19 08:45 - 00319488 _____ C:\Users\M.Klug\Documents\060280216_B.e2.2.bak
2016-04-19 08:45 - 2016-04-19 08:45 - 00315392 _____ C:\Users\M.Klug\Documents\060280216_B.e2.1.bak
2016-04-19 08:44 - 2016-04-19 08:44 - 02641920 _____ C:\Users\M.Klug\Documents\060280216_A.e2.2.bak
2016-04-19 08:43 - 2016-04-19 08:43 - 85053440 _____ C:\Users\M.Klug\Documents\060280216_Z.e3.2.bak
2016-04-19 08:41 - 2016-04-19 08:41 - 02646016 _____ C:\Users\M.Klug\Documents\060280216_A.e2.1.bak
2016-04-19 08:39 - 2016-04-19 08:39 - 84901888 _____ C:\Users\M.Klug\Documents\060280216_Z.e3.1.bak
2016-04-19 07:45 - 2016-04-19 07:45 - 00008009 _____ C:\Users\M.Klug.LEISS\Downloads\JRT.txt
2016-04-19 07:39 - 2016-04-19 07:39 - 01610352 _____ (Malwarebytes) C:\Users\M.Klug.LEISS\Desktop\JRT_8.0.4.exe
2016-04-18 23:02 - 2016-04-18 19:45 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20160418-230210.backup
2016-04-18 22:23 - 2016-04-18 22:23 - 00000000 ____D C:\Program Files\Common Files\AV
2016-04-18 22:23 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2016-04-18 22:19 - 2016-04-18 23:03 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-04-18 22:19 - 2016-04-18 22:27 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-04-18 22:19 - 2016-04-18 22:19 - 00001406 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-04-18 22:19 - 2016-04-18 22:19 - 00001394 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-04-18 22:19 - 2016-04-18 22:19 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2016-04-18 22:19 - 2016-04-18 22:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-04-18 22:19 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2016-04-18 22:09 - 2016-04-18 22:11 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\M.Klug.LEISS\Downloads\spybot-2.4.40.exe
2016-04-18 21:46 - 2016-04-18 21:47 - 11430296 _____ (SurfRight B.V.) C:\Users\M.Klug\Downloads\hitmanpro_x64.exe
2016-04-18 21:45 - 2016-04-18 21:58 - 00000000 ____D C:\Users\M.Klug\AppData\Roaming\Panda Security
2016-04-18 21:45 - 2016-04-18 21:46 - 00002262 _____ C:\Users\M.Klug\Desktop\Google Chrome.lnk
2016-04-18 21:45 - 2016-04-18 21:45 - 00000000 ____D C:\Users\M.Klug\AppData\Roaming\Tobit
2016-04-18 21:45 - 2016-04-18 21:45 - 00000000 ____D C:\Users\M.Klug\AppData\Roaming\Logitech
2016-04-18 21:45 - 2016-04-18 21:45 - 00000000 ____D C:\Users\M.Klug\AppData\Roaming\3Dconnexion
2016-04-18 21:45 - 2016-04-18 21:45 - 00000000 ____D C:\Users\M.Klug\AppData\LocalLow\pandasecuritytb
2016-04-18 21:45 - 2016-04-18 21:45 - 00000000 ____D C:\Users\M.Klug\AppData\Local\Google
2016-04-18 21:45 - 2016-04-18 21:45 - 00000000 ____D C:\Users\M.Klug\AppData\Local\3Dconnexion
2016-04-18 20:24 - 2016-04-18 20:24 - 11430296 _____ (SurfRight B.V.) C:\Users\M.Klug.LEISS\Downloads\hitmanpro_x64 (3).exe
2016-04-18 20:13 - 2016-04-18 20:13 - 00000000 ____D C:\ProgramData\panda_url_filtering
2016-04-18 20:12 - 2016-04-18 21:58 - 00000000 ____D C:\Users\M.Klug.LEISS\AppData\Roaming\Panda Security
2016-04-18 20:11 - 2016-04-18 20:11 - 00245648 _____ (Kaspersky Lab ZAO) C:\Users\M.Klug.LEISS\Downloads\zbotkiller.exe
2016-04-18 20:08 - 2016-04-18 21:57 - 00000000 ____D C:\ProgramData\Panda Security
2016-04-18 20:07 - 2016-04-18 20:07 - 02252720 _____ (Panda Security, S.L.) C:\Users\M.Klug.LEISS\Downloads\PANDAFREEAV.exe
2016-04-18 19:45 - 2016-04-18 19:45 - 1092548714 _____ C:\Windows\MEMORY.DMP
2016-04-18 19:45 - 2016-04-18 19:45 - 00309808 _____ C:\Windows\Minidump\041816-17440-01.dmp
2016-04-18 19:40 - 2016-04-18 19:59 - 00001569 _____ C:\bdlog.txt
2016-04-18 18:56 - 2016-04-18 18:56 - 00000385 _____ C:\Windows\system32\user_gensett.xml
2016-04-18 18:56 - 2016-04-18 18:56 - 00000385 _____ C:\Users\M.Klug.LEISS\AppData\Roaminguser_gensett.xml
2016-04-18 18:55 - 2016-04-18 18:55 - 00000000 ____D C:\ProgramData\BDLogging
2016-04-18 18:55 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll
2016-04-18 18:36 - 2016-04-18 18:37 - 04069672 _____ (Bytelayer AB ) C:\Users\M.Klug.LEISS\Downloads\TrojanHunterSetup_6.0.1038.exe
2016-04-18 18:36 - 2016-04-18 18:36 - 06324336 _____ C:\Users\M.Klug.LEISS\Downloads\bitdefender_isecurity_qs.exe
2016-04-18 18:36 - 2016-04-18 18:36 - 00000000 ____D C:\ProgramData\Bitdefender Agent
2016-04-18 18:35 - 2016-04-18 18:35 - 00039480 _____ C:\Users\M.Klug.LEISS\Downloads\qsinstaller.exe
2016-04-18 18:35 - 2016-04-18 18:35 - 00000000 ____D C:\Users\M.Klug.LEISS\AppData\Roaming\QuickScan
2016-04-18 18:10 - 2016-04-18 18:10 - 02870984 _____ (ESET) C:\Users\M.Klug.LEISS\Downloads\esetsmartinstaller_deu.exe
2016-04-18 18:07 - 2016-04-18 18:07 - 00000000 _____ C:\autoexec.bat
2016-04-18 18:05 - 2016-04-18 18:05 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2016-04-18 18:04 - 2016-04-18 18:04 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\M.Klug.LEISS\Downloads\SpyHunter-Installer.exe
2016-04-18 17:46 - 2016-04-18 17:47 - 11441744 _____ (SurfRight B.V.) C:\Users\M.Klug.LEISS\Downloads\HitmanPro_x64 (2).exe
2016-04-18 17:46 - 2016-04-18 17:46 - 11441744 _____ (SurfRight B.V.) C:\Users\M.Klug.LEISS\Downloads\HitmanPro_x64 (1).exe
2016-04-18 13:57 - 2016-04-19 09:58 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-18 13:57 - 2016-04-18 17:28 - 00001111 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-04-18 13:57 - 2016-04-18 13:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-04-18 13:57 - 2016-04-18 13:57 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-04-18 13:57 - 2016-04-18 13:57 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-04-18 13:57 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-04-18 13:57 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-04-18 13:57 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-04-18 13:55 - 2016-04-18 13:56 - 22851472 _____ (Malwarebytes ) C:\Users\M.Klug.LEISS\Downloads\mbam-setup-2.2.1.1043.exe
