Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Ungewünschte Webseite öffnet sich

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 01.02.2017, 20:59   #1
tomka
 
Ungewünschte Webseite öffnet sich - Standard

Ungewünschte Webseite öffnet sich



Hallo,

Beim Besuchen einer Hotel Buchungsseite switcht der Chrome Browser zu einer Erotik Dating Seite. Ist bisher erst einmal passiert und nicht reproduzierbar. Hab ich mir eventuell etwas eingefangen? Malwarebytes und Kaspersky finden bei einem Full Scan nichts. Unten ein frst, danke!


FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 29-01-2017
durchgeführt von ****** (Administrator) auf ****** (01-02-2017 20:51:07)
Gestartet von C:\Users\******\Downloads
Geladene Profile: ****** (Verfügbare Profile: ******)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Authentec Inc.) C:\Program Files\******Vantage Fingerprint Software\upeksvr.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
(Broadcom Corporation.) C:\Program Files\******Pad\Bluetooth Software\btwdins.exe
(Intel® Corporation) C:\Program Files\Intel\CAM\bin\CAMService.exe
() C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe
() C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Ericsson AB) C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Spotify Ltd) C:\Users\******\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHVE.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Broadcom Corporation.) C:\Program Files\******Pad\Bluetooth Software\BTTray.exe
(Dropbox, Inc.) C:\Users\******\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(SunplusIT, Inc.) C:\Program Files (x86)\Integrated Camera\Monitor.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Synology Inc.) C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-ui.exe
(Synology Inc.) C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\cloud-backup-ui.exe
(ABN AMRO) C:\Program Files (x86)\ABN AMRO e.dentifier2\wss\becwsupa.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Synology Inc.) C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-connect.exe
(Synology Inc.) C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\cloud-backup-connect.exe
(Synology Inc.) C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\cloud-backup-daemon.exe
(Lenovo Group Limited) C:\Program Files (x86)\******Pad\Utilities\SCHTASK.EXE
(Synology Inc.) C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-daemon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Broadcom Corporation.) C:\Program Files\******Pad\Bluetooth Software\BTStackServer.exe
() C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
(Lenovo) C:\Program Files (x86)\******Pad\Utilities\PWMDBSVC.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\AuthManager\AuthManSvr.exe
(RStudio, Inc.) C:\Program Files\RStudio\bin\rstudio.exe
(RStudio, Inc.) C:\Program Files\RStudio\bin\x64\rsession.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.517\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.517\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.517\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.517\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.517\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\42.0.2393.517\opera.exe
(Spotify Ltd) C:\Users\******\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\******\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\******\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\******\AppData\Roaming\Spotify\Spotify.exe
(The OpenVPN Project) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\openvpn.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\chrome.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\chrome.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\chrome.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\chrome.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\chrome.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13653208 2013-09-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916592 2014-07-28] (Synaptics Incorporated)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-07-18] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [132920 2013-05-30] (Intel Corporation)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2013-06-19] (Intel Corporation)
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
HKLM-x32\...\Run: [Lenovo App Shop] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2013-06-19] (Intel Corporation)
HKLM-x32\...\Run: [Integrated Camera_Monitor] => C:\Program Files (x86)\Integrated Camera\monitor.exe [1719456 2013-12-10] (SunplusIT, Inc.)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [Becwsupa] => C:\Program Files (x86)\ABN AMRO e.dentifier2\wss\becwsupa.exe [162136 2014-11-28] (ABN AMRO)
HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\******Pad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\******Vantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Run: [Dropbox Update] => C:\Users\******\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Run: [Spotify Web Helper] => C:\Users\******\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-01-28] (Spotify Ltd)
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Run: [Google Update] => C:\Users\******\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2016-12-17] (Google Inc.)
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHVE.EXE [239488 2011-04-24] (SEIKO EPSON CORPORATION)
Lsa: [Notification Packages] scecli C:\Program Files\******Vantage Fingerprint Software\psqlpwd.dll C:\Program Files\******Pad\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [   01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [   02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [   03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [   04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [   05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [CeDesktopIntegration] -> {3CEC3E6D-ECF2-4B49-8A41-3B16DF8B9C3F} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\******\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\******\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\******\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll -> Keine Datei
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-07-27]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\******Pad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-01-11]
ShortcutTarget: Dropbox.lnk -> C:\Users\******\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Cloud Station Backup.lnk [2017-01-31]
ShortcutTarget: Synology Cloud Station Backup.lnk -> C:\Program Files (x86)\Synology\CloudStationBackup\bin\launcher.exe (Synology Inc.)
Startup: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Cloud Station Drive.lnk [2017-01-31]
ShortcutTarget: Synology Cloud Station Drive.lnk -> C:\Program Files (x86)\Synology\CloudStation\bin\launcher.exe (Synology Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog9 01 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-12-23] (Lavasoft Limited)
Winsock: Catalog9 02 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-12-23] (Lavasoft Limited)
Winsock: Catalog9 03 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-12-23] (Lavasoft Limited)
Winsock: Catalog9 04 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-12-23] (Lavasoft Limited)
Winsock: Catalog9 16 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-12-23] (Lavasoft Limited)
Winsock: Catalog9-x64 01 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-12-23] (Lavasoft Limited)
Winsock: Catalog9-x64 02 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-12-23] (Lavasoft Limited)
Winsock: Catalog9-x64 03 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-12-23] (Lavasoft Limited)
Winsock: Catalog9-x64 04 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-12-23] (Lavasoft Limited)
Winsock: Catalog9-x64 16 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-12-23] (Lavasoft Limited)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{377520F3-E7C7-403B-997E-42BDEC38E4BC}: [DhcpNameServer] 62.179.104.196 213.46.228.196 192.168.192.1
Tcpip\..\Interfaces\{88C1C209-1539-42ED-838C-A4BD8376D044}: [DhcpNameServer] 10.15.0.1
Tcpip\..\Interfaces\{8A21F8CE-5324-4563-A4A5-D47CF1CBA83B}: [DhcpNameServer] 172.168.111.2
Tcpip\..\Interfaces\{B524442D-7D83-4ED0-A93C-096812422175}: [DhcpNameServer] 62.179.104.196 213.46.228.196 192.168.192.1
Tcpip\..\Interfaces\{DD3744FA-918D-44DC-86A4-233872F49E60}: [DhcpNameServer] 8.8.8.8 8.8.4.4

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000 -> {417735E5-3C9D-89A4-A0EC-2BA9A2D311CA} URL = 
SearchScopes: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll [2012-04-18] (Symantec Corporation)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-19] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll [2012-04-18] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-19] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
Toolbar: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000 -> Kein Name - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} -  Keine Datei
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/NL/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: HKLM-x32 {538793D5-659C-4639-A56C-A179AD87ED44} hxxps://solisvpn.uu.nl/CACHE/stc/20/binaries/vpnweb.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)

FireFox:
========
FF DefaultProfile: n12tz17e.default-1421155951383
FF ProfilePath: C:\Users\******\AppData\Roaming\Zotero\Zotero\Profiles\9jq04p59.default [2017-02-01]
FF Extension: (Zotero LibreOffice Integration) - C:\Program Files (x86)\Zotero Standalone\extensions\zoteroOpenOfficeIntegration@zotero.org [2016-11-14] [ist nicht signiert]
FF Extension: (Zotero Word for Windows Integration) - C:\Program Files (x86)\Zotero Standalone\extensions\zoteroWinWordIntegration@zotero.org [2016-11-14] [ist nicht signiert]
FF ProfilePath: C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-1480473739-3576749651-3455334848-1000\FireFox [2015-12-01]
FF user.js: detected! => C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-1480473739-3576749651-3455334848-1000\FireFox\user.js [2015-04-23]
FF Extension: (Kein Name) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [nicht gefunden]
FF ProfilePath: C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\n12tz17e.default-1421155951383 [2017-02-01]
FF Extension: (Zotero) - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\n12tz17e.default-1421155951383\Extensions\zotero@chnm.gmu.edu.xpi [2016-10-04]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-12-08]
FF HKLM-x32\...\Firefox\Extensions: [VIP2X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF Extension: (Symantec VIP Access Add-On) - C:\Program Files (x86)\Symantec\VIP Access Client [2013-06-04] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF HKLM-x32\...\Firefox\Extensions: [VIP5X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-11] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @ABNAMRO/BECON,version=1.00 -> C:\Program Files (x86)\ABN AMRO e.dentifier2\Mozilla\npBECON.dll [2014-11-28] (ABN AMRO)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-11] ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2015-12-10] (Citrix Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-13] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-13] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll [2012-05-23] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @hola.org/FlashPlayer -> C:\Users\******\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @hola.org/vlc -> C:\Users\******\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\******\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1312180-0-npoctoshape.dll [2013-12-18] (Octoshape ApS)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\******\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @talk.google.com/O1DPlugin -> C:\Users\******\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @tools.google.com/Google Update;version=3 -> C:\Users\******\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @tools.google.com/Google Update;version=9 -> C:\Users\******\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\******\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2016-09-08] (Zoom Video Communications, Inc.)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: google.com/WidevineMediaOptimizer -> C:\Users\******\AppData\Roaming\IDM\bin\npwidevinemediaoptimizer.dll [2014-06-09] (Google Inc.)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll [2013-06-19] (Intel)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: intel.com/AppUpx64 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll [2013-06-19] (Intel)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\******\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\******\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\******\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2014-05-15] (Octoshape ApS)

Chrome: 
=======
CHR Profile: C:\Users\******\AppData\Local\Google\Chrome\User Data\Default [2017-02-01]
CHR Extension: (Google Präsentationen) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-26]
CHR Extension: (Google Docs) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-26]
CHR Extension: (Google Drive) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-26]
CHR Extension: (YouTube) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-26]
CHR Extension: (Google Cast) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-10-27]
CHR Extension: (Zotero Connector) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2016-12-09]
CHR Extension: (Google Tabellen) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-26]
CHR Extension: (Kaspersky Protection) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2017-01-31]
CHR Extension: (Google Docs Offline) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-26]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Google Mail) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-26]
CHR Extension: (Chrome Media Router) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-15]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 CAMService; C:\Program Files\Intel\CAM\bin\CAMService.exe [1243344 2014-09-03] (Intel® Corporation)
R2 Cloud Station Backup VSS Service x64; C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe [287240 2016-04-12] () [Datei ist nicht signiert]
R2 Cloud Station Drive VSS Service x64; C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe [287240 2016-04-12] () [Datei ist nicht signiert]
S3 DozeSvc; C:\Program Files (x86)\******Pad\Utilities\DZSVC64.EXE [326160 2016-04-14] (Lenovo.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-05-30] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2751760 2015-12-23] (Lavasoft Limited)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [115184 2014-07-08] (Lenovo Group Limited)
R2 lnvDiscoveryWinSvc; C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [20984 2013-10-18] (Lenovo)
S2 LPlatSvc; C:\Windows\system32\LPlatSvc.exe [710144 2016-09-06] (Lenovo.)
R3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (Lenovo)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265936 2014-10-29] ()
R2 NitroDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [216072 2012-05-23] (Nitro PDF Software)
R2 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [17168 2015-12-23] ()
R3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [23416 2017-01-18] ()
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248840 2016-03-18] () [Datei ist nicht signiert]
R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84080 2012-04-18] (Symantec Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WMCoreService; C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe [689560 2012-10-18] (Ericsson AB)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3818704 2014-10-29] (Intel® Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [170200 2013-03-27] (Broadcom Corporation.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
S3 e.dentifier2; C:\Windows\System32\DRIVERS\aabed2.sys [28672 2008-03-20] (Todos Data System AB)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2011-10-05] (Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [29736 2011-10-05] (Ericsson AB)
S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [39504 2013-04-11] (ThreatTrack Security)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-08-31] (GFI Software)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-06-04] (REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-16] (Intel Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [86352 2016-06-14] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [189264 2016-06-26] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [305496 2016-10-03] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1036512 2016-12-08] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [57936 2016-12-08] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [52144 2016-05-18] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [75696 2016-05-17] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [134880 2016-12-08] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [194480 2016-06-14] (AO Kaspersky Lab)
R3 l36wgps; C:\Windows\System32\DRIVERS\l36wgps64.sys [103184 2012-03-01] (Ericsson AB)
R3 l36wscard; C:\Windows\System32\DRIVERS\l36wscard.sys [61992 2011-01-14] (Ericsson AB)
S3 LenLan; C:\Windows\System32\DRIVERS\LenLan.sys [98816 2012-05-29] (Lenovo Corporation)
R3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [443208 2012-10-02] (MCCI Corporation)
R3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [453960 2012-10-02] (MCCI Corporation)
R3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [21832 2012-10-02] (MCCI Corporation)
R3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [506184 2012-10-02] (MCCI Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [45296 2014-07-28] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1514144 2013-12-10] (Sunplus)
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2012-12-05] (Seiko Epson Corporation)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-29] (Lenovo Information Product(ShenZhen China) Inc.)
S3 tvtvcamd; C:\Windows\System32\DRIVERS\tvtvcamd.sys [27432 2011-12-07] (******Vantage Communications Utility)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2015-10-23] (Cisco Systems, Inc.)
R3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [281840 2013-02-19] (Ericsson AB)
S3 ALSysIO; \??\C:\Users\******\AppData\Local\Temp\ALSysIO64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz137; \??\C:\Users\******\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
S2 smihlp2; \??\C:\Program Files\******Vantage Fingerprint Software\smihlp.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-01 20:51 - 2017-02-01 20:51 - 00043250 _____ C:\Users\******\Downloads\FRST.txt
2017-02-01 20:40 - 2017-02-01 20:51 - 00000000 ____D C:\FRST

2017-01-31 09:35 - 2017-01-31 09:35 - 00000000 ____D C:\Users\******\AppData\Local\Tvsukernel

2017-01-18 12:00 - 2017-01-18 12:00 - 00133448 _____ (Zoom Video Communications, Inc.) C:\Users\******\Downloads\Zoom_launcher (4).exe

2017-01-11 12:03 - 2017-01-11 12:03 - 00133448 _____ (Zoom Video Communications, Inc.) C:\Users\******\Downloads\Zoom_launcher (3).exe
2017-01-11 11:21 - 2017-01-05 19:55 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-01-11 11:21 - 2017-01-05 19:55 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-01-11 11:21 - 2017-01-05 19:52 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-01-11 11:21 - 2017-01-05 18:42 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-01-11 11:21 - 2017-01-05 18:32 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-01-11 11:21 - 2017-01-05 18:25 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-01-11 11:21 - 2017-01-05 18:24 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-01-11 11:21 - 2017-01-05 18:24 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-01-11 11:21 - 2017-01-05 18:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-01-11 11:21 - 2017-01-05 18:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-01-11 11:21 - 2017-01-05 18:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll


==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-01 20:45 - 2014-01-21 14:54 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-02-01 20:43 - 2015-01-14 13:15 - 00000000 ____D C:\Users\******\Documents\Zotero Workspace
2017-02-01 20:40 - 2015-01-27 22:41 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-02-01 20:37 - 2014-08-04 08:15 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-02-01 20:06 - 2013-08-14 00:35 - 00000000 ____D C:\Users\******\AppData\Roaming\Spotify
2017-02-01 19:59 - 2016-11-26 11:28 - 00000000 ____D C:\Users\******\AppData\LocalLow\Mozilla
2017-02-01 19:54 - 2015-06-17 15:27 - 00001228 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000UA.job
2017-02-01 19:01 - 2013-08-14 00:37 - 00000000 ____D C:\Users\******\AppData\Local\Spotify
2017-02-01 18:08 - 2015-06-17 15:27 - 00001176 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000Core.job
2017-02-01 18:04 - 2009-07-14 05:45 - 00034432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-02-01 18:04 - 2009-07-14 05:45 - 00034432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-02-01 17:58 - 2016-07-03 00:05 - 00000000 ___RD C:\Users\******\******drive
2017-02-01 15:52 - 2015-10-17 18:42 - 00000548 _____ C:\Windows\Tasks\MATLAB R2015b Startup Accelerator.job
2017-01-31 20:54 - 2016-01-24 16:52 - 00000000 ____D C:\Users\******\AppData\Local\Citrix
2017-01-31 14:14 - 2014-01-01 11:49 - 00000000 ____D C:\Users\******\Documents\Outlook-Dateien
2017-01-31 09:47 - 2013-06-05 09:15 - 00703214 _____ C:\Windows\system32\perfh007.dat
2017-01-31 09:47 - 2013-06-05 09:15 - 00150822 _____ C:\Windows\system32\perfc007.dat
2017-01-31 09:47 - 2009-07-14 06:13 - 01629436 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-31 09:47 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-01-31 09:42 - 2016-04-23 21:51 - 00000000 ___RD C:\Users\******\CloudStation
2017-01-31 09:42 - 2016-04-23 10:20 - 00000000 ____D C:\Users\******\AppData\Local\CloudStationBackup
2017-01-31 09:42 - 2013-06-26 17:26 - 00000000 ___RD C:\Users\******\Dropbox
2017-01-31 09:42 - 2013-06-26 16:49 - 00000000 ____D C:\Users\******
2017-01-31 09:41 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-31 09:36 - 2013-06-26 16:52 - 00000000 ____D C:\Users\******\AppData\Roaming\Nitro PDF
2017-01-31 09:35 - 2013-06-04 23:34 - 00000000 ____D C:\Program Files (x86)\Lenovo
2017-01-31 09:35 - 2013-06-04 17:02 - 00000000 ____D C:\ProgramData\Lenovo
2017-01-31 09:34 - 2016-11-22 21:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-31 09:34 - 2013-06-26 22:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-30 22:29 - 2013-06-27 19:37 - 00007644 _____ C:\Users\******\AppData\Local\Resmon.ResmonCfg
2017-01-30 10:02 - 2013-06-04 23:44 - 00000000 ____D C:\Windows\System32\Tasks\TVT
2017-01-30 10:02 - 2013-06-04 23:38 - 00000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ******Vantage Tools
2017-01-29 14:51 - 2016-02-07 11:28 - 00000946 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2017-01-28 11:02 - 2015-01-09 00:55 - 00003862 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1420761345
2017-01-28 11:02 - 2013-06-26 18:24 - 00000000 ____D C:\Program Files (x86)\Opera
2017-01-26 21:36 - 2016-04-23 21:36 - 00000000 ____D C:\Users\******\AppData\Local\CloudStation
2017-01-26 00:03 - 2015-04-23 19:04 - 00000000 ____D C:\Users\******\AppData\Local\RStudio-Desktop
2017-01-25 15:16 - 2016-05-16 22:52 - 00010275 _____ C:\Users\******\Documents\.Rhistory
2017-01-25 15:16 - 2015-04-23 19:22 - 00000000 ____D C:\Users\******\AppData\Roaming\RStudio
2017-01-25 08:40 - 2013-06-26 17:15 - 00000000 ____D C:\Users\******\AppData\Roaming\Dropbox
2017-01-23 07:12 - 2015-12-03 21:54 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-20 12:13 - 2013-06-26 16:59 - 00000000 ____D C:\Users\******\AppData\Roaming\Skype
2017-01-18 18:34 - 2013-06-26 17:00 - 00000000 ____D C:\Users\******\AppData\Local\LSC
2017-01-18 18:34 - 2013-06-26 16:50 - 00000000 ____D C:\Users\******\AppData\Local\Lenovo
2017-01-14 16:30 - 2014-11-22 14:10 - 00000000 ____D C:\ProgramData\Sonos,_Inc
2017-01-12 21:00 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2017-01-12 12:06 - 2013-07-15 10:32 - 00000000 ____D C:\Windows\system32\MRT
2017-01-12 12:00 - 2013-06-27 08:26 - 135657872 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-01-11 13:00 - 2015-01-07 17:33 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-01-11 12:40 - 2016-10-11 18:47 - 20630616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2017-01-11 12:40 - 2016-02-07 11:28 - 00003936 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-01-11 12:40 - 2015-01-27 22:41 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-01-11 12:40 - 2013-12-14 16:24 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-01-11 12:40 - 2013-12-14 16:24 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-01-11 12:40 - 2013-06-26 17:24 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-01-11 12:40 - 2013-06-26 17:24 - 00000000 ____D C:\Windows\system32\Macromed
2017-01-09 20:00 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-12-30 21:09 - 2016-12-30 21:09 - 0000000 _____ () C:\Users\******\AppData\Roaming\06614afc-e1da-4f66-8e25-9cdde7f40bc0.storage
2016-12-30 21:28 - 2016-12-30 21:28 - 0000000 _____ () C:\Users\******\AppData\Roaming\0b0b642d-bad1-4a42-ae39-e04d3dfd24eb.storage
2016-12-30 21:28 - 2016-12-30 21:28 - 0000000 _____ () C:\Users\******\AppData\Roaming\232b9fac-fc4c-42d2-aa1f-7e61e087d91d.storage
2016-12-30 21:28 - 2016-12-30 21:28 - 0000000 _____ () C:\Users\******\AppData\Roaming\69052423-4e19-425b-9aed-d51266bff2bc.storage
2013-10-03 23:29 - 2013-10-03 23:29 - 0000000 _____ () C:\Users\******\AppData\Roaming\AbsoluteReminder.xml
2013-10-16 20:22 - 2013-10-16 20:58 - 0000132 _____ () C:\Users\******\AppData\Roaming\Adobe CS5-Voreinstellungen für BMP-Format
2013-08-08 00:21 - 2013-08-08 00:21 - 0000037 ___SH () C:\Users\******\AppData\Local\70149b02515b3bb20dd492.47983420
2013-06-27 19:37 - 2017-01-30 22:29 - 0007644 _____ () C:\Users\******\AppData\Local\Resmon.ResmonCfg
2013-06-04 23:36 - 2013-06-04 23:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-03-06 19:19 - 2016-03-17 14:59 - 0000941 _____ () C:\ProgramData\GADump.txt
2014-07-21 09:47 - 2014-07-21 09:47 - 0000337 _____ () C:\ProgramData\hpzinstall.log
2013-06-26 16:52 - 2013-07-07 18:31 - 0000227 _____ () C:\ProgramData\LastUpdate.xml

Einige Dateien in TEMP:
====================
2015-12-11 15:53 - 2015-12-11 15:53 - 0172536 _____ (Cisco Systems, Inc.) C:\Users\******\AppData\Local\Temp\20151211035326961jniverify.dll
2015-10-22 13:22 - 2015-10-22 13:22 - 350951272 _____ (Continuum Analytics, Inc.) C:\Users\******\AppData\Local\Temp\Anaconda-2.3.0-Windows-x86_64.exe
2015-12-01 18:01 - 2015-12-01 18:01 - 0071168 _____ () C:\Users\******\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp1mbv7k.dll
2015-11-06 21:07 - 2015-11-06 21:09 - 23306368 _____ (Hola Networks Ltd.) C:\Users\******\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.10.317.exe
2016-01-14 20:43 - 2016-01-14 20:44 - 23318656 _____ (Hola Networks Ltd.) C:\Users\******\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.11.272.exe
2015-10-17 14:34 - 2015-10-18 09:38 - 23262848 _____ (Hola Networks Ltd.) C:\Users\******\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.9.624.exe
2015-10-29 17:25 - 2015-10-29 17:25 - 23262848 _____ (Hola Networks Ltd.) C:\Users\******\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.9.789.exe
2016-10-19 17:20 - 2016-10-19 17:20 - 0737856 _____ (Oracle Corporation) C:\Users\******\AppData\Local\Temp\jre-8u111-windows-au.exe
2015-10-18 15:41 - 2015-10-18 15:41 - 0585824 _____ (Oracle Corporation) C:\Users\******\AppData\Local\Temp\jre-8u60-windows-au.exe
2015-12-07 18:43 - 2015-12-07 18:43 - 0585824 _____ (Oracle Corporation) C:\Users\******\AppData\Local\Temp\jre-8u66-windows-au.exe
2016-05-03 23:21 - 2016-05-03 23:21 - 0739904 _____ (Oracle Corporation) C:\Users\******\AppData\Local\Temp\jre-8u91-windows-au.exe
2016-11-29 18:45 - 2016-11-29 18:45 - 16826944 ____T (Geek Software GmbH                                          ) C:\Users\******\AppData\Local\Temp\pdf24-creator-update.exe
2016-03-04 23:03 - 2016-03-04 23:03 - 0111104 _____ () C:\Users\******\AppData\Local\Temp\readSTILog.dll
2016-05-15 17:46 - 2016-05-15 17:47 - 41346176 _____ (Skype Technologies S.A.) C:\Users\******\AppData\Local\Temp\SkypeSetup.exe
2015-08-14 13:29 - 2015-07-29 21:08 - 0681097 _____ (SQLite Development Team) C:\Users\******\AppData\Local\Temp\sqlite3.dll
2016-06-06 18:23 - 2016-07-05 21:12 - 3901016 _____ () C:\Users\******\AppData\Local\Temp\Synology-Cloud-Station-Backup-Upgrader.exe
2016-06-06 18:23 - 2016-11-24 23:32 - 3923032 _____ () C:\Users\******\AppData\Local\Temp\Synology-Cloud-Station-Drive-Upgrader.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-01-23 16:35

==================== Ende von FRST.txt ============================
         
--- --- ---

Alt 02.02.2017, 09:31   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Ungewünschte Webseite öffnet sich - Standard

Ungewünschte Webseite öffnet sich



hi,


addition.txt logfile fehlt, bitte nachreichen


Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 02.02.2017, 23:21   #3
tomka
 
Ungewünschte Webseite öffnet sich - Standard

Ungewünschte Webseite öffnet sich



Sorry -- hier die addition.

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 29-01-2017
durchgeführt von ****** (01-02-2017 20:51:38)
Gestartet von C:\Users\******\Downloads
Windows 7 Professional Service Pack 1 (X64) (2013-06-26 15:49:52)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1480473739-3576749651-3455334848-500 - Administrator - Disabled)
Gast (S-1-5-21-1480473739-3576749651-3455334848-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1480473739-3576749651-3455334848-1004 - Limited - Enabled)
Sonos (S-1-5-21-1480473739-3576749651-3455334848-1005 - Limited - Enabled)
****** (S-1-5-21-1480473739-3576749651-3455334848-1000 - Administrator - Enabled) => C:\Users\******

