| highrize | 27.02.2017 15:54 |
Hallo,
bittesehr, hier die Logs.
FRST Logfile: Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 26-02-2017
durchgeführt von R (Administrator) auf LENOVO-PC_RB (27-02-2017 15:50:29)
Gestartet von C:\Users\R\Desktop\Board
Geladene Profile: R (Verfügbare Profile: R)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
(Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
() C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
() C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Spotify Ltd) C:\Users\R\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\R\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo) C:\Users\R\AppData\Local\Apps\2.0\818T3TJ2.XB7\Z9NBMZ8T.NMD\lsb...tion_2d7b41b05b24775e_0001.0006_49d2acb6f7b8d10a\LSB.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winamp.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
() C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LU.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPNetworkCommunicatorCom.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672664 2014-06-30] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387736 2014-07-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387736 2014-07-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387736 2014-07-04] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3742112 2015-07-29] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [9308416 2015-06-02] (Realtek semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-03-26] (Intel Corporation)
HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [401896 2016-11-01] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [AutoStartTransition] => C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe [294672 2014-09-24] ()
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-09-24] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10841584 2014-09-24] (Lenovo(beijing) Limited)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-11-01] (Apple Inc.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [26781320 2017-02-21] (Dropbox, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065024 2014-06-10] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2822847271-4213327418-2225454224-1001\...\Run: [Spotify] => C:\Users\R\AppData\Roaming\Spotify\Spotify.exe [7067760 2017-02-20] (Spotify Ltd)
HKU\S-1-5-21-2822847271-4213327418-2225454224-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKU\S-1-5-21-2822847271-4213327418-2225454224-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2860832 2016-10-13] (Valve Corporation)
HKU\S-1-5-21-2822847271-4213327418-2225454224-1001\...\Run: [Spotify Web Helper] => C:\Users\R\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-02-20] (Spotify Ltd)
HKU\S-1-5-21-2822847271-4213327418-2225454224-1001\...\Run: [HP Officejet Pro 8610 (NET)] => C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 141.2.22.74 141.2.149.10
Tcpip\..\Interfaces\{89ed014d-6f16-449f-9a45-f3a041a371ff}: [DhcpNameServer] 141.2.22.74 141.2.149.10
Tcpip\..\Interfaces\{cd37719e-13e8-4c14-91b0-4d6ae6b9bc6b}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\S-1-5-21-2822847271-4213327418-2225454224-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-2822847271-4213327418-2225454224-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKLM-x32 -> DefaultScope {B2E10167-0C7F-4360-9C62-6BBF64FAA162} URL =
SearchScopes: HKU\S-1-5-21-2822847271-4213327418-2225454224-1001 -> DefaultScope {B2E10167-0C7F-4360-9C62-6BBF64FAA162} URL =
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\WINDOWS\system32\mscoree.dll [2016-07-16] (Microsoft Corporation)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\WINDOWS\system32\mscoree.dll [2016-07-16] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: m35dcoe6.default
FF ProfilePath: C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\m35dcoe6.default [2017-02-27]
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\m35dcoe6.default -> Bing®
FF Session Restore: Mozilla\Firefox\Profiles\m35dcoe6.default -> ist aktiviert.