2016-04-18 13:21 - 2016-04-18 13:22 - 03683904 _____ C:\Users\M.Klug.LEISS\Downloads\adwcleaner_5.112 (1).exe
2016-04-18 13:03 - 2016-04-18 13:04 - 00000000 ____D C:\Users\M.Klug.LEISS\AppData\Roaming\Tobit
2016-04-18 12:59 - 2016-04-18 12:59 - 03683904 _____ C:\Users\M.Klug.LEISS\Downloads\adwcleaner_5.112.exe
2016-04-18 12:56 - 2016-04-18 12:56 - 00237056 _____ (SC BitDefender , Romania) C:\Users\M.Klug.LEISS\Downloads\ZbotRemovalTool (1).exe
2016-04-18 12:53 - 2016-04-18 12:53 - 00237056 _____ (SC BitDefender , Romania) C:\Users\M.Klug.LEISS\Downloads\ZbotRemovalTool.exe
2016-04-18 12:44 - 2016-04-18 12:55 - 00000000 ____D C:\ProgramData\HitmanPro
2016-04-18 12:43 - 2016-04-18 12:44 - 11441744 _____ (SurfRight B.V.) C:\Users\M.Klug.LEISS\Downloads\hitmanpro_x64.exe
2016-04-18 11:45 - 2016-04-18 11:45 - 47267840 _____ C:\Users\M.Klug\Documents\060300216_PZ.e3.2.bak
2016-04-18 10:59 - 2016-04-18 10:59 - 47267840 _____ C:\Users\M.Klug\Documents\060300216_PZ.e3.1.bak
2016-04-18 10:48 - 2016-04-18 10:48 - 66899968 _____ C:\Users\M.Klug\Documents\060370216_PZ.e3.11.bak
2016-04-18 10:04 - 2016-04-18 10:05 - 26483057 _____ C:\Users\M.Klug.LEISS\Downloads\20160413_084559.mp4
2016-04-18 08:33 - 2016-04-18 08:33 - 02179072 _____ C:\Users\M.Klug\Documents\Blasdornblock komplett.e3.2.bak
2016-04-18 08:21 - 2016-04-18 08:21 - 02203648 _____ C:\Users\M.Klug\Documents\Blasdornblock komplett.e3.1.bak
2016-04-18 08:01 - 2016-04-18 08:01 - 03215360 _____ C:\Users\M.Klug\Documents\Blasdornblock komplett_60.e3.1.bak
2016-04-15 17:35 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2016-04-15 17:34 - 2016-04-15 17:34 - 00000000 ____D C:\Users\M.Klug.LEISS\AppData\Local\posterXXL Designer
2016-04-15 17:24 - 2016-04-15 17:31 - 175300924 _____ C:\Users\M.Klug.LEISS\Downloads\posterXXL.zip
2016-04-15 12:36 - 2016-04-15 12:36 - 00286720 _____ C:\Users\M.Klug\Documents\060370216_Q.e2.3.bak
2016-04-15 12:34 - 2016-04-15 12:34 - 10039296 _____ C:\Users\M.Klug\Documents\060370216_P.e2.4.bak
2016-04-15 12:32 - 2016-04-15 12:32 - 08593408 _____ C:\Users\M.Klug\Documents\060370216_P.e2.3.bak
2016-04-15 11:36 - 2016-04-15 11:36 - 185196544 _____ C:\Users\M.Klug\Documents\060370216_Z.e3.74.bak
2016-04-15 11:35 - 2016-04-15 11:35 - 08589312 _____ C:\Users\M.Klug\Documents\060370216_P.e2.2.bak
2016-04-15 11:32 - 2016-04-15 11:32 - 08585216 _____ C:\Users\M.Klug\Documents\060370216_P.e2.1.bak
2016-04-15 11:20 - 2016-04-15 11:20 - 00282624 _____ C:\Users\M.Klug\Documents\060370216_Q.e2.2.bak
2016-04-15 11:11 - 2016-04-15 11:11 - 00262144 _____ C:\Users\M.Klug\Documents\060370216_Q.e2.1.bak
2016-04-15 10:44 - 2016-04-15 10:44 - 01728512 _____ C:\Users\M.Klug\Documents\020210212_P.e2.1.bak
2016-04-15 10:13 - 2016-04-15 10:13 - 66777088 _____ C:\Users\M.Klug\Documents\060370216_PZ.e3.10.bak
2016-04-15 09:50 - 2016-04-15 09:50 - 73674752 _____ C:\Users\M.Klug\Documents\060370216_PZ.e3.9.bak
2016-04-15 08:34 - 2016-04-15 08:34 - 73674752 _____ C:\Users\M.Klug\Documents\060370216_PZ.e3.8.bak
2016-04-15 08:19 - 2016-04-15 08:20 - 66637824 _____ C:\Users\M.Klug\Documents\060370216_PZ.e3.7.bak
2016-04-15 07:14 - 2016-04-15 07:14 - 66646016 _____ C:\Users\M.Klug\Documents\060370216_PZ.e3.6.bak
2016-04-15 06:44 - 2016-04-15 06:44 - 00000000 ____D C:\Users\M.Klug.LEISS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-04-14 16:01 - 2016-04-14 16:01 - 66641920 _____ C:\Users\M.Klug\Documents\060370216_PZ.e3.5.bak
2016-04-14 16:00 - 2016-04-14 16:00 - 66215936 _____ C:\Users\M.Klug\Documents\060370216_PZ_2.e3.1.bak
2016-04-14 15:56 - 2016-04-14 15:56 - 67530752 _____ C:\Users\M.Klug\Documents\060370216_PZ.e3.4.bak
2016-04-14 15:28 - 2016-04-14 15:28 - 67510272 _____ C:\Users\M.Klug\Documents\060370216_PZ.e3.3.bak
2016-04-14 15:07 - 2016-04-14 15:07 - 67510272 _____ C:\Users\M.Klug\Documents\060370216_PZ.e3.2.bak
2016-04-14 15:00 - 2016-04-14 15:00 - 00307200 _____ C:\Users\M.Klug\Documents\060370216_F.e2.1.bak
2016-04-14 14:58 - 2016-04-14 14:58 - 185204736 _____ C:\Users\M.Klug\Documents\060370216_Z.e3.73.bak
2016-04-14 14:56 - 2016-04-14 14:56 - 66801664 _____ C:\Users\M.Klug\Documents\060290216_Z.e3.36.bak
2016-04-14 14:56 - 2016-04-14 14:56 - 00262144 _____ C:\Users\M.Klug\Documents\060290216_F.e2.3.bak
2016-04-14 14:54 - 2016-04-14 14:54 - 00274432 _____ C:\Users\M.Klug\Documents\060300216_F.e2.1.bak
2016-04-14 14:53 - 2016-04-14 14:53 - 81788928 _____ C:\Users\M.Klug\Documents\060300216_Z.e3.50.bak
2016-04-14 14:31 - 2016-04-14 14:31 - 87896064 _____ C:\Users\M.Klug\Documents\051081015_PZ.e3.1.bak
2016-04-14 10:08 - 2016-04-14 10:08 - 00704512 _____ C:\Users\M.Klug\Documents\ballon.e3.1.bak
2016-04-13 12:03 - 2016-03-18 01:04 - 05551336 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-04-13 12:03 - 2016-03-18 01:04 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-04-13 12:03 - 2016-03-18 01:04 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-04-13 12:03 - 2016-03-18 01:04 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-04-13 12:03 - 2016-03-18 01:01 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-04-13 12:03 - 2016-03-18 01:01 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-04-13 12:03 - 2016-03-18 00:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-04-13 12:03 - 2016-03-18 00:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-04-13 12:03 - 2016-03-18 00:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-04-13 12:03 - 2016-03-18 00:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-04-13 