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Aangifte inkomstenbelasting 2011 (HKLM-x32\...\Aangifte inkomstenbelasting 2011) (Version:  - Belastingdienst)
Aangifte inkomstenbelasting 2013 (HKLM-x32\...\Aangifte inkomstenbelasting 2013) (Version:  - Belastingdienst)
ABN AMRO E.dentifier2 Software (HKLM-x32\...\{7FFDD64B-C182-41D6-AB43-257C07AE486A}) (Version: 03.10 - ABN AMRO BANK)
ActivePerl 5.20.2 Build 2002 (64-bit) (HKLM\...\{C07C5E6C-2225-4668-896C-31A7D105A9BB}) (Version: 5.20.2002 - ActiveState)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 23.0.0.257 - Adobe Systems Incorporated)
Adobe Connect 9 Add-in (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Adobe Connect 9 Add-in) (Version: 11,9,972,8 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 24 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.12020 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.12020 - Cisco Systems, Inc.) Hidden
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.4.0.8014 - Citrix Systems, Inc.)
Crayon Physics Deluxe Demo version 55_demo (HKLM-x32\...\{1AB2519C-B340-4B0C-9F81-BCF32A842EBF}_is1) (Version: 55_demo - Kloonigames, Ltd)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - ****** Group Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Dropbox) (Version: 18.4.32 - Dropbox, Inc.)
Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.68.10 - ****** Group Limited)
EPSON BX620FWD Series Printer Uninstall (HKLM\...\EPSON BX620FWD Series) (Version:  - SEIKO EPSON Corporation)
EPSON BX635FWD Series Printer Uninstall (HKLM\...\EPSON BX635FWD Series) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EpsonNet Config V4 (HKLM-x32\...\{08013FB5-DF8B-4D29-9B5E-B3DE88EBA6CA}) (Version: 4.1.1 - SEIKO EPSON CORPORATION)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ExpressVPN v3.305 (HKLM-x32\...\ExpressVPN) (Version: v3.305 - )
Free WMA to MP3 Converter 1.16 (HKLM-x32\...\Free WMA to MP3 Converter_is1) (Version:  - Jodix Technologies Ltd.)
G*Power 3.1.9.2 (HKLM-x32\...\{F9C59D86-6F65-4EDB-89A2-FBA1F78762D2}) (Version: 3.1.92 - Franz Faul, Uni Kiel, Germany)
GOG.com Heroes of Might and Magic 3 (HKLM\...\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb) (Version:  - )
Google Apps Migration For Microsoft Outlook® 4.0.29.9 (HKLM-x32\...\{E8248BD6-6294-4CF6-9CF9-BDAAC0CC8253}) (Version: 4.0.29.9 - Google, Inc.)
Google Apps Sync™ for Microsoft Outlook® 3.8.440.1250 (HKLM-x32\...\{091C294E-F243-432C-93E1-DEC4C2B9635B}) (Version: 3.8.440.1250 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Hema Fotoalbum (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\{83EF9202-135C-4AFC-A083-DE9D09C6BC46}_is1) (Version:  - Hema)
Heroes of Might and Magic 3 Complete (HKLM-x32\...\GOGPACKHOMM3COMPLETE_is1) (Version: 2.0.0.16 - GOG.com)
IBM SPSS Statistics 20 (HKLM\...\{2AF8017B-E503-408F-AACE-8A335452CAD2}) (Version: 20.0.0.0 - IBM Corp)
inSSIDer 3 (HKLM-x32\...\{A80CEA4E-74C1-4F9F-806B-E1D9AFC01768}) (Version: 3.0.7.48 - MetaGeek, LLC)
Integrated Camera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.7.31 - SunplusIT)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.9.254 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{728985C5-A04B-457C-9D62-15360F3EAF85}) (Version: 3.1.29.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Intel® PROSet/Wireless Software (HKLM-x32\...\{9bffdf20-c3a3-4e93-9cbf-61712c6a38be}) (Version: 17.13.2 - Intel Corporation)
JabRef 2.10 (HKLM-x32\...\JabRef 2.10) (Version: 2.10 - JabRef Team)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
****** Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 8.80.10 - ******)
****** App Shop (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 44154 - Intel)
****** Auto Scroll Utility (HKLM\...\******AutoScrollUtility) (Version: 2.13 - )
****** Mobile Broadband Activation (HKLM-x32\...\{A95D9DF7-CF34-421A-A1DC-936A49A4DAEA}) (Version: 4.2.1003.00 - ****** Group Limited)
****** Patch Utility (HKLM-x32\...\{6E6E7725-C7BC-4C39-8B3F-14B67331A120}) (Version: 1.3.0.9 - ****** Group Limited)
****** Patch Utility (x32 Version: 1.4.0.4 - ****** Group Limited) Hidden
****** Patch Utility 64 bit (HKLM\...\{0369F866-2CE0-4EB9-B426-88FA122C6E82}) (Version: 1.3.0.9 - ****** Group Limited)
****** Patch Utility 64 bit (Version: 1.4.0.4 - ****** Group Limited) Hidden
****** Peer Connect SDK (HKLM\...\{75C87855-9CBB-4892-B1A9-74C73A19CACA}_is1) (Version: 1.0.0.1 - ******)
****** Power Management Driver (Version: 1.67.12.16 - ******) Hidden
****** Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.4 - ****** Inc.)
****** Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - ******)
****** System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0045 - ******)
****** USB 2.0 Ethernet Adapter (HKLM-x32\...\{29584513-DC7F-4EB9-8654-7C541DF0DDCE}) (Version: 1.11 - ******)
****** User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0009.00 - ****** Group Limited)
****** Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - ******)
****** Welcome (HKLM-x32\...\{2DC26D10-CC6A-494F-BEA3-B5BC21126D5E}) (Version: 3.1.0021.00 - ****** Group Limited)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Master of Orion 2 (HKLM-x32\...\1207661633_is1) (Version: 2.1.0.18 - GOG.com)
MATLAB R2015b (HKLM\...\Matlab R2015b) (Version: 8.6 - MathWorks)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Metric Collection SDK (x32 Version: 1.1.0005.00 - ****** Group Limited) Hidden
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 - Nederlands (HKLM\...\{90150000-001F-0413-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 - Nederlands (HKLM-x32\...\{90150000-001F-0413-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mobile Broadband Drivers (HKLM-x32\...\{EA9640BE-414E-4195-B53B-7905BF1A5A09}) (Version: 7.2.5.4 - Ericsson AB)
Mozilla Firefox 51.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 de)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
Mplus Version 7.3 Demo (64-bit) (HKLM\...\{BA273660-8C9F-4835-A906-3B5686BE7AB4}) (Version: 7.3.0 - Muthen & Muthen)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
Nitro Pro 7 (HKLM\...\{36710189-55DF-4D75-8B6A-523CC61B7047}) (Version: 7.4.1.4 - Nitro PDF Software)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.3.3 - Notepad++ Team)
Octave 4.0.0 (HKLM-x32\...\Octave-4.0.0) (Version: 4.0.0 - GNU Octave)
Octoshape Streaming Services (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Octoshape Streaming Services) (Version:  - Octoshape ApS)
Online Plug-in (x32 Version: 14.4.0.8014 - Citrix Systems, Inc.) Hidden
Opera Stable 42.0.2393.517 (HKLM-x32\...\Opera 42.0.2393.517) (Version: 42.0.2393.517 - Opera Software)
PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Python 2.7.10 (Anaconda 2.3.0 64-bit) (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Python 2.7.10 (Anaconda 2.3.0 64-bit)) (Version: 2.3.0 - Continuum Analytics, Inc.)
Python 3.4.3 (HKLM-x32\...\{CCD588A7-8D55-49F1-A30C-47FAB40889ED}) (Version: 3.4.16490 - Python Software Foundation)
Python 3.5.2 (Anaconda3 4.1.1 64-bit) (HKLM\...\Python 3.5.2 (Anaconda3 4.1.1 64-bit)) (Version: 4.1.1 - Continuum Analytics, Inc.)
R for Windows 3.0.1 (HKLM\...\R for Windows 3.0.1_is1) (Version: 3.0.1 - R Core Team)
R for Windows 3.0.3 (HKLM\...\R for Windows 3.0.3_is1) (Version: 3.0.3 - R Core Team)
R for Windows 3.2.0 (HKLM\...\R for Windows 3.2.0_is1) (Version: 3.2.0 - R Core Team)
R for Windows 3.2.2 (HKLM\...\R for Windows 3.2.2_is1) (Version: 3.2.2 - R Core Team)
R for Windows 3.3.1 (HKLM\...\R for Windows 3.3.1_is1) (Version: 3.3.1 - R Core Team)
RapidBoot Shield (HKLM\...\{5E2652DF-743F-482B-A593-C95F431A5769}) (Version: 1.23 - ******)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7040 - Realtek Semiconductor Corp.)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
RICOH_Media_Driver_v2.14.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH)
RStudio (HKLM-x32\...\RStudio) (Version: 0.99.489 - RStudio)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.43.0 - SAMSUNG Electronics Co., Ltd.)
Self-Service Plug-in (x32 Version: 4.4.0.11833 - Citrix Systems, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
Sonos Controller (HKLM-x32\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 34.7.35161 - Sonos, Inc.)
Spotify (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Spotify) (Version: 1.0.47.13.gd8e05b1f - Spotify AB)
SRWare Iron version 48.2550.2 (HKLM-x32\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: 48.2550.2 - SRWare)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version:  - )
Synology Cloud Station Backup (remove only) (HKLM\...\Synology Cloud Station Backup) (Version: 4.0.4204 - Synology, Inc.)
Synology Cloud Station Drive (HKLM-x32\...\{A2E63753-A06C-40ED-902E-BBD8250B1CAD}) (Version: 4.0.4204 - Synology)
TeXnicCenter Version 2.02 Stable (HKLM\...\TeXnicCenter_is1) (Version: 2.02 Stable - The TeXnicCenter Team)
TeXstudio 2.6.2 (HKLM-x32\...\TeXstudio_is1) (Version: 2.6.2 - Benito van der Zander)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.4500 - Broadcom Corporation)
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.14 - )
ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 6.25.65 - ******)
ThinkVantage Access Connections (HKLM-x32\...\{A62AEB2B-E2A0-4E77-8AAE-9645FE3B5487}) (Version: 5.95 - ******)
ThinkVantage Fingerprint Software (HKLM\...\{F58DA859-016E-492D-A588-317D9BB28002}) (Version: 5.9.9.7282 - Authentec Inc.)
ThinkVantage GPS (HKLM-x32\...\{6DB21B2C-2BEF-44B4-B264-8EC2BC2369C6}) (Version: 2.81 - ******)
VIP Access (HKLM-x32\...\{E8D46836-CD55-453C-A107-A59EC51CB8DC}) (Version: 2.0.5.13 - VeriSign)
VUmc Desktop (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\storeservi-ee876895@@VUMC.VUmc Desktop $S1-1) (Version: 1.0 - Delivered by Citrix)
Web Companion (HKLM-x32\...\{6ece3bf6-3694-4acf-b158-16f51a2c6b56}) (Version: 2.1.1265.2535 - Lavasoft)
Widevine Media Optimizer Chrome 6.0.0 (HKLM-x32\...\optimizer_chrome) (Version: 6.0.0.12442 - Widevine Technologies)
Widevine Media Optimizer Chrome 6.0.0 (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\optimizer_chrome) (Version: 6.0.0.12442 - Widevine Technologies)
Widevine Media Optimizer IE 6.0.0 (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\optimizer_ie) (Version: 6.0.0.12757 - Widevine Technologies)
WinDirStat 1.1.2 (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\WinDirStat) (Version:  - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-Treiberpaket - Intel (ISCT) System  (08/23/2011 1.0.5.0) (HKLM\...\8D1FA6162A87496A05284A0C76A3B76705965B62) (Version: 08/23/2011 1.0.5.0 - Intel)
Windows-Treiberpaket - Intel System  (01/11/2012 9.3.0.1020) (HKLM\...\09839A9B5EDA69DA2DCC34637B5140AAF8A53B44) (Version: 01/11/2012 9.3.0.1020 - Intel)
Windows-Treiberpaket - Intel System  (08/26/2011 9.3.0.1011) (HKLM\...\9D7CD466F7FC8B18FF1B84943B7BB8648D17FCE8) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Intel System  (08/26/2011 9.3.0.1011) (HKLM\...\D8EF6CACF49BD33CC1FACD124C8CC2B1A8E8AE35) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Intel USB  (08/26/2011 9.3.0.1011) (HKLM\...\97EE1802A0385A37DE6323FA39EC76BEB2D73E41) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - ****** 1.65.05.20 (02/29/2012 1.65.05.20) (HKLM\...\E3535F123E7F666D573665142F90D3E5004DC326) (Version: 02/29/2012 1.65.05.20 - ******)
Windows-Treiberpaket - Synaptics (SmbDrv) System  (07/05/2012 16.2.5.0) (HKLM\...\99334E0BAA64ED1D117794050F2AA7D3951D9A7D) (Version: 07/05/2012 16.2.5.0 - Synaptics)
Windows-Treiberpaket - Synaptics (SynTP) Mouse  (07/05/2012 16.2.5.0) (HKLM\...\0395D83D6A2C0E110509B9E80E9BC5F29238FA82) (Version: 07/05/2012 16.2.5.0 - Synaptics)
Zoom (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\ZoomUMX) (Version: 3.5 - Zoom Video Communications, Inc.)
Zotero Standalone 4.0.29.10 (x86 en-US) (HKLM-x32\...\Zotero Standalone 4.0.29.10 (x86 en-US)) (Version: 4.0.29.10 - Zotero)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\******\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AC}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
CustomCLSID: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AD}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {04B8EF9D-CD39-4182-8842-9B08430F0197} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\******\System Update\tvsuShim.exe [2017-01-18] ()
Task: {0604997D-52D6-4514-AE28-F1DE449BF276} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {11257F63-5297-4886-AFC6-2211F6C9B8A3} - System32\Tasks\{AD1218B3-DC59-4081-8A45-2014706A72CC} => pcalua.exe -a "C:\Users\******\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4EH50OQF\AVM_FRITZ!WLAN_Repeater_310_Assistent.exe" -d C:\Users\******\Desktop
Task: {13D992D7-888A-4AAF-B17E-0ED000690458} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe [2017-01-11] (Adobe Systems Incorporated)
Task: {16D76F82-AC80-4041-BCAC-6798F30CD84B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000UA => C:\Users\******\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {223DFF31-BFCA-43FF-8339-C43B221A089F} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe [2016-04-14] (****** Group Limited)
Task: {23E62AD8-63C7-49C4-8D88-568E37D12038} - System32\Tasks\{E661EA14-4831-4DC9-BA24-1F58FD3A9520} => C:\Users\******\Downloads\alfatest.exe
Task: {2A225316-1432-459F-9552-0F316D99B9BB} - System32\Tasks\MATLAB R2015b Startup Accelerator => C:\Program Files\MATLAB\R2015b\bin\win64\MATLABStartupAccelerator.exe [2015-07-30] ()
Task: {4ED24D9E-64F9-4EFD-8D62-2A46AB7FD6F4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000Core => C:\Users\******\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {5101C02D-4ACA-41E8-A6F5-210953BD81F2} - System32\Tasks\{9F4FBCB7-441F-4042-8998-402A08F71CD7} => C:\Users\******\Downloads\alfatest.exe
Task: {51527F61-8136-4602-9BBD-7F6A3386DE9E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-11] (Adobe Systems Incorporated)
Task: {516DE39E-4BC8-46DC-98B3-4E384F30F3C3} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000UA => C:\Users\******\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {544E4E1D-B75D-4BB3-A0C9-D1FF08669CC2} - System32\Tasks\{96C4092B-3E36-4FFF-A252-679948D94E24} => C:\Users\******\Downloads\alfatest.exe
Task: {646D7B7F-B14A-469C-8AD8-BB0FB8EC24F5} - System32\Tasks\******\****** Solution Center Launcher => C:\Program Files\******\****** solution center\App\LSC.Services.UpdateStatusService.exe [2016-06-02] ()
Task: {76341AC4-F95F-4D4F-8EB4-6F4D2A41CBB6} - System32\Tasks\Opera scheduled Autoupdate 1420761345 => C:\Program Files (x86)\Opera\launcher.exe [2017-01-26] (Opera Software)
Task: {7A94AD62-0252-460D-9461-2AECDE893A62} - System32\Tasks\{B5103088-5AA1-4ED1-B052-EE1CD81AA67F} => C:\Users\******\Downloads\alfatest.exe
Task: {7ED977C3-E5A3-4DF8-A891-8CAC05FDC42C} - System32\Tasks\******\LSC\LSCHardwareScanPostpone => C:\Program Files\******\****** Solution Center\LSC.exe [2016-06-02] (******)
Task: {81950FA3-3AF2-4847-B96B-94549F81FE8A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {8B1A1E8D-C0C0-4103-A1F3-3F622D197ACF} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000Core => C:\Users\******\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {A0C547F0-617C-40D8-9079-033C06E2AFA0} - System32\Tasks\******\LSC\LSCHardwareScan => C:\Program Files\******\****** Solution Center\LSC.exe [2016-06-02] (******)
Task: {A66A4169-D399-41CB-8193-6621E49CB98E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {A9A553D2-A554-44FC-95C8-5FA6297B2471} - System32\Tasks\{396E50AE-0DBA-4615-A96F-CFE4DC2D9EF1} => C:\Users\******\Downloads\alfatest.exe
Task: {ACA06C7F-29C4-4B82-9EE4-5D7963A33E65} - System32\Tasks\{7389CD34-2D3B-4788-99E0-2FA2C4B12C48} => C:\Users\******\Downloads\alfatest.exe
Task: {AE958A85-104F-49B4-BB51-ED3F76BFD594} - System32\Tasks\******\****** Customer Feedback Program 64 35 => C:\Program Files (x86)\******\Customer Feedback Program 35\******.TVT.CustomerFeedback.Agent35.exe
Task: {C6BF3026-2C4E-4AA4-BC5A-B1168C431C62} - System32\Tasks\******\****** Customer Feedback Program 64 => C:\Program Files (x86)\******\Customer Feedback Program\******.TVT.CustomerFeedback.Agent.exe [2015-07-01] (******)
Task: {CE9FB232-A20A-4B40-BDDE-6185834DBC42} - System32\Tasks\{1D30A00C-6ED6-4D93-B8A1-4E559F3B335B} => C:\Users\******\Downloads\alfatest.exe
Task: {D2A57E6F-F90F-4E0A-8870-20C421B5B0C3} - System32\Tasks\{BC072FDB-9C95-45AD-8328-17D7B8A4868E} => C:\Users\******\Downloads\alfatest.exe
Task: {D63B89A4-B7CE-47C3-9233-92909828A987} - System32\Tasks\{010A5FF7-A151-4825-B0EA-879607C5D583} => C:\Users\******\Downloads\alfatest.exe
Task: {D7CDE812-B353-455D-8286-DE0FC7CFEE28} - System32\Tasks\{D82A1DC1-78A4-4231-BB44-53D94432F129} => C:\Users\******\Downloads\alfatest.exe
Task: {D878A05F-D674-4915-8F9F-E9E7706D7DE1} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\******\System Update\tvsuShim.exe [2017-01-18] ()
Task: {E3C18149-1EC2-429A-83A7-E2C63EA57782} - System32\Tasks\******\LSC\****** Solution Center Notifications => C:\Program Files\******\****** Solution Center\LSCNotify.exe [2016-06-02] (******)
Task: {E6402E65-A275-44D8-AAFA-BF21A3E4F87B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000Core.job => C:\Users\******\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000UA.job => C:\Users\******\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\MATLAB R2015b Startup Accelerator.job => C:\Program Files\MATLAB\R2015b\bin\win64\MATLABStartupAccelerator.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\******\Documents\Studium\Hiwi\Medieninhaltsforschung\Eigene Websites auf MSN\target.lnk -> hxxp://de.msnusers.co
Shortcut: C:\Users\******\Documents\Studium\Hiwi\Hiwi\Medieninhaltsforschung\Eigene Websites auf MSN\target.lnk -> hxxp://de.msnusers.co

ShortcutWithArgument: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda (64-bit)\Anaconda Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k "C:\Users\******\AppData\Local\Dato\Dato Launcher\Scripts\anaconda.bat"
ShortcutWithArgument: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda (64-bit)\Wakari (in the cloud).lnk -> C:\Users\******\AppData\Local\Dato\Dato Launcher\pythonw.exe () -> -m webbrowser -t "hxxps://www.wakari.io/"

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-04-12 07:15 - 2016-04-12 07:15 - 00287240 _____ () C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe
2016-04-12 14:47 - 2016-04-12 14:47 - 00287240 _____ () C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe
2015-12-23 14:15 - 2015-12-23 14:15 - 00017168 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
2015-12-23 14:15 - 2015-12-23 14:15 - 00008976 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Service.Logger.dll
2015-12-23 14:15 - 2015-12-23 14:15 - 00028432 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WcfService.dll
2016-03-18 06:41 - 2016-03-18 06:41 - 00248840 _____ () C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2013-06-04 23:37 - 2016-03-02 00:52 - 00102904 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-06-04 23:38 - 2016-04-14 05:08 - 00119808 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2017-01-30 10:02 - 2017-01-18 16:36 - 00023416 _____ () C:\Program Files (x86)\******\System Update\SUService.exe
2014-10-30 06:38 - 2014-10-30 06:38 - 00087040 _____ () C:\Program Files\RStudio\bin\x64\libgcc_s_sjlj-1.dll
2014-10-30 06:38 - 2014-10-30 06:38 - 01207296 _____ () C:\Program Files\RStudio\bin\x64\libstdc++-6.dll
2016-09-01 11:37 - 2016-06-21 13:36 - 00321501 _____ () C:\Program Files\R\R-3.3.1\bin\x64\Rgraphapp.dll
2016-09-01 11:37 - 2016-06-21 13:37 - 30707200 _____ () C:\Program Files\R\R-3.3.1\bin\x64\R.dll
2016-09-01 11:37 - 2016-06-21 13:37 - 00315866 _____ () C:\Program Files\R\R-3.3.1\bin\x64\Rblas.dll
2016-09-01 11:37 - 2016-06-21 13:36 - 00066785 _____ () C:\Program Files\R\R-3.3.1\bin\x64\Riconv.dll
2016-09-01 11:37 - 2016-06-21 13:43 - 00040960 _____ () C:\Program Files\R\R-3.3.1\library\methods\libs\x64\methods.dll
2016-09-01 11:37 - 2016-06-21 13:40 - 00124416 _____ () C:\Program Files\R\R-3.3.1\library\utils\libs\x64\utils.dll
2016-09-01 11:37 - 2016-06-21 13:41 - 01054208 _____ () C:\Program Files\R\R-3.3.1\library\grDevices\libs\x64\grDevices.dll
2016-09-01 11:37 - 2016-06-21 13:41 - 00260096 _____ () C:\Program Files\R\R-3.3.1\library\graphics\libs\x64\graphics.dll
2016-09-01 11:37 - 2016-06-21 13:42 - 00661504 _____ () C:\Program Files\R\R-3.3.1\library\stats\libs\x64\stats.dll
2016-09-01 11:37 - 2016-06-21 13:39 - 02702336 _____ () C:\Program Files\R\R-3.3.1\bin\x64\Rlapack.dll
2014-09-19 13:37 - 2014-09-19 13:37 - 21008384 _____ () C:\Program Files\RStudio\bin\rsclang\x86_64\libclang.dll
2016-09-01 11:37 - 2016-06-21 13:39 - 00086016 _____ () C:\Program Files\R\R-3.3.1\library\tools\libs\x64\tools.dll
2016-09-01 11:37 - 2016-06-21 13:38 - 02554981 _____ () C:\Program Files\R\R-3.3.1\modules\x64\internet.dll
2016-09-01 11:37 - 2016-06-21 13:46 - 00037888 _____ () C:\Program Files\R\R-3.3.1\library\MASS\libs\x64\MASS.dll
2016-09-01 11:37 - 2016-06-21 13:39 - 00050688 _____ () C:\Program Files\R\R-3.3.1\modules\x64\lapack.dll
2016-06-02 19:20 - 2016-06-02 19:20 - 00104272 _____ () C:\Program Files\******\****** Solution Center\App\LSC.Core.dll
2016-12-14 23:32 - 2016-12-08 09:03 - 02412888 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-14 23:32 - 2016-12-08 09:03 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2015-10-23 09:15 - 2015-10-23 09:15 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2016-06-27 23:19 - 2016-06-27 23:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll
2013-06-04 23:36 - 2011-07-13 09:10 - 00065576 ____R () C:\Program Files (x86)\Mobile Broadband drivers\WMCore\MBMDebug.dll
2017-01-25 08:40 - 2017-01-18 19:39 - 00801600 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\dropbox_watchdog.dll
2015-12-12 12:27 - 2016-12-21 09:44 - 00035792 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2015-12-12 12:27 - 2016-12-21 09:44 - 00100296 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-12 12:27 - 2016-12-21 09:44 - 00018888 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-12 12:27 - 2017-01-18 19:42 - 00019776 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-12-12 12:27 - 2016-12-21 09:44 - 00694224 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 00020824 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-12 12:27 - 2016-12-21 09:45 - 00123856 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 01682768 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 00020816 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2017-01-25 08:40 - 2016-12-21 09:44 - 00145864 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2017-01-25 08:40 - 2016-12-21 09:45 - 00019408 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2017-01-25 08:40 - 2016-12-21 09:44 - 00116688 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-12 12:27 - 2016-12-21 09:46 - 00105928 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-08-06 17:40 - 2017-01-18 19:42 - 00022864 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 00052032 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 00038712 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\fastpath.pyd
2017-01-25 08:40 - 2016-12-21 09:44 - 00392144 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2017-01-25 08:40 - 2016-12-21 09:46 - 00020936 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-12 12:27 - 2016-12-21 09:46 - 00024528 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-12-12 12:27 - 2016-12-21 09:47 - 00116176 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-12 12:27 - 2017-01-18 19:42 - 00381760 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-12 12:27 - 2016-12-21 09:46 - 00124880 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-08-06 17:40 - 2017-01-18 19:42 - 00026456 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2015-12-12 12:27 - 2016-12-21 09:46 - 00024016 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-12 12:27 - 2016-12-21 09:46 - 00175560 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-12 12:27 - 2016-12-21 09:46 - 00030160 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-12 12:27 - 2016-12-21 09:46 - 00043472 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-12 12:27 - 2016-12-21 09:47 - 00048592 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32service.pyd
2015-12-12 12:27 - 2016-12-21 09:46 - 00057808 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2015-12-12 12:27 - 2016-12-21 09:46 - 00024016 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32profile.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 00246608 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 00027488 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-08-06 17:40 - 2016-12-21 09:45 - 00241104 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\_jpegtran.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 00022336 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-12-12 12:27 - 2016-12-21 09:47 - 00028616 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32ts.pyd
2015-12-12 12:27 - 2017-01-18 19:42 - 00025432 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 00022872 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 00021848 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\winffi.winerror.compiled._winffi_winerror.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 00022872 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\winffi.wininet.compiled._winffi_wininet.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 01826104 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-12 12:27 - 2016-12-21 09:45 - 00083912 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\sip.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 00531264 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 03928896 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 01972536 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 00133432 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 00224064 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 00207680 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 00021840 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\winffi.user32.compiled._winffi_user32.pyd
2015-12-12 12:27 - 2016-12-21 09:47 - 00350152 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-02-11 22:03 - 2017-01-18 19:42 - 00023896 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 00025936 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2017-01-25 08:40 - 2016-12-21 09:42 - 00036296 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\librsync.dll
2017-01-25 08:40 - 2017-01-18 19:42 - 00084288 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2017-01-25 08:40 - 2016-12-21 09:50 - 00017864 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\libEGL.dll
2017-01-25 08:40 - 2016-12-21 09:50 - 01631184 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2017-01-25 08:40 - 2017-01-18 19:42 - 00042816 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 00171336 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 00357688 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2015-12-12 12:27 - 2016-12-21 09:46 - 00060880 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\win32print.pyd
2016-08-06 17:40 - 2017-01-18 19:42 - 00026456 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-01-25 08:40 - 2017-01-18 19:42 - 00546104 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2015-03-04 22:45 - 2016-12-21 09:52 - 00697304 _____ () C:\Users\******\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2013-06-04 23:41 - 2013-06-19 19:10 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
2013-06-04 23:41 - 2013-06-19 19:10 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
2013-06-04 23:41 - 2013-06-19 19:10 - 00016896 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
2013-06-04 23:41 - 2013-06-19 19:10 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
2013-06-04 23:41 - 2013-06-19 19:10 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
2013-06-04 23:41 - 2013-06-19 19:10 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
2013-06-04 23:41 - 2013-06-19 19:10 - 00020480 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
2013-06-04 23:41 - 2013-06-19 19:10 - 00446976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll
2013-06-04 23:41 - 2013-06-19 19:10 - 00064512 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 00123918 _____ () C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\libgcc_s_dw2-1.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 01026062 _____ () C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\libstdc++-6.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 00524460 _____ () C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\libcurl-4.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 00115214 _____ () C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\zlib1.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 03095505 _____ () C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\icuin53.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 01798570 _____ () C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\icuuc53.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 21565192 _____ () C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\icudt53.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 03036430 _____ () C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\libsqlite3-0.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 00712704 _____ () C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\platforms\qwindows.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 00031744 _____ () C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qgif.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 00046080 _____ () C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qicns.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 00032768 _____ () C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qico.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 00516608 _____ () C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qjp2.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 00243200 _____ () C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qjpeg.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 00431616 _____ () C:\Users\******\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qtiff.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 00123918 _____ () C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\libgcc_s_dw2-1.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 01026062 _____ () C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\libstdc++-6.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 00524460 _____ () C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\libcurl-4.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 00115214 _____ () C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\zlib1.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 03095505 _____ () C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\icuin53.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 01798570 _____ () C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\icuuc53.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 21565192 _____ () C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\icudt53.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 03036942 _____ () C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\libsqlite3-0.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 00712704 _____ () C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\platforms\qwindows.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 00031744 _____ () C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\imageformats\qgif.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 00046080 _____ () C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\imageformats\qicns.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 00032768 _____ () C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\imageformats\qico.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 00516608 _____ () C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\imageformats\qjp2.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 00243200 _____ () C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\imageformats\qjpeg.dll
2017-01-04 11:19 - 2017-01-04 11:19 - 00431616 _____ () C:\Users\******\AppData\Local\CloudStationBackup\CloudStation.app\bin\imageformats\qtiff.dll
2013-06-27 09:41 - 2013-05-13 14:15 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-06-28 00:48 - 2016-12-07 23:27 - 01358360 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\KasperskyLab.Ksde.NativeInterop.dll
2014-10-23 11:27 - 2014-10-23 11:27 - 00119822 _____ () C:\Program Files\RStudio\bin\libgcc_s_dw2-1.dll
2014-10-23 11:27 - 2014-10-23 11:27 - 01026574 _____ () C:\Program Files\RStudio\bin\libstdc++-6.dll
2014-10-16 11:34 - 2014-10-16 11:34 - 03758809 _____ () C:\Program Files\RStudio\bin\icuin53.dll
2014-10-16 11:33 - 2014-10-16 11:33 - 02093901 _____ () C:\Program Files\RStudio\bin\icuuc53.dll
2014-10-16 11:34 - 2014-10-16 11:34 - 21565880 _____ () C:\Program Files\RStudio\bin\icudt53.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2017-01-28 11:02 - 2017-01-28 11:02 - 68771416 _____ () C:\Program Files (x86)\Opera\42.0.2393.517\opera.dll
2017-01-28 11:02 - 2017-01-28 11:02 - 01895000 _____ () C:\Program Files (x86)\Opera\42.0.2393.517\libglesv2.dll
2017-01-28 11:02 - 2017-01-28 11:02 - 00087128 _____ () C:\Program Files (x86)\Opera\42.0.2393.517\libegl.dll
2015-05-12 16:58 - 2017-01-28 11:08 - 51777648 _____ () C:\Users\******\AppData\Roaming\Spotify\libcef.dll
2015-05-12 16:58 - 2017-01-28 11:08 - 01803888 _____ () C:\Users\******\AppData\Roaming\Spotify\libglesv2.dll
2015-05-12 16:58 - 2017-01-28 11:08 - 00086128 _____ () C:\Users\******\AppData\Roaming\Spotify\libegl.dll
2013-12-14 16:17 - 2016-02-25 23:29 - 02073000 _____ () C:\Program Files (x86)\SRWare Iron\libglesv2.dll
2013-12-14 16:17 - 2016-02-25 23:29 - 00080296 _____ () C:\Program Files (x86)\SRWare Iron\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\AdwCleaner:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Boot:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Config.Msi:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Documents and Settings:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Dokumente und Einstellungen:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\DRIVERS:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Intel:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\MSOCache:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\PerfLogs:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Program Files:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Program Files (x86):IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Programme:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\swshare:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\SWTOOLS:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\System Volume Information:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Workspace R:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\All Users:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Adobe:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Application Data:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Brother:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Cisco:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Desktop:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Documents:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Dokumente:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Downloaded Installations:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\EPSON:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Favoriten:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Favorites:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\FileOpen:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\IDM:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Intel:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\******:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\MacheenService:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Malwarebytes:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\McAfee:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft Help:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Mozilla:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Nitro PDF:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Norton:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\NortonInstaller:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Oracle:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Package Cache:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\regid.1986-12.com.adobe:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\SafeNet Sentinel:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Samsung:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Simply Super Software:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Skype:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Sophos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\SPSS:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Spybot - Search & Destroy:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Start Menu:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Startmenü:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\TEMP:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Templates:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Vorlagen:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programme:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EpsonNet:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\****** App Shop:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\****** ThinkVantage Tools:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeXstudio:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Anwendungsdaten:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Application Data:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Desktop:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Documents:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Downloads:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Druckumgebung:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Eigene Dateien:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Favorites:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Links:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Local Settings:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Lokale Einstellungen:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Music:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\My Documents:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\NetHood:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Netzwerkumgebung:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Pictures:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\PrintHood:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Recent:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Roaming:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Saved Games:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\SendTo:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Start Menu:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Startmenü:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Templates:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Vorlagen:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Local:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Roaming:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Roaming\IMAT:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Macromedia:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Media Center Programs:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Microsoft:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Local\Anwendungsdaten:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Local\Application Data:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Local\History:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Local\Microsoft:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Local\Microsoft Help:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Local\Temporary Internet Files:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Local\Verlauf:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Documents\Eigene Bilder:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Documents\Eigene Musik:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Documents\Eigene Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Documents\My Music:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Documents\My Pictures:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Documents\My Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Local:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Roaming:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\IMAT:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Macromedia:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Media Center Programs:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Microsoft:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Local\Anwendungsdaten:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Local\Application Data:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Local\History:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Local\Microsoft:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Local\Microsoft Help:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Local\Temporary Internet Files:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Local\Verlauf:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\Documents\Eigene Bilder:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\Documents\Eigene Musik:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\Documents\Eigene Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\Documents\My Music:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\Documents\My Pictures:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\Documents\My Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Desktop:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Documents:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Downloads:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Favorites:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\******:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Libraries:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Music:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Pictures:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Recorded TV:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Roaming:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Symantec:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Downloads\Norton:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Documents\Eigene Bilder:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Documents\Eigene Musik:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Documents\Eigene Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Documents\My Music:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Documents\My Pictures:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Documents\My Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\.spss:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Anwendungsdaten:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Application Data:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Contacts:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Cookies:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Desktop:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Documents:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Downloads:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Dropbox:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Druckumgebung:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Eigene Dateien:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Favorites:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Links:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Lokale Einstellungen:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Music:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Netzwerkumgebung:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Pictures:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Recent:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Roaming:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Searches:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\SendTo:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Startmenü:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Vorlagen:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Desktop\project_description draft 29_TK.docx:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\******\Downloads\VlVNQy5WVW1jIERlc2t0b3AgJFMxLTE- (1).ica:icasource [223]
AlternateDataStreams: C:\Users\******\Downloads\VlVNQy5WVW1jIERlc2t0b3AgJFMxLTE- (2).ica:icasource [223]
AlternateDataStreams: C:\Users\******\Downloads\VlVNQy5WVW1jIERlc2t0b3AgJFMxLTE- (3).ica:icasource [223]
AlternateDataStreams: C:\Users\******\Downloads\VlVNQy5WVW1jIERlc2t0b3AgJFMxLTE- (4).ica:icasource [223]
AlternateDataStreams: C:\Users\******\Downloads\VlVNQy5WVW1jIERlc2t0b3AgJFMxLTE-.ica:icasource [223]
AlternateDataStreams: C:\Users\******\AppData\Local:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\LocalLow:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Adobe:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\CoSoSys:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Dropbox:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\EPSON:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\FileOpen:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Identities:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\IDM:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Intel:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\LavasoftStatistics:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Leadertech:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\******:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Macromedia:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Malwarebytes:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Media Center Programs:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Mozilla:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\MyPhoneExplorer:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Nitro PDF:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Notepad++:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Opera:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\PDAppFlex:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\PwrMgr:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Samsung:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Skype:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Spotify:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\texstudio:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Adobe:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Anwendungsdaten:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Broadcom:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Cisco:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Diagnostics:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Downloaded Installations:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\ElevatedDiagnostics:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Google:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\GPSENABLER:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Hema Fotoalbum:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\IBM:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\javasharedresources:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\******:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\LSC:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Macromedia:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\MetaGeek,_LLC:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Microsoft:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Microsoft Help:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\MobileAccess:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Mozilla:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\ms-drivers:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Opera:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\PDF24:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Programs:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\RStudio-Desktop.bu:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Samsung:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Spotify:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Temp:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Temporary Internet Files:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\VeriSign:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Verlauf:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\VirtualStore:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\LocalLow\Adobe:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\LocalLow\IDM:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\LocalLow\Intel:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\LocalLow\Microsoft:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\LocalLow\PlayReady:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\LocalLow\Sun:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\LocalLow\Symantec:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\LocalLow\VeriSign:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Documents\Eigene Bilder:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Documents\Eigene Musik:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Documents\Eigene Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Documents\Finanzen:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Documents\R:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Documents\Studium:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programme:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hema Fotoalbum:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MetaGeek:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup:IMAT__DS_DIR_HDR [6146]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\hola.org -> hxxp://hola.org
IE trusted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\100sexlinks.com -> 100sexlinks.com

Da befinden sich 4788 mehr Seiten.