FF Extension: (Avira Browser Safety) - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\m35dcoe6.default\Extensions\abs@avira.com.xpi [2017-02-09]
FF Extension: (Avira SafeSearch Plus) - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\m35dcoe6.default\Extensions\safesearchplus@avira.com [2015-11-19] [ist nicht signiert]
FF Extension: (SHA-1 deprecation staged rollout) - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\m35dcoe6.default\features\{098cb9b8-c1bc-42a4-ba14-d8f3367b7a49}\disableSHA1rollout@mozilla.org.xpi [2017-02-17]
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: (Citavi Picker) - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2017-02-10]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-19] ()
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-19] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2013-12-12] (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-21] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://search.avira.net/#web/result?source=omnibar&q={searchTerms}
CHR DefaultSearchKeyword: Default -> Avira
CHR DefaultSuggestURL: Default -> hxxps://search.avira.net/suggestions?q={searchTerms}&li=ff&hl=de
CHR Profile: C:\Users\R\AppData\Local\Google\Chrome\User Data\Default [2017-02-26]
CHR Extension: (Google Präsentationen) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-30]
CHR Extension: (Google Docs) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-30]
CHR Extension: (Google Drive) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-30]
CHR Extension: (YouTube) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-30]
CHR Extension: (Google Tabellen) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-30]
CHR Extension: (Avira Browserschutz) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-10-20]
CHR Extension: (Google Docs Offline) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-30]
CHR Extension: (Avira SafeSearch Plus) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\khjilmcjipkeokomeekfnhkpbnhmgaje [2016-12-23]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-30]
CHR Extension: (Google Mail) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-30]
CHR Extension: (Chrome Media Router) - C:\Users\R\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-23]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 DACoreService; C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe [448400 2014-03-24] (Nuance Communications, Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-04] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-04] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46408 2017-02-09] (Dropbox, Inc.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-01-19] (Digital Wave Ltd.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [135072 2015-07-29] (ELAN Microelectronics Corp.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-03-26] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-01] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-21] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-09-24] (Lenovo(beijing) Limited)
R2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [38896 2014-02-17] (Lenovo(beijing) Limited)
R2 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2013-12-12] (Nitro PDF Software)
R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [51112 2016-12-16] (Microsoft)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation)
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [167176 2014-05-28] (PointGrab LTD)
R2 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [515336 2014-05-28] (PointGrab LTD)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [33040 2014-09-24] (Lenovo)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283200 2015-12-08] (DT Soft Ltd)
R3 ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [30808 2015-07-29] (ELAN Microelectronic Corp.)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [82072 2015-09-23] (McAfee, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_dc8ffafad3ea7ddd\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [593624 2015-03-11] (Realtek Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3057920 2015-06-02] (Realtek Semiconductor Corp.)
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [5144064 2016-07-16] (Realtek Semiconductor Corporation )
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
S3 dbx; system32\DRIVERS\dbx.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-26 22:30 - 2017-02-26 22:30 - 00002266 _____ C:\Users\R\Desktop\JRT.txt
2017-02-26 22:17 - 2017-02-27 14:43 - 00000000 ____D C:\AdwCleaner