12:03 - 2016-03-18 00:58 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-04-13 12:03 - 2016-03-18 00:58 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-04-13 12:03 - 2016-03-18 00:58 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-04-13 12:03 - 2016-03-18 00:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-04-13 12:03 - 2016-03-18 00:58 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-04-13 12:03 - 2016-03-18 00:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-04-13 12:03 - 2016-03-18 00:57 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-04-13 12:03 - 2016-03-18 00:57 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-04-13 12:03 - 2016-03-18 00:57 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-04-13 12:03 - 2016-03-18 00:57 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-04-13 12:03 - 2016-03-18 00:57 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-04-13 12:03 - 2016-03-18 00:56 - 02084864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-04-13 12:03 - 2016-03-18 00:56 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-04-13 12:03 - 2016-03-18 00:54 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-04-13 12:03 - 2016-03-18 00:54 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-04-13 12:03 - 2016-03-18 00:54 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-04-13 12:03 - 2016-03-18 00:54 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-04-13 12:03 - 2016-03-18 00:53 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-04-13 12:03 - 2016-03-18 00:53 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-04-13 12:03 - 2016-03-18 00:53 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-04-13 12:03 - 2016-03-18 00:53 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-04-13 12:03 - 2016-03-18 00:50 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-04-13 12:03 - 2016-03-18 00:50 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-04-13 12:03 - 2016-03-18 00:50 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-04-13 12:03 - 2016-03-18 00:50 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-04-13 12:03 - 2016-03-18 00:50 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-04-13 12:03 - 2016-03-18 00:50 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-04-13 12:03 - 2016-03-18 00:50 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-04-13 12:03 - 2016-03-18 00:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-04-13 12:03 - 2016-03-18 00:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-04-13 12:03 - 2016-03-18 00:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:36 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-04-13 12:03 - 2016-03-18 00:36 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-04-13 12:03 - 2016-03-18 00:33 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-04-13 12:03 - 2016-03-18 00:31 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-04-13 12:03 - 2016-03-18 00:31 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-04-13 12:03 - 2016-03-18 00:31 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-04-13 12:03 - 2016-03-18 00:31 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-04-13 12:03 - 2016-03-18 00:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-04-13 12:03 - 2016-03-18 00:30 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-04-13 12:03 - 2016-03-18 00:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-04-13 12:03 - 2016-03-18 00:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-04-13 12:03 - 2016-03-18 00:29 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-04-13 12:03 - 2016-03-18 00:29 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-04-13 12:03 - 2016-03-18 00:29 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-04-13 12:03 - 2016-03-18 00:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-04-13 12:03 - 2016-03-18 00:27 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-04-13 12:03 - 2016-03-18 00:27 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-04-13 12:03 - 2016-03-18 00:27 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-04-13 12:03 - 2016-03-18 00:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-04-13 12:03 - 2016-03-18 00:26 - 00553984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-04-13 12:03 - 2016-03-18 00:25 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-04-13 12:03 - 2016-03-18 00:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-04-13 12:03 - 2016-03-18 00:24 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-04-13 12:03 - 2016-03-18 00:24 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-04-13 12:03 - 2016-03-18 00:24 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-04-13 12:03 - 2016-03-18 00:24 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-04-13 12:03 - 2016-03-18 00:24 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:24 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 12:03 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-04-13 12:03 - 2016-03-17 23:53 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-04-13 12:03 - 2016-03-17 23:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-04-13 12:03 - 2016-03-17 23:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-04-13 12:03 - 2016-03-17 23:51 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-04-13 12:03 - 2016-03-17 23:44 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-04-13 12:03 - 2016-03-17 23:43 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-04-13 12:03 - 2016-03-17 23:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-04-13 12:03 - 2016-03-17 23:38 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-04-13 