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2015-10-16 12:47 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\******\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupfolder: C:^Users^******^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Citrix Receiver.lnk => C:\Windows\pss\Citrix Receiver.lnk.Startup
MSCONFIG\startupreg: AcWin7Hlpr => C:\Program Files (x86)\******\Access Connections\AcTBenabler.exe
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: ConnectionCenter => "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
MSCONFIG\startupreg: Google Update => "C:\Users\******\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: Integrated Camera_Monitor => C:\Program Files (x86)\Integrated Camera\monitor.exe
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: ******.TPKNRRES => C:\Program Files\******\Communications Utility\TPKNRRES.exe
MSCONFIG\startupreg: ******Nal => C:\Program Files\******\****** Peer Connect\NalService.exe
MSCONFIG\startupreg: Octoshape Streaming Services => "C:\Users\******\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: PWMTRV => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
MSCONFIG\startupreg: Redirector => "C:\Program Files (x86)\Citrix\ICA Client\redirector.exe" /startup
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\******\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\******\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{2B063FA6-477F-48FA-9D1E-3BDBBDEB2DE6}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{EDD477BC-C5F1-4E0C-AD2F-EAB87CBE2016}] => LPort=2869
FirewallRules: [{03D5C4C4-1599-4012-AD49-5002A9EA33DD}] => LPort=1900
FirewallRules: [{34A60A08-403E-4FD9-86AE-64718FB480EF}] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{EF5C29A3-17C3-46AC-91A1-F104C6D38372}] => C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{7BA793EC-F5F6-4071-992C-E69FEA754B68}] => C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{44D10574-CC59-4D88-A295-485DA2832F38}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F6FD2F10-D1DB-47D9-8902-2643C5E69F79}] => C:\Users\******\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{36428086-0079-4F5C-BAA1-ADC33A93C5A4}] => C:\Users\******\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{0E310144-12A2-4304-B85D-67C0B79B1E3E}] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
FirewallRules: [{EF0AF0CC-7E9B-400C-AF5B-4BEA2C18386F}] => C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{658B0361-312C-421C-8ECA-CA0C1E879717}] => C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{22E03A7D-DA2D-4C2A-ABF2-8C8A40C6CFF1}] => C:\Program Files (x86)\EpsonNet\EpsonNet Config V4\ENConfig.exe
FirewallRules: [{C7DB25E6-D90E-4F4A-A745-29D1622204C1}] => C:\Program Files (x86)\EpsonNet\EpsonNet Config V4\ENConfig.exe
FirewallRules: [TCP Query User{5837FA49-EC04-4CE2-A17F-5469621E5F70}C:\users\******\appdata\roaming\spotify\spotify.exe] => C:\users\******\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{C81CF274-8D28-4900-94C1-2F1891831C07}C:\users\******\appdata\roaming\spotify\spotify.exe] => C:\users\******\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{E3EF79E9-FE81-445C-9358-86918EBEBB9E}C:\users\******\appdata\roaming\dropbox\bin\dropbox.exe] => C:\users\******\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{1C160363-0105-456F-B3D6-8A10B374F511}C:\users\******\appdata\roaming\dropbox\bin\dropbox.exe] => C:\users\******\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{E2ECEC31-40B6-4B15-B912-4E7378DF0193}C:\users\******\appdata\local\hola\firefox\app\hola_plugin.exe] => C:\users\******\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [UDP Query User{4CA88648-4EDA-4AF1-95D5-B3B155D7CCFB}C:\users\******\appdata\local\hola\firefox\app\hola_plugin.exe] => C:\users\******\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [{575915FC-4116-470F-8057-4C9DFAC272F6}] => C:\Program Files (x86)\Sonos\Sonos.exe
FirewallRules: [{AE4AA11B-7BE4-4429-9D7B-BCF8EC179EC1}] => C:\Program Files (x86)\Sonos\Sonos.exe
FirewallRules: [{522142AE-B1C9-423A-B3CD-8ED4EA0DBE7A}] => C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{6844444C-9084-4822-A681-A85969309E62}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8CE040F5-BCF4-4718-86D9-4A0CA9DFC42F}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{26696B35-988E-4352-AB60-6F6A3533F30F}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{295B1CB8-60F5-4973-A4E9-D9183FF7D7E7}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{EEE28765-7988-4C32-8C15-18C3985B6C3B}C:\program files\rstudio\bin\x64\rsession.exe] => C:\program files\rstudio\bin\x64\rsession.exe
FirewallRules: [UDP Query User{855EC420-ECEE-40AD-AF0E-577EAC717B99}C:\program files\rstudio\bin\x64\rsession.exe] => C:\program files\rstudio\bin\x64\rsession.exe
FirewallRules: [TCP Query User{7350319E-0F08-45DE-8720-778FAE3F4BE2}C:\program files\rstudio\bin\x64\rsession.exe] => C:\program files\rstudio\bin\x64\rsession.exe
FirewallRules: [UDP Query User{0BBBA499-F433-4961-A3EC-B78DFE79ACED}C:\program files\rstudio\bin\x64\rsession.exe] => C:\program files\rstudio\bin\x64\rsession.exe
FirewallRules: [TCP Query User{B5E8254B-666F-4F3F-AAC6-44B00DF7DB05}C:\program files\ibm\spss\statistics\20\stats.exe] => C:\program files\ibm\spss\statistics\20\stats.exe
FirewallRules: [UDP Query User{BA67F580-5769-4870-949B-2ED14217B91D}C:\program files\ibm\spss\statistics\20\stats.exe] => C:\program files\ibm\spss\statistics\20\stats.exe
FirewallRules: [TCP Query User{29E361B7-DAC4-4E87-BF0D-A19A1120F3DB}C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe] => C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe
FirewallRules: [UDP Query User{02FB5303-C161-4D8E-AE4D-97E3B2304D45}C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe] => C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe
FirewallRules: [{162B20CF-B715-46CB-ACA5-F15A4765BD70}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{53563EED-90E6-48F2-8006-9FB0CBAB52EB}] => C:\Program Files (x86)\Opera\42.0.2393.137\opera.exe
FirewallRules: [{0934AB64-A2B0-4D5C-99EB-0992CD66733F}] => C:\Program Files (x86)\Opera\42.0.2393.517\opera.exe
FirewallRules: [{240CDADA-91DD-4300-BFCE-2DF6624EC536}] => C:\Program Files (x86)\******\System Update\uncserver.exe
FirewallRules: [{EEAA9EF9-4B6D-4402-8DB2-3DFD925F37D6}] => C:\Program Files (x86)\******\System Update\uncserver.exe

==================== Wiederherstellungspunkte =========================

29-01-2017 19:00:14 Windows-Sicherung
31-01-2017 18:30:15 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: ****** Connect Device 1.0
Description: ****** Connect Device 1.0
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/01/2017 05:58:32 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (02/01/2017 05:58:32 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (02/01/2017 05:58:32 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (02/01/2017 05:58:32 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=23, Autor-ID=8086, Lieferant-ID=0, Lieferant-Typ=0

Error: (02/01/2017 05:58:32 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=21, Autor-ID=8086, Lieferant-ID=0, Lieferant-Typ=0

Error: (02/01/2017 05:58:32 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=18, Autor-ID=8086, Lieferant-ID=0, Lieferant-Typ=0

Error: (02/01/2017 03:52:25 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (02/01/2017 03:52:25 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (02/01/2017 03:52:25 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (02/01/2017 03:52:25 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=23, Autor-ID=8086, Lieferant-ID=0, Lieferant-Typ=0


Systemfehler:
=============
Error: (02/01/2017 05:58:39 PM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Smartcard-Lesegerät "Mobile Broadband SIM Card Reader 0" verweigerte IOCTL GET_STATE: Das Gerät erkennt den Befehl nicht.. Wenn dieser Fehler weiterhin besteht, werden die Smartcard oder das Lesegerät möglicherweise nicht richtig ausgeführt.

Befehlskopf: XX XX XX XX.

Error: (02/01/2017 03:52:28 PM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Smartcard-Lesegerät "Mobile Broadband SIM Card Reader 0" verweigerte IOCTL GET_STATE: Das Gerät erkennt den Befehl nicht.. Wenn dieser Fehler weiterhin besteht, werden die Smartcard oder das Lesegerät möglicherweise nicht richtig ausgeführt.

Befehlskopf: XX XX XX XX.

Error: (02/01/2017 12:51:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "****** Solution Center System Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/01/2017 12:51:59 PM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Smartcard-Lesegerät "Mobile Broadband SIM Card Reader 0" verweigerte IOCTL GET_STATE: Das Gerät erkennt den Befehl nicht.. Wenn dieser Fehler weiterhin besteht, werden die Smartcard oder das Lesegerät möglicherweise nicht richtig ausgeführt.

Befehlskopf: XX XX XX XX.

Error: (02/01/2017 09:51:24 AM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Smartcard-Lesegerät "Mobile Broadband SIM Card Reader 0" verweigerte IOCTL GET_STATE: Das Gerät erkennt den Befehl nicht.. Wenn dieser Fehler weiterhin besteht, werden die Smartcard oder das Lesegerät möglicherweise nicht richtig ausgeführt.

Befehlskopf: XX XX XX XX.

Error: (02/01/2017 03:50:02 AM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Smartcard-Lesegerät "Mobile Broadband SIM Card Reader 0" verweigerte IOCTL GET_STATE: Das Gerät erkennt den Befehl nicht.. Wenn dieser Fehler weiterhin besteht, werden die Smartcard oder das Lesegerät möglicherweise nicht richtig ausgeführt.

Befehlskopf: XX XX XX XX.

Error: (01/31/2017 11:43:25 AM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Smartcard-Lesegerät "Mobile Broadband SIM Card Reader 0" verweigerte IOCTL GET_STATE: Das Gerät erkennt den Befehl nicht.. Wenn dieser Fehler weiterhin besteht, werden die Smartcard oder das Lesegerät möglicherweise nicht richtig ausgeführt.

Befehlskopf: XX XX XX XX.

Error: (01/31/2017 09:42:16 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-18) für Benutzer NT-AUTORITÄT\SYSTEM von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID 
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 und APPID 
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.

Error: (01/31/2017 09:41:45 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (01/31/2017 09:41:13 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst ****** Platform Service erreicht.


CodeIntegrity:
===================================
  Date: 2017-01-20 10:30:56.610
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-01-20 10:30:52.144
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-01-20 10:29:07.458
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-01-20 10:29:07.296
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-01-20 10:24:45.765
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-01-18 12:01:03.460
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-01-15 11:02:24.953
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-01-15 11:02:23.807
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-01-15 11:02:22.071
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-01-15 10:46:39.082
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-3667U CPU @ 2.00GHz
Prozentuale Nutzung des RAM: 87%
Installierter physikalischer RAM: 7888.92 MB
Verfügbarer physikalischer RAM: 1000.84 MB
Summe virtueller Speicher: 15776.02 MB
Verfügbarer virtueller Speicher: 5427.58 MB

==================== Laufwerke ================================

Drive c: (Windows7_OS) (Fixed) (Total:200.43 GB) (Free:44.95 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive q: (******_Recovery) (Fixed) (Total:13.67 GB) (Free:3.23 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: B605DD09)
Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=200.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=8 GB) - (Type=84)

==================== Ende von Addition.txt ============================
         
__________________

Alt 03.02.2017, 11:43   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Ungewünschte Webseite öffnet sich - Standard

Ungewünschte Webseite öffnet sich



1. Schritt: Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers




2. Schritt: Kaspersky TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.




Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 07.02.2017, 11:41   #5
tomka
 
Ungewünschte Webseite öffnet sich - Standard

Ungewünschte Webseite öffnet sich



Nicht gefunden. Zwischenfrage: kann es auch sein, dass nicht mein PC sondern die Webseite nicht in Ordnung war? Handelt sich allerdings um die Webseite einer großen Hotelkete (Best Western; hxxp://www.airporthotelrotterdam.nl/deutsch/). Ist aber, wie gesagt nicht reproduzierbar.


Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2017.02.07.04
  rootkit: v2016.11.20.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18537
***** :: THINK [administrator]