2017-02-26 22:16 - 2017-02-26 22:28 - 01663040 _____ (Malwarebytes) C:\Users\R\Desktop\JRT.exe
2017-02-26 22:10 - 2017-02-26 22:17 - 04015056 _____ C:\Users\R\Desktop\AdwCleaner_6.043.exe
2017-02-26 22:08 - 2017-02-26 22:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-02-26 21:47 - 2017-02-26 21:47 - 00000000 ___HD C:\OneDriveTemp
2017-02-24 16:01 - 2017-02-24 16:23 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-02-24 15:59 - 2017-02-24 16:23 - 00000000 ____D C:\Users\R\Desktop\mbar
2017-02-24 15:58 - 2017-02-24 15:58 - 16563352 _____ (Malwarebytes Corp.) C:\Users\R\Desktop\mbar-1.09.3.1001.exe
2017-02-24 15:26 - 2017-02-24 15:26 - 00001090 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-02-24 15:26 - 2017-02-24 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-02-24 15:26 - 2017-02-24 15:26 - 00000000 ____D C:\Program Files\VS Revo Group
2017-02-24 15:25 - 2017-02-24 15:26 - 07097928 _____ (VS Revo Group ) C:\Users\R\Desktop\revo202setup.exe
2017-02-23 15:30 - 2017-02-23 15:51 - 00493276 _____ C:\Users\R\Desktop\Robin Becker, 4423298, Athletenverhalten in kritischen Wettkampfsituationen - Poster.pdf
2017-02-23 14:55 - 2017-02-23 15:51 - 00000000 ____D C:\Users\R\Desktop\Sören
2017-02-23 14:49 - 2017-02-23 14:53 - 00492946 _____ C:\Users\R\Desktop\Poster Robin 2.pdf
2017-02-21 19:49 - 2017-02-21 19:49 - 00046184 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-02-21 19:49 - 2017-02-21 19:49 - 00046184 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2017-02-20 10:41 - 2017-02-20 10:42 - 00000000 ____D C:\Users\R\Desktop\USB Stick
2017-02-20 10:08 - 2017-02-20 10:22 - 00000000 ____D C:\Users\R\AppData\Roaming\Softland
2017-02-20 10:05 - 2017-02-20 10:05 - 00003658 _____ C:\WINDOWS\System32\Tasks\doPDF Update
2017-02-20 10:05 - 2017-02-20 10:05 - 00000000 ____D C:\ProgramData\Softland
2017-02-20 10:05 - 2017-02-20 10:05 - 00000000 ____D C:\ProgramData\regid.2008-09.org.wixtoolset
2017-02-20 10:05 - 2017-02-20 10:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\doPDF 8
2017-02-20 10:05 - 2017-02-20 10:05 - 00000000 ____D C:\Program Files\Softland
2017-02-20 10:05 - 2017-02-20 10:05 - 00000000 ____D C:\Program Files (x86)\Softland
2017-02-20 10:03 - 2017-02-20 10:04 - 52798040 _____ (Softland) C:\Users\R\Desktop\dopdf-full_946.exe
2017-02-19 00:14 - 2017-02-19 00:14 - 00000000 ____D C:\Users\R\AppData\Local\ESET
2017-02-19 00:13 - 2017-02-27 15:50 - 00000000 ____D C:\FRST
2017-02-19 00:04 - 2017-02-24 14:41 - 00000000 ____D C:\ProgramData\Emsisoft
2017-02-18 23:47 - 2017-02-27 15:49 - 00000000 ____D C:\Users\R\Desktop\Board
2017-02-15 13:26 - 2017-02-15 13:26 - 00266549 _____ C:\Users\R\Desktop\Posterformalien.pdf
2017-02-15 10:20 - 2017-02-15 10:20 - 00000000 ____D C:\WINDOWS\System32\Tasks\Avira
2017-02-13 14:36 - 2017-02-13 14:33 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-02-10 14:14 - 2017-02-24 15:55 - 00000000 ____D C:\Users\R\AppData\Local\CrashDumps
2017-02-10 12:35 - 2017-02-10 12:35 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-02-10 12:35 - 2016-09-09 19:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-02-10 12:35 - 2016-09-09 19:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-02-10 12:35 - 2016-09-09 19:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-02-10 12:35 - 2016-09-09 19:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-02-10 12:34 - 2016-12-29 14:10 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-02-09 09:33 - 2017-02-09 09:33 - 00046408 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-02-09 09:33 - 2017-02-09 09:33 - 00046184 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-02-02 17:02 - 2017-02-02 17:02 - 01802596 _____ C:\Users\R\Desktop\Cschwind-Examensarbeit-final1.pdf
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-27 15:50 - 2016-11-19 00:37 - 00000000 ____D C:\Users\R\AppData\LocalLow\Mozilla
2017-02-27 14:51 - 2015-12-04 10:53 - 00000000 ___RD C:\Users\R\Dropbox
2017-02-27 14:50 - 2015-10-31 19:10 - 00000000 ___RD C:\Users\R\OneDrive
2017-02-27 14:49 - 2016-07-16 23:51 - 00924834 _____ C:\WINDOWS\system32\perfh007.dat
2017-02-27 14:49 - 2016-07-16 23:51 - 00208036 _____ C:\WINDOWS\system32\perfc007.dat
2017-02-27 14:49 - 2016-01-04 15:33 - 02253668 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-27 14:45 - 2016-06-30 20:29 - 00000000 ____D C:\Program Files (x86)\Steam
2017-02-27 14:45 - 2015-11-10 13:25 - 00000000 ____D C:\Users\R\AppData\Local\Spotify
2017-02-27 14:45 - 2015-11-10 13:24 - 00000000 ____D C:\Users\R\AppData\Roaming\Spotify
2017-02-27 14:44 - 2016-09-02 13:17 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-27 14:44 - 2016-09-02 13:11 - 00000000 ____D C:\ProgramData\NVIDIA