12:03 - 2016-03-17 23:37 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-04-13 12:03 - 2016-03-17 23:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-04-13 12:03 - 2016-03-17 23:35 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-04-13 12:03 - 2016-03-17 23:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-04-13 12:03 - 2016-03-17 23:30 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-04-13 12:03 - 2016-03-17 23:30 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-04-13 12:03 - 2016-03-17 23:30 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-04-13 12:03 - 2016-03-17 23:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-04-13 12:03 - 2016-03-17 23:29 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-04-13 12:03 - 2016-03-17 23:29 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-04-13 12:03 - 2016-03-17 23:29 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 12:03 - 2016-03-17 23:29 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 12:03 - 2016-03-17 23:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-04-13 12:03 - 2016-03-16 20:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-04-13 12:03 - 2016-03-16 20:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-04-13 12:03 - 2016-03-16 20:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-04-13 12:03 - 2016-03-06 20:53 - 01885696 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-04-13 12:03 - 2016-03-06 20:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-04-13 12:03 - 2016-03-06 20:38 - 01240576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-04-13 12:03 - 2016-03-06 20:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2016-04-13 12:02 - 2016-03-29 19:53 - 03216896 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-04-13 12:02 - 2016-03-16 02:16 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-04-13 12:02 - 2016-03-16 02:16 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-04-13 12:02 - 2016-03-16 01:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-04-13 12:00 - 2016-03-31 21:25 - 00394952 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-04-13 12:00 - 2016-03-31 20:41 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-04-13 12:00 - 2016-03-31 02:54 - 25817600 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-04-13 12:00 - 2016-03-31 02:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-04-13 12:00 - 2016-03-31 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-04-13 12:00 - 2016-03-31 02:31 - 02892800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-04-13 12:00 - 2016-03-31 02:28 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-04-13 12:00 - 2016-03-31 02:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-04-13 12:00 - 2016-03-31 02:27 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-04-13 12:00 - 2016-03-31 02:27 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-04-13 12:00 - 2016-03-31 02:27 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-04-13 12:00 - 2016-03-31 02:25 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-04-13 12:00 - 2016-03-31 02:22 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-04-13 12:00 - 2016-03-31 02:21 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-04-13 12:00 - 2016-03-31 02:19 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-04-13 12:00 - 2016-03-31 02:17 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-04-13 12:00 - 2016-03-31 02:17 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-04-13 12:00 - 2016-03-31 02:17 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-04-13 12:00 - 2016-03-31 02:17 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-04-13 12:00 - 2016-03-31 02:11 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-04-13 12:00 - 2016-03-31 02:08 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-04-13 12:00 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-04-13 12:00 - 2016-03-31 02:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-04-13 12:00 - 2016-03-31 02:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-04-13 12:00 - 2016-03-31 01:59 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-04-13 12:00 - 2016-03-31 01:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-04-13 12:00 - 2016-03-31 01:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-04-13 12:00 - 2016-03-31 01:55 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-04-13 12:00 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-04-13 12:00 - 2016-03-31 01:53 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-04-13 12:00 - 2016-03-31 01:52 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-04-13 12:00 - 2016-03-31 01:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-04-13 12:00 - 2016-03-31 01:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-04-13 12:00 - 2016-03-31 01:52 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-04-13 12:00 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-04-13 12:00 - 2016-03-31 01:48 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-04-13 12:00 - 2016-03-31 01:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-04-13 12:00 - 2016-03-31 01:46 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-04-13 12:00 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-04-13 12:00 - 2016-03-31 01:45 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-04-13 12:00 - 2016-03-31 01:45 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-04-13 12:00 - 2016-03-31 01:45 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-04-13 12:00 - 2016-03-31 01:43 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-04-13 12:00 - 2016-03-31 01:43 