07.02.2017 11:15:05
mbar-log-2017-02-07 (11-15-05).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 347137
Time elapsed: 13 minute(s), 48 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
Code:
ATTFilter
11:33:49.0384 0x2f28  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
11:34:12.0358 0x2f28  ============================================================
11:34:12.0358 0x2f28  Current date / time: 2017/02/07 11:34:12.0358
11:34:12.0358 0x2f28  SystemInfo:
11:34:12.0358 0x2f28  
11:34:12.0358 0x2f28  OS Version: 6.1.7601 ServicePack: 1.0
11:34:12.0358 0x2f28  Product type: Workstation
11:34:12.0358 0x2f28  ComputerName: THINK
11:34:12.0358 0x2f28  UserName: *****
11:34:12.0358 0x2f28  Windows directory: C:\Windows
11:34:12.0358 0x2f28  System windows directory: C:\Windows
11:34:12.0358 0x2f28  Running under WOW64
11:34:12.0358 0x2f28  Processor architecture: Intel x64
11:34:12.0358 0x2f28  Number of processors: 4
11:34:12.0358 0x2f28  Page size: 0x1000
11:34:12.0358 0x2f28  Boot type: Normal boot
11:34:12.0358 0x2f28  CodeIntegrityOptions = 0x00000001
11:34:12.0358 0x2f28  ============================================================
11:34:12.0457 0x2f28  KLMD registered as C:\Windows\system32\drivers\35755373.sys
11:34:12.0457 0x2f28  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23572, osProperties = 0x1
11:34:12.0556 0x2f28  System UUID: {B8F224B9-A328-4D6D-7BBB-3D088D1DAA56}
11:34:12.0921 0x2f28  Drive \Device\Harddisk0\DR0 - Size: 0x37E4896000 ( 223.57 Gb ), SectorSize: 0x200, Cylinders: 0x7201, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:34:12.0926 0x2f28  ============================================================
11:34:12.0926 0x2f28  \Device\Harddisk0\DR0:
11:34:12.0926 0x2f28  MBR partitions:
11:34:12.0926 0x2f28  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2EE000
11:34:12.0926 0x2f28  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x190DD000
11:34:12.0926 0x2f28  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x193CB800, BlocksNum 0x1B58000
11:34:12.0926 0x2f28  ============================================================
11:34:12.0927 0x2f28  C: <-> \Device\Harddisk0\DR0\Partition2
11:34:12.0928 0x2f28  Q: <-> \Device\Harddisk0\DR0\Partition3
11:34:12.0928 0x2f28  ============================================================
11:34:12.0928 0x2f28  Initialize success
11:34:12.0928 0x2f28  ============================================================
11:34:20.0488 0x068c  ============================================================
11:34:20.0488 0x068c  Scan started
11:34:20.0488 0x068c  Mode: Manual; 
11:34:20.0488 0x068c  ============================================================
11:34:20.0488 0x068c  KSN ping started
11:34:22.0587 0x068c  KSN ping finished: true
11:34:22.0902 0x068c  ================ Scan system memory ========================
11:34:22.0902 0x068c  Scan was interrupted by user!
11:34:22.0933 0x068c  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\wmiav.exe ( 17.0.0.611 ), 0x41000 ( enabled : updated )
11:34:22.0934 0x068c  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\wmiav.exe ( 17.0.0.611 ), 0x41010 ( enabled )
11:34:25.0048 0x068c  ============================================================
11:34:25.0048 0x068c  Scan finished
11:34:25.0048 0x068c  ============================================================
11:34:25.0053 0x30cc  Detected object count: 0
11:34:25.0053 0x30cc  Actual detected object count: 0
11:34:57.0932 0x252c  ============================================================
11:34:57.0932 0x252c  Scan started
11:34:57.0932 0x252c  Mode: Manual; SigCheck; TDLFS; 
11:34:57.0932 0x252c  ============================================================
11:34:57.0932 0x252c  KSN ping started
11:35:00.0077 0x252c  KSN ping finished: true
11:35:00.0327 0x252c  ================ Scan system memory ========================
11:35:00.0327 0x252c  System memory - ok
11:35:00.0327 0x252c  ================ Scan services =============================
11:35:00.0367 0x252c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
11:35:00.0408 0x252c  1394ohci - ok
11:35:00.0417 0x252c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:35:00.0431 0x252c  ACPI - ok
11:35:00.0434 0x252c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
11:35:00.0451 0x252c  AcpiPmi - ok
11:35:00.0458 0x252c  [ C355E18A892271574976DFEC962A66C5, A3E13D15D5B54E77DF74592039E2056E926794B66E44E048BA90AB5006F4F5B7 ] AcPrfMgrSvc     C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
11:35:00.0467 0x252c  AcPrfMgrSvc - ok
11:35:00.0472 0x252c  [ AAA8E68E685DB1B68747E3DF68F96368, 1A5BE239B2D0C6F727303A98CFFC91070B6A05ECD6B9CD05AB326AC1910ECEBF ] acsock          C:\Windows\system32\DRIVERS\acsock64.sys
11:35:00.0487 0x252c  acsock - ok
11:35:00.0494 0x252c  [ 59997CDE434376E03384C2659728DA17, C48FBAEF0FC58B22BB57C5B6650769BCF9D7AA8E556E93BB38A1E205D3DE9549 ] AcSvc           C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
11:35:00.0505 0x252c  AcSvc - ok
11:35:00.0510 0x252c  [ B932E0EE190778D840F1442DFC0F9612, 8780963F14D57279FDD585BE945ED40F24590D32676C7A9EF94002D38B8BA643 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:35:00.0518 0x252c  AdobeARMservice - ok
11:35:00.0546 0x252c  [ 1EEC35CD4B215AF8C217084EDC629532, 62B527C9AB4443CC2513010E0BAB8474020368827417AAEDCE008B9AB499ECFE ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:35:00.0561 0x252c  AdobeFlashPlayerUpdateSvc - ok
11:35:00.0572 0x252c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
11:35:00.0589 0x252c  adp94xx - ok
11:35:00.0597 0x252c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
11:35:00.0610 0x252c  adpahci - ok
11:35:00.0616 0x252c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
11:35:00.0627 0x252c  adpu320 - ok
11:35:00.0632 0x252c  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:35:00.0644 0x252c  AeLookupSvc - ok
11:35:00.0655 0x252c  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
11:35:00.0675 0x252c  AFD - ok
11:35:00.0679 0x252c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
11:35:00.0688 0x252c  agp440 - ok
11:35:00.0692 0x252c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
11:35:00.0706 0x252c  ALG - ok
11:35:00.0710 0x252c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
11:35:00.0717 0x252c  aliide - ok
11:35:00.0793 0x252c  ALSysIO - ok
11:35:00.0825 0x252c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
11:35:00.0832 0x252c  amdide - ok
11:35:00.0836 0x252c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
11:35:00.0846 0x252c  AmdK8 - ok
11:35:00.0850 0x252c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
11:35:00.0861 0x252c  AmdPPM - ok
11:35:00.0866 0x252c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
11:35:00.0876 0x252c  amdsata - ok
11:35:00.0883 0x252c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
11:35:00.0893 0x252c  amdsbs - ok
11:35:00.0897 0x252c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
11:35:00.0904 0x252c  amdxata - ok
11:35:00.0908 0x252c  [ FCE5C79717A487BDC71F3DEC78A684CA, F5520F112A4EBDD10444AA5E9FDB9125219FCF768FEB95AB608BC84D60136816 ] AppID           C:\Windows\system32\drivers\appid.sys
11:35:00.0923 0x252c  AppID - ok
11:35:00.0926 0x252c  [ 8921E1D8AE5171691F186A7C5B98B630, 4A37313BB94D4B49D0294C9439AD0793DE328F9F4DA1C47E34E6ACEA46AF6E14 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:35:00.0936 0x252c  AppIDSvc - ok
11:35:00.0940 0x252c  [ DE23E052E557580674785CDF45B613F3, A955ADC6CC7D816BA7CE1065F911E7A3295A1908C22BE0A3C506C38CFEE8DE0D ] Appinfo         C:\Windows\System32\appinfo.dll
11:35:00.0950 0x252c  Appinfo - ok
11:35:00.0956 0x252c  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
11:35:00.0968 0x252c  AppMgmt - ok
11:35:00.0973 0x252c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
11:35:00.0982 0x252c  arc - ok
11:35:00.0987 0x252c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
11:35:00.0995 0x252c  arcsas - ok
11:35:01.0009 0x252c  [ EE424A5CE56E3923D59BB7DE2E15036D, 8B8196870EFE74D43EDA72674021A46846D370E97A6A058134D84A721AECD091 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:35:01.0019 0x252c  aspnet_state - ok
11:35:01.0022 0x252c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:35:01.0070 0x252c  AsyncMac - ok
11:35:01.0073 0x252c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
11:35:01.0081 0x252c  atapi - ok
11:35:01.0095 0x252c  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:35:01.0117 0x252c  AudioEndpointBuilder - ok
11:35:01.0131 0x252c  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
11:35:01.0150 0x252c  AudioSrv - ok
11:35:01.0161 0x252c  [ 03B45C52179E8DAE51A0F685C30D06D6, E06F066B4BFE5344BBF5749B9B8B8CFBA0C02920FD2B9C73BDDA7E34F1785DA7 ] AVP17.0.0       C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
11:35:01.0174 0x252c  AVP17.0.0 - ok
11:35:01.0180 0x252c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:35:01.0201 0x252c  AxInstSV - ok
11:35:01.0211 0x252c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
11:35:01.0231 0x252c  b06bdrv - ok
11:35:01.0239 0x252c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
11:35:01.0252 0x252c  b57nd60a - ok
11:35:01.0259 0x252c  [ 455EB0128FD08E07EACE0C6F754A3AAD, E14237655F64B1576A67CC6A323933F13A5104003B53D46A650420F0279E8ADD ] bcbtums         C:\Windows\system32\drivers\bcbtums.sys
11:35:01.0270 0x252c  bcbtums - ok
11:35:01.0274 0x252c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
11:35:01.0287 0x252c  BDESVC - ok
11:35:01.0292 0x252c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:35:01.0315 0x252c  Beep - ok
11:35:01.0329 0x252c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
11:35:01.0352 0x252c  BFE - ok
11:35:01.0370 0x252c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
11:35:01.0436 0x252c  BITS - ok
11:35:01.0440 0x252c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
11:35:01.0450 0x252c  blbdrive - ok
11:35:01.0455 0x252c  [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:35:01.0468 0x252c  bowser - ok
11:35:01.0472 0x252c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
11:35:01.0483 0x252c  BrFiltLo - ok
11:35:01.0486 0x252c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
11:35:01.0497 0x252c  BrFiltUp - ok
11:35:01.0502 0x252c  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
11:35:01.0528 0x252c  BridgeMP - ok
11:35:01.0533 0x252c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
11:35:01.0545 0x252c  Browser - ok
11:35:01.0553 0x252c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
11:35:01.0569 0x252c  Brserid - ok
11:35:01.0573 0x252c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
11:35:01.0583 0x252c  BrSerWdm - ok
11:35:01.0587 0x252c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
11:35:01.0596 0x252c  BrUsbMdm - ok
11:35:01.0599 0x252c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
11:35:01.0608 0x252c  BrUsbSer - ok
11:35:01.0612 0x252c  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
11:35:01.0623 0x252c  BthEnum - ok
11:35:01.0627 0x252c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
11:35:01.0639 0x252c  BTHMODEM - ok
11:35:01.0643 0x252c  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
11:35:01.0656 0x252c  BthPan - ok
11:35:01.0668 0x252c  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
11:35:01.0692 0x252c  BTHPORT - ok
11:35:01.0701 0x252c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
11:35:01.0730 0x252c  bthserv - ok
11:35:01.0735 0x252c  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
11:35:01.0745 0x252c  BTHUSB - ok
11:35:01.0758 0x252c  [ 96E22173FD0E2670A2A20C1EEECA162A, 2CC26317DBA063058178EA9B775C2A0FA2CF94FEDC6DF89F3D8314207D56DA24 ] btwampfl        C:\Windows\system32\drivers\btwampfl.sys
11:35:01.0779 0x252c  btwampfl - ok
11:35:01.0785 0x252c  [ A771078558477068DFD8037B82EB00F8, 58E1686B12B747639FE3BF4CCA58D48B8BBB349C9D316315AD7237F44EF760A4 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
11:35:01.0794 0x252c  btwaudio - ok
11:35:01.0801 0x252c  [ 9FF58F76024D25784755B01F926B00BE, 7A2504E326E63B7225FA25EA6D6ED3E7267278F5D2343A375D7F3B3F74EC9F38 ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys
11:35:01.0810 0x252c  btwavdt - ok
11:35:01.0834 0x252c  [ C8306C64F95DABC69A11DF3A664C00FB, 1AFE7B7E9FADA3A55CACADA8FEC1C2646CB99DA71CD033A28239932253B807C4 ] btwdins         C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
11:35:01.0863 0x252c  btwdins - ok
11:35:01.0867 0x252c  [ B1ACFD00CDD13B48D86F46BFEC153BF9, CD7BE27D93364735511CC714B85CB7D97E21E84E3C2361EC405BADAAEA550925 ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
11:35:01.0874 0x252c  btwl2cap - ok
11:35:01.0877 0x252c  [ EDD953D635F3AA89EF902E3F82D60D22, 22A60B225A1AD0F25B9715338C805FED9D5F4BCAC296BBC0D045C6935BDA55E7 ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
11:35:01.0884 0x252c  btwrchid - ok
11:35:01.0889 0x252c  [ 32B94975BF6F101C27C43E90FF8ABBEB, B5475D9A705894CBFA583D6E9DAF969527A75800E98D0288182BAB2F10136642 ] busenum         C:\Windows\system32\DRIVERS\busenum.sys
11:35:01.0897 0x252c  busenum - ok
11:35:01.0922 0x252c  [ 4E1D29BD13F186158A4D788DF98984D1, 64D6F925860DDDCEED4342776C0133ECF81A4A70890DE8C7C8A6375F7677D867 ] CAMService      C:\Program Files\Intel\CAM\bin\CAMService.exe
11:35:01.0950 0x252c  CAMService - ok
11:35:01.0954 0x252c  catchme - ok
11:35:01.0959 0x252c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:35:01.0984 0x252c  cdfs - ok
11:35:01.0989 0x252c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
11:35:02.0000 0x252c  cdrom - ok
11:35:02.0004 0x252c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
11:35:02.0028 0x252c  CertPropSvc - ok
11:35:02.0031 0x252c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
11:35:02.0042 0x252c  circlass - ok
11:35:02.0051 0x252c  [ 3D67C27DD17B254D7915FA16A5AE3573, 5B3A6C6A7F940C06362775DAF13CEADA37C7AA84A509458A57C23B4369970A90 ] CLFS            C:\Windows\system32\CLFS.sys
11:35:02.0065 0x252c  CLFS - ok
11:35:02.0073 0x252c  [ AA64F36A4DFEE8374D74200F1C1560B9, 179DB04A96524E0D2D601F6A0046AECA50D04992F95452DE5F7081CFB8BABED0 ] Cloud Station Backup VSS Service x64 C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe
11:35:02.0083 0x252c  Cloud Station Backup VSS Service x64 - detected UnsignedFile.Multi.Generic ( 1 )
11:35:04.0280 0x252c  Detect skipped due to KSN trusted
11:35:04.0280 0x252c  Cloud Station Backup VSS Service x64 - ok
11:35:04.0288 0x252c  [ 2DD3F8945831AA402A22F955338CF6C2, 45BBD1077F39D6BAE46ACC5B2FB0F80631842BF98E1DCC9BCC181AE70FA8C01C ] Cloud Station Drive VSS Service x64 C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe
11:35:04.0298 0x252c  Cloud Station Drive VSS Service x64 - detected UnsignedFile.Multi.Generic ( 1 )
11:35:06.0408 0x252c  Detect skipped due to KSN trusted
11:35:06.0408 0x252c  Cloud Station Drive VSS Service x64 - ok
11:35:06.0414 0x252c  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:35:06.0422 0x252c  clr_optimization_v2.0.50727_32 - ok
11:35:06.0427 0x252c  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:35:06.0436 0x252c  clr_optimization_v2.0.50727_64 - ok
11:35:06.0445 0x252c  [ 5BAF4F1296D4D91FC28560CDB4C37C4B, ACA4BC57ED1F8432F18F0F215EC7FF956BAEF6E02760779E264E4008A979E9DD ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:35:06.0455 0x252c  clr_optimization_v4.0.30319_32 - ok
11:35:06.0460 0x252c  [ 569B54004A7E85A74FD92841DE6058E2, 58949313D0F6B1C06359B2F3C68E29940B1655A17E93FFC3718F6D2EAE1633E4 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:35:06.0472 0x252c  clr_optimization_v4.0.30319_64 - ok
11:35:06.0475 0x252c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
11:35:06.0485 0x252c  CmBatt - ok
11:35:06.0488 0x252c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
11:35:06.0496 0x252c  cmdide - ok
11:35:06.0503 0x252c  [ B29A764A1E76473CD9D64C9438705C19, CD0497EB84DE60E1E491CA495AF981A8DFC4949BB373C1978CAF1BCF4321D30E ] cm_km           C:\Windows\system32\DRIVERS\cm_km.sys
11:35:06.0515 0x252c  cm_km - ok
11:35:06.0526 0x252c  [ A98CED39AD91B445E2E442A9BD67E8B4, B4189DEEF1C0EE22AE983119047B1A40FFDD8F3E163DFFABD7C2706231B0B1B0 ] CNG             C:\Windows\system32\Drivers\cng.sys
11:35:06.0545 0x252c  CNG - ok
11:35:06.0549 0x252c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
11:35:06.0556 0x252c  Compbatt - ok
11:35:06.0559 0x252c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
11:35:06.0571 0x252c  CompositeBus - ok
11:35:06.0574 0x252c  COMSysApp - ok
11:35:06.0600 0x252c  [ A93043E0B855AD23C97B9121D73DCA7E, B134450EFD61E901A3FA02A97BFE8B23B29E2551081CBE6D07DBC190F3711029 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
11:35:06.0615 0x252c  cphs - ok
11:35:06.0690 0x252c  cpuz137 - ok
11:35:06.0724 0x252c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
11:35:06.0732 0x252c  crcdisk - ok
11:35:06.0739 0x252c  [ 2C6632CECFDBBE793FDA8AF9CA55A9CC, 335188515F798483660E529204A13012E4D21B0ECA489224A11C26F91A5B3CCE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:35:06.0754 0x252c  CryptSvc - ok
11:35:06.0765 0x252c  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
11:35:06.0785 0x252c  CSC - ok
11:35:06.0802 0x252c  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
11:35:06.0823 0x252c  CscService - ok
11:35:06.0830 0x252c  [ DC08465037FA57A5203BDF3E963422C2, ADA7F6B4ED68413924E187DA1A609BB7B7AA5E483055994A17AEBC7F1BCEC5F2 ] ctxusbm         C:\Windows\system32\DRIVERS\ctxusbm.sys
11:35:06.0841 0x252c  ctxusbm - ok
11:35:06.0852 0x252c  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:35:06.0872 0x252c  DcomLaunch - ok
11:35:06.0881 0x252c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
11:35:06.0909 0x252c  defragsvc - ok
11:35:06.0914 0x252c  [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
11:35:06.0927 0x252c  DfsC - ok
11:35:06.0933 0x252c  [ 1E0F456A03E204F92D24437CD907A512, 8BB28AF33BDEFFECC4EC5C6BFBFBDA525A32FA6A26382353E01FF94BAD2A200C ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
11:35:06.0943 0x252c  dg_ssudbus - ok
11:35:06.0951 0x252c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:35:06.0966 0x252c  Dhcp - ok
11:35:06.0993 0x252c  [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack       C:\Windows\system32\diagtrack.dll
11:35:07.0028 0x252c  DiagTrack - ok
11:35:07.0033 0x252c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
11:35:07.0058 0x252c  discache - ok
11:35:07.0062 0x252c  [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk            C:\Windows\system32\drivers\disk.sys
11:35:07.0070 0x252c  Disk - ok
11:35:07.0074 0x252c  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
11:35:07.0087 0x252c  dmvsc - ok
11:35:07.0093 0x252c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:35:07.0107 0x252c  Dnscache - ok
11:35:07.0115 0x252c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
11:35:07.0142 0x252c  dot3svc - ok
11:35:07.0151 0x252c  [ 497E0E7CD4E6A708EDF8EF4D1702F427, 53591AFB2CACD1A1EDEAEDFABE57E04E219E0A7112F168E78A34DFE9413D7CEC ] DozeSvc         C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
11:35:07.0164 0x252c  DozeSvc - ok
11:35:07.0169 0x252c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
11:35:07.0196 0x252c  DPS - ok
11:35:07.0199 0x252c  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:35:07.0273 0x252c  drmkaud - ok
11:35:07.0294 0x252c  [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:35:07.0319 0x252c  DXGKrnl - ok
11:35:07.0324 0x252c  [ 3CE83D7EE95D9C9F03323810A2E747DF, 50E34E2EC26584A1BE06EA5049481D1AE2F3213B2A81BA86411623ADCEE24F53 ] DzHDD64         C:\Windows\system32\DRIVERS\DzHDD64.sys
11:35:07.0331 0x252c  DzHDD64 - ok
11:35:07.0334 0x252c  [ A0D5450B3D4689DCE4CBBC8268141C37, 86674139314058AB8D8B12BED193828C006329CBA70FA5469E5D39526867B346 ] e.dentifier2    C:\Windows\system32\DRIVERS\aabed2.sys
11:35:07.0345 0x252c  e.dentifier2 - ok
11:35:07.0350 0x252c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
11:35:07.0375 0x252c  EapHost - ok
11:35:07.0434 0x252c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
11:35:07.0506 0x252c  ebdrv - ok
11:35:07.0514 0x252c  [ B90BEFCCEB59C83AC65BFD39EF7404F4, E67C41BF4512948F4F30CE981F4BCF52E3A93EBBAE8408783E9D2D3A04C5CB46 ] ecnssndis       C:\Windows\system32\Drivers\wwuss64.sys
11:35:07.0522 0x252c  ecnssndis - ok
11:35:07.0525 0x252c  [ 1CF09C0555BE49EFE96B33BDA514A334, 63D57C887EB259EA364CBF89AB1D85D7C86D980AAD26E727185ED48348D60A15 ] ecnssndisfltr   C:\Windows\system32\Drivers\wwussf64.sys
11:35:07.0533 0x252c  ecnssndisfltr - ok
11:35:07.0536 0x252c  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] EFS             C:\Windows\System32\lsass.exe
11:35:07.0548 0x252c  EFS - ok
11:35:07.0562 0x252c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
11:35:07.0587 0x252c  ehRecvr - ok
11:35:07.0592 0x252c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
11:35:07.0604 0x252c  ehSched - ok
11:35:07.0615 0x252c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
11:35:07.0633 0x252c  elxstor - ok
11:35:07.0637 0x252c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
11:35:07.0646 0x252c  ErrDev - ok
11:35:07.0659 0x252c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
11:35:07.0690 0x252c  EventSystem - ok
11:35:07.0705 0x252c  [ 323740D842252032D57B5DED757C65D5, 617875CA136E0CDA7C4856C4D0C2B233EE09078E5B46C515CA2476CCCE44AF00 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
11:35:07.0722 0x252c  EvtEng - ok
11:35:07.0729 0x252c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
11:35:07.0759 0x252c  exfat - ok
11:35:07.0766 0x252c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:35:07.0795 0x252c  fastfat - ok
11:35:07.0809 0x252c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
11:35:07.0833 0x252c  Fax - ok
11:35:07.0838 0x252c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
11:35:07.0847 0x252c  fdc - ok
11:35:07.0850 0x252c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
11:35:07.0875 0x252c  fdPHost - ok
11:35:07.0878 0x252c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:35:07.0903 0x252c  FDResPub - ok
11:35:07.0907 0x252c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:35:07.0915 0x252c  FileInfo - ok
11:35:07.0918 0x252c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:35:07.0945 0x252c  Filetrace - ok
11:35:07.0948 0x252c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
11:35:07.0957 0x252c  flpydisk - ok
11:35:07.0965 0x252c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:35:07.0977 0x252c  FltMgr - ok
11:35:07.0999 0x252c  [ 700A5373FA66F1DAAECBD2CFB88C73ED, D6C1C4C846BC24EB6539ECC701A456FA53BB6679C79391F5B70580D47B6CE395 ] FontCache       C:\Windows\system32\FntCache.dll
11:35:08.0035 0x252c  FontCache - ok
11:35:08.0040 0x252c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:35:08.0047 0x252c  FontCache3.0.0.0 - ok
11:35:08.0051 0x252c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:35:08.0059 0x252c  FsDepends - ok
11:35:08.0062 0x252c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:35:08.0071 0x252c  Fs_Rec - ok
11:35:08.0078 0x252c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:35:08.0091 0x252c  fvevol - ok
11:35:08.0095 0x252c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
11:35:08.0103 0x252c  gagp30kx - ok
11:35:08.0106 0x252c  [ 9F5E8645FECD68C0ECC374F5A4AE068A, 7F225A1DC6B665EF3DB8B19D553194A1D6020EEDA74A9CEE0E9B22FE4573C4B6 ] gfiark          C:\Windows\system32\drivers\gfiark.sys
11:35:08.0114 0x252c  gfiark - ok
11:35:08.0117 0x252c  [ 14908F4F9005C29DE8F5587E271390EE, 43DDFA99F52467F91019DB858989F111EBE48A2BED8D43EA2C15D1FD3C104489 ] gfibto          C:\Windows\system32\drivers\gfibto.sys
11:35:08.0124 0x252c  gfibto - ok
11:35:08.0140 0x252c  [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc           C:\Windows\System32\gpsvc.dll
11:35:08.0165 0x252c  gpsvc - ok
11:35:08.0171 0x252c  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:35:08.0179 0x252c  gupdate - ok
11:35:08.0184 0x252c  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:35:08.0192 0x252c  gupdatem - ok
11:35:08.0195 0x252c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
11:35:08.0207 0x252c  hcw85cir - ok
11:35:08.0216 0x252c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:35:08.0233 0x252c  HdAudAddService - ok
11:35:08.0238 0x252c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
11:35:08.0251 0x252c  HDAudBus - ok
11:35:08.0255 0x252c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
11:35:08.0264 0x252c  HidBatt - ok
11:35:08.0268 0x252c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
11:35:08.0280 0x252c  HidBth - ok
11:35:08.0284 0x252c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
11:35:08.0295 0x252c  HidIr - ok
11:35:08.0299 0x252c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
11:35:08.0324 0x252c  hidserv - ok
11:35:08.0328 0x252c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
11:35:08.0338 0x252c  HidUsb - ok
11:35:08.0343 0x252c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:35:08.0367 0x252c  hkmsvc - ok
11:35:08.0374 0x252c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:35:08.0387 0x252c  HomeGroupListener - ok
11:35:08.0393 0x252c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:35:08.0405 0x252c  HomeGroupProvider - ok
11:35:08.0409 0x252c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:35:08.0417 0x252c  HpSAMD - ok
11:35:08.0432 0x252c  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:35:08.0457 0x252c  HTTP - ok
11:35:08.0480 0x252c  [ E5805896A55D4166C20F216249F40FA3, F426BF60D5B916E7A778EF24C49FE1FFE1B2977C2ABD2977FD5C38C6E6CB139F ] HWiNFO32        C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS
11:35:08.0487 0x252c  HWiNFO32 - ok
11:35:08.0490 0x252c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:35:08.0497 0x252c  hwpolicy - ok
11:35:08.0505 0x252c  [ 16A7CA284629A4D002F7B992C9A49EF9, FEA48B8DAAE18042C87F05D7C07251F4543D0E9F49C7B705E55477E7F75884A3 ] HyperW7Svc      C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
11:35:08.0513 0x252c  HyperW7Svc - ok
11:35:08.0518 0x252c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
11:35:08.0528 0x252c  i8042prt - ok
11:35:08.0541 0x252c  [ CCFA835960E35F30D28A868E0B3B8722, 47D95E75685F9D40229902A92426FBCB358EA929202EAFBBF79C72873B8B9032 ] iaStor          C:\Windows\system32\drivers\iaStor.sys
11:35:08.0557 0x252c  iaStor - ok
11:35:08.0570 0x252c  [ 8BE099617DA18FE085A40D47FC156B1B, A5F7AB41D32DF8A12F1945C263EE954CE15069C3CFD7131C74A8A3F4EC3AC122 ] iaStorA         C:\Windows\system32\DRIVERS\iaStorA.sys
11:35:08.0588 0x252c  iaStorA - ok
11:35:08.0592 0x252c  [ 005C0887D8B57A19883E3ADEF5478F05, E4D53F6197F128C5A753DBA0592619893D93F87575678E9708830B04C4CE1553 ] iaStorF         C:\Windows\system32\DRIVERS\iaStorF.sys
11:35:08.0599 0x252c  iaStorF - ok
11:35:08.0608 0x252c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
11:35:08.0623 0x252c  iaStorV - ok
11:35:08.0627 0x252c  [ 053DFE4E6324B828C16CB6F5B9F20790, 17347896126DE49C570D2AC025F2A4BB8250B67ECD6A6D31B80EBD9423799F0B ] IBMPMDRV        C:\Windows\system32\DRIVERS\ibmpmdrv.sys
11:35:08.0638 0x252c  IBMPMDRV - ok
11:35:08.0644 0x252c  [ D84EF85ED4F2044784A44C211A27D065, FA18EA57507353DC3DB18F840F0499D7874AC055E3190E4D76DB9AA1021FC674 ] IBMPMSVC        C:\Windows\system32\ibmpmsvc.exe
11:35:08.0655 0x252c  IBMPMSVC - ok
11:35:08.0661 0x252c  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
11:35:08.0670 0x252c  ICCS - ok
11:35:08.0687 0x252c  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:35:08.0710 0x252c  idsvc - ok
11:35:08.0714 0x252c  IEEtwCollectorService - ok
11:35:08.0809 0x252c  [ E294EA00A7B5616215C0A3DFB8BF3A6D, F7E20695EF0A9E4F6C30F86823BBF24CE7CBDE9432958A1D98E82E62DCCCB167 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
11:35:08.0920 0x252c  igfx - ok
11:35:08.0929 0x252c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
11:35:08.0937 0x252c  iirsp - ok
11:35:08.0954 0x252c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
11:35:08.0976 0x252c  IKEEXT - ok
11:35:08.0982 0x252c  [ 314285071F7117263BD246E35C17FD82, 12E135DAB9D717D697026800C97FB58A64C0C37ACE715C2805A411A5384CB55A ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
11:35:08.0989 0x252c  intaud_WaveExtensible - ok
11:35:09.0052 0x252c  [ 0CDE7928C4B99C25AAED3B4E84E78168, 5B5444574551D2637A3827F26D248573AECE1B12DFA175C13B10B2A777AD2513 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:35:09.0128 0x252c  IntcAzAudAddService - ok
11:35:09.0143 0x252c  [ B375D8686E1BD2B79C0F00E3868A8C3B, A15D99F04B69FB37ED3AC0C3BBA464BF6D6EB1873D4AE1062983120E3BD1C4DB ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
11:35:09.0157 0x252c  IntcDAud - ok
11:35:09.0172 0x252c  [ C6128F2E3DC6156C6F8828F9F1B96010, 612C1191AFB8F69BA5634E8C52BDDE608F57D98FA4C76C5A337676A5F1E8191D ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
11:35:09.0191 0x252c  Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
11:35:11.0308 0x252c  Detect skipped due to KSN trusted
11:35:11.0308 0x252c  Intel(R) Capability Licensing Service Interface - ok
11:35:11.0325 0x252c  [ 729AB4F0608E95EFF8FDEF23596283E2, 62A2091FF440C65505AB3E38436A86D9B0978BCB9485960EFCE0C5CBC8E06201 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
11:35:11.0346 0x252c  Intel(R) Capability Licensing Service TCP IP Interface - ok
11:35:11.0349 0x252c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
11:35:11.0357 0x252c  intelide - ok
11:35:11.0361 0x252c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
11:35:11.0371 0x252c  intelppm - ok
11:35:11.0376 0x252c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
11:35:11.0402 0x252c  IPBusEnum - ok
11:35:11.0406 0x252c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:35:11.0430 0x252c  IpFilterDriver - ok
11:35:11.0442 0x252c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:35:11.0461 0x252c  iphlpsvc - ok
11:35:11.0466 0x252c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
11:35:11.0476 0x252c  IPMIDRV - ok
11:35:11.0480 0x252c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:35:11.0507 0x252c  IPNAT - ok
11:35:11.0510 0x252c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:35:11.0523 0x252c  IRENUM - ok
11:35:11.0526 0x252c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:35:11.0536 0x252c  isapnp - ok
11:35:11.0543 0x252c  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
11:35:11.0556 0x252c  iScsiPrt - ok
11:35:11.0560 0x252c  [ 970995B7C36F4408ED31C3BF204FE1F5, 466C5FA3A26E997009E33EA9B0923BFE7FCC9D367444F31C1BEB3D6EACDB6BA9 ] ISCT            C:\Windows\system32\DRIVERS\ISCTD64.sys
11:35:11.0567 0x252c  ISCT - ok
11:35:11.0571 0x252c  [ 68CF5515B176527523ED379915350AE3, C69C7B69ECAE290A27F0D3DF6C989CDA667A0C4807216D3C0390EECFC4108D16 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
11:35:11.0578 0x252c  iusb3hcs - ok
11:35:11.0587 0x252c  [ EE522B28633D275BFE12EF70F4936E37, 420153B13CF3C2AD566A8A3EAFDBE57877E41BA8D3130447EFF97E14D2C61FED ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
11:35:11.0600 0x252c  iusb3hub - ok
11:35:11.0616 0x252c  [ 69AB13996A97F8168538F98FB832A86B, 305DD07ACE25E83175FD95DBBB4B1A276ECFB1DAB840595182C03FED7B02B2EB ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
11:35:11.0637 0x252c  iusb3xhc - ok
11:35:11.0642 0x252c  [ 4487AD9C070D3973FE28AB4406555FC6, 77D8DE3036613618D44D7E5E47C9C754B8F0FF294D9DD778C92A7AFDA8F778FC ] iwdbus          C:\Windows\system32\DRIVERS\iwdbus.sys
11:35:11.0650 0x252c  iwdbus - ok
11:35:11.0657 0x252c  [ A3B59E5887B294F2ED06A522F0FDC9D3, 38B8453FC100C74376E6B36D71F27228D1EBE1094ED0175F96C018C958B1B37A ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
11:35:11.0665 0x252c  jhi_service - ok
11:35:11.0669 0x252c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
11:35:11.0677 0x252c  kbdclass - ok
11:35:11.0680 0x252c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
11:35:11.0690 0x252c  kbdhid - ok
11:35:11.0693 0x252c  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] KeyIso          C:\Windows\system32\lsass.exe
11:35:11.0703 0x252c  KeyIso - ok
11:35:11.0715 0x252c  [ 97E3E8F35632EECD0ABD2DE6519A9666, ABE96FDEB1076E380D7FB4975C020B43ED4E821097EFC6AFE8C75D764167D6E8 ] kl1             C:\Windows\system32\DRIVERS\kl1.sys
11:35:11.0734 0x252c  kl1 - ok
11:35:11.0739 0x252c  [ B01AD8DA034EE42D4C2282F77FDB03AE, 3FF55F3CEE4A0E5D559F04F5A639297EA0F36580720E94CF9DD56DEBF2E98F39 ] klbackupdisk    C:\Windows\system32\DRIVERS\klbackupdisk.sys
11:35:11.0749 0x252c  klbackupdisk - ok
11:35:11.0754 0x252c  [ 39DFFABF0E74E1F4856EF0A9E696C337, F7CA397BC87B01EAF0A2B737447B0B84ACCD72782473CA98FA73DA3232B64AD7 ] klbackupflt     C:\Windows\system32\DRIVERS\klbackupflt.sys
11:35:11.0764 0x252c  klbackupflt - ok
11:35:11.0768 0x252c  [ 7DAA9047F50BF5A3F8C147719FC520AF, 0740387075AF46DB1E9AEE3B12C65A06EDFE58EADB8B562C36CB1FEFF9905C26 ] kldisk          C:\Windows\system32\DRIVERS\kldisk.sys
11:35:11.0779 0x252c  kldisk - ok
11:35:11.0786 0x252c  [ DCF9E429D30DD641F948DF7F6B1AE098, 04A2241B93FA6C543BC57FA5E7817D526F0BB98970A8DA1EF2783300227DC58C ] klflt           C:\Windows\system32\DRIVERS\klflt.sys
11:35:11.0798 0x252c  klflt - ok
11:35:11.0807 0x252c  [ 9A5B29ADF3F6F3A09DD92C6A6C6C4C3C, F8F8FC5CEE5A39C53FB39EC8F5B55EEC318206690B81A4D32C27018294820ECB ] klhk            C:\Windows\system32\DRIVERS\klhk.sys
11:35:11.0823 0x252c  klhk - ok
11:35:11.0844 0x252c  [ EE74069475F36F56042150ED71876D5E, DE2E87B4610A1BA4A18FB81786CE1106D367B19DDE1ADE0FD9EA2532D1A3B4D2 ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
11:35:11.0873 0x252c  KLIF - ok
11:35:11.0877 0x252c  [ F8AE6D4060F8822D246D493359D06201, 9974A80DF0CF22ACB8A4F37E1A19E27ACB4F16429FDC194608762E02BE23FDD9 ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
11:35:11.0888 0x252c  KLIM6 - ok
11:35:11.0892 0x252c  [ DDBA4D4C8C08E4C972D7AF7B06B84804, FDC9138316C1ADA0895BBB9358EC74CD1E1B546E09EA1079393C4E6568523612 ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
11:35:11.0902 0x252c  klkbdflt - ok
11:35:11.0906 0x252c  [ D792857D47B8DF5BFEC02534C1933BE2, BDD483FA8E2DC50DB4E54D475867455F0D7E115494E2A31CD27A065C7EC26951 ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
11:35:11.0915 0x252c  klmouflt - ok
11:35:11.0918 0x252c  [ 6B0C605591C892CBB683F63EA47822DC, E74C0A0501A1B4B56B417402108521F34DA6A23FCD1C05E4E524E41EBA0906FF ] klpd            C:\Windows\system32\DRIVERS\klpd.sys
11:35:11.0928 0x252c  klpd - ok
11:35:11.0932 0x252c  [ 828B042A95F055648DA190DF6C7AB1B6, 0457B0EF03BCB4CC1297EB25A25C162937F456BF406EC7B1A5E9A0AA13A9BCD7 ] kltap           C:\Windows\system32\DRIVERS\kltap.sys
11:35:11.0941 0x252c  kltap - ok
11:35:11.0945 0x252c  [ CFE5FD219EC7773D5674C6EDDF8C1A98, 34F7EEA492690980BE3A76E978D545CA49245E668174A51C9209B878ADA1E96A ] kltdi           C:\Windows\system32\DRIVERS\kltdi.sys
11:35:11.0956 0x252c  kltdi - ok
11:35:11.0962 0x252c  [ D7F0B46844565E2ED68AC99AF0F4263F, AB419CBC29F96703237127AC4178A5365D4CCA010BAB1BD66D100D635E6E89B8 ] klvssbrigde64   C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe
11:35:11.0970 0x252c  klvssbrigde64 - ok
11:35:11.0975 0x252c  [ D476ABA10C8429EB69E8F943247A5423, EC74FECA4A85D05D426D0A16A302ACA71CD47A8F1A83361D732ACC8F0A0EE971 ] Klwtp           C:\Windows\system32\DRIVERS\klwtp.sys
11:35:11.0987 0x252c  Klwtp - ok
11:35:11.0994 0x252c  [ 67EFD862ACEFCB9687523832C62FA584, B3C9A36C535B706EB19E5C5437705E8C5EC71F45115A2C97E1348462EC2A3922 ] kneps           C:\Windows\system32\DRIVERS\kneps.sys
11:35:12.0007 0x252c  kneps - ok
11:35:12.0014 0x252c  [ EFF5EA6088DB81C6EF6EDCDA5EE79909, 4D364B0BF012C335FA3B25BDF042D4AF672D961B9B48CB7C5BE34FCFD1D64979 ] KSDE1.0.0       C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
11:35:12.0025 0x252c  KSDE1.0.0 - ok
11:35:12.0031 0x252c  [ 6F5F0C6160EF237F0243C1E416EEBA98, 8BA8AA0D71350A74E294A731226B1638C6059013D645ABDE7188F7733E320FBD ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:35:12.0040 0x252c  KSecDD - ok
11:35:12.0046 0x252c  [ 05529E53B286FD60E7EF04EF138CABFD, 6C045750DCD3EE76F748582513AD4FA99C0E8E56B616725CD48DCA1068FF8923 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:35:12.0056 0x252c  KSecPkg - ok
11:35:12.0059 0x252c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
11:35:12.0083 0x252c  ksthunk - ok
11:35:12.0091 0x252c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:35:12.0121 0x252c  KtmRm - ok
11:35:12.0127 0x252c  [ 69355633064DF425098477A3247B9448, 07F5E633D9C7FEEC1B451765EBD27835AB101B29230DAC037C2B659074C586A9 ] l36wgps         C:\Windows\system32\DRIVERS\l36wgps64.sys
11:35:12.0136 0x252c  l36wgps - ok
11:35:12.0140 0x252c  [ 95DA07E4859396912D8E5630DA5A9324, E49278419B7F121C8A51926B56043D2BD0CE26335F580BBAE394348275542B48 ] l36wscard       C:\Windows\system32\DRIVERS\l36wscard.sys
11:35:12.0147 0x252c  l36wscard - ok
11:35:12.0155 0x252c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
11:35:12.0182 0x252c  LanmanServer - ok
11:35:12.0188 0x252c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:35:12.0214 0x252c  LanmanWorkstation - ok
11:35:12.0264 0x252c  [ 8FB6D64CB42E660C4534D38013D64A03, 11A6A914E8588DDFDE32D12A858BA8A31783B5DDB42C9E7FD0F237D57A437976 ] LavasoftTcpService C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
11:35:12.0316 0x252c  LavasoftTcpService - ok
11:35:12.0324 0x252c  [ 070A31A7AEDBC6FC0E990D4944A95FB4, A486D85D1F4857F832AA45372FF531C9001329FD02CEFB16DDC1C82CDC0A8FF1 ] LenLan          C:\Windows\system32\DRIVERS\LenLan.sys
11:35:12.0336 0x252c  LenLan - ok
11:35:12.0341 0x252c  [ F96ADC7EA527C2588CB0A7AA94F23B31, BA317F71F2035DE1CF856381A92463E31DFFB580B23275F34A3770D13313F0FE ] LENOVO.MICMUTE  C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
11:35:12.0349 0x252c  LENOVO.MICMUTE - ok
11:35:12.0354 0x252c  [ EE982F13F0957AB40992DDBC47164A76, C75AA052A8B2E5A1CBA06C32D855B74C576F2E349B8D1A4570F7E991933FEE6A ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
11:35:12.0362 0x252c  Lenovo.VIRTSCRLSVC - ok
11:35:12.0366 0x252c  [ 77D5786C6A7765503884E38706C9FD5E, 827DC2069AA0997DB87E118AAAA53575D97A89147C1451464986F8D68A329D41 ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
11:35:12.0375 0x252c  LHidFilt - ok
11:35:12.0378 0x252c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:35:12.0403 0x252c  lltdio - ok
11:35:12.0410 0x252c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:35:12.0440 0x252c  lltdsvc - ok
11:35:12.0444 0x252c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:35:12.0470 0x252c  lmhosts - ok
11:35:12.0474 0x252c  [ F84023FB2E3DEA06103501974A2EDB44, 38144EB7DE7F0B33F9C3E637715834CD0860CCE11915C77065000949767D98DF ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
11:35:12.0481 0x252c  LMouFilt - ok
11:35:12.0490 0x252c  [ 3142FC089FE8FCF79B442B91BC4F0C16, ECF8E9CC84B87D19C4762E73EA2DD80B336A9C42A67512F2E73179F49484592A ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
11:35:12.0503 0x252c  LMS - ok
11:35:12.0506 0x252c  [ 285BE1702B8ED8EDDE032C2994845A48, 2E8829A7F28456B9035A53C2488507577B5A08C5E90C29B0089386773D31A453 ] lnvDiscoveryWinSvc C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe
11:35:12.0513 0x252c  lnvDiscoveryWinSvc - ok
11:35:12.0529 0x252c  [ 67569B50D28182AE1B21C46815CE58D0, 8332604147643BB151DB035F97A611B0D935DA6778266D9913BC945D5789EF87 ] LPlatSvc        C:\Windows\system32\LPlatSvc.exe
11:35:12.0551 0x252c  LPlatSvc - ok
11:35:12.0561 0x252c  [ FD66828B7E8D085FD0F6009444525636, EA9405BA323EF8B1972669713C45DF1F2BF9C4C55310FEE6367FA8C9DE2CC164 ] LSC.Services.SystemService C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe
11:35:12.0575 0x252c  LSC.Services.SystemService - ok
11:35:12.0580 0x252c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
11:35:12.0590 0x252c  LSI_FC - ok
11:35:12.0594 0x252c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
11:35:12.0603 0x252c  LSI_SAS - ok
11:35:12.0608 0x252c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
11:35:12.0616 0x252c  LSI_SAS2 - ok
11:35:12.0621 0x252c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
11:35:12.0630 0x252c  LSI_SCSI - ok
11:35:12.0635 0x252c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
11:35:12.0661 0x252c  luafv - ok
11:35:12.0664 0x252c  [ 97355D9AAC9EC42A7DFC9664F81FC699, B96E483271F326135F2CB7797A7EEFFCA275761FE75134849DCAA812E26523B8 ] LUsbFilt        C:\Windows\system32\Drivers\LUsbFilt.Sys
11:35:12.0671 0x252c  LUsbFilt - ok
11:35:12.0681 0x252c  [ 7FC758B6B562E8105758328961EE50F2, DE12E5C0283510C21632157D151D1168C09CCEB3F3BFAA58357DE652450687FE ] Mbm3CBus        C:\Windows\system32\DRIVERS\Mbm3CBus.sys
11:35:12.0696 0x252c  Mbm3CBus - ok
11:35:12.0706 0x252c  [ 9644C6B313A08B36E3577193FE844197, BA51DFD136CC741EF908402F21FC6748805B50EC4DE162415E50A3273D0EA3BE ] Mbm3DevMt       C:\Windows\system32\DRIVERS\Mbm3DevMt.sys
11:35:12.0721 0x252c  Mbm3DevMt - ok
11:35:12.0725 0x252c  [ FAFA77810CB6C4E196C7CD28855292BB, C59E5C297FDE253DACAC4371847E7BA741CCE297633EBA92CD028930D70B28CB ] Mbm3mdfl        C:\Windows\system32\DRIVERS\Mbm3mdfl.sys
11:35:12.0732 0x252c  Mbm3mdfl - ok
11:35:12.0743 0x252c  [ A1A8597F1EB14A27DDA510371498C0AB, 6D22A5FA1C22FD871146516311C1F657B59CFAFF9458CCF8F2D55C971353F4A1 ] Mbm3Mdm         C:\Windows\system32\DRIVERS\Mbm3Mdm.sys
11:35:12.0758 0x252c  Mbm3Mdm - ok
11:35:12.0762 0x252c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
11:35:12.0772 0x252c  Mcx2Svc - ok
11:35:12.0775 0x252c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
11:35:12.0782 0x252c  megasas - ok
11:35:12.0790 0x252c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
11:35:12.0802 0x252c  MegaSR - ok
11:35:12.0806 0x252c  [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
11:35:12.0814 0x252c  MEIx64 - ok
11:35:12.0819 0x252c  Microsoft SharePoint Workspace Audit Service - ok
11:35:12.0823 0x252c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
11:35:12.0852 0x252c  MMCSS - ok
11:35:12.0855 0x252c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
11:35:12.0879 0x252c  Modem - ok
11:35:12.0882 0x252c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
11:35:12.0893 0x252c  monitor - ok
11:35:12.0897 0x252c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
11:35:12.0905 0x252c  mouclass - ok
11:35:12.0908 0x252c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
11:35:12.0917 0x252c  mouhid - ok
11:35:12.0921 0x252c  [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:35:12.0929 0x252c  mountmgr - ok
11:35:12.0935 0x252c  [ ADF79A49E942C91D1FC9863CBFDD6B58, C2B2A792C4717133DCAE6297EE3F5D985B11D3C1E68A8DC23985AC6B78ACDE98 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:35:12.0946 0x252c  MozillaMaintenance - ok
11:35:12.0951 0x252c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
11:35:12.0963 0x252c  mpio - ok
11:35:12.0968 0x252c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:35:12.0992 0x252c  mpsdrv - ok
11:35:13.0010 0x252c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:35:13.0046 0x252c  MpsSvc - ok
11:35:13.0052 0x252c  [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:35:13.0067 0x252c  MRxDAV - ok
11:35:13.0074 0x252c  [ 632E8A00090E4F85F304E152C92C7F2C, A3098941251A8327C95E6B1122384D54FB0ED705A9215577D968EA5B5FD88C87 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:35:13.0089 0x252c  mrxsmb - ok
11:35:13.0097 0x252c  [ 0D9C05484F2F4BD9D33A615D5DBE67EA, 1E164B631B1CD85DD5B205284CB547B189609946490AAABD22741743BFB413DF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:35:13.0112 0x252c  mrxsmb10 - ok
11:35:13.0118 0x252c  [ 6123E6FECC1C164022868FB1982271BE, 417E6C7AFF8B014B31AFCC202B0DCEECBDBB73205DF8C3EFC7E313664E284178 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:35:13.0129 0x252c  mrxsmb20 - ok
11:35:13.0133 0x252c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
11:35:13.0141 0x252c  msahci - ok
11:35:13.0146 0x252c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
11:35:13.0156 0x252c  msdsm - ok
11:35:13.0161 0x252c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
11:35:13.0174 0x252c  MSDTC - ok
11:35:13.0179 0x252c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:35:13.0204 0x252c  Msfs - ok
11:35:13.0207 0x252c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:35:13.0232 0x252c  mshidkmdf - ok
11:35:13.0235 0x252c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:35:13.0245 0x252c  msisadrv - ok
11:35:13.0251 0x252c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:35:13.0277 0x252c  MSiSCSI - ok
11:35:13.0280 0x252c  msiserver - ok
11:35:13.0283 0x252c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:35:13.0307 0x252c  MSKSSRV - ok
11:35:13.0310 0x252c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:35:13.0333 0x252c  MSPCLOCK - ok
11:35:13.0336 0x252c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:35:13.0361 0x252c  MSPQM - ok
11:35:13.0371 0x252c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:35:13.0384 0x252c  MsRPC - ok
11:35:13.0389 0x252c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
11:35:13.0397 0x252c  mssmbios - ok
11:35:13.0400 0x252c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:35:13.0425 0x252c  MSTEE - ok
11:35:13.0427 0x252c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
11:35:13.0436 0x252c  MTConfig - ok
11:35:13.0440 0x252c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
11:35:13.0449 0x252c  Mup - ok
11:35:13.0457 0x252c  [ CD8DD76B58803B36FDC7C6B5D68300DD, 7F8672E22BFC2993A50D85F7749C1007FA7C4010FB51CA44F47B2A3028FEC0B7 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
11:35:13.0468 0x252c  MyWiFiDHCPDNS - ok
11:35:13.0479 0x252c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
11:35:13.0511 0x252c  napagent - ok
11:35:13.0519 0x252c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:35:13.0537 0x252c  NativeWifiP - ok
11:35:13.0555 0x252c  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:35:13.0581 0x252c  NDIS - ok
11:35:13.0585 0x252c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:35:13.0611 0x252c  NdisCap - ok
11:35:13.0614 0x252c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:35:13.0639 0x252c  NdisTapi - ok
11:35:13.0642 0x252c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:35:13.0667 0x252c  Ndisuio - ok
11:35:13.0673 0x252c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:35:13.0701 0x252c  NdisWan - ok
11:35:13.0704 0x252c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:35:13.0728 0x252c  NDProxy - ok
11:35:13.0731 0x252c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:35:13.0756 0x252c  NetBIOS - ok
11:35:13.0763 0x252c  [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:35:13.0780 0x252c  NetBT - ok
11:35:13.0784 0x252c  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] Netlogon        C:\Windows\system32\lsass.exe
11:35:13.0793 0x252c  Netlogon - ok
11:35:13.0801 0x252c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
11:35:13.0831 0x252c  Netman - ok
11:35:13.0839 0x252c  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:35:13.0851 0x252c  NetMsmqActivator - ok
11:35:13.0855 0x252c  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:35:13.0865 0x252c  NetPipeActivator - ok
11:35:13.0875 0x252c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
11:35:13.0907 0x252c  netprofm - ok
11:35:13.0912 0x252c  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:35:13.0923 0x252c  NetTcpActivator - ok
11:35:13.0927 0x252c  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:35:13.0938 0x252c  NetTcpPortSharing - ok
11:35:14.0138 0x252c  [ 9233F2F1A3CD407A6622F6D38F120838, BA63FB78A29718F5F9DE5B967B4BAE8D3F455356855BB8E2A03DFF760BE6A6DA ] NETwNs64        C:\Windows\system32\DRIVERS\Netwsw00.sys
11:35:14.0364 0x252c  NETwNs64 - ok
11:35:14.0377 0x252c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
11:35:14.0386 0x252c  nfrd960 - ok
11:35:14.0393 0x252c  [ BC4B7FA7F7EBE5E9CC70885A2CB727D0, 0BC3EF7B5CEC9A4639607E5F901A65296F150B451714DF754847637D98CD8D98 ] NitroDriverReadSpool2 C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
11:35:14.0402 0x252c  NitroDriverReadSpool2 - ok
11:35:14.0410 0x252c  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:35:14.0426 0x252c  NlaSvc - ok
11:35:14.0430 0x252c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:35:14.0454 0x252c  Npfs - ok
11:35:14.0457 0x252c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
11:35:14.0482 0x252c  nsi - ok
11:35:14.0485 0x252c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:35:14.0510 0x252c  nsiproxy - ok
11:35:14.0544 0x252c  [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:35:14.0584 0x252c  Ntfs - ok
11:35:14.0589 0x252c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
11:35:14.0614 0x252c  Null - ok
11:35:14.0619 0x252c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:35:14.0629 0x252c  nvraid - ok
11:35:14.0634 0x252c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:35:14.0645 0x252c  nvstor - ok
11:35:14.0650 0x252c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:35:14.0659 0x252c  nv_agp - ok
11:35:14.0663 0x252c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
11:35:14.0673 0x252c  ohci1394 - ok
11:35:14.0678 0x252c  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:35:14.0687 0x252c  ose - ok
11:35:14.0770 0x252c  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:35:14.0862 0x252c  osppsvc - ok
11:35:14.0878 0x252c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:35:14.0895 0x252c  p2pimsvc - ok
11:35:14.0909 0x252c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
11:35:14.0924 0x252c  p2psvc - ok
11:35:14.0929 0x252c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
11:35:14.0939 0x252c  Parport - ok
11:35:14.0943 0x252c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:35:14.0951 0x252c  partmgr - ok
11:35:14.0958 0x252c  [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:35:14.0974 0x252c  PcaSvc - ok
11:35:14.0981 0x252c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
11:35:14.0992 0x252c  pci - ok
11:35:14.0995 0x252c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
11:35:15.0003 0x252c  pciide - ok
11:35:15.0009 0x252c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
11:35:15.0021 0x252c  pcmcia - ok
11:35:15.0025 0x252c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
11:35:15.0033 0x252c  pcw - ok
11:35:15.0046 0x252c  [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:35:15.0067 0x252c  PEAUTH - ok
11:35:15.0095 0x252c  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
11:35:15.0135 0x252c  PeerDistSvc - ok
11:35:15.0164 0x252c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
11:35:15.0175 0x252c  PerfHost - ok
11:35:15.0181 0x252c  [ B4C1BF666DBD6899EC4A9A499DAA040B, D6F9E42F25DCBE19A3766165D96CC2D30E834B19B841688FD6A2E26FD9166315 ] PHCORE          C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS
11:35:15.0189 0x252c  PHCORE - ok
11:35:15.0217 0x252c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
11:35:15.0263 0x252c  pla - ok
11:35:15.0275 0x252c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
         