2017-02-27 14:44 - 2016-09-02 13:10 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-02-27 14:44 - 2016-07-16 07:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-02-27 14:44 - 2016-01-04 15:36 - 00000000 __SHD C:\Users\R\IntelGraphicsProfiles
2017-02-27 14:35 - 2016-09-02 13:10 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-26 22:08 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-26 22:08 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-26 22:08 - 2015-12-04 10:32 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-02-24 16:01 - 2015-12-08 14:38 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-02-24 16:01 - 2015-12-08 14:37 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-24 15:59 - 2015-12-08 14:37 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2017-02-24 14:44 - 2015-11-19 14:03 - 00000000 ____D C:\Program Files (x86)\Avira
2017-02-24 14:44 - 2015-11-01 12:53 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-24 14:43 - 2016-07-16 12:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-02-24 14:43 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-24 14:40 - 2014-09-24 16:17 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-24 13:38 - 2015-10-31 21:11 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-24 13:35 - 2015-10-31 21:11 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-24 13:12 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-23 15:45 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-02-23 14:47 - 2015-12-18 10:11 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-23 14:36 - 2016-04-14 22:49 - 00000000 ____D C:\Users\R\Documents\Citavi 5
2017-02-22 15:03 - 2016-12-09 16:41 - 00003276 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-22 15:03 - 2016-01-04 15:39 - 00002386 _____ C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-20 10:24 - 2016-02-01 14:33 - 00000000 ____D C:\Users\R\Desktop\Uni
2017-02-19 01:31 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-19 01:31 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-18 23:18 - 2016-05-18 21:48 - 00000000 ____D C:\Users\R\AppData\Roaming\Groovedown
2017-02-18 23:08 - 2016-04-14 22:43 - 00000000 ____D C:\Users\R\AppData\Local\Downloaded Installations
2017-02-17 10:52 - 2016-10-10 11:54 - 00000000 ____D C:\Users\R\Desktop\Basketball
2017-02-13 14:33 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-02-10 15:10 - 2016-04-14 22:43 - 00002045 _____ C:\Users\Public\Desktop\Citavi 5.lnk
2017-02-10 15:10 - 2016-04-14 22:43 - 00000000 ____D C:\ProgramData\Swiss Academic Software
2017-02-10 15:10 - 2016-04-14 22:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citavi 5
2017-02-10 12:34 - 2016-09-02 13:11 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-02-10 12:34 - 2014-09-24 16:15 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-02-09 17:42 - 2016-09-02 13:12 - 00000000 ____D C:\Users\R
2017-02-09 11:56 - 2016-11-18 18:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-02-09 11:56 - 2015-10-31 19:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-02-06 20:48 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-03 11:03 - 2016-08-30 11:01 - 00002275 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-10-31 19:06 - 2016-01-04 15:08 - 0308672 _____ () C:\Users\R\AppData\Local\BTServer.log
2017-01-02 14:07 - 2017-01-02 14:07 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-09-02 13:10 - 2016-09-02 13:10 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
2017-02-18 23:08 - 2017-02-18 23:08 - 0426496 _____ () C:\Users\R\AppData\Local\Temp\chroma.exe
2017-02-18 23:08 - 2017-02-18 23:08 - 0522752 _____ () C:\Users\R\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-02-24 15:11
==================== Ende von FRST.txt ============================
--- --- --- Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 26-02-2017
durchgeführt von R (27-02-2017 15:51:11)
Gestartet von C:\Users\R\Desktop\Board
Windows 10 Home Version 1607 (X64) (2016-09-02 12:20:19)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2822847271-4213327418-2225454224-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2822847271-4213327418-2225454224-503 - Limited - Disabled)
Gast (S-1-5-21-2822847271-4213327418-2225454224-501 - Limited - Disabled)
R (S-1-5-21-2822847271-4213327418-2225454224-1001 - Administrator - Enabled) => C:\Users\R