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-04-13 12:00 - 2016-03-31 01:42 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-04-13 12:00 - 2016-03-31 01:42 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-04-13 12:00 - 2016-03-31 01:39 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-04-13 12:00 - 2016-03-31 01:38 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-04-13 12:00 - 2016-03-31 01:34 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-04-13 12:00 - 2016-03-31 01:33 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-04-13 12:00 - 2016-03-31 01:31 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-04-13 12:00 - 2016-03-31 01:31 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-04-13 12:00 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-04-13 12:00 - 2016-03-31 01:30 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-04-13 12:00 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-04-13 12:00 - 2016-03-31 01:29 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-04-13 12:00 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-04-13 12:00 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-04-13 12:00 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-04-13 12:00 - 2016-03-31 01:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-04-13 12:00 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-04-13 12:00 - 2016-03-31 01:18 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-04-13 12:00 - 2016-03-31 01:06 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-04-13 12:00 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-04-13 12:00 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-04-13 12:00 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-04-13 08:45 - 2016-04-13 08:45 - 00262144 _____ C:\Users\M.Klug\Documents\060290216_F.e2.2.bak
2016-04-13 08:40 - 2016-04-13 08:40 - 01318912 _____ C:\Users\M.Klug\Documents\060290216_G.e2.4.bak
2016-04-13 08:38 - 2016-04-13 08:38 - 00229376 _____ C:\Users\M.Klug\Documents\060290216_A.e2.5.bak
2016-04-13 08:36 - 2016-04-13 08:36 - 01241088 _____ C:\Users\M.Klug\Documents\060290216_B.e2.4.bak
2016-04-13 08:34 - 2016-04-13 08:34 - 01851392 _____ C:\Users\M.Klug\Documents\060290216_H.e2.4.bak
2016-04-13 08:11 - 2016-04-13 08:11 - 01847296 _____ C:\Users\M.Klug\Documents\060290216_H.e2.3.bak
2016-04-12 14:28 - 2016-04-12 14:28 - 66781184 _____ C:\Users\M.Klug\Documents\060290216_Z.e3.35.bak
2016-04-12 10:12 - 2016-04-12 10:12 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2016-04-12 10:10 - 2016-04-12 10:11 - 28849904 _____ C:\Users\M.Klug.LEISS\Downloads\vlc-2.2.1-win32.exe
2016-04-12 10:07 - 2016-04-12 10:07 - 00000036 ____H C:\Users\M.Klug.LEISS\AppData\Roaming\swk.ini
2016-04-11 13:13 - 2016-04-11 13:13 - 00037304 _____ C:\Users\M.Klug.LEISS\Downloads\HEB_Z160103634040206M11602000000.zip
2016-04-08 12:00 - 2016-04-04 20:14 - 00038120 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-04-08 12:00 - 2016-04-04 20:02 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-04-08 12:00 - 2016-04-02 15:08 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-04-08 07:41 - 2016-04-08 07:41 - 01126324 _____ C:\Users\M.Klug.LEISS\Downloads\HEB_Z160103634080206M11601000000 (1).zip
2016-04-08 07:33 - 2016-04-08 07:33 - 00037372 _____ C:\Users\M.Klug.LEISS\Downloads\HEB_Z160103634080206M11601000000.zip
2016-04-01 12:00 - 2016-03-23 16:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-04-01 12:00 - 2016-03-17 20:04 - 00698368 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-04-01 12:00 - 2016-03-17 20:04 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-04-01 12:00 - 2016-03-17 20:04 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-04-01 12:00 - 2016-03-17 20:04 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-04-01 11:44 - 2016-04-01 11:44 - 00115336 _____ C:\Users\M.Klug.LEISS\Downloads\Sommerreifenpreise 2016 klug.pdf
2016-03-24 17:09 - 2016-03-24 17:09 - 00109156 _____ C:\Users\M.Klug.LEISS\Downloads\Organigramm TC Ludwigsstadt (1).pdf
2016-03-24 14:47 - 2016-03-24 14:47 - 00002166 _____ C:\Users\M.Klug.LEISS\Downloads\contacts (1).csv
2016-03-24 12:47 - 2016-03-24 12:47 - 00007038 _____ C:\Users\M.Klug.LEISS\Downloads\contacts.csv
2016-03-24 08:16 - 2016-03-24 08:16 - 01742364 _____ C:\Users\M.Klug.LEISS\Downloads\BND_DeLonghi_Brueheinheit.pdf
2016-03-24 08:15 - 2016-03-24 08:15 - 02544339 _____ C:\Users\M.Klug.LEISS\Downloads\BND_DELONGHI_ESAM_THERMOBLOCK.pdf
2016-03-24 08:15 - 2016-03-24 08:15 - 02126626 _____ C:\Users\M.Klug.LEISS\Downloads\BND_DELONGHI_TECHNIK.pdf
2016-03-23 16:11 - 2016-03-23 16:11 - 00000000 ____D C:\trn
2016-03-23 16:11 - 1998-01-23 13:20 - 00305664 _____ (InstallShield Software Corporation ) C:\Windows\IsUn0407.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-19 12:35 - 2015-06-19 06:34 - 00001240 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1060284298-1326574676-1801674531-1129UA.job
2016-04-19 12:35 - 2014-12-05 10:08 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-19 12:00 - 2014-12-01 16:13 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-19 12:00 - 2014-12-01 16:13 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-19 11:46 - 2014-11-21 14:09 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-04-19 11:28 - 2014-11-21 20:18 - 00000120 _____ C:\Windows\system32\config\netlogon.ftl
2016-04-19 10:35 - 2015-06-19 06:34 - 00001188 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1060284298-1326574676-1801674531-1129Core.job
2016-04-19 08:07 - 2014-10-14 04:35 - 00702890 _____ C:\Windows\system32\perfh007.dat
2016-04-19 08:07 - 2014-10-14 04:35 - 00150498 _____ C:\Windows\system32\perfc007.dat