Alt 07.02.2017, 11:42   #6
tomka
 
Ungewünschte Webseite öffnet sich - Standard

Ungewünschte Webseite öffnet sich



Code:
ATTFilter
11:35:15.0294 0x252c  PlugPlay - ok
11:35:15.0298 0x252c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:35:15.0308 0x252c  PNRPAutoReg - ok
11:35:15.0316 0x252c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:35:15.0329 0x252c  PNRPsvc - ok
11:35:15.0341 0x252c  [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:35:15.0360 0x252c  PolicyAgent - ok
11:35:15.0368 0x252c  [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power           C:\Windows\system32\umpo.dll
11:35:15.0383 0x252c  Power - ok
11:35:15.0415 0x252c  [ 3E1BA96F0B2E07117AD0E81C2B685E32, 8E6C45C1222D3C5442ECCE5E29B1023DDEB1E457FE86267A1DDEF8ED06ADDB3B ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
11:35:15.0448 0x252c  Power Manager DBC Service - ok
11:35:15.0456 0x252c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:35:15.0481 0x252c  PptpMiniport - ok
11:35:15.0485 0x252c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
11:35:15.0497 0x252c  Processor - ok
11:35:15.0503 0x252c  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
11:35:15.0517 0x252c  ProfSvc - ok
11:35:15.0520 0x252c  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] ProtectedStorage C:\Windows\system32\lsass.exe
11:35:15.0529 0x252c  ProtectedStorage - ok
11:35:15.0532 0x252c  [ 05A4779E4994B21473EDBE85AABE8030, AFD597461B036FDE42013648A4D542B02AE1D7E128BF0B193BA4B478432F0C72 ] psadd           C:\Windows\system32\DRIVERS\psadd.sys
11:35:15.0538 0x252c  psadd - ok
11:35:15.0543 0x252c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:35:15.0568 0x252c  Psched - ok
11:35:15.0595 0x252c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
11:35:15.0630 0x252c  ql2300 - ok
11:35:15.0638 0x252c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
11:35:15.0648 0x252c  ql40xx - ok
11:35:15.0654 0x252c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
11:35:15.0670 0x252c  QWAVE - ok
11:35:15.0673 0x252c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:35:15.0685 0x252c  QWAVEdrv - ok
11:35:15.0688 0x252c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:35:15.0713 0x252c  RasAcd - ok
11:35:15.0717 0x252c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
11:35:15.0742 0x252c  RasAgileVpn - ok
11:35:15.0746 0x252c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
11:35:15.0772 0x252c  RasAuto - ok
11:35:15.0776 0x252c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:35:15.0801 0x252c  Rasl2tp - ok
11:35:15.0810 0x252c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
11:35:15.0843 0x252c  RasMan - ok
11:35:15.0848 0x252c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:35:15.0873 0x252c  RasPppoe - ok
11:35:15.0877 0x252c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:35:15.0903 0x252c  RasSstp - ok
11:35:15.0911 0x252c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:35:15.0940 0x252c  rdbss - ok
11:35:15.0944 0x252c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
11:35:15.0956 0x252c  rdpbus - ok
11:35:15.0958 0x252c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
11:35:15.0984 0x252c  RDPCDD - ok
11:35:15.0992 0x252c  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
11:35:16.0005 0x252c  RDPDR - ok
11:35:16.0009 0x252c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
11:35:16.0032 0x252c  RDPENCDD - ok
11:35:16.0036 0x252c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
11:35:16.0059 0x252c  RDPREFMP - ok
11:35:16.0064 0x252c  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:35:16.0079 0x252c  RdpVideoMiniport - ok
11:35:16.0086 0x252c  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
11:35:16.0100 0x252c  RDPWD - ok
11:35:16.0107 0x252c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:35:16.0118 0x252c  rdyboost - ok
11:35:16.0124 0x252c  [ 23D6449B8D2E2A0CA02A09453853F5B0, 227A151C61D94040F3635E6FBC6238CA3378973EC830755674A306DEE7EC2289 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
11:35:16.0133 0x252c  RegSrvc - ok
11:35:16.0139 0x252c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:35:16.0164 0x252c  RemoteAccess - ok
11:35:16.0169 0x252c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:35:16.0199 0x252c  RemoteRegistry - ok
11:35:16.0205 0x252c  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
11:35:16.0219 0x252c  RFCOMM - ok
11:35:16.0224 0x252c  [ 5A227511ED22DDFEDF7EF7323C8F7D2F, 5056DED32432E192268BE8214B6152A488807357D1BBB769171843E589BF4320 ] risdxc          C:\Windows\system32\DRIVERS\risdxc64.sys
11:35:16.0235 0x252c  risdxc - ok
11:35:16.0239 0x252c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:35:16.0265 0x252c  RpcEptMapper - ok
11:35:16.0268 0x252c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
11:35:16.0277 0x252c  RpcLocator - ok
11:35:16.0289 0x252c  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs           C:\Windows\system32\rpcss.dll
11:35:16.0307 0x252c  RpcSs - ok
11:35:16.0311 0x252c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:35:16.0336 0x252c  rspndr - ok
11:35:16.0347 0x252c  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
11:35:16.0363 0x252c  s3cap - ok
11:35:16.0366 0x252c  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] SamSs           C:\Windows\system32\lsass.exe
11:35:16.0377 0x252c  SamSs - ok
11:35:16.0381 0x252c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:35:16.0390 0x252c  sbp2port - ok
11:35:16.0397 0x252c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:35:16.0424 0x252c  SCardSvr - ok
11:35:16.0427 0x252c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:35:16.0450 0x252c  scfilter - ok
11:35:16.0471 0x252c  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
11:35:16.0500 0x252c  Schedule - ok
11:35:16.0507 0x252c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:35:16.0530 0x252c  SCPolicySvc - ok
11:35:16.0535 0x252c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:35:16.0549 0x252c  SDRSVC - ok
11:35:16.0553 0x252c  [ A507D0060EEB23B89E76E08C240B5E99, ACDB11F8AB8619983E553227227138E5C47BA9831F64BBBEFFABA8DC9440DE9F ] SearchProtectionService C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
11:35:16.0558 0x252c  SearchProtectionService - ok
11:35:16.0561 0x252c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:35:16.0571 0x252c  secdrv - ok
11:35:16.0575 0x252c  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
11:35:16.0586 0x252c  seclogon - ok
11:35:16.0591 0x252c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
11:35:16.0615 0x252c  SENS - ok
11:35:16.0619 0x252c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:35:16.0630 0x252c  SensrSvc - ok
11:35:16.0634 0x252c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
11:35:16.0643 0x252c  Serenum - ok
11:35:16.0648 0x252c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
11:35:16.0658 0x252c  Serial - ok
11:35:16.0661 0x252c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
11:35:16.0671 0x252c  sermouse - ok
11:35:16.0679 0x252c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
11:35:16.0706 0x252c  SessionEnv - ok
11:35:16.0709 0x252c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
11:35:16.0719 0x252c  sffdisk - ok
11:35:16.0722 0x252c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
11:35:16.0733 0x252c  sffp_mmc - ok
11:35:16.0736 0x252c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
11:35:16.0747 0x252c  sffp_sd - ok
11:35:16.0749 0x252c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
11:35:16.0759 0x252c  sfloppy - ok
11:35:16.0768 0x252c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:35:16.0798 0x252c  SharedAccess - ok
11:35:16.0807 0x252c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:35:16.0836 0x252c  ShellHWDetection - ok
11:35:16.0840 0x252c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
11:35:16.0848 0x252c  SiSRaid2 - ok
11:35:16.0852 0x252c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
11:35:16.0860 0x252c  SiSRaid4 - ok
11:35:16.0871 0x252c  [ F3AAB7DF6408431C762D8721B68F46E4, 56ED764AA660955B8B06322703D086B3A52106625A83CCAF195B08BCBDEDA88F ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
11:35:16.0886 0x252c  SkypeUpdate - ok
11:35:16.0890 0x252c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
11:35:16.0914 0x252c  Smb - ok
11:35:16.0918 0x252c  [ 7956FD22F1AC83057630975D2B9AA452, ACBA47559D97B1B3FBDD7D9C7F13918EA00D63D9194642692E89E05B2D304BDE ] SmbDrvI         C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
11:35:16.0926 0x252c  SmbDrvI - ok
11:35:16.0929 0x252c  smihlp2 - ok
11:35:16.0935 0x252c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:35:16.0944 0x252c  SNMPTRAP - ok
11:35:16.0947 0x252c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
11:35:16.0955 0x252c  spldr - ok
11:35:16.0966 0x252c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
11:35:16.0988 0x252c  Spooler - ok
11:35:17.0050 0x252c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
11:35:17.0140 0x252c  sppsvc - ok
11:35:17.0147 0x252c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
11:35:17.0175 0x252c  sppuinotify - ok
11:35:17.0203 0x252c  [ 13F0EB464D44CA0AE87CF16F72BD07AE, 99894854B1E9EA0E40D2204E5B2006039DEE30E5593290C8323D8340DFF7F8B2 ] SPUVCbv         C:\Windows\system32\Drivers\SPUVCbv_x64.sys
11:35:17.0247 0x252c  SPUVCbv - ok
11:35:17.0261 0x252c  [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:35:17.0280 0x252c  srv - ok
11:35:17.0290 0x252c  [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:35:17.0306 0x252c  srv2 - ok
11:35:17.0311 0x252c  [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:35:17.0322 0x252c  srvnet - ok
11:35:17.0329 0x252c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:35:17.0356 0x252c  SSDPSRV - ok
11:35:17.0360 0x252c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:35:17.0388 0x252c  SstpSvc - ok
11:35:17.0394 0x252c  [ F38232291F05CE25BA1C47FB51EB64CB, 7F72E87D02F3072E0D61D528BEBB8F4BFB6AD67FC94A93745493C9A0907FF435 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
11:35:17.0406 0x252c  ssudmdm - ok
11:35:17.0409 0x252c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
11:35:17.0416 0x252c  stexstor - ok
11:35:17.0428 0x252c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
11:35:17.0452 0x252c  stisvc - ok
11:35:17.0456 0x252c  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
11:35:17.0463 0x252c  storflt - ok
11:35:17.0467 0x252c  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
11:35:17.0478 0x252c  StorSvc - ok
11:35:17.0481 0x252c  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
11:35:17.0489 0x252c  storvsc - ok
11:35:17.0493 0x252c  [ 26B2BB5733F69B0A8306BAC37551F90A, 60F1A0C23727144B53F1C64348907AAD611F991C0A8C9F93AC8194210634420B ] SUService       C:\Program Files (x86)\Lenovo\System Update\SUService.exe
11:35:17.0500 0x252c  SUService - ok
11:35:17.0503 0x252c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
11:35:17.0512 0x252c  swenum - ok
11:35:17.0523 0x252c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
11:35:17.0557 0x252c  swprv - ok
11:35:17.0568 0x252c  [ AFB9FC97DAC435B588EACD63C3174DAA, FDE397F1202E02B1911E3C4A851918AA73BF206A44939BA981F50BC116E0E35A ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
11:35:17.0583 0x252c  SynTP - ok
11:35:17.0615 0x252c  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
11:35:17.0660 0x252c  SysMain - ok
11:35:17.0667 0x252c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:35:17.0684 0x252c  TabletInputService - ok
11:35:17.0689 0x252c  [ F9BE29D5E097F03F81D3CD12B794CB66, 5EC208DEAF7C721F4C36512E7DAD4AC66578AB935B9502A5E1E213BC91BE508C ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
11:35:17.0699 0x252c  tap0901 - ok
11:35:17.0708 0x252c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:35:17.0740 0x252c  TapiSrv - ok
11:35:17.0776 0x252c  [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:35:17.0822 0x252c  Tcpip - ok
11:35:17.0860 0x252c  [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:35:17.0901 0x252c  TCPIP6 - ok
11:35:17.0911 0x252c  [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:35:17.0925 0x252c  tcpipreg - ok
11:35:17.0929 0x252c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
11:35:17.0944 0x252c  TDPIPE - ok
11:35:17.0949 0x252c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
11:35:17.0960 0x252c  TDTCP - ok
11:35:17.0965 0x252c  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:35:17.0978 0x252c  tdx - ok
11:35:17.0983 0x252c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
11:35:17.0992 0x252c  TermDD - ok
11:35:18.0008 0x252c  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
11:35:18.0034 0x252c  TermService - ok
11:35:18.0040 0x252c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
11:35:18.0055 0x252c  Themes - ok
11:35:18.0060 0x252c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
11:35:18.0088 0x252c  THREADORDER - ok
11:35:18.0095 0x252c  [ CCF673CD41815063EEC0DE517F5E1D27, D49B1465A51EF3C2229938752A785009E1ED8306A8DE399F63354379DB2F8BF9 ] TPHKLOAD        C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
11:35:18.0105 0x252c  TPHKLOAD - ok
11:35:18.0110 0x252c  [ 7FF003567BE266566A2F13BE04F76714, 0E8525B6D54DAC39E72DE79006CA4E72A2BB41010DA486828882F9BC88B22234 ] TPHKSVC         C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
11:35:18.0118 0x252c  TPHKSVC - ok
11:35:18.0124 0x252c  [ 48DDEF0B921DD331536CC82C1A8FF64F, 540107E278E4C7DE4F43D37F7EA7BC094B6755399C22EE3A68574AA8A7719ACC ] TPM             C:\Windows\system32\drivers\tpm.sys
11:35:18.0133 0x252c  TPM - ok
11:35:18.0137 0x252c  [ 1B58B92F059C30F33A7B9DF7EC61F288, 0C0469784166F0433A178017BFB79831919372C5B5A7C948BAA8727F753FBF09 ] TPPWRIF         C:\Windows\system32\drivers\Tppwr64v.sys
11:35:18.0144 0x252c  TPPWRIF - ok
11:35:18.0149 0x252c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
11:35:18.0176 0x252c  TrkWks - ok
11:35:18.0182 0x252c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:35:18.0208 0x252c  TrustedInstaller - ok
11:35:18.0213 0x252c  [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
11:35:18.0224 0x252c  tssecsrv - ok
11:35:18.0229 0x252c  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:35:18.0240 0x252c  TsUsbFlt - ok
11:35:18.0244 0x252c  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
11:35:18.0255 0x252c  TsUsbGD - ok
11:35:18.0261 0x252c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:35:18.0285 0x252c  tunnel - ok
11:35:18.0288 0x252c  [ D4915DB03B19F9FD50EC084CC0ED15FC, 1CA899C0D48E69825DB27A4A52D8A3FEBA00A47C2D0E2FC0F5F358D15B7F3496 ] TVTI2C          C:\Windows\system32\DRIVERS\Tvti2c.sys
11:35:18.0294 0x252c  TVTI2C - ok
11:35:18.0298 0x252c  [ 760B34088C2AD8D634CC3784EF3A2CA2, 20D23EDBDE7EBBA495C032097E7C5B1C6F94037971D9B2D6B98ABE11E7FF3643 ] tvtvcamd        C:\Windows\system32\DRIVERS\tvtvcamd.sys
11:35:18.0305 0x252c  tvtvcamd - ok
11:35:18.0309 0x252c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
11:35:18.0317 0x252c  uagp35 - ok
11:35:18.0325 0x252c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:35:18.0353 0x252c  udfs - ok
11:35:18.0359 0x252c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:35:18.0370 0x252c  UI0Detect - ok
11:35:18.0373 0x252c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:35:18.0381 0x252c  uliagpkx - ok
11:35:18.0385 0x252c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
11:35:18.0394 0x252c  umbus - ok
11:35:18.0397 0x252c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
11:35:18.0407 0x252c  UmPass - ok
11:35:18.0413 0x252c  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
11:35:18.0426 0x252c  UmRdpService - ok
11:35:18.0434 0x252c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
11:35:18.0465 0x252c  upnphost - ok
11:35:18.0469 0x252c  [ 28B81917A195B67617AF7DCF4DFE5736, 40A4D2AAE1BDE5ABA8708ED150396E913C566ECD5CDA40D6C6DB256F1B9FD4A9 ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys
11:35:18.0481 0x252c  usbccgp - ok
11:35:18.0486 0x252c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
11:35:18.0498 0x252c  usbcir - ok
11:35:18.0505 0x252c  [ 5F446E44B402B5FD12056EA57F929E42, 1EFE583AFBFD36E1CCD8F933A0476661BD213FA18FD4352066CA2F28C1D63C7E ] UsbClientService C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
11:35:18.0514 0x252c  UsbClientService - detected UnsignedFile.Multi.Generic ( 1 )
11:35:20.0712 0x252c  Detect skipped due to KSN trusted
11:35:20.0712 0x252c  UsbClientService - ok
11:35:20.0717 0x252c  [ B626F048318DAE65A3317F0592BE592C, 284D8FFE1D35F852EFDA182A72288AC3A10D6ED825FE2CC5812497D3FE291AF1 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
11:35:20.0729 0x252c  usbehci - ok
11:35:20.0737 0x252c  [ 390109E8E05BA00375DCB1ED64DC60AF, B8628502590B423BEFB6F7C8C69FAD0667AD0746FF6B444EE02016E8E1052B78 ] usbhub          C:\Windows\system32\drivers\usbhub.sys
11:35:20.0753 0x252c  usbhub - ok
11:35:20.0756 0x252c  [ B4DF0F4C1D9D25DFE1DAD1D8670F1D4F, 4317C2DEDC639527B53864BAEC46CBE022D298C0503E29E1072DD1C851D92BFC ] usbohci         C:\Windows\system32\drivers\usbohci.sys
11:35:20.0765 0x252c  usbohci - ok
11:35:20.0768 0x252c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
11:35:20.0779 0x252c  usbprint - ok
11:35:20.0782 0x252c  [ 2C42E595E7E381596B9A14F88F5AE027, 948C2AD7FA0B01184312D1ABE43F2F3D85A934CF0658A8B2BDF9F0919568377B ] usbrndis6       C:\Windows\system32\DRIVERS\usb80236.sys
11:35:20.0793 0x252c  usbrndis6 - ok
11:35:20.0797 0x252c  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
11:35:20.0808 0x252c  usbscan - ok
11:35:20.0812 0x252c  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
11:35:20.0825 0x252c  USBSTOR - ok
11:35:20.0829 0x252c  [ CFEAAF96E666E3DCBD8F6DFF516784AE, 006218A3DB5851790CC0A7F3DCD7B3AF82F624DA679296DE507AFD36C5468317 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
11:35:20.0838 0x252c  usbuhci - ok
11:35:20.0845 0x252c  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
11:35:20.0859 0x252c  usbvideo - ok
11:35:20.0863 0x252c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
11:35:20.0888 0x252c  UxSms - ok
11:35:20.0891 0x252c  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] VaultSvc        C:\Windows\system32\lsass.exe
11:35:20.0899 0x252c  VaultSvc - ok
11:35:20.0903 0x252c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:35:20.0910 0x252c  vdrvroot - ok
11:35:20.0922 0x252c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
11:35:20.0955 0x252c  vds - ok
11:35:20.0958 0x252c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
11:35:20.0968 0x252c  vga - ok
11:35:20.0972 0x252c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
11:35:20.0996 0x252c  VgaSave - ok
11:35:21.0004 0x252c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
11:35:21.0015 0x252c  vhdmp - ok
11:35:21.0018 0x252c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:35:21.0026 0x252c  viaide - ok
11:35:21.0030 0x252c  [ 49C122513203B98B0B2C10211F23450B, 98C281A5F9A68C0E9F766EE136B72605C8724BA521B6A28E9B7232FFDB1108B9 ] VIPAppService   C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
11:35:21.0037 0x252c  VIPAppService - ok
11:35:21.0044 0x252c  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
11:35:21.0054 0x252c  vmbus - ok
11:35:21.0058 0x252c  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
11:35:21.0066 0x252c  VMBusHID - ok
11:35:21.0070 0x252c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:35:21.0078 0x252c  volmgr - ok
11:35:21.0088 0x252c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:35:21.0101 0x252c  volmgrx - ok
11:35:21.0109 0x252c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:35:21.0121 0x252c  volsnap - ok
11:35:21.0134 0x252c  [ 8B02F857621B5482BB05DF9C2CB9AB87, 0BB91BF5D2E2C5FE62AB9FAC0BBE8FD88661983EE2D98235D93166E5B24248D0 ] vpnagent        C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
11:35:21.0150 0x252c  vpnagent - ok
11:35:21.0154 0x252c  [ 0F42C39016F82F345C0F2DB2D5B90EB4, 2E957E72BB8D0293F61FA7385BA9400DF7759E1E3D35FE24F3877A6460988F4D ] vpnva           C:\Windows\system32\DRIVERS\vpnva64-6.sys
11:35:21.0161 0x252c  vpnva - ok
11:35:21.0167 0x252c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
11:35:21.0176 0x252c  vsmraid - ok
11:35:21.0205 0x252c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
11:35:21.0258 0x252c  VSS - ok
11:35:21.0262 0x252c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
11:35:21.0273 0x252c  vwifibus - ok
11:35:21.0276 0x252c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
11:35:21.0289 0x252c  vwififlt - ok
11:35:21.0292 0x252c  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
11:35:21.0304 0x252c  vwifimp - ok
11:35:21.0312 0x252c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
11:35:21.0344 0x252c  W32Time - ok
11:35:21.0348 0x252c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
11:35:21.0357 0x252c  WacomPen - ok
11:35:21.0360 0x252c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
11:35:21.0384 0x252c  WANARP - ok
11:35:21.0387 0x252c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:35:21.0411 0x252c  Wanarpv6 - ok
11:35:21.0435 0x252c  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
11:35:21.0466 0x252c  WatAdminSvc - ok
11:35:21.0494 0x252c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
11:35:21.0588 0x252c  wbengine - ok
11:35:21.0595 0x252c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:35:21.0612 0x252c  WbioSrvc - ok
11:35:21.0621 0x252c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:35:21.0640 0x252c  wcncsvc - ok
11:35:21.0643 0x252c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:35:21.0655 0x252c  WcsPlugInService - ok
11:35:21.0658 0x252c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
11:35:21.0665 0x252c  Wd - ok
11:35:21.0680 0x252c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:35:21.0702 0x252c  Wdf01000 - ok
11:35:21.0707 0x252c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:35:21.0720 0x252c  WdiServiceHost - ok
11:35:21.0724 0x252c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:35:21.0735 0x252c  WdiSystemHost - ok
11:35:21.0742 0x252c  [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient       C:\Windows\System32\webclnt.dll
11:35:21.0757 0x252c  WebClient - ok
11:35:21.0763 0x252c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:35:21.0792 0x252c  Wecsvc - ok
11:35:21.0797 0x252c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:35:21.0824 0x252c  wercplsupport - ok
11:35:21.0829 0x252c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
11:35:21.0856 0x252c  WerSvc - ok
11:35:21.0859 0x252c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
11:35:21.0882 0x252c  WfpLwf - ok
11:35:21.0885 0x252c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:35:21.0893 0x252c  WIMMount - ok
11:35:21.0895 0x252c  WinDefend - ok
11:35:21.0901 0x252c  WinHttpAutoProxySvc - ok
11:35:21.0912 0x252c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:35:21.0941 0x252c  Winmgmt - ok
11:35:21.0976 0x252c  [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM           C:\Windows\system32\WsmSvc.dll
11:35:22.0027 0x252c  WinRM - ok
11:35:22.0034 0x252c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
11:35:22.0045 0x252c  WinUsb - ok
11:35:22.0063 0x252c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
11:35:22.0091 0x252c  Wlansvc - ok
11:35:22.0095 0x252c  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:35:22.0101 0x252c  wlcrasvc - ok
11:35:22.0141 0x252c  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:35:22.0185 0x252c  wlidsvc - ok
11:35:22.0203 0x252c  [ 45AA83A1FA24D5A630254D3FCF9EFDE9, 7497C8477414A512E3438786B628E55ADCDF6DBEC85381CEF49C1394561D5DED ] WMCoreService   C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
11:35:22.0220 0x252c  WMCoreService - ok
11:35:22.0223 0x252c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
11:35:22.0232 0x252c  WmiAcpi - ok
11:35:22.0239 0x252c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:35:22.0252 0x252c  wmiApSrv - ok
11:35:22.0254 0x252c  WMPNetworkSvc - ok
11:35:22.0258 0x252c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:35:22.0270 0x252c  WPCSvc - ok
11:35:22.0275 0x252c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:35:22.0292 0x252c  WPDBusEnum - ok
11:35:22.0296 0x252c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:35:22.0320 0x252c  ws2ifsl - ok
11:35:22.0324 0x252c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
11:35:22.0339 0x252c  wscsvc - ok
11:35:22.0342 0x252c  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
11:35:22.0353 0x252c  WSDPrintDevice - ok
11:35:22.0356 0x252c  [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys
11:35:22.0364 0x252c  WSDScan - ok
11:35:22.0366 0x252c  WSearch - ok
11:35:22.0414 0x252c  [ 31F32E0C1A8BA9A37EEC23DE5F27F847, 0180832BC6172C9A4C32B5B222BB3F91EA615A5EBDA98DB79ED4FED258C2D257 ] wuauserv        C:\Windows\system32\wuaueng.dll
11:35:22.0474 0x252c  wuauserv - ok
11:35:22.0480 0x252c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:35:22.0491 0x252c  WudfPf - ok
11:35:22.0497 0x252c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
11:35:22.0509 0x252c  WUDFRd - ok
11:35:22.0513 0x252c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:35:22.0523 0x252c  wudfsvc - ok
11:35:22.0529 0x252c  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
11:35:22.0544 0x252c  WwanSvc - ok
11:35:22.0551 0x252c  [ 47499F9665153749DB433C76790C3262, 39526C595B7EF05653FCDF12C2CBACD99471944174A7E72D4A3DDB115DE801A3 ] WwanUsbServ     C:\Windows\system32\DRIVERS\WwanUsbMp64.sys
11:35:22.0562 0x252c  WwanUsbServ - ok
11:35:22.0631 0x252c  [ 75044F6FC44045047B15415B89E4D1B4, 43461141A326B99C218C3712725767C08825963EA9D430CBA03D4978E15EF23E ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
11:35:22.0699 0x252c  ZeroConfigService - ok
11:35:22.0719 0x252c  ================ Scan global ===============================
11:35:22.0722 0x252c  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
11:35:22.0728 0x252c  [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\Windows\system32\winsrv.dll
11:35:22.0737 0x252c  [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\Windows\system32\winsrv.dll
11:35:22.0743 0x252c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
11:35:22.0751 0x252c  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
11:35:22.0757 0x252c  [ Global ] - ok
11:35:22.0758 0x252c  ================ Scan MBR ==================================
11:35:22.0759 0x252c  [ B78F010C2F6E54FC3F947B22CE0352FC ] \Device\Harddisk0\DR0
11:35:22.0890 0x252c  \Device\Harddisk0\DR0 - ok
11:35:22.0890 0x252c  ================ Scan VBR ==================================
11:35:22.0891 0x252c  [ 001EEEC6A385F26084D41060D4596F89 ] \Device\Harddisk0\DR0\Partition1
11:35:22.0892 0x252c  \Device\Harddisk0\DR0\Partition1 - ok
11:35:22.0894 0x252c  [ CCAA2FAC2A5CA3B922360B270F04CF0E ] \Device\Harddisk0\DR0\Partition2
11:35:22.0895 0x252c  \Device\Harddisk0\DR0\Partition2 - ok
11:35:22.0897 0x252c  [ 2D6DF5AF477E641F37230E0CCA1835B7 ] \Device\Harddisk0\DR0\Partition3
11:35:22.0898 0x252c  \Device\Harddisk0\DR0\Partition3 - ok
11:35:22.0898 0x252c  ================ Scan generic autorun ======================
11:35:23.0124 0x252c  [ 047D94A22B47AF83DDE4E32BB4E06D0A, CB9257995C67A1A44D6D316C36D3AAEF639BFD51A26C699D70FD047C45440CA5 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
11:35:23.0348 0x252c  RTHDVCPL - ok
11:35:23.0382 0x252c  [ D8AB6AC4A2D30641C9544021373B47EB, A0553AFB3B186D8EA28CF056139FA5AA150D6BD31E36E5EB9D5DD5940A90CA55 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
11:35:23.0409 0x252c  RtHDVBg_Dolby - ok
11:35:23.0410 0x252c  SynTPEnh - ok
11:35:23.0416 0x252c  [ 0FFB5B307B3CD92E6ED89D5B7BAC1C01, 4AA5124443BB4F28B856688788A4F341212B1C1E05E4716F82522454C73552A9 ] C:\Windows\system32\igfxtray.exe
11:35:23.0428 0x252c  IgfxTray - ok
11:35:23.0436 0x252c  [ 7BF9B8232D62635C22944C1BCD1C1378, A9AA1FA62BC05E766B17847FBC52A5B33C0A7874833B5E0AC323240EDFB7078B ] C:\Windows\system32\hkcmd.exe
11:35:23.0450 0x252c  HotKeysCmds - ok
11:35:23.0460 0x252c  [ 1BBD5272533630E6E2AE1DFF4A5EC2FF, 9522DC4A51659A6DDFF4629CB55AC56E58A024503FB8774900B412053C428EBA ] C:\Windows\system32\igfxpers.exe
11:35:23.0475 0x252c  Persistence - ok
11:35:23.0482 0x252c  [ 7515EC02E1F288107C95D5C195381235, E9D1C77FA69AA00EA8AC653D8F924BD2EC5BA599C946F543016749F448E87FC0 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
11:35:23.0493 0x252c  USB3MON - ok
11:35:23.0497 0x252c  [ 9CBEE48C8C5BB8BEED9F68D6FE66C3C5, CE52DC224F12FA71E399127590C9C417A7FC6D8E58B7D3FF0175DC4AAF52F3ED ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
11:35:23.0505 0x252c  IMSS - ok
11:35:23.0511 0x252c  [ 49CD8D25D932C5BF867EBFF00D432B75, D107F7736AC8D43CE93ABDE1A8038D8FE87779F25F41B3FD1E942DF439581236 ] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
11:35:23.0520 0x252c  Intel AppUp(SM) center - ok
11:35:23.0595 0x252c  [ B3E053ED10DD568A3B292241F1A74D32, 62606F78FF968D7DF3EF04CD146749B525AEC9C438E9A897DA48F05577659DB2 ] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe
11:35:23.0683 0x252c  Lenovo Registration - ok
11:35:23.0693 0x252c  [ 49CD8D25D932C5BF867EBFF00D432B75, D107F7736AC8D43CE93ABDE1A8038D8FE87779F25F41B3FD1E942DF439581236 ] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
11:35:23.0701 0x252c  Lenovo App Shop - ok
11:35:23.0732 0x252c  [ 040E1896190EA93D1B4DE31AC7B8F216, EA144E0ED16887498623BA67F7209FC1A58195B077A832250B27AF0C6B9D043D ] C:\Program Files (x86)\Integrated Camera\monitor.exe
11:35:23.0769 0x252c  Integrated Camera_Monitor - detected UnsignedFile.Multi.Generic ( 1 )
11:35:25.0966 0x252c  Detect skipped due to KSN trusted
11:35:25.0967 0x252c  Integrated Camera_Monitor - ok
11:35:25.0979 0x252c  [ EE864CD35936E4AAD8120321907DA8F5, D4A37E70302DF0A76E20F1AC1CD427A831BA80A8E1729E0E5637DC48E7A85DF3 ] C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
11:35:25.0993 0x252c  Dolby Home Theater v4 - ok
11:35:25.0998 0x252c  [ 2754C202DAD779D3AB4AC4DCFF2D0A96, FB818CC1D60DB0028C47075AB0E71A86AC6389BD0F8831E06150B4AC41D1E703 ] C:\Program Files (x86)\ABN AMRO e.dentifier2\wss\becwsupa.exe
11:35:26.0009 0x252c  Becwsupa - ok
11:35:26.0010 0x252c  PWMTRV - ok
11:35:26.0016 0x252c  [ CD0362AEE36CFE1EF5DF973230742E67, 9F1D8AD4E09D16C39CD6A35CB298456468C1808226FFA8AD65BF9562A6ECC07D ] C:\Program Files (x86)\PDF24\pdf24.exe
11:35:26.0028 0x252c  PDFPrint - ok
11:35:26.0039 0x252c  [ 395CB6E8C67BFB1063AD86987909C184, 15F3BA6DF6D0C5C8FB9FF0AB661A5A652F26BAB7A0FB0DB47874069522400B16 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
11:35:26.0055 0x252c  SunJavaUpdateSched - ok
11:35:26.0061 0x252c  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe
11:35:26.0071 0x252c  Dropbox Update - ok
11:35:26.0097 0x252c  [ BCAD71A4D347781B57D1392712008739, 557F8E3E2DFFAEE87FA20B2DA4CE62A43E5B130E123F184E15692E16EA709B56 ] C:\Users\*****\AppData\Roaming\Spotify\SpotifyWebHelper.exe
11:35:26.0127 0x252c  Spotify Web Helper - ok
11:35:26.0142 0x252c  [ FE9E6388A039441098EB09C070EA5049, 3888822AF992F3BE27E9F973E31EBEE5302901E4A8260A9A6CF6B2BB2A12D173 ] C:\Users\*****\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe
11:35:26.0160 0x252c  Google Update - ok
11:35:26.0173 0x252c  [ 6320CA4A7C486D412D01391E202745F6, D694D6A6C696AF16F14A000E0DD09D7BD6F177CEDAF6BD20012AEED4CB531EE4 ] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHVE.EXE
11:35:26.0183 0x252c  EPLTarget\P0000000000000001 - ok
11:35:26.0187 0x252c  Waiting for KSN requests completion. In queue: 148
11:35:27.0187 0x252c  Waiting for KSN requests completion. In queue: 148
11:35:28.0187 0x252c  Waiting for KSN requests completion. In queue: 148
11:35:29.0195 0x252c  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\wmiav.exe ( 17.0.0.611 ), 0x41000 ( enabled : updated )
11:35:29.0196 0x252c  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\wmiav.exe ( 17.0.0.611 ), 0x41010 ( enabled )
11:35:31.0318 0x252c  ============================================================
11:35:31.0318 0x252c  Scan finished
11:35:31.0318 0x252c  ============================================================
11:35:31.0322 0x20ac  Detected object count: 0
11:35:31.0322 0x20ac  Actual detected object count: 0
         