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 15.09 beta (x64) (HKLM\...\7-Zip) (Version: 15.09 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.0 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{9BC93467-75D1-4AA4-BD58-D9C51D88DFAB}) (Version: 5.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Benutzerhandbücher (x32 Version: 3.0.0.3 - Lenovo) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Citavi 5 (HKLM-x32\...\{7EB278FB-0C3C-445E-8665-4A6CDD9B794E}) (Version: 5.4.0.2 - Swiss Academic Software)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0327 - DT Soft Ltd)
Dependency Package Update (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
doPDF (Version: 8.8.946 - Softland) Hidden
doPDF 8 (HKLM-x32\...\{3aba8e0f-add2-4184-a828-80ee3352c738}) (Version: 8.8.946 - Softland)
Dropbox (HKLM-x32\...\Dropbox) (Version: 20.4.19 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.21 - Lenovo)
Energy Manager (x32 Version: 1.5.0.21 - Lenovo) Hidden
EPSON BX535WD Series Printer Uninstall (HKLM\...\EPSON BX535WD Series) (Version: - SEIKO EPSON Corporation)
Epson Event Manager (HKLM-x32\...\{4B22C430-7EA8-4534-8358-376FD900B953}) (Version: 3.10.0042 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.2.0 - Genesys Logic)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
HP Officejet Pro 8610 - Grundlegende Software für das Gerät (HKLM\...\{C1586445-E3CA-45F0-A754-E6C2784CDDB7}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP Officejet Pro 8610 Hilfe (HKLM-x32\...\{2466D8D5-4856-4492-BDEF-48A640F58866}) (Version: 32.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.2.1000 - Intel Corporation)
iTunes (HKLM\...\{554C62C7-E6BB-40F1-892B-F0AE02D3C135}) (Version: 12.5.3.17 - Apple Inc.)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10269 - Realtek Semiconductor Corp.)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11103 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Motion Control (HKLM-x32\...\InstallShield_{DB34780A-6749-4AA3-A1E5-A56747EF4B04}) (Version: 2.5.1.0528 - PointGrab)
Lenovo Motion Control (x32 Version: 2.5.1.0528 - PointGrab) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.1.0.2619 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1826.01 - CyberLink Corp.)
Lenovo Photo Master (x32 Version: 1.0.1826.01 - CyberLink Corp.) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.68.3 - ELAN Microelectronic Corp.)
Lenovo Service Bridge (HKU\S-1-5-21-2822847271-4213327418-2225454224-1001\...\dda9ca0b023f4c56) (Version: 1.6.5.0 - Lenovo)
Lenovo Transition (HKLM\...\Lenovo Transition) (Version: 2.1.14.1221 - Lenovo)
Lenovo Updates (HKLM-x32\...\InstallShield_{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.1.0.61 - Lenovo)
Lenovo Updates (x32 Version: 1.1.0.61 - Lenovo) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2822847271-4213327418-2225454224-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 50.1.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 de)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
Nitro Pro 9 (HKLM\...\{4C32F7E8-A65F-4D3C-9153-9F3B57CB6872}) (Version: 9.0.5.9 - Nitro)
novaPDF 8 add-in for Microsoft Office (x64) (HKLM\...\{5DFCF6F7-EE45-4FFC-8B63-E0D5FAF9BF6B}) (Version: 8.8.946 - Softland)
novaPDF 8 add-in for Microsoft Office (x86) (HKLM-x32\...\{B1C79167-9B86-413A-9E91-97CA6BC28DC1}) (Version: 8.8.946 - Softland)
novaPDF 8 Printer Driver (HKLM\...\{45ACC237-36D7-4071-8BFE-54DA41A0EC21}) (Version: 8.8.946 - Softland)
NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Python 3.5.0 (32-bit) (HKU\S-1-5-21-2822847271-4213327418-2225454224-1001\...\{1197d2bb-6cf8-488a-b994-d5bf6d7efe7b}) (Version: 3.5.150.0 - Python Software Foundation)
Python 3.5.0 Add to Path (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Core Interpreter (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Development Libraries (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Documentation (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Executables (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Launcher (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 pip Bootstrap (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Standard Library (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Tcl/Tk Support (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Test Suite (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Utility Scripts (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden
Quake Live (HKLM\...\Steam App 282440) (Version: - id Software)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.816.818.061114 - REALTEK Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7288 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.243 - REALTEK Semiconductor Corp.)
Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.)
SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden
Spotify (HKU\S-1-5-21-2822847271-4213327418-2225454224-1001\...\Spotify) (Version: 1.0.49.125.g72ee7853 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VueScan x64 (HKLM\...\VueScan x64) (Version: - )
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows-Treiberpaket - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {02C736DA-00F1-43B3-8C05-BA531A829EAE} - System32\Tasks\doPDF Update => C:\Program Files\Softland\novaPDF 8\Driver\UpdateApplication.exe [2016-12-16] ()
Task: {06D3A8F6-C31B-4EBA-AC52-6CE923229D38} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {08C8BF41-D0CF-442A-A824-59EC9459650D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {0DA8672A-E4F5-4E6A-9BB4-C3AAF206684D} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-19] (Adobe Systems Incorporated)
Task: {0E60C671-A321-4592-993D-327045EFF8FF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {1405E33F-DDF2-4850-911B-9188D9BBF7B5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {16B95E05-1884-4AEC-BE2B-F08745E0B7D6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {1FC230C0-E3C3-45A7-BC36-5570BD3CFFE1} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-21] ()
Task: {31C0C92A-BBAC-4DA1-9CBB-8597894EF93E} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\R\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe
Task: {3C669E15-0E31-4F92-9987-06157157EF1E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {4A3A4993-40FA-48CF-B448-A907675DF010} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {4B9E12C2-440E-431F-90A9-AC37282FDD20} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {59560D0C-B7FD-43BB-AA5A-541D45A4E4A2} - System32\Tasks\DolbySelectorTask => %ProgramFiles%\Dolby Digital Plus\ddp.exe
Task: {5A81389B-094F-46AC-AE4B-722BD5CB5D22} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-30] (Google Inc.)
Task: {7675E25F-06D4-466E-9818-DA4F5EFE05FD} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-04] (Dropbox, Inc.)
Task: {78A38554-EA46-4BFD-82EA-57298991D666} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {7AB2236A-4E50-4F37-A9CF-EC8772B03E9E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {8E41AE40-6FCD-4129-8E09-70FB4B271BD1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {9F858464-806E-48F2-87F5-3C1FAABD8B8F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {9FC03051-0B9C-4570-A2DF-7679A0480BF5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {A61AC09A-9979-4A81-92A6-D188E88EF4C8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {A752261B-A133-489A-94F3-C7150BA8C5C1} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-04] (Dropbox, Inc.)
Task: {ADFFB2D8-F956-4561-8152-F9CA12658853} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {B6ABC773-3D73-4EB7-A6FB-C75BA060E023} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {C41D9323-CA0A-4768-91FB-9B04E7A65463} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-02-24] (Microsoft Corporation)
Task: {C5F83103-59FB-41C7-9FFF-943656AD9E13} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-2822847271-4213327418-2225454224-1001 => Rundll32.exe dfshim.dll,ShOpenVerbShortcut C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms
Task: {C78F2198-7A1C-4B86-B847-BDC527325BDF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {D4B1621F-8228-4DE3-9EAD-1209E84AB605} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {D71D55A2-5767-40A3-A198-19F2D73AE7B6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {E5FC8681-CC73-4708-AC89-F6EBBBCF08E9} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {F2345554-B0B0-4692-B65E-EC934AF91ECE} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {FF9F0A66-8CA3-4453-AB3D-600A205E8E9A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-30] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-14 14:21 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-10-05 18:17 - 2016-10-05 18:17 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-12-16 18:36 - 2016-12-16 18:36 - 00145696 _____ () C:\Program Files\Softland\novaPDF 8\Server\AgileDotNetRT64.dll
2014-09-24 16:29 - 2012-04-24 11:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-09-24 16:27 - 2014-09-24 16:27 - 00061200 _____ () C:\ProgramData\LenovoTransition\Server\x64\dptf.dll
2016-09-02 13:11 - 2016-12-29 14:16 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-12-14 14:21 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-05-27 14:50 - 2016-11-01 23:05 - 00401896 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-09-15 11:04 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 10:47 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 10:46 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 10:47 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 10:47 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 10:47 - 2016-12-21 07:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-11 10:47 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 10:47 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-02-22 11:38 - 2017-02-22 11:40 - 00073728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-02-22 11:38 - 2017-02-22 11:40 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-02-22 11:38 - 2017-02-22 11:40 - 42895360 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-02-06 20:27 - 2017-02-06 20:27 - 02215424 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\roottools.dll