2016-04-19 08:07 - 2009-07-14 07:13 - 01628108 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-19 08:07 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-04-19 08:06 - 2009-07-14 06:45 - 00031904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-19 08:06 - 2009-07-14 06:45 - 00031904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-19 07:59 - 2015-09-23 14:01 - 00000685 _____ C:\Windows\Tobit.ini
2016-04-19 07:59 - 2014-11-27 14:21 - 00000000 ___RD C:\Users\M.Klug.LEISS\Dropbox
2016-04-19 07:59 - 2014-10-13 19:03 - 00000000 ____D C:\ProgramData\Validity
2016-04-19 07:59 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-19 07:58 - 2014-10-13 19:00 - 00000000 ____D C:\ProgramData\NVIDIA
2016-04-19 07:14 - 2014-11-21 15:03 - 00000000 ____D C:\Users\M.Klug.LEISS\AppData\Local\CrashDumps
2016-04-18 22:01 - 2009-07-14 06:45 - 00514288 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-18 21:45 - 2014-11-21 20:09 - 00134672 _____ C:\Users\M.Klug\AppData\Local\GDIPFONTCACHEV1.DAT
2016-04-18 20:12 - 2014-11-21 13:23 - 00134672 _____ C:\Users\M.Klug.LEISS\AppData\Local\GDIPFONTCACHEV1.DAT
2016-04-18 20:01 - 2015-04-14 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LEGO Company
2016-04-18 20:01 - 2015-04-14 20:43 - 00000000 ____D C:\Program Files (x86)\LEGO Company
2016-04-18 20:01 - 2015-01-22 13:40 - 00000000 ____D C:\Program Files (x86)\Slotman
2016-04-18 19:58 - 2015-06-19 06:34 - 00000000 ____D C:\Users\M.Klug.LEISS\AppData\Local\Dropbox
2016-04-18 19:45 - 2015-05-19 16:09 - 00000000 ____D C:\Windows\Minidump
2016-04-18 18:07 - 2014-11-21 13:23 - 00000000 ____D C:\Users\M.Klug.LEISS
2016-04-18 17:29 - 2015-10-13 09:09 - 00002155 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2016-04-18 17:29 - 2015-09-29 14:18 - 00002186 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-18 17:29 - 2015-05-19 15:51 - 00001729 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mouse Properties (Touchpad Clickpad Trackpad TrackPoint Mouse Pointer Pointing Pad).lnk
2016-04-18 17:29 - 2015-02-12 11:30 - 00001299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2016-04-18 17:29 - 2014-10-14 04:33 - 00001729 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Ultranav (Touchpad Clickpad Trackpad TrackPoint Mouse).lnk
2016-04-18 17:29 - 2014-10-13 19:05 - 00002021 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) WiDi.lnk
2016-04-18 17:29 - 2014-10-13 19:05 - 00001979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
2016-04-18 17:29 - 2014-10-13 19:04 - 00002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo PC Experience.lnk
2016-04-18 17:29 - 2014-10-13 19:03 - 00001931 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Pro 9.lnk
2016-04-18 17:29 - 2014-10-13 19:02 - 00002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2016-04-18 17:29 - 2014-10-13 18:48 - 00001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-04-18 17:29 - 2014-10-13 18:48 - 00001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-04-18 17:29 - 2009-07-14 06:57 - 00001535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-04-18 17:29 - 2009-07-14 06:57 - 00001340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2016-04-18 17:29 - 2009-07-14 06:57 - 00001318 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2016-04-18 17:29 - 2009-07-14 06:57 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2016-04-18 17:29 - 2009-07-14 06:54 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2016-04-18 17:28 - 2016-02-18 09:22 - 00001996 _____ C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2016-04-18 17:28 - 2016-01-29 19:05 - 00002132 _____ C:\Users\Public\Desktop\Smart Switch.lnk
2016-04-18 17:28 - 2015-12-10 21:32 - 00000995 _____ C:\Users\Public\Desktop\CEWE FOTOSCHAU.lnk
2016-04-18 17:28 - 2015-12-10 21:32 - 00000980 _____ C:\Users\Public\Desktop\dm-Fotowelt.lnk
2016-04-18 17:28 - 2015-11-02 09:33 - 00001030 _____ C:\Users\Public\Desktop\IGEMS R2015.lnk
2016-04-18 17:28 - 2015-10-21 11:10 - 00002335 _____ C:\Users\Public\Desktop\Toolmaker 2016 (64-bit).lnk
2016-04-18 17:28 - 2015-10-21 11:10 - 00002279 _____ C:\Users\Public\Desktop\PowerSHAPE 2016 (64-bit).lnk
2016-04-18 17:28 - 2015-09-03 11:33 - 00001857 _____ C:\Users\Public\Desktop\ThinkDesign 2015.2 (64-bit).lnk
2016-04-18 17:28 - 2015-08-25 07:46 - 00002139 _____ C:\Users\Public\Desktop\PowerMILL 2016 (64-bit).lnk
2016-04-18 17:28 - 2015-07-31 06:56 - 00001064 _____ C:\Users\Public\Desktop\ScanStudio.lnk
2016-04-18 17:28 - 2015-04-29 14:54 - 00002257 _____ C:\Users\Public\Desktop\EliteCAD 13 ME-2D.lnk
2016-04-18 17:28 - 2015-03-31 08:36 - 00001485 _____ C:\Users\Public\Desktop\ElsterFormular.lnk
2016-04-18 17:28 - 2015-03-05 11:18 - 00002097 _____ C:\Users\Public\Desktop\Exchange 2015 R2 (64-bit).lnk
2016-04-18 17:28 - 2015-02-12 11:30 - 00001293 _____ C:\Users\Public\Desktop\paint.net.lnk
2016-04-18 17:28 - 2014-12-18 17:00 - 00001816 _____ C:\Users\Public\Desktop\EliteViewer 12.lnk
2016-04-18 17:28 - 2014-12-18 15:31 - 00002024 _____ C:\Users\Public\Desktop\SnagIt 9.lnk
2016-04-18 17:28 - 2014-12-18 15:31 - 00001100 _____ C:\Users\Public\Desktop\SnagIt 9 Editor.lnk
2016-04-18 17:28 - 2014-12-18 08:13 - 00003031 _____ C:\Users\Public\Desktop\SolidWorks Explorer 2014.lnk
2016-04-18 17:28 - 2014-12-18 08:13 - 00002443 _____ C:\Users\Public\Desktop\SolidWorks Composer Player 2014 - x64 Edition.lnk
2016-04-18 17:28 - 2014-12-18 08:10 - 00002167 _____ C:\Users\Public\Desktop\eDrawings 2014 x64 Edition.lnk
2016-04-18 17:28 - 2014-12-18 08:07 - 00002779 _____ C:\Users\Public\Desktop\SolidWorks 2014 x64 Edition.lnk
2016-04-18 17:28 - 2014-12-03 14:16 - 00001223 _____ C:\Users\Public\Desktop\BDE-Terminal.lnk