Alt 07.02.2017, 11:57   #7
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Ungewünschte Webseite öffnet sich - Standard

Ungewünschte Webseite öffnet sich



Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!


1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 08.02.2017, 10:56   #8
tomka
 
Ungewünschte Webseite öffnet sich - Standard

Ungewünschte Webseite öffnet sich



Die Version von Malwarebytes AdwCleaner scheint neuer zu sein, als die in Eurer Anleitung. Ich habe unter "Werkzeuge" -> "Optionen" die Haken so gesetzt, wie angegeben.

Ein Problem tritt auf: es wurden Bedrohungen gefunden, aber nach klicken auf Löschen gibt das Programm keine Rückmeldung mehr. Kann ich einen Neustart erzwingen und dann mit dem zweiten Programm fortfahren?

Der Bericht sieht so aus:

Code:
ATTFilter
# AdwCleaner v6.043 - Bericht erstellt am 08/02/2017 um 10:30:53
# Aktualisiert am 27/01/2017 von Malwarebytes
# Datenbank : 2017-02-03.2 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (X64)
# Benutzername : ****** - THINK
# Gestartet von : C:\Users\******\Downloads\AdwCleaner_6.043.exe
# Modus: Suchlauf
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****

Dienst Gefunden: LavasoftTcpService
Dienst Gefunden: SearchProtectionService


***** [ Ordner ] *****

Ordner Gefunden: C:\Users\******\AppData\Roaming\Hola
Ordner Gefunden: C:\ProgramData\lavasoft\web companion
Ordner Gefunden: C:\ProgramData\Application Data\lavasoft\web companion
Ordner Gefunden: C:\Program Files (x86)\lavasoft\web companion


***** [ Dateien ] *****

Datei Gefunden: C:\Windows\SysNative\LavasoftTcpService64.dll
Datei Gefunden: C:\Windows\SysNative\LavasoftTcpServiceOff.ini
Datei Gefunden: C:\Windows\SysWOW64\lavasofttcpservice.dll
Datei Gefunden: C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini


***** [ DLL ] *****

Keine infizierten DLLs gefunden.


***** [ WMI ] *****

Keine schädlichen Schlüssel gefunden.


***** [ Verknüpfungen ] *****

Keine infizierten Verknüpfungen gefunden.


***** [ Aufgabenplanung ] *****

Keine schädlichen Aufgaben gefunden.


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
Schlüssel Gefunden: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\Software\Hola
Schlüssel Gefunden: HKCU\Software\Hola
Schlüssel Gefunden: HKLM\SOFTWARE\Lavasoft\Web Companion
Schlüssel Gefunden: [x64] HKCU\Software\Hola
Schlüssel Gefunden: HKCU\Software\MozillaPlugins\@hola.org/FlashPlayer
Schlüssel Gefunden: HKCU\Software\MozillaPlugins\@hola.org/vlc
Schlüssel Gefunden: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Schlüssel Gefunden: HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Schlüssel Gefunden: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\hola.org


***** [ Internetbrowser ] *****

Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Keine schädlichen Elemente in Chrome basierten Browsern gefunden.

*************************

C:\AdwCleaner\AdwCleaner[C3].txt - [2497 Bytes] - [17/10/2015 14:32:35]
C:\AdwCleaner\AdwCleaner[R0].txt - [6160 Bytes] - [18/10/2013 19:03:09]
C:\AdwCleaner\AdwCleaner[R1].txt - [2937 Bytes] - [16/09/2014 20:22:17]
C:\AdwCleaner\AdwCleaner[S0].txt - [5626 Bytes] - [18/10/2013 19:09:20]
C:\AdwCleaner\AdwCleaner[S1].txt - [2943 Bytes] - [16/09/2014 20:23:41]
C:\AdwCleaner\AdwCleaner[S3].txt - [2240 Bytes] - [17/10/2015 14:28:15]
C:\AdwCleaner\AdwCleaner[S4].txt - [6188 Bytes] - [08/02/2017 10:30:53]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [6261 Bytes] ##########
         
So, Neustart gemacht, noch mal AdwCleaner laufen lassen undverbliebene Elemente gelöscht (dieses Mal nicht abgestürzt). Hier der zweite Bericht zum zweiten Teil:

Code:
ATTFilter
# AdwCleaner v6.043 - Bericht erstellt am 08/02/2017 um 10:47:40
# Aktualisiert am 27/01/2017 von Malwarebytes
# Datenbank : 2017-02-03.2 [Lokal]
# Betriebssystem : Windows 7 Professional Service Pack 1 (X64)
# Benutzername : ****** - THINK
# Gestartet von : C:\Users\******\Downloads\AdwCleaner_6.043 (1).exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****



***** [ Dateien ] *****

[-] Datei gelöscht: C:\Windows\SysNative\LavasoftTcpService64.dll


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****



***** [ Browser ] *****



*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C2].txt - [1019 Bytes] - [08/02/2017 10:47:40]
C:\AdwCleaner\AdwCleaner[C3].txt - [2497 Bytes] - [17/10/2015 14:32:35]
C:\AdwCleaner\AdwCleaner[R0].txt - [6160 Bytes] - [18/10/2013 19:03:09]
C:\AdwCleaner\AdwCleaner[R1].txt - [2937 Bytes] - [16/09/2014 20:22:17]
C:\AdwCleaner\AdwCleaner[S0].txt - [5626 Bytes] - [18/10/2013 19:09:20]
C:\AdwCleaner\AdwCleaner[S1].txt - [2943 Bytes] - [16/09/2014 20:23:41]
C:\AdwCleaner\AdwCleaner[S3].txt - [2240 Bytes] - [17/10/2015 14:28:15]
C:\AdwCleaner\AdwCleaner[S4].txt - [6408 Bytes] - [08/02/2017 10:30:53]
C:\AdwCleaner\AdwCleaner[S5].txt - [1900 Bytes] - [08/02/2017 10:46:01]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1676 Bytes] ##########
         
Und schließlich:

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 7 Professional x64 
Ran by ***** (Administrator) on 08.02.2017 at 10:53:11,02
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 10 

Successfully deleted: C:\ProgramData\productdata (Folder) 
Successfully deleted: C:\Users\*****\AppData\Roaming\productdata (Folder) 
Successfully deleted: C:\Users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\*****\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 



Registry: 3 

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{417735E5-3C9D-89A4-A0EC-2BA9A2D311CA} (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{093F479D-712E-46CD-9E06-62E734A05F68} (Registry Value) 




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08.02.2017 at 10:55:25,58
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Alt 08.02.2017, 11:32   #9
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Ungewünschte Webseite öffnet sich - Standard

Ungewünschte Webseite öffnet sich



Wir haben leider noch ne ältere Anleitung vom adwCleaner, bitte nochmal ausführen und so einstellen:

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 08.02.2017, 11:52   #10
tomka
 
Ungewünschte Webseite öffnet sich - Standard

Ungewünschte Webseite öffnet sich



Code:
ATTFilter
# AdwCleaner v6.043 - Bericht erstellt am 08/02/2017 um 11:51:31
# Aktualisiert am 27/01/2017 von Malwarebytes
# Datenbank : 2017-02-03.2 [Lokal]
# Betriebssystem : Windows 7 Professional Service Pack 1 (X64)
# Benutzername : ***** - THINK
# Gestartet von : C:\Users\*****\Downloads\AdwCleaner_6.043 (2).exe
# Modus: Suchlauf
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****

Keine schädlichen Dienste gefunden.


***** [ Ordner ] *****

Keine schädlichen Ordner gefunden.


***** [ Dateien ] *****

Keine schädlichen Dateien gefunden.


***** [ DLL ] *****

Keine infizierten DLLs gefunden.


***** [ WMI ] *****

Keine schädlichen Schlüssel gefunden.


***** [ Verknüpfungen ] *****

Keine infizierten Verknüpfungen gefunden.


***** [ Aufgabenplanung ] *****

Keine schädlichen Aufgaben gefunden.


***** [ Registrierungsdatenbank ] *****

Keine schädlichen Elemente in der Registrierungsdatenbank gefunden.


***** [ Internetbrowser ] *****

Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Keine schädlichen Elemente in Chrome basierten Browsern gefunden.

*************************

C:\AdwCleaner\AdwCleaner[C2].txt - [1755 Bytes] - [08/02/2017 10:47:40]
C:\AdwCleaner\AdwCleaner[C3].txt - [2497 Bytes] - [17/10/2015 14:32:35]
C:\AdwCleaner\AdwCleaner[R0].txt - [6160 Bytes] - [18/10/2013 19:03:09]
C:\AdwCleaner\AdwCleaner[R1].txt - [2937 Bytes] - [16/09/2014 20:22:17]
C:\AdwCleaner\AdwCleaner[S0].txt - [5626 Bytes] - [18/10/2013 19:09:20]
C:\AdwCleaner\AdwCleaner[S1].txt - [2943 Bytes] - [16/09/2014 20:23:41]
C:\AdwCleaner\AdwCleaner[S3].txt - [2240 Bytes] - [17/10/2015 14:28:15]
C:\AdwCleaner\AdwCleaner[S4].txt - [6408 Bytes] - [08/02/2017 10:30:53]
C:\AdwCleaner\AdwCleaner[S5].txt - [1900 Bytes] - [08/02/2017 10:46:01]
C:\AdwCleaner\AdwCleaner[S6].txt - [1869 Bytes] - [08/02/2017 11:51:31]

########## EOF - C:\AdwCleaner\AdwCleaner[S6].txt - [1942 Bytes] ##########
         

Alt 08.02.2017, 11:54   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Ungewünschte Webseite öffnet sich - Standard

Ungewünschte Webseite öffnet sich



Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 09.02.2017, 09:53   #12
tomka
 
Ungewünschte Webseite öffnet sich - Standard

Ungewünschte Webseite öffnet sich



Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 05-02-2017
durchgeführt von ***** (Administrator) auf THINK (08-02-2017 14:59:46)
Gestartet von C:\Users\*****\Downloads
Geladene Profile: ***** (Verfügbare Profile: *****)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
() C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe
() C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Ericsson AB) C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\CDViewer.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfica32.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\AuthManager\AuthManSvr.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\*****\Downloads\FRST64 (1).exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13653208 2013-09-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916592 2014-07-28] (Synaptics Incorporated)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-07-18] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [132920 2013-05-30] (Intel Corporation)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2013-06-19] (Intel Corporation)
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
HKLM-x32\...\Run: [Lenovo App Shop] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2013-06-19] (Intel Corporation)
HKLM-x32\...\Run: [Integrated Camera_Monitor] => C:\Program Files (x86)\Integrated Camera\monitor.exe [1719456 2013-12-10] (SunplusIT, Inc.)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [Becwsupa] => C:\Program Files (x86)\ABN AMRO e.dentifier2\wss\becwsupa.exe [162136 2014-11-28] (ABN AMRO)
HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Run: [Dropbox Update] => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Run: [Spotify Web Helper] => C:\Users\*****\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-01-28] (Spotify Ltd)
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Run: [Google Update] => C:\Users\*****\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2016-12-17] (Google Inc.)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [   01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [   02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [   03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [   04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [   05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [CeDesktopIntegration] -> {3CEC3E6D-ECF2-4B49-8A41-3B16DF8B9C3F} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll -> Keine Datei
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-07-27]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-02-07]
ShortcutTarget: Dropbox.lnk -> C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Cloud Station Backup.lnk [2017-02-08]
ShortcutTarget: Synology Cloud Station Backup.lnk -> C:\Program Files (x86)\Synology\CloudStationBackup\bin\launcher.exe (Synology Inc.)
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Cloud Station Drive.lnk [2017-02-08]
ShortcutTarget: Synology Cloud Station Drive.lnk -> C:\Program Files (x86)\Synology\CloudStation\bin\launcher.exe (Synology Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 62.179.104.196 213.46.228.196 192.168.192.1
Tcpip\..\Interfaces\{377520F3-E7C7-403B-997E-42BDEC38E4BC}: [DhcpNameServer] 62.179.104.196 213.46.228.196 192.168.192.1
Tcpip\..\Interfaces\{88C1C209-1539-42ED-838C-A4BD8376D044}: [DhcpNameServer] 10.15.0.1
Tcpip\..\Interfaces\{8A21F8CE-5324-4563-A4A5-D47CF1CBA83B}: [DhcpNameServer] 172.168.111.2
Tcpip\..\Interfaces\{B524442D-7D83-4ED0-A93C-096812422175}: [DhcpNameServer] 62.179.104.196 213.46.228.196 192.168.192.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll [2012-04-18] (Symantec Corporation)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-02] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll [2012-04-18] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-02] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
Toolbar: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000 -> Kein Name - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} -  Keine Datei
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/NL/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: HKLM-x32 {538793D5-659C-4639-A56C-A179AD87ED44} hxxps://solisvpn.uu.nl/CACHE/stc/20/binaries/vpnweb.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)

FireFox:
========
FF DefaultProfile: n12tz17e.default-1421155951383
FF ProfilePath: C:\Users\*****\AppData\Roaming\Zotero\Zotero\Profiles\9jq04p59.default [2017-02-01]
FF Extension: (Zotero LibreOffice Integration) - C:\Program Files (x86)\Zotero Standalone\extensions\zoteroOpenOfficeIntegration@zotero.org [2016-11-14] [ist nicht signiert]
FF Extension: (Zotero Word for Windows Integration) - C:\Program Files (x86)\Zotero Standalone\extensions\zoteroWinWordIntegration@zotero.org [2016-11-14] [ist nicht signiert]
FF ProfilePath: C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-1480473739-3576749651-3455334848-1000\FireFox [2015-12-01]
FF user.js: detected! => C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-1480473739-3576749651-3455334848-1000\FireFox\user.js [2015-04-23]
FF Extension: (Kein Name) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [nicht gefunden]
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\n12tz17e.default-1421155951383 [2017-02-08]
FF Extension: (Zotero) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\n12tz17e.default-1421155951383\Extensions\zotero@chnm.gmu.edu.xpi [2017-02-08]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-12-08]
FF HKLM-x32\...\Firefox\Extensions: [VIP2X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF Extension: (Symantec VIP Access Add-On) - C:\Program Files (x86)\Symantec\VIP Access Client [2013-06-04] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF HKLM-x32\...\Firefox\Extensions: [VIP5X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-02-08] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @ABNAMRO/BECON,version=1.00 -> C:\Program Files (x86)\ABN AMRO e.dentifier2\Mozilla\npBECON.dll [2014-11-28] (ABN AMRO)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-02-08] ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2015-12-10] (Citrix Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-13] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-13] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-02] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll [2012-05-23] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\*****\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1312180-0-npoctoshape.dll [2013-12-18] (Octoshape ApS)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\*****\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @talk.google.com/O1DPlugin -> C:\Users\*****\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @tools.google.com/Google Update;version=3 -> C:\Users\*****\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @tools.google.com/Google Update;version=9 -> C:\Users\*****\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\*****\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2016-09-08] (Zoom Video Communications, Inc.)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: google.com/WidevineMediaOptimizer -> C:\Users\*****\AppData\Roaming\IDM\bin\npwidevinemediaoptimizer.dll [2014-06-09] (Google Inc.)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll [2013-06-19] (Intel)
FF Plugin HKU\S-1-5-21-1480473739-3576749651-3455334848-1000: intel.com/AppUpx64 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll [2013-06-19] (Intel)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\*****\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\*****\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\*****\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2014-05-15] (Octoshape ApS)