2016-04-18 17:28 - 2014-12-01 16:03 - 00002144 _____ C:\Users\Public\Desktop\Overlay mode Pen Software.lnk
2016-04-18 17:28 - 2014-12-01 16:03 - 00001192 _____ C:\Users\Public\Desktop\Pen Software.lnk
2016-04-18 17:28 - 2014-11-21 14:47 - 00002232 _____ C:\Users\Public\Desktop\RatioPlus.lnk
2016-04-18 17:27 - 2016-01-13 21:55 - 00003077 _____ C:\Users\M.Klug.LEISS\Desktop\Nik Collection.lnk
2016-04-18 17:27 - 2015-12-14 07:47 - 00001349 _____ C:\Users\M.Klug.LEISS\Desktop\Urlaubsplan 2016.lnk
2016-04-18 17:27 - 2015-12-14 07:44 - 00001065 _____ C:\Users\M.Klug.LEISS\Desktop\Stichwörter.lnk
2016-04-18 17:27 - 2014-12-25 19:41 - 00001087 _____ C:\Users\M.Klug.LEISS\Desktop\tiptoi.lnk
2016-04-18 17:27 - 2014-12-08 07:47 - 00002002 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2016-04-18 17:27 - 2014-12-03 14:10 - 00000839 _____ C:\Users\M.Klug.LEISS\Desktop\Stunden.lnk
2016-04-18 17:27 - 2014-12-03 14:03 - 00001328 _____ C:\Users\M.Klug.LEISS\Desktop\Volumen Artikeldaten.lnk
2016-04-18 17:27 - 2014-12-01 17:49 - 00001192 _____ C:\Users\M.Klug.LEISS\Desktop\OpenOffice 4.1.1.lnk
2016-04-18 17:27 - 2014-12-01 15:51 - 00001225 _____ C:\Users\M.Klug.LEISS\Desktop\NetDA Manager.lnk
2016-04-18 17:27 - 2014-11-21 13:23 - 00002192 _____ C:\Users\M.Klug.LEISS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-04-18 17:27 - 2014-11-21 13:23 - 00001436 _____ C:\Users\M.Klug.LEISS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-04-18 17:27 - 2014-10-13 19:03 - 00001471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Free Skype voice and video calls.lnk
2016-04-18 17:27 - 2014-10-13 19:02 - 00002330 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Evernote Installer.lnk
2016-04-18 17:27 - 2009-07-14 07:01 - 00001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2016-04-18 17:27 - 2009-07-14 06:49 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2016-04-18 17:26 - 2016-01-13 17:05 - 00002207 _____ C:\Users\M.Klug.LEISS\Desktop\chrome.lnk
2016-04-18 17:26 - 2015-12-23 12:55 - 00001098 _____ C:\Users\M.Klug.LEISS\Desktop\Amazon Music.lnk
2016-04-18 17:26 - 2015-12-14 07:48 - 00001124 _____ C:\Users\M.Klug.LEISS\Desktop\Kundenwünsche.lnk
2016-04-18 17:26 - 2015-12-14 07:48 - 00000981 _____ C:\Users\M.Klug.LEISS\Desktop\Modell_Erstellung.lnk
2016-04-18 17:26 - 2015-12-14 07:48 - 00000946 _____ C:\Users\M.Klug.LEISS\Desktop\Einbautiefen.lnk
2016-04-18 17:26 - 2015-12-14 07:46 - 00001067 _____ C:\Users\M.Klug.LEISS\Desktop\Bodenstandfläche.lnk
2016-04-18 17:26 - 2015-12-14 07:45 - 00001114 _____ C:\Users\M.Klug.LEISS\Desktop\Com-Buch.lnk
2016-04-18 17:26 - 2015-12-14 07:45 - 00000917 _____ C:\Users\M.Klug.LEISS\Desktop\3er Liste.lnk
2016-04-18 17:26 - 2015-12-14 07:44 - 00000747 _____ C:\Users\M.Klug.LEISS\Desktop\Datenblätter PDF.lnk
2016-04-18 17:26 - 2015-12-14 07:44 - 00000706 _____ C:\Users\M.Klug.LEISS\Desktop\Endkontrolle.lnk
2016-04-18 17:26 - 2015-10-12 08:40 - 00001833 _____ C:\Users\M.Klug.LEISS\Desktop\Anfragen.lnk
2016-04-18 17:26 - 2015-09-24 06:35 - 00002196 _____ C:\Users\M.Klug.LEISS\Desktop\david® Client.LNK
2016-04-18 17:26 - 2015-07-09 06:46 - 00002253 _____ C:\Users\M.Klug.LEISS\Desktop\Kalkulation.lnk
2016-04-18 17:26 - 2015-04-27 13:10 - 00004519 _____ C:\Users\M.Klug.LEISS\Desktop\filezilla.exe - Verknüpfung.lnk
2016-04-18 17:26 - 2015-04-09 07:54 - 00001050 _____ C:\Users\M.Klug.LEISS\Desktop\Capture One 8.lnk
2016-04-18 17:26 - 2014-12-04 09:34 - 00001097 _____ C:\Users\M.Klug.LEISS\Desktop\Meusburger Katalog.lnk
2016-04-18 17:26 - 2014-12-04 09:12 - 00002613 _____ C:\Users\M.Klug.LEISS\Desktop\Festo Produktkatalog.lnk
2016-04-18 17:26 - 2014-12-03 14:05 - 00001011 _____ C:\Users\M.Klug.LEISS\Desktop\Anforderungsschein.lnk
2016-04-18 17:26 - 2014-12-01 15:42 - 00002391 _____ C:\Users\M.Klug.LEISS\Desktop\CatalystEX 4.3.lnk
2016-04-18 17:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\L2Schemas
2016-04-18 13:05 - 2014-10-13 19:00 - 00000000 ____D C:\Users\UpdatusUser
2016-04-18 10:46 - 2014-11-21 20:09 - 00000000 ____D C:\Users\M.Klug
2016-04-18 10:46 - 2014-11-21 13:25 - 00000000 ____D C:\Users\Administrator
2016-04-17 19:46 - 2015-04-09 07:55 - 00000000 ____D C:\Users\M.Klug.LEISS\AppData\Local\CaptureOne
2016-04-15 18:48 - 2015-09-20 17:37 - 00000000 ____D C:\ProgramData\tmp
2016-04-15 06:45 - 2014-11-27 14:17 - 00000000 ____D C:\Users\M.Klug.LEISS\AppData\Roaming\Dropbox
2016-04-14 16:08 - 2015-09-23 14:12 - 16034296 ____H C:\Users\M.Klug.LEISS\AppData\Local\IconCache.db.backup
2016-04-14 11:06 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-04-14 10:32 - 2014-12-18 08:14 - 00000000 ____D C:\ProgramData\Simpoe
2016-04-14 09:59 - 2015-10-21 11:11 - 00000000 ____D C:\Users\M.Klug.LEISS\AppData\Roaming\PowerSHAPE
2016-04-14 08:50 - 2014-12-04 16:47 - 00000000 ____D C:\Users\M.Klug.LEISS\AppData\Roaming\Nitro PDF
2016-04-13 06:37 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2016-04-12 10:32 - 2014-12-18 08:26 - 00000000 ____D C:\Users\M.Klug.LEISS\AppData\Local\TempSWSicherungsverzeichnis
2016-04-08 12:00 - 2014-12-11 07:35 - 00000000 ____D C:\Windows\system32\appraiser
2016-04-08 10:35 - 2014-12-05 10:08 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-04-08 10:35 - 2014-12-05 10:08 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-08 10:35 - 2014-12-05 10:08 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-04-06 10:18 - 2010-11-21 05:27 - 00453280 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-04-06 06:49 - 2014-12-18 08:03 - 00000000 ____D C:\Users\M.Klug.LEISS\Documents\SolidWorks Downloads
2016-03-29 08:39 - 2014-12-04 09:34 - 00000000 ____D C:\Program Files (x86)\Meusburger Katalog

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-04-12 10:07 - 2016-04-12 10:07 - 0000036 ____H () C:\Users\M.Klug.LEISS\AppData\Roaming\swk.ini
2014-12-17 08:57 - 2015-10-29 15:11 - 0007619 _____ () C:\Users\M.Klug.LEISS\AppData\Local\Resmon.ResmonCfg
2014-12-04 15:51 - 2015-12-07 08:38 - 0000102 _____ () C:\ProgramData\authlic.dat
2014-11-21 15:04 - 2014-11-21 15:04 - 0000011 _____ () C:\ProgramData\cladm.ini
2014-10-13 18:58 - 2014-10-13 18:58 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-09-17 11:46 - 2015-09-17 11:50 - 0000974 _____ () C:\ProgramData\hpzinstall.log
2014-12-04 15:51 - 2014-12-04 15:51 - 0000027 _____ () C:\ProgramData\ms32win_.log

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\authlic.dat


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-04-18 16:00

==================== Ende von FRST.txt ============================

cosinus · 19.04.2016, 12:42

Solidworks? 3DConnection für Spacemouse?

Ist das ein gewerblich genutztes System??

tschack666 · 19.04.2016, 12:51

teilweise...

18.04.2016, 22:37	#2
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Habe von 1und1 eine Email bekommen wegen Befall von Zeus ! Was tun ? moin Und wir sollen jetzt erraten was in der Mail steht sowie welche (wie viele) Rechner mit welchen Betriebssystemen du hast und ob da auch schonmal Virenfunde zu verzeichnen waren? __________________ __________________

19.04.2016, 09:52	#6
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Habe von 1und1 eine Email bekommen wegen Befall von Zeus ! Was tun ? Ja schön, was ist mit meiner anderen Frage, gab es auf diesem Rechner schonmal Virenfunde oder nicht? Wenn ja, Logs dazu? __________________ --> Habe von 1und1 eine Email bekommen wegen Befall von Zeus ! Was tun ?

19.04.2016, 12:11	#12
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Habe von 1und1 eine Email bekommen wegen Befall von Zeus ! Was tun ? du hast 2x die addition.txt gepostet __________________ Logfiles bitte immer in CODE-Tags posten

19.04.2016, 12:42	#14
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Habe von 1und1 eine Email bekommen wegen Befall von Zeus ! Was tun ? Solidworks? 3DConnection für Spacemouse? Ist das ein gewerblich genutztes System?? __________________ Logfiles bitte immer in CODE-Tags posten

Habe von 1und1 eine Email bekommen wegen Befall von Zeus ! Was tun ?

Plagegeister aller Art und deren Bekämpfung: Habe von 1und1 eine Email bekommen wegen Befall von Zeus ! Was tun ?