Chrome: 
=======
CHR Profile: C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default [2017-02-08]
CHR Extension: (Google Präsentationen) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-26]
CHR Extension: (Google Docs) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-26]
CHR Extension: (Google Drive) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-26]
CHR Extension: (YouTube) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-26]
CHR Extension: (Google Cast) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-10-27]
CHR Extension: (Zotero Connector) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2016-12-09]
CHR Extension: (Google Tabellen) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-26]
CHR Extension: (Kaspersky Protection) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2017-01-31]
CHR Extension: (Google Docs Offline) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-26]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Google Mail) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-26]
CHR Extension: (Chrome Media Router) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-08]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
S2 CAMService; C:\Program Files\Intel\CAM\bin\CAMService.exe [1243344 2014-09-03] (Intel® Corporation)
R2 Cloud Station Backup VSS Service x64; C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe [287240 2016-04-12] () [Datei ist nicht signiert]
R2 Cloud Station Drive VSS Service x64; C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe [287240 2016-04-12] () [Datei ist nicht signiert]
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [326160 2016-04-14] (Lenovo.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-05-30] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [115184 2014-07-08] (Lenovo Group Limited)
R2 lnvDiscoveryWinSvc; C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [20984 2013-10-18] (Lenovo)
S2 LPlatSvc; C:\Windows\system32\LPlatSvc.exe [710144 2016-09-06] (Lenovo.)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (Lenovo)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265936 2014-10-29] ()
R2 NitroDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [216072 2012-05-23] (Nitro PDF Software)
R3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [23416 2017-01-18] ()
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248840 2016-03-18] () [Datei ist nicht signiert]
R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84080 2012-04-18] (Symantec Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WMCoreService; C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe [689560 2012-10-18] (Ericsson AB)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3818704 2014-10-29] (Intel® Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [170200 2013-03-27] (Broadcom Corporation.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
S3 e.dentifier2; C:\Windows\System32\DRIVERS\aabed2.sys [28672 2008-03-20] (Todos Data System AB)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2011-10-05] (Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [29736 2011-10-05] (Ericsson AB)
S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [39504 2013-04-11] (ThreatTrack Security)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-08-31] (GFI Software)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-06-04] (REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-16] (Intel Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [86352 2016-06-14] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [189264 2016-06-26] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [305496 2016-10-03] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1036512 2016-12-08] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [57936 2016-12-08] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [52144 2016-05-18] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [75696 2016-05-17] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [134880 2016-12-08] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [194480 2016-06-14] (AO Kaspersky Lab)
R3 l36wgps; C:\Windows\System32\DRIVERS\l36wgps64.sys [103184 2012-03-01] (Ericsson AB)
R3 l36wscard; C:\Windows\System32\DRIVERS\l36wscard.sys [61992 2011-01-14] (Ericsson AB)
S3 LenLan; C:\Windows\System32\DRIVERS\LenLan.sys [98816 2012-05-29] (Lenovo Corporation)
R3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [443208 2012-10-02] (MCCI Corporation)
R3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [453960 2012-10-02] (MCCI Corporation)
R3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [21832 2012-10-02] (MCCI Corporation)
R3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [506184 2012-10-02] (MCCI Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [45296 2014-07-28] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1514144 2013-12-10] (Sunplus)
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2012-12-05] (Seiko Epson Corporation)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-29] (Lenovo Information Product(ShenZhen China) Inc.)
S3 tvtvcamd; C:\Windows\System32\DRIVERS\tvtvcamd.sys [27432 2011-12-07] (ThinkVantage Communications Utility)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2015-10-23] (Cisco Systems, Inc.)
R3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [281840 2013-02-19] (Ericsson AB)
S3 ALSysIO; \??\C:\Users\*****\AppData\Local\Temp\ALSysIO64.sys [X] <==== ACHTUNG
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz137; \??\C:\Users\*****\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X] <==== ACHTUNG
S2 smihlp2; \??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-08 14:59 - 2017-02-08 14:59 - 02421248 _____ (Farbar) C:\Users\*****\Downloads\FRST64 (1).exe
2017-02-08 12:03 - 2017-02-08 12:03 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\*****\Downloads\Zoom_launcher (5).exe
2017-02-08 11:50 - 2017-02-08 11:50 - 04015056 _____ C:\Users\*****\Downloads\AdwCleaner_6.043 (2).exe
2017-02-08 11:48 - 2017-02-08 11:48 - 00002004 _____ C:\Users\*****\Downloads\VlVNQy5WVW1jIERlc2t0b3AgJFMxLTE- (5).ica
2017-02-08 10:55 - 2017-02-08 10:55 - 00002416 _____ C:\Users\*****\Desktop\JRT.txt
2017-02-08 10:52 - 2017-02-08 10:52 - 01663040 _____ (Malwarebytes) C:\Users\*****\Downloads\JRT.exe
2017-02-08 10:49 - 2017-02-08 10:52 - 00000000 ___HD C:\Users\*****\Downloads\.SynologyWorkingDirectory
2017-02-08 10:49 - 2017-02-08 10:49 - 00000000 ___HD C:\Users\*****\Documents\.SynologyWorkingDirectory
2017-02-08 10:49 - 2017-02-08 10:49 - 00000000 ___HD C:\Users\*****\Desktop\.SynologyWorkingDirectory
2017-02-08 10:44 - 2017-02-08 10:44 - 04015056 _____ C:\Users\*****\Downloads\AdwCleaner_6.043 (1).exe
2017-02-08 10:27 - 2017-02-08 10:27 - 04015056 _____ C:\Users\*****\Downloads\AdwCleaner_6.043.exe
2017-02-07 22:59 - 2017-02-07 22:59 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-02-07 11:33 - 2017-02-07 12:04 - 00251946 _____ C:\TDSSKiller.3.1.0.12_07.02.2017_11.33.49_log.txt
2017-02-07 11:33 - 2017-02-07 11:33 - 04747704 _____ (AO Kaspersky Lab) C:\Users\*****\Downloads\tdsskiller.exe
2017-02-07 11:13 - 2017-02-07 11:33 - 00000000 ____D C:\Users\*****\Desktop\mbar
2017-02-07 11:13 - 2017-02-07 11:13 - 16563352 _____ (Malwarebytes Corp.) C:\Users\*****\Desktop\mbar-1.09.3.1001.exe
2017-02-01 20:51 - 2017-02-08 14:59 - 00036488 _____ C:\Users\*****\Downloads\FRST.txt
2017-02-01 20:51 - 2017-02-02 23:28 - 00097091 _____ C:\Users\*****\Downloads\Addition.txt
2017-02-01 20:40 - 2017-02-08 14:59 - 00000000 ____D C:\FRST
2017-02-01 20:39 - 2017-02-01 20:39 - 02420736 _____ (Farbar) C:\Users\*****\Downloads\FRST64.exe
2017-01-31 13:11 - 2017-01-31 13:31 - 00085849 _____ C:\Users\*****\Desktop\Rplot02.jpeg
2017-01-31 09:35 - 2017-01-31 09:35 - 00000000 ____D C:\Users\*****\AppData\Local\Tvsukernel

2017-01-11 12:03 - 2017-01-11 12:03 - 00133448 _____ (Zoom Video Communications, Inc.) C:\Users\*****\Downloads\Zoom_launcher (3).exe
2017-01-11 11:21 - 2017-01-05 19:55 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-01-11 11:21 - 2017-01-05 19:55 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-01-11 11:21 - 2017-01-05 19:52 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-01-11 11:21 - 2017-01-05 19:52 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-01-11 11:21 - 2017-01-05 18:43 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-01-11 11:21 - 2017-01-05 18:42 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-01-11 11:21 - 2017-01-05 18:32 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-01-11 11:21 - 2017-01-05 18:25 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-01-11 11:21 - 2017-01-05 18:24 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-01-11 11:21 - 2017-01-05 18:24 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-01-11 11:21 - 2017-01-05 18:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-01-11 11:21 - 2017-01-05 18:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-01-11 11:21 - 2017-01-05 18:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-01-10 00:16 - 2017-01-10 00:16 - 03226591 _____ C:\Users\*****\Downloads\ProjectNetAanvraag63595 (1).pdf
2017-01-10 00:13 - 2017-01-10 00:13 - 03226574 _____ C:\Users\*****\Downloads\ProjectNetAanvraag63595.pdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-08 14:54 - 2015-06-17 15:27 - 00001228 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000UA.job
2017-02-08 14:40 - 2015-01-27 22:41 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-02-08 13:56 - 2014-01-21 14:54 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-02-08 13:04 - 2015-10-17 18:42 - 00000548 _____ C:\Windows\Tasks\MATLAB R2015b Startup Accelerator.job
2017-02-08 11:51 - 2013-10-18 19:02 - 00000000 ____D C:\AdwCleaner
2017-02-08 11:48 - 2016-01-24 16:52 - 00000000 ____D C:\Users\*****\AppData\Local\Citrix
2017-02-08 10:59 - 2016-11-26 11:28 - 00000000 ____D C:\Users\*****\AppData\LocalLow\Mozilla
2017-02-08 10:59 - 2015-01-27 22:41 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-02-08 10:59 - 2013-12-14 16:24 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-02-08 10:59 - 2013-12-14 16:24 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-08 10:59 - 2013-06-26 17:24 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-02-08 10:59 - 2013-06-26 17:24 - 00000000 ____D C:\Windows\system32\Macromed
2017-02-08 10:59 - 2013-06-26 17:10 - 00000000 ____D C:\Users\*****\AppData\Local\Adobe
2017-02-08 10:56 - 2009-07-14 05:45 - 00034432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-02-08 10:56 - 2009-07-14 05:45 - 00034432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-02-08 10:53 - 2013-06-05 09:15 - 00703214 _____ C:\Windows\system32\perfh007.dat
2017-02-08 10:53 - 2013-06-05 09:15 - 00150822 _____ C:\Windows\system32\perfc007.dat
2017-02-08 10:53 - 2009-07-14 06:13 - 01629436 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-08 10:53 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-02-08 10:49 - 2016-07-03 00:05 - 00000000 ___RD C:\Users\*****\VUdrive
2017-02-08 10:49 - 2016-04-23 21:51 - 00000000 ___RD C:\Users\*****\CloudStation
2017-02-08 10:49 - 2013-06-26 17:26 - 00000000 ___RD C:\Users\*****\Dropbox
2017-02-08 10:48 - 2013-06-26 16:49 - 00000000 ____D C:\Users\*****
2017-02-08 10:48 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-08 10:31 - 2015-12-23 14:15 - 00000000 ____D C:\ProgramData\Lavasoft
2017-02-08 10:31 - 2013-08-31 08:46 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2017-02-08 09:54 - 2015-06-17 15:27 - 00001176 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000Core.job
2017-02-07 22:59 - 2013-06-26 17:15 - 00000000 ____D C:\Users\*****\AppData\Roaming\Dropbox
2017-02-07 21:19 - 2013-06-26 16:52 - 00000000 ____D C:\Users\*****\AppData\Roaming\Nitro PDF
2017-02-07 21:13 - 2016-10-26 11:00 - 00002198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-07 21:13 - 2016-10-26 11:00 - 00002186 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-02-07 21:09 - 2016-04-23 21:36 - 00000000 ____D C:\Users\*****\AppData\Local\CloudStation
2017-02-07 21:09 - 2016-04-23 10:20 - 00000000 ____D C:\Users\*****\AppData\Local\CloudStationBackup
2017-02-07 11:33 - 2015-09-10 13:52 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-02-07 11:14 - 2014-08-04 08:15 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-02-07 11:14 - 2014-08-04 08:15 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-02-02 23:28 - 2014-11-22 14:10 - 00000000 ____D C:\ProgramData\Sonos,_Inc
2017-02-02 01:13 - 2016-08-29 11:10 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2017-02-02 01:13 - 2016-08-29 11:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-02-02 01:13 - 2014-10-21 20:08 - 00000000 ____D C:\Program Files (x86)\Java
2017-02-02 00:36 - 2016-05-16 22:52 - 00011933 _____ C:\Users\*****\Documents\.Rhistory
2017-02-02 00:36 - 2015-04-23 19:22 - 00000000 ____D C:\Users\*****\AppData\Roaming\RStudio
2017-02-02 00:36 - 2015-04-23 19:04 - 00000000 ____D C:\Users\*****\AppData\Local\RStudio-Desktop
2017-02-02 00:36 - 2013-08-14 00:37 - 00000000 ____D C:\Users\*****\AppData\Local\Spotify
2017-02-01 20:43 - 2015-01-14 13:15 - 00000000 ____D C:\Users\*****\Documents\Zotero Workspace
2017-02-01 20:06 - 2013-08-14 00:35 - 00000000 ____D C:\Users\*****\AppData\Roaming\Spotify
2017-01-31 14:14 - 2014-01-01 11:49 - 00000000 ____D C:\Users\*****\Documents\Outlook-Dateien
2017-01-31 09:35 - 2013-06-04 23:34 - 00000000 ____D C:\Program Files (x86)\Lenovo
2017-01-31 09:35 - 2013-06-04 17:02 - 00000000 ____D C:\ProgramData\Lenovo
2017-01-31 09:34 - 2016-11-22 21:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-31 09:34 - 2013-06-26 22:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-30 22:29 - 2013-06-27 19:37 - 00007644 _____ C:\Users\*****\AppData\Local\Resmon.ResmonCfg
2017-01-30 10:02 - 2013-06-04 23:44 - 00000000 ____D C:\Windows\System32\Tasks\TVT
2017-01-30 10:02 - 2013-06-04 23:38 - 00000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2017-01-29 14:51 - 2016-02-07 11:28 - 00000946 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2017-01-28 11:02 - 2015-01-09 00:55 - 00003862 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1420761345
2017-01-28 11:02 - 2013-06-26 18:24 - 00000000 ____D C:\Program Files (x86)\Opera
2017-01-23 07:12 - 2015-12-03 21:54 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-20 12:13 - 2013-06-26 16:59 - 00000000 ____D C:\Users\*****\AppData\Roaming\Skype
2017-01-18 18:34 - 2013-06-26 17:00 - 00000000 ____D C:\Users\*****\AppData\Local\LSC
2017-01-18 18:34 - 2013-06-26 16:50 - 00000000 ____D C:\Users\*****\AppData\Local\Lenovo
2017-01-12 21:00 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2017-01-12 12:06 - 2013-07-15 10:32 - 00000000 ____D C:\Windows\system32\MRT
2017-01-12 12:00 - 2013-06-27 08:26 - 135657872 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-01-11 13:00 - 2015-01-07 17:33 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-01-11 12:40 - 2016-10-11 18:47 - 20630616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2017-01-11 12:40 - 2016-02-07 11:28 - 00003936 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-01-09 20:00 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-12-30 21:09 - 2016-12-30 21:09 - 0000000 _____ () C:\Users\*****\AppData\Roaming\06614afc-e1da-4f66-8e25-9cdde7f40bc0.storage
2016-12-30 21:28 - 2016-12-30 21:28 - 0000000 _____ () C:\Users\*****\AppData\Roaming\0b0b642d-bad1-4a42-ae39-e04d3dfd24eb.storage
2016-12-30 21:28 - 2016-12-30 21:28 - 0000000 _____ () C:\Users\*****\AppData\Roaming\232b9fac-fc4c-42d2-aa1f-7e61e087d91d.storage
2016-12-30 21:28 - 2016-12-30 21:28 - 0000000 _____ () C:\Users\*****\AppData\Roaming\69052423-4e19-425b-9aed-d51266bff2bc.storage
2013-10-03 23:29 - 2013-10-03 23:29 - 0000000 _____ () C:\Users\*****\AppData\Roaming\AbsoluteReminder.xml
2013-10-16 20:22 - 2013-10-16 20:58 - 0000132 _____ () C:\Users\*****\AppData\Roaming\Adobe CS5-Voreinstellungen für BMP-Format
2013-08-08 00:21 - 2013-08-08 00:21 - 0000037 ___SH () C:\Users\*****\AppData\Local\70149b02515b3bb20dd492.47983420
2013-06-27 19:37 - 2017-01-30 22:29 - 0007644 _____ () C:\Users\*****\AppData\Local\Resmon.ResmonCfg
2013-06-04 23:36 - 2013-06-04 23:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-03-06 19:19 - 2016-03-17 14:59 - 0000941 _____ () C:\ProgramData\GADump.txt
2014-07-21 09:47 - 2014-07-21 09:47 - 0000337 _____ () C:\ProgramData\hpzinstall.log
2013-06-26 16:52 - 2013-07-07 18:31 - 0000227 _____ () C:\ProgramData\LastUpdate.xml

Einige Dateien in TEMP:
====================
2015-12-11 15:53 - 2015-12-11 15:53 - 0172536 _____ (Cisco Systems, Inc.) C:\Users\*****\AppData\Local\Temp\20151211035326961jniverify.dll
2015-10-22 13:22 - 2015-10-22 13:22 - 350951272 _____ (Continuum Analytics, Inc.) C:\Users\*****\AppData\Local\Temp\Anaconda-2.3.0-Windows-x86_64.exe
2015-12-01 18:01 - 2015-12-01 18:01 - 0071168 _____ () C:\Users\*****\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp1mbv7k.dll
2015-11-06 21:07 - 2015-11-06 21:09 - 23306368 _____ (Hola Networks Ltd.) C:\Users\*****\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.10.317.exe
2016-01-14 20:43 - 2016-01-14 20:44 - 23318656 _____ (Hola Networks Ltd.) C:\Users\*****\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.11.272.exe
2015-10-17 14:34 - 2015-10-18 09:38 - 23262848 _____ (Hola Networks Ltd.) C:\Users\*****\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.9.624.exe
2015-10-29 17:25 - 2015-10-29 17:25 - 23262848 _____ (Hola Networks Ltd.) C:\Users\*****\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.9.789.exe
2016-10-19 17:20 - 2016-10-19 17:20 - 0737856 _____ (Oracle Corporation) C:\Users\*****\AppData\Local\Temp\jre-8u111-windows-au.exe
2017-02-02 01:12 - 2017-02-02 01:12 - 0739904 _____ (Oracle Corporation) C:\Users\*****\AppData\Local\Temp\jre-8u121-windows-au.exe
2015-10-18 15:41 - 2015-10-18 15:41 - 0585824 _____ (Oracle Corporation) C:\Users\*****\AppData\Local\Temp\jre-8u60-windows-au.exe
2015-12-07 18:43 - 2015-12-07 18:43 - 0585824 _____ (Oracle Corporation) C:\Users\*****\AppData\Local\Temp\jre-8u66-windows-au.exe
2016-05-03 23:21 - 2016-05-03 23:21 - 0739904 _____ (Oracle Corporation) C:\Users\*****\AppData\Local\Temp\jre-8u91-windows-au.exe
2016-11-29 18:45 - 2016-11-29 18:45 - 16826944 ____T (Geek Software GmbH                                          ) C:\Users\*****\AppData\Local\Temp\pdf24-creator-update.exe
2016-03-04 23:03 - 2016-03-04 23:03 - 0111104 _____ () C:\Users\*****\AppData\Local\Temp\readSTILog.dll
2016-05-15 17:46 - 2016-05-15 17:47 - 41346176 _____ (Skype Technologies S.A.) C:\Users\*****\AppData\Local\Temp\SkypeSetup.exe
2016-06-06 18:23 - 2016-07-05 21:12 - 3901016 _____ () C:\Users\*****\AppData\Local\Temp\Synology-Cloud-Station-Backup-Upgrader.exe
2016-06-06 18:23 - 2016-11-24 23:32 - 3923032 _____ () C:\Users\*****\AppData\Local\Temp\Synology-Cloud-Station-Drive-Upgrader.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-02-03 00:45

==================== Ende von FRST.txt ============================
         

Alt 09.02.2017, 09:54   #13
tomka
 
Ungewünschte Webseite öffnet sich - Standard

Ungewünschte Webseite öffnet sich



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 05-02-2017
durchgeführt von ****** (08-02-2017 15:00:24)
Gestartet von C:\Users\******\Downloads
Windows 7 Professional Service Pack 1 (X64) (2013-06-26 15:49:52)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1480473739-3576749651-3455334848-500 - Administrator - Disabled)
Gast (S-1-5-21-1480473739-3576749651-3455334848-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1480473739-3576749651-3455334848-1004 - Limited - Enabled)
Sonos (S-1-5-21-1480473739-3576749651-3455334848-1005 - Limited - Enabled)
****** (S-1-5-21-1480473739-3576749651-3455334848-1000 - Administrator - Enabled) => C:\Users\******

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Aangifte inkomstenbelasting 2011 (HKLM-x32\...\Aangifte inkomstenbelasting 2011) (Version:  - Belastingdienst)
Aangifte inkomstenbelasting 2013 (HKLM-x32\...\Aangifte inkomstenbelasting 2013) (Version:  - Belastingdienst)
ABN AMRO E.dentifier2 Software (HKLM-x32\...\{7FFDD64B-C182-41D6-AB43-257C07AE486A}) (Version: 03.10 - ABN AMRO BANK)
ActivePerl 5.20.2 Build 2002 (64-bit) (HKLM\...\{C07C5E6C-2225-4668-896C-31A7D105A9BB}) (Version: 5.20.2002 - ActiveState)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 23.0.0.257 - Adobe Systems Incorporated)
Adobe Connect 9 Add-in (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Adobe Connect 9 Add-in) (Version: 11,9,972,8 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 24 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.12020 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.12020 - Cisco Systems, Inc.) Hidden
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.4.0.8014 - Citrix Systems, Inc.)
Crayon Physics Deluxe Demo version 55_demo (HKLM-x32\...\{1AB2519C-B340-4B0C-9F81-BCF32A842EBF}_is1) (Version: 55_demo - Kloonigames, Ltd)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Dropbox) (Version: 19.4.13 - Dropbox, Inc.)
Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.68.10 - Lenovo Group Limited)
EPSON BX620FWD Series Printer Uninstall (HKLM\...\EPSON BX620FWD Series) (Version:  - SEIKO EPSON Corporation)
EPSON BX635FWD Series Printer Uninstall (HKLM\...\EPSON BX635FWD Series) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EpsonNet Config V4 (HKLM-x32\...\{08013FB5-DF8B-4D29-9B5E-B3DE88EBA6CA}) (Version: 4.1.1 - SEIKO EPSON CORPORATION)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ExpressVPN v3.305 (HKLM-x32\...\ExpressVPN) (Version: v3.305 - )
Free WMA to MP3 Converter 1.16 (HKLM-x32\...\Free WMA to MP3 Converter_is1) (Version:  - Jodix Technologies Ltd.)
G*Power 3.1.9.2 (HKLM-x32\...\{F9C59D86-6F65-4EDB-89A2-FBA1F78762D2}) (Version: 3.1.92 - Franz Faul, Uni Kiel, Germany)
GOG.com Heroes of Might and Magic 3 (HKLM\...\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb) (Version:  - )
Google Apps Migration For Microsoft Outlook® 4.0.29.9 (HKLM-x32\...\{E8248BD6-6294-4CF6-9CF9-BDAAC0CC8253}) (Version: 4.0.29.9 - Google, Inc.)
Google Apps Sync™ for Microsoft Outlook® 3.8.440.1250 (HKLM-x32\...\{091C294E-F243-432C-93E1-DEC4C2B9635B}) (Version: 3.8.440.1250 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Hema Fotoalbum (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\{83EF9202-135C-4AFC-A083-DE9D09C6BC46}_is1) (Version:  - Hema)
Heroes of Might and Magic 3 Complete (HKLM-x32\...\GOGPACKHOMM3COMPLETE_is1) (Version: 2.0.0.16 - GOG.com)
IBM SPSS Statistics 20 (HKLM\...\{2AF8017B-E503-408F-AACE-8A335452CAD2}) (Version: 20.0.0.0 - IBM Corp)
inSSIDer 3 (HKLM-x32\...\{A80CEA4E-74C1-4F9F-806B-E1D9AFC01768}) (Version: 3.0.7.48 - MetaGeek, LLC)
Integrated Camera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.7.31 - SunplusIT)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.9.254 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{728985C5-A04B-457C-9D62-15360F3EAF85}) (Version: 3.1.29.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Intel® PROSet/Wireless Software (HKLM-x32\...\{9bffdf20-c3a3-4e93-9cbf-61712c6a38be}) (Version: 17.13.2 - Intel Corporation)
JabRef 2.10 (HKLM-x32\...\JabRef 2.10) (Version: 2.10 - JabRef Team)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Lenovo Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 8.80.10 - Lenovo)
Lenovo App Shop (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 44154 - Intel)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.13 - )
Lenovo Mobile Broadband Activation (HKLM-x32\...\{A95D9DF7-CF34-421A-A1DC-936A49A4DAEA}) (Version: 4.2.1003.00 - Lenovo Group Limited)
Lenovo Patch Utility (HKLM-x32\...\{6E6E7725-C7BC-4C39-8B3F-14B67331A120}) (Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Patch Utility (x32 Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (HKLM\...\{0369F866-2CE0-4EB9-B426-88FA122C6E82}) (Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Peer Connect SDK (HKLM\...\{75C87855-9CBB-4892-B1A9-74C73A19CACA}_is1) (Version: 1.0.0.1 - Lenovo)
Lenovo Power Management Driver (Version: 1.67.12.16 - Lenovo) Hidden
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.4 - Lenovo Inc.)
Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - Lenovo)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0045 - Lenovo)
Lenovo USB 2.0 Ethernet Adapter (HKLM-x32\...\{29584513-DC7F-4EB9-8654-7C541DF0DDCE}) (Version: 1.11 - Lenovo)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0009.00 - Lenovo Group Limited)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)
Lenovo Welcome (HKLM-x32\...\{2DC26D10-CC6A-494F-BEA3-B5BC21126D5E}) (Version: 3.1.0021.00 - Lenovo Group Limited)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Master of Orion 2 (HKLM-x32\...\1207661633_is1) (Version: 2.1.0.18 - GOG.com)
MATLAB R2015b (HKLM\...\Matlab R2015b) (Version: 8.6 - MathWorks)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 - Nederlands (HKLM\...\{90150000-001F-0413-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 - Nederlands (HKLM-x32\...\{90150000-001F-0413-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mobile Broadband Drivers (HKLM-x32\...\{EA9640BE-414E-4195-B53B-7905BF1A5A09}) (Version: 7.2.5.4 - Ericsson AB)
Mozilla Firefox 51.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 de)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
Mplus Version 7.3 Demo (64-bit) (HKLM\...\{BA273660-8C9F-4835-A906-3B5686BE7AB4}) (Version: 7.3.0 - Muthen & Muthen)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
Nitro Pro 7 (HKLM\...\{36710189-55DF-4D75-8B6A-523CC61B7047}) (Version: 7.4.1.4 - Nitro PDF Software)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.3.3 - Notepad++ Team)
Octave 4.0.0 (HKLM-x32\...\Octave-4.0.0) (Version: 4.0.0 - GNU Octave)
Octoshape Streaming Services (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Octoshape Streaming Services) (Version:  - Octoshape ApS)
Online Plug-in (x32 Version: 14.4.0.8014 - Citrix Systems, Inc.) Hidden
Opera Stable 42.0.2393.517 (HKLM-x32\...\Opera 42.0.2393.517) (Version: 42.0.2393.517 - Opera Software)
PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Python 2.7.10 (Anaconda 2.3.0 64-bit) (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Python 2.7.10 (Anaconda 2.3.0 64-bit)) (Version: 2.3.0 - Continuum Analytics, Inc.)
Python 3.4.3 (HKLM-x32\...\{CCD588A7-8D55-49F1-A30C-47FAB40889ED}) (Version: 3.4.16490 - Python Software Foundation)
Python 3.5.2 (Anaconda3 4.1.1 64-bit) (HKLM\...\Python 3.5.2 (Anaconda3 4.1.1 64-bit)) (Version: 4.1.1 - Continuum Analytics, Inc.)
R for Windows 3.0.1 (HKLM\...\R for Windows 3.0.1_is1) (Version: 3.0.1 - R Core Team)
R for Windows 3.0.3 (HKLM\...\R for Windows 3.0.3_is1) (Version: 3.0.3 - R Core Team)
R for Windows 3.2.0 (HKLM\...\R for Windows 3.2.0_is1) (Version: 3.2.0 - R Core Team)
R for Windows 3.2.2 (HKLM\...\R for Windows 3.2.2_is1) (Version: 3.2.2 - R Core Team)
R for Windows 3.3.1 (HKLM\...\R for Windows 3.3.1_is1) (Version: 3.3.1 - R Core Team)
RapidBoot Shield (HKLM\...\{5E2652DF-743F-482B-A593-C95F431A5769}) (Version: 1.23 - Lenovo)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7040 - Realtek Semiconductor Corp.)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
RICOH_Media_Driver_v2.14.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH)
RStudio (HKLM-x32\...\RStudio) (Version: 0.99.489 - RStudio)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.0.13091_9 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.43.0 - SAMSUNG Electronics Co., Ltd.)
Self-Service Plug-in (x32 Version: 4.4.0.11833 - Citrix Systems, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
Sonos Controller (HKLM-x32\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 34.7.35161 - Sonos, Inc.)
Spotify (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\Spotify) (Version: 1.0.47.13.gd8e05b1f - Spotify AB)
SRWare Iron version 48.2550.2 (HKLM-x32\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: 48.2550.2 - SRWare)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version:  - )
Synology Cloud Station Backup (remove only) (HKLM\...\Synology Cloud Station Backup) (Version: 4.0.4204 - Synology, Inc.)
Synology Cloud Station Drive (HKLM-x32\...\{A2E63753-A06C-40ED-902E-BBD8250B1CAD}) (Version: 4.0.4204 - Synology)
TeXnicCenter Version 2.02 Stable (HKLM\...\TeXnicCenter_is1) (Version: 2.02 Stable - The TeXnicCenter Team)
TeXstudio 2.6.2 (HKLM-x32\...\TeXstudio_is1) (Version: 2.6.2 - Benito van der Zander)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.4500 - Broadcom Corporation)
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.14 - )
ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 6.25.65 - Lenovo)
ThinkVantage Access Connections (HKLM-x32\...\{A62AEB2B-E2A0-4E77-8AAE-9645FE3B5487}) (Version: 5.95 - Lenovo)
ThinkVantage Fingerprint Software (HKLM\...\{F58DA859-016E-492D-A588-317D9BB28002}) (Version: 5.9.9.7282 - Authentec Inc.)
ThinkVantage GPS (HKLM-x32\...\{6DB21B2C-2BEF-44B4-B264-8EC2BC2369C6}) (Version: 2.81 - Lenovo)
VIP Access (HKLM-x32\...\{E8D46836-CD55-453C-A107-A59EC51CB8DC}) (Version: 2.0.5.13 - VeriSign)
VUmc Desktop (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\storeservi-ee876895@@VUMC.VUmc Desktop $S1-1) (Version: 1.0 - Delivered by Citrix)
Web Companion (HKLM-x32\...\{6ece3bf6-3694-4acf-b158-16f51a2c6b56}) (Version: 2.1.1265.2535 - Lavasoft)
Widevine Media Optimizer Chrome 6.0.0 (HKLM-x32\...\optimizer_chrome) (Version: 6.0.0.12442 - Widevine Technologies)
Widevine Media Optimizer Chrome 6.0.0 (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\optimizer_chrome) (Version: 6.0.0.12442 - Widevine Technologies)
Widevine Media Optimizer IE 6.0.0 (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\optimizer_ie) (Version: 6.0.0.12757 - Widevine Technologies)
WinDirStat 1.1.2 (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\WinDirStat) (Version:  - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-Treiberpaket - Intel (ISCT) System  (08/23/2011 1.0.5.0) (HKLM\...\8D1FA6162A87496A05284A0C76A3B76705965B62) (Version: 08/23/2011 1.0.5.0 - Intel)
Windows-Treiberpaket - Intel System  (01/11/2012 9.3.0.1020) (HKLM\...\09839A9B5EDA69DA2DCC34637B5140AAF8A53B44) (Version: 01/11/2012 9.3.0.1020 - Intel)
Windows-Treiberpaket - Intel System  (08/26/2011 9.3.0.1011) (HKLM\...\9D7CD466F7FC8B18FF1B84943B7BB8648D17FCE8) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Intel System  (08/26/2011 9.3.0.1011) (HKLM\...\D8EF6CACF49BD33CC1FACD124C8CC2B1A8E8AE35) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Intel USB  (08/26/2011 9.3.0.1011) (HKLM\...\97EE1802A0385A37DE6323FA39EC76BEB2D73E41) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Lenovo 1.65.05.20 (02/29/2012 1.65.05.20) (HKLM\...\E3535F123E7F666D573665142F90D3E5004DC326) (Version: 02/29/2012 1.65.05.20 - Lenovo)
Windows-Treiberpaket - Synaptics (SmbDrv) System  (07/05/2012 16.2.5.0) (HKLM\...\99334E0BAA64ED1D117794050F2AA7D3951D9A7D) (Version: 07/05/2012 16.2.5.0 - Synaptics)
Windows-Treiberpaket - Synaptics (SynTP) Mouse  (07/05/2012 16.2.5.0) (HKLM\...\0395D83D6A2C0E110509B9E80E9BC5F29238FA82) (Version: 07/05/2012 16.2.5.0 - Synaptics)
Zoom (HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\ZoomUMX) (Version: 3.5 - Zoom Video Communications, Inc.)
Zotero Standalone 4.0.29.10 (x86 en-US) (HKLM-x32\...\Zotero Standalone 4.0.29.10 (x86 en-US)) (Version: 4.0.29.10 - Zotero)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\******\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AC}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
CustomCLSID: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AD}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {04B8EF9D-CD39-4182-8842-9B08430F0197} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2017-01-18] ()
Task: {0604997D-52D6-4514-AE28-F1DE449BF276} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {11257F63-5297-4886-AFC6-2211F6C9B8A3} - System32\Tasks\{AD1218B3-DC59-4081-8A45-2014706A72CC} => pcalua.exe -a "C:\Users\******\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4EH50OQF\AVM_FRITZ!WLAN_Repeater_310_Assistent.exe" -d C:\Users\******\Desktop
Task: {13D992D7-888A-4AAF-B17E-0ED000690458} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe [2017-01-11] (Adobe Systems Incorporated)
Task: {16D76F82-AC80-4041-BCAC-6798F30CD84B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000UA => C:\Users\******\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {223DFF31-BFCA-43FF-8339-C43B221A089F} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe [2016-04-14] (Lenovo Group Limited)
Task: {23E62AD8-63C7-49C4-8D88-568E37D12038} - System32\Tasks\{E661EA14-4831-4DC9-BA24-1F58FD3A9520} => C:\Users\******\Downloads\alfatest.exe
Task: {2A225316-1432-459F-9552-0F316D99B9BB} - System32\Tasks\MATLAB R2015b Startup Accelerator => C:\Program Files\MATLAB\R2015b\bin\win64\MATLABStartupAccelerator.exe [2015-07-30] ()
Task: {4ED24D9E-64F9-4EFD-8D62-2A46AB7FD6F4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000Core => C:\Users\******\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {5101C02D-4ACA-41E8-A6F5-210953BD81F2} - System32\Tasks\{9F4FBCB7-441F-4042-8998-402A08F71CD7} => C:\Users\******\Downloads\alfatest.exe
Task: {51527F61-8136-4602-9BBD-7F6A3386DE9E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-08] (Adobe Systems Incorporated)
Task: {516DE39E-4BC8-46DC-98B3-4E384F30F3C3} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000UA => C:\Users\******\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {544E4E1D-B75D-4BB3-A0C9-D1FF08669CC2} - System32\Tasks\{96C4092B-3E36-4FFF-A252-679948D94E24} => C:\Users\******\Downloads\alfatest.exe
Task: {646D7B7F-B14A-469C-8AD8-BB0FB8EC24F5} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [2016-06-02] ()
Task: {76341AC4-F95F-4D4F-8EB4-6F4D2A41CBB6} - System32\Tasks\Opera scheduled Autoupdate 1420761345 => C:\Program Files (x86)\Opera\launcher.exe [2017-01-26] (Opera Software)
Task: {7A94AD62-0252-460D-9461-2AECDE893A62} - System32\Tasks\{B5103088-5AA1-4ED1-B052-EE1CD81AA67F} => C:\Users\******\Downloads\alfatest.exe
Task: {7ED977C3-E5A3-4DF8-A891-8CAC05FDC42C} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {81950FA3-3AF2-4847-B96B-94549F81FE8A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {8B1A1E8D-C0C0-4103-A1F3-3F622D197ACF} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000Core => C:\Users\******\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {A0C547F0-617C-40D8-9079-033C06E2AFA0} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {A66A4169-D399-41CB-8193-6621E49CB98E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {A9A553D2-A554-44FC-95C8-5FA6297B2471} - System32\Tasks\{396E50AE-0DBA-4615-A96F-CFE4DC2D9EF1} => C:\Users\******\Downloads\alfatest.exe
Task: {ACA06C7F-29C4-4B82-9EE4-5D7963A33E65} - System32\Tasks\{7389CD34-2D3B-4788-99E0-2FA2C4B12C48} => C:\Users\******\Downloads\alfatest.exe
Task: {AE958A85-104F-49B4-BB51-ED3F76BFD594} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {C6BF3026-2C4E-4AA4-BC5A-B1168C431C62} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-01] (Lenovo)
Task: {CE9FB232-A20A-4B40-BDDE-6185834DBC42} - System32\Tasks\{1D30A00C-6ED6-4D93-B8A1-4E559F3B335B} => C:\Users\******\Downloads\alfatest.exe
Task: {D2A57E6F-F90F-4E0A-8870-20C421B5B0C3} - System32\Tasks\{BC072FDB-9C95-45AD-8328-17D7B8A4868E} => C:\Users\******\Downloads\alfatest.exe
Task: {D63B89A4-B7CE-47C3-9233-92909828A987} - System32\Tasks\{010A5FF7-A151-4825-B0EA-879607C5D583} => C:\Users\******\Downloads\alfatest.exe
Task: {D7CDE812-B353-455D-8286-DE0FC7CFEE28} - System32\Tasks\{D82A1DC1-78A4-4231-BB44-53D94432F129} => C:\Users\******\Downloads\alfatest.exe
Task: {D878A05F-D674-4915-8F9F-E9E7706D7DE1} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2017-01-18] ()
Task: {E3C18149-1EC2-429A-83A7-E2C63EA57782} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-06-02] (Lenovo)
Task: {E6402E65-A275-44D8-AAFA-BF21A3E4F87B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000Core.job => C:\Users\******\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1480473739-3576749651-3455334848-1000UA.job => C:\Users\******\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\MATLAB R2015b Startup Accelerator.job => C:\Program Files\MATLAB\R2015b\bin\win64\MATLABStartupAccelerator.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\******\Documents\Studium\Hiwi\Medieninhaltsforschung\Eigene Websites auf MSN\target.lnk -> hxxp://de.msnusers.co
Shortcut: C:\Users\******\Documents\Studium\Hiwi\Hiwi\Medieninhaltsforschung\Eigene Websites auf MSN\target.lnk -> hxxp://de.msnusers.co

ShortcutWithArgument: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda (64-bit)\Anaconda Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k "C:\Users\******\AppData\Local\Dato\Dato Launcher\Scripts\anaconda.bat"
ShortcutWithArgument: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda (64-bit)\Wakari (in the cloud).lnk -> C:\Users\******\AppData\Local\Dato\Dato Launcher\pythonw.exe () -> -m webbrowser -t "hxxps://www.wakari.io/"

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-04-12 07:15 - 2016-04-12 07:15 - 00287240 _____ () C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe
2016-04-12 14:47 - 2016-04-12 14:47 - 00287240 _____ () C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe
2016-03-18 06:41 - 2016-03-18 06:41 - 00248840 _____ () C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2012-05-23 22:14 - 2012-05-23 22:14 - 00108040 _____ () C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NPShellExtension64.dll
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2017-01-30 10:02 - 2017-01-18 16:36 - 00023416 _____ () C:\Program Files (x86)\Lenovo\System Update\SUService.exe
2017-02-07 21:13 - 2017-02-01 10:47 - 02459992 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-07 21:13 - 2017-02-01 10:47 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
2015-10-23 09:15 - 2015-10-23 09:15 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2013-06-04 23:36 - 2011-07-13 09:10 - 00065576 ____R () C:\Program Files (x86)\Mobile Broadband drivers\WMCore\MBMDebug.dll
2013-06-27 09:41 - 2013-05-13 14:15 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2016-06-27 23:19 - 2016-06-27 23:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll
2015-11-10 18:39 - 2015-11-10 18:39 - 03190016 _____ () C:\Program Files (x86)\Citrix\ICA Client\coreavc_sdk.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\AdwCleaner:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Boot:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Config.Msi:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Documents and Settings:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Dokumente und Einstellungen:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\DRIVERS:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Intel:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\MSOCache:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\PerfLogs:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Program Files:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Program Files (x86):IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Programme:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\swshare:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\SWTOOLS:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\System Volume Information:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Workspace R:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\All Users:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Adobe:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Application Data:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Brother:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Cisco:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Desktop:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Documents:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Dokumente:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Downloaded Installations:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\EPSON:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Favoriten:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Favorites:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\FileOpen:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\IDM:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Intel:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Lenovo:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\MacheenService:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Malwarebytes:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\McAfee:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft Help:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Mozilla:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Nitro PDF:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Norton:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\NortonInstaller:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Oracle:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Package Cache:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\regid.1986-12.com.adobe:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\SafeNet Sentinel:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Samsung:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Simply Super Software:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Skype:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Sophos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\SPSS:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Spybot - Search & Destroy:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Start Menu:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Startmenü:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\TEMP:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Templates:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Vorlagen:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programme:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EpsonNet:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo App Shop:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeXstudio:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Anwendungsdaten:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Application Data:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Desktop:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Documents:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Downloads:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Druckumgebung:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Eigene Dateien:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Favorites:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Links:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Local Settings:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Lokale Einstellungen:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Music:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\My Documents:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\NetHood:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Netzwerkumgebung:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Pictures:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\PrintHood:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Recent:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Roaming:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Saved Games:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\SendTo:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Start Menu:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Startmenü:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Templates:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Vorlagen:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Local:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Roaming:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Roaming\IMAT:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Macromedia:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Media Center Programs:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Microsoft:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Local\Anwendungsdaten:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Local\Application Data:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Local\History:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Local\Microsoft:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Local\Microsoft Help:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Local\Temporary Internet Files:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Local\Verlauf:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Documents\Eigene Bilder:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Documents\Eigene Musik:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Documents\Eigene Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Documents\My Music:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Documents\My Pictures:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\Documents\My Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Local:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Roaming:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\IMAT:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Macromedia:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Media Center Programs:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Microsoft:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Local\Anwendungsdaten:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Local\Application Data:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Local\History:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Local\Microsoft:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Local\Microsoft Help:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Local\Temporary Internet Files:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Local\Verlauf:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\Documents\Eigene Bilder:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\Documents\Eigene Musik:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\Documents\Eigene Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\Documents\My Music:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\Documents\My Pictures:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\Documents\My Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Desktop:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Documents:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Downloads:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Favorites:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Lenovo:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Libraries:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Music:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Pictures:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Recorded TV:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Roaming:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Symantec:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Downloads\Norton:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Documents\Eigene Bilder:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Documents\Eigene Musik:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Documents\Eigene Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Documents\My Music:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Documents\My Pictures:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\Public\Documents\My Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\.spss:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Anwendungsdaten:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Application Data:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Contacts:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Cookies:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Desktop:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Documents:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Downloads:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Dropbox:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Druckumgebung:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Eigene Dateien:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Favorites:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Links:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Lokale Einstellungen:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Music:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Netzwerkumgebung:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Pictures:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Recent:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Roaming:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Searches:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\SendTo:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Startmenü:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Vorlagen:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Desktop\project_description draft 29_TK.docx:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\******\Downloads\VlVNQy5WVW1jIERlc2t0b3AgJFMxLTE- (1).ica:icasource [223]
AlternateDataStreams: C:\Users\******\Downloads\VlVNQy5WVW1jIERlc2t0b3AgJFMxLTE- (2).ica:icasource [223]
AlternateDataStreams: C:\Users\******\Downloads\VlVNQy5WVW1jIERlc2t0b3AgJFMxLTE- (3).ica:icasource [223]
AlternateDataStreams: C:\Users\******\Downloads\VlVNQy5WVW1jIERlc2t0b3AgJFMxLTE- (4).ica:icasource [223]
AlternateDataStreams: C:\Users\******\Downloads\VlVNQy5WVW1jIERlc2t0b3AgJFMxLTE- (5).ica:icasource [224]
AlternateDataStreams: C:\Users\******\Downloads\VlVNQy5WVW1jIERlc2t0b3AgJFMxLTE-.ica:icasource [223]
AlternateDataStreams: C:\Users\******\AppData\Local:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\LocalLow:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Adobe:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\CoSoSys:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Dropbox:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\EPSON:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\FileOpen:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Identities:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\IDM:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Intel:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\LavasoftStatistics:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Leadertech:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Lenovo:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Macromedia:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Malwarebytes:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Media Center Programs:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Mozilla:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\MyPhoneExplorer:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Nitro PDF:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Notepad++:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Opera:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\PDAppFlex:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\PwrMgr:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Samsung:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Skype:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Spotify:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\texstudio:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Adobe:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Anwendungsdaten:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Broadcom:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Cisco:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Diagnostics:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Downloaded Installations:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\ElevatedDiagnostics:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Google:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\GPSENABLER:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Hema Fotoalbum:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\IBM:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\javasharedresources:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Lenovo:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\LSC:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Macromedia:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\MetaGeek,_LLC:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Microsoft:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Microsoft Help:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\MobileAccess:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Mozilla:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\ms-drivers:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Opera:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\PDF24:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Programs:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\RStudio-Desktop.bu:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Samsung:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Spotify:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Temp:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Temporary Internet Files:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\VeriSign:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\Verlauf:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Local\VirtualStore:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\LocalLow\Adobe:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\LocalLow\IDM:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\LocalLow\Intel:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\LocalLow\Microsoft:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\LocalLow\PlayReady:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\LocalLow\Sun:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\LocalLow\Symantec:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\LocalLow\VeriSign:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Documents\Eigene Bilder:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Documents\Eigene Musik:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Documents\Eigene Videos:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Documents\Finanzen:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Documents\R:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\Documents\Studium:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programme:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hema Fotoalbum:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MetaGeek:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++:IMAT__DS_DIR_HDR [6146]
AlternateDataStreams: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup:IMAT__DS_DIR_HDR [6146]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\...\100sexlinks.com -> 100sexlinks.com

Da befinden sich 4788 mehr Seiten.


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2015-10-16 12:47 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1480473739-3576749651-3455334848-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\******\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 62.179.104.196 - 213.46.228.196
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupfolder: C:^Users^******^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Citrix Receiver.lnk => C:\Windows\pss\Citrix Receiver.lnk.Startup
MSCONFIG\startupreg: AcWin7Hlpr => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: ConnectionCenter => "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
MSCONFIG\startupreg: Google Update => "C:\Users\******\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: Integrated Camera_Monitor => C:\Program Files (x86)\Integrated Camera\monitor.exe
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LENOVO.TPKNRRES => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
MSCONFIG\startupreg: LenovoNal => C:\Program Files\Lenovo\Lenovo Peer Connect\NalService.exe
MSCONFIG\startupreg: Octoshape Streaming Services => "C:\Users\******\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: PWMTRV => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
MSCONFIG\startupreg: Redirector => "C:\Program Files (x86)\Citrix\ICA Client\redirector.exe" /startup
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\******\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\******\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{2B063FA6-477F-48FA-9D1E-3BDBBDEB2DE6}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{EDD477BC-C5F1-4E0C-AD2F-EAB87CBE2016}] => LPort=2869
FirewallRules: [{03D5C4C4-1599-4012-AD49-5002A9EA33DD}] => LPort=1900
FirewallRules: [{34A60A08-403E-4FD9-86AE-64718FB480EF}] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{EF5C29A3-17C3-46AC-91A1-F104C6D38372}] => C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{7BA793EC-F5F6-4071-992C-E69FEA754B68}] => C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{44D10574-CC59-4D88-A295-485DA2832F38}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F6FD2F10-D1DB-47D9-8902-2643C5E69F79}] => C:\Users\******\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{36428086-0079-4F5C-BAA1-ADC33A93C5A4}] => C:\Users\******\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{0E310144-12A2-4304-B85D-67C0B79B1E3E}] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
FirewallRules: [{EF0AF0CC-7E9B-400C-AF5B-4BEA2C18386F}] => C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{658B0361-312C-421C-8ECA-CA0C1E879717}] => C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{22E03A7D-DA2D-4C2A-ABF2-8C8A40C6CFF1}] => C:\Program Files (x86)\EpsonNet\EpsonNet Config V4\ENConfig.exe
FirewallRules: [{C7DB25E6-D90E-4F4A-A745-29D1622204C1}] => C:\Program Files (x86)\EpsonNet\EpsonNet Config V4\ENConfig.exe
FirewallRules: [TCP Query User{5837FA49-EC04-4CE2-A17F-5469621E5F70}C:\users\******\appdata\roaming\spotify\spotify.exe] => C:\users\******\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{C81CF274-8D28-4900-94C1-2F1891831C07}C:\users\******\appdata\roaming\spotify\spotify.exe] => C:\users\******\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{E3EF79E9-FE81-445C-9358-86918EBEBB9E}C:\users\******\appdata\roaming\dropbox\bin\dropbox.exe] => C:\users\******\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{1C160363-0105-456F-B3D6-8A10B374F511}C:\users\******\appdata\roaming\dropbox\bin\dropbox.exe] => C:\users\******\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{E2ECEC31-40B6-4B15-B912-4E7378DF0193}C:\users\******\appdata\local\hola\firefox\app\hola_plugin.exe] => C:\users\******\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [UDP Query User{4CA88648-4EDA-4AF1-95D5-B3B155D7CCFB}C:\users\******\appdata\local\hola\firefox\app\hola_plugin.exe] => C:\users\******\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [{575915FC-4116-470F-8057-4C9DFAC272F6}] => C:\Program Files (x86)\Sonos\Sonos.exe
FirewallRules: [{AE4AA11B-7BE4-4429-9D7B-BCF8EC179EC1}] => C:\Program Files (x86)\Sonos\Sonos.exe
FirewallRules: [{522142AE-B1C9-423A-B3CD-8ED4EA0DBE7A}] => C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{6844444C-9084-4822-A681-A85969309E62}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8CE040F5-BCF4-4718-86D9-4A0CA9DFC42F}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{26696B35-988E-4352-AB60-6F6A3533F30F}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{295B1CB8-60F5-4973-A4E9-D9183FF7D7E7}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{EEE28765-7988-4C32-8C15-18C3985B6C3B}C:\program files\rstudio\bin\x64\rsession.exe] => C:\program files\rstudio\bin\x64\rsession.exe
FirewallRules: [UDP Query User{855EC420-ECEE-40AD-AF0E-577EAC717B99}C:\program files\rstudio\bin\x64\rsession.exe] => C:\program files\rstudio\bin\x64\rsession.exe
FirewallRules: [TCP Query User{7350319E-0F08-45DE-8720-778FAE3F4BE2}C:\program files\rstudio\bin\x64\rsession.exe] => C:\program files\rstudio\bin\x64\rsession.exe
FirewallRules: [UDP Query User{0BBBA499-F433-4961-A3EC-B78DFE79ACED}C:\program files\rstudio\bin\x64\rsession.exe] => C:\program files\rstudio\bin\x64\rsession.exe
FirewallRules: [TCP Query User{B5E8254B-666F-4F3F-AAC6-44B00DF7DB05}C:\program files\ibm\spss\statistics\20\stats.exe] => C:\program files\ibm\spss\statistics\20\stats.exe
FirewallRules: [UDP Query User{BA67F580-5769-4870-949B-2ED14217B91D}C:\program files\ibm\spss\statistics\20\stats.exe] => C:\program files\ibm\spss\statistics\20\stats.exe
FirewallRules: [TCP Query User{29E361B7-DAC4-4E87-BF0D-A19A1120F3DB}C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe] => C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe
FirewallRules: [UDP Query User{02FB5303-C161-4D8E-AE4D-97E3B2304D45}C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe] => C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe
FirewallRules: [{53563EED-90E6-48F2-8006-9FB0CBAB52EB}] => C:\Program Files (x86)\Opera\42.0.2393.137\opera.exe
FirewallRules: [{0934AB64-A2B0-4D5C-99EB-0992CD66733F}] => C:\Program Files (x86)\Opera\42.0.2393.517\opera.exe
FirewallRules: [{240CDADA-91DD-4300-BFCE-2DF6624EC536}] => C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{EEAA9EF9-4B6D-4402-8DB2-3DFD925F37D6}] => C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{385AB514-2CAE-424D-9881-1356F0AF0BD5}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

07-02-2017 09:41:08 Windows Update
07-02-2017 19:18:58 Windows-Sicherung
08-02-2017 10:53:11 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Lenovo Connect Device 1.0
Description: Lenovo Connect Device 1.0
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/08/2017 10:48:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CAMService.exe, Version: 1.0.0.1, Zeitstempel: 0x54077d08
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.23572, Zeitstempel: 0x57fd0651
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000048f24
ID des fehlerhaften Prozesses: 0x94c
Startzeit der fehlerhaften Anwendung: 0x01d281f08111248f
Pfad der fehlerhaften Anwendung: C:\Program Files\Intel\CAM\bin\CAMService.exe
Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll
Berichtskennung: c734410b-ede3-11e6-8a7c-b8763fa86bbd

Error: (02/08/2017 10:48:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (02/08/2017 10:42:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CAMService.exe, Version: 1.0.0.1, Zeitstempel: 0x54077d08
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.23572, Zeitstempel: 0x57fd0651
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000048f24
ID des fehlerhaften Prozesses: 0x980
Startzeit der fehlerhaften Anwendung: 0x01d281ef983ec976
Pfad der fehlerhaften Anwendung: C:\Program Files\Intel\CAM\bin\CAMService.exe
Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll
Berichtskennung: e7bfea15-ede2-11e6-b2d2-b8763fa86bbd

Error: (02/08/2017 10:42:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (02/07/2017 09:09:16 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: "Fehler beim Zugreifen auf den freigegebenen Remoteordner durch die Windows-Sicherung. (0x81000039)"

Error: (02/07/2017 07:08:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (02/07/2017 09:36:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (02/03/2017 08:45:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CAMService.exe, Version: 1.0.0.1, Zeitstempel: 0x54077d08
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.23572, Zeitstempel: 0x57fd0651
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000048f24
ID des fehlerhaften Prozesses: 0x96c
Startzeit der fehlerhaften Anwendung: 0x01d27df16e0ccb7a
Pfad der fehlerhaften Anwendung: C:\Program Files\Intel\CAM\bin\CAMService.exe
Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll
Berichtskennung: bb26cea3-e9e4-11e6-9b18-b8763fa86bbd

Error: (02/03/2017 08:45:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (02/03/2017 12:48:23 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0


Systemfehler:
=============
Error: (02/08/2017 10:49:31 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-18) für Benutzer NT-AUTORITÄT\SYSTEM von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID 
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 und APPID 
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.

Error: (02/08/2017 10:48:44 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "CAM Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (02/08/2017 10:48:44 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (02/08/2017 10:48:27 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Lenovo Platform Service erreicht.

Error: (02/08/2017 10:48:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SMI Helper Driver (smihlp2)" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (02/08/2017 10:48:08 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\IWMSSvc.dll

Error: (02/08/2017 10:48:08 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\IWMSSvc.dll

Error: (02/08/2017 10:48:08 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\IWMSSvc.dll

Error: (02/08/2017 10:48:07 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\IWMSSvc.dll

Error: (02/08/2017 10:47:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Power Manager Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2017-02-08 12:03:33.172
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-01-20 10:30:56.610
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-01-20 10:30:52.144
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-01-20 10:29:07.458
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-01-20 10:29:07.296
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-01-20 10:24:45.765
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-01-18 12:01:03.460
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-01-15 11:02:24.953
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-01-15 11:02:23.807
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2017-01-15 11:02:22.071
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-3667U CPU @ 2.00GHz
Prozentuale Nutzung des RAM: 62%
Installierter physikalischer RAM: 7888.92 MB
Verfügbarer physikalischer RAM: 2933.07 MB
Summe virtueller Speicher: 15776.02 MB
Verfügbarer virtueller Speicher: 10636.74 MB

==================== Laufwerke ================================

Drive c: (Windows7_OS) (Fixed) (Total:200.43 GB) (Free:44.28 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive q: (Lenovo_Recovery) (Fixed) (Total:13.67 GB) (Free:3.23 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: B605DD09)
Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=200.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=8 GB) - (Type=84)

==================== Ende von Addition.txt ============================
         

Alt 09.02.2017, 10:19   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Ungewünschte Webseite öffnet sich - Standard

Ungewünschte Webseite öffnet sich



Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte:


1. Schritt: MBAM

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




2. Schritt: ESET

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset




3. Schritt: SecurityCheck

Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 15.02.2017, 14:01   #15
tomka
 
Ungewünschte Webseite öffnet sich - Standard

Ungewünschte Webseite öffnet sich



Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Scan Date: 15.02.2017
Scan Time: 11:08
Logfile: malwarebytes scan.txt
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2017.02.15.03
Rootkit Database: v2017.02.11.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: ******

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 347725
Time Elapsed: 12 min, 39 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)
         
Code:
ATTFilter
C:\Users\******\AppData\Local\Temp\DMR\dmr_72.exe	Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung
         
Code:
ATTFilter
 Results of screen317's Security Check version 1.009  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Kaspersky Internet Security   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Java 8 Update 121  
 Java version 32-bit out of Date! 
 Adobe Flash Player 24.0.0.221  
 Mozilla Firefox (51.0.1) 
 Google Chrome (56.0.2924.87) 
 Google Chrome (SetupMetrics...) 
````````Process Check: objlist.exe by Laurent````````  
 Kaspersky Lab Kaspersky Internet Security 17.0.0 avp.exe  
 Kaspersky Lab Kaspersky Internet Security 17.0.0 avpui.exe  
 Kaspersky Lab Kaspersky Secure Connection 1.0 ksde.exe  
 Kaspersky Lab Kaspersky Secure Connection 1.0 ksdeui.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         

Antwort

Themen zu Ungewünschte Webseite öffnet sich
browser, combofix, defender, explorer, firefox, flash player, google, home, kaspersky, mozilla, prozesse, realtek, registry, rundll, scan, security, services.exe, software, svchost.exe, symantec, system, temp, windows, winlogon.exe, öffnet



Ähnliche Themen: Ungewünschte Webseite öffnet sich


  1. Ungewünschte Spam-Fenster öffnen sich in Microsoft Edge
    Plagegeister aller Art und deren Bekämpfung - 09.10.2016 (8)
  2. Webseite "Vodafone Gewinner" öffnet sich, mit Sprachausgabe
    Plagegeister aller Art und deren Bekämpfung - 10.05.2016 (15)
  3. Google chrome: Bei Klick auf Webseite öffnet sich ein neues Fenster (Malware-Warnung von Avira)
    Plagegeister aller Art und deren Bekämpfung - 07.04.2016 (16)
  4. Firefox: ungewünschte Tabs öffnen sich bei klicken auf jegliche Links
    Plagegeister aller Art und deren Bekämpfung - 06.10.2015 (1)
  5. Win7 : Google Chrome - Bei klick im Bereich auf Webseite ,öffnet sich Werbe Tab
    Log-Analyse und Auswertung - 04.08.2015 (13)
  6. Firefox öffnet ungewünschte tabs automatisch
    Log-Analyse und Auswertung - 08.09.2014 (16)
  7. Webseite http://www.98uj8.de/s3brsn5ba66mgfzeinrum#noad öffnet sich von alleine
    Log-Analyse und Auswertung - 06.08.2014 (9)
  8. Bei jedem klicken auf eine Webseite, öffnet sich ein neuer Tab.
    Lob, Kritik und Wünsche - 02.12.2013 (0)
  9. Bei jedem klicken auf eine Webseite, öffnet sich ein neuer Tab.
    Plagegeister aller Art und deren Bekämpfung - 01.12.2013 (17)
  10. Unbekannte Webseite öffnet sich selbständig in regelmäßigen Abständen
    Plagegeister aller Art und deren Bekämpfung - 17.11.2013 (2)
  11. Webseite bizcoaching öffnet sich ständig ungefragt
    Plagegeister aller Art und deren Bekämpfung - 10.07.2013 (38)
  12. Mozilla, Internet Explorer öffnet ungewünschte Seiten. Einstellung oder Virus, evtl änderung?
    Plagegeister aller Art und deren Bekämpfung - 06.01.2012 (1)
  13. Ungewünschte Internetseite öffnet sich und will runterladen
    Log-Analyse und Auswertung - 06.05.2010 (12)
  14. Mozilla öffnet ungewünschte Seiten
    Log-Analyse und Auswertung - 03.08.2008 (2)
  15. IE6 bzw. IE7 öffnet ungewünschte Werbefenster und Pseudo-Virenwarnungen
    Log-Analyse und Auswertung - 19.04.2007 (7)
  16. Beim PC-Start öffnet sich eine webseite
    Log-Analyse und Auswertung - 16.01.2005 (11)
  17. Ungewünschte Internetseiten öffnen sich ! ! !
    Netzwerk und Hardware - 04.06.2003 (12)

Zum Thema Ungewünschte Webseite öffnet sich - Hallo, Beim Besuchen einer Hotel Buchungsseite switcht der Chrome Browser zu einer Erotik Dating Seite. Ist bisher erst einmal passiert und nicht reproduzierbar. Hab ich mir eventuell etwas eingefangen? Malwarebytes - Ungewünschte Webseite öffnet sich...
Archiv
Du betrachtest: Ungewünschte Webseite öffnet sich auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.