2014-09-24 16:15 - 2013-10-01 10:09 - 00078880 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2014-09-24 16:27 - 2014-09-24 16:27 - 00294672 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe
2014-09-24 16:27 - 2014-09-24 16:27 - 00109328 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe
2014-03-26 11:50 - 2014-09-24 16:31 - 00058864 _____ () C:\Program Files (x86)\Lenovo\Energy Manager\kbdhook.dll
2013-05-09 16:58 - 2013-05-09 16:58 - 00119808 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
2017-02-24 09:43 - 2017-02-24 10:08 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-02-24 09:43 - 2017-02-24 10:08 - 21149696 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-02-24 09:43 - 2017-02-24 10:08 - 05380096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2016-06-03 09:43 - 2016-06-03 09:44 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-02-24 09:43 - 2017-02-24 10:08 - 00387584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-02-24 09:43 - 2017-02-24 10:08 - 01047552 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-03-06 15:37 - 2016-03-06 15:38 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2014-09-24 16:30 - 2014-03-24 13:44 - 00387984 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\fl_core.dll
2014-09-24 16:30 - 2014-03-24 13:44 - 01165712 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_asr.dll
2014-09-24 16:30 - 2014-03-24 13:44 - 00199056 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_base.dll
2014-09-24 16:30 - 2014-03-24 13:44 - 01132944 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_pron.dll
2014-09-24 16:30 - 2014-03-24 13:44 - 00035216 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_platform.dll
2014-09-24 16:30 - 2014-03-24 13:44 - 00229264 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\sdxg.dll
2016-02-04 21:30 - 2016-01-19 04:02 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-02-04 21:30 - 2016-01-19 04:02 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2016-02-04 21:30 - 2016-01-19 04:02 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2016-02-04 21:30 - 2016-01-19 04:02 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-02-04 21:30 - 2016-01-19 04:02 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-02-04 21:30 - 2016-01-19 04:02 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2014-05-28 11:42 - 2014-05-28 11:42 - 00013576 _____ () C:\Program Files (x86)\Lenovo\Motion Control\PointGrabDeviceAPI.dll
2014-09-24 16:27 - 2014-09-24 16:27 - 00105744 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\Config\1366\TransitionLib.dll
2014-09-24 16:27 - 2014-09-24 16:27 - 00102160 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\LUpdatePackage.dll
2017-02-26 22:08 - 2017-02-21 19:58 - 00802112 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2016-10-14 17:40 - 2017-01-25 22:03 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-10-14 17:40 - 2017-01-25 22:03 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-10-14 17:40 - 2017-01-25 22:03 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-10-14 17:40 - 2017-02-21 20:01 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-10-14 17:40 - 2017-01-25 22:03 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-02-26 22:08 - 2017-02-21 20:01 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-10-14 17:40 - 2017-01-25 22:04 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-02-26 22:08 - 2017-02-21 20:01 - 01682768 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-02-26 22:08 - 2017-02-21 20:01 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-02-26 22:08 - 2017-01-25 22:03 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-02-26 22:08 - 2017-01-25 22:04 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-02-26 22:08 - 2017-01-25 22:03 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-10-14 17:40 - 2017-01-25 22:06 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-10-14 17:40 - 2017-02-21 20:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-02-26 22:08 - 2017-02-21 20:01 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-02-26 22:08 - 2017-02-21 20:01 - 00052544 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-10-14 17:40 - 2017-01-25 22:06 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2017-02-26 22:08 - 2017-01-25 22:03 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-02-26 22:08 - 2017-01-25 22:06 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-10-14 17:40 - 2017-01-25 22:06 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-10-14 17:40 - 2017-02-21 20:01 - 00381760 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-10-14 17:40 - 2017-01-25 22:06 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-10-14 17:40 - 2017-02-21 20:01 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-10-14 17:40 - 2017-01-25 22:06 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-10-14 17:40 - 2017-01-25 22:06 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-10-14 17:40 - 2017-01-25 22:06 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-10-14 17:40 - 2017-01-25 22:06 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-10-14 17:40 - 2017-01-25 22:06 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-10-14 17:40 - 2017-01-25 22:06 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-10-14 17:40 - 2017-01-25 22:06 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-02-26 22:08 - 2017-02-21 20:01 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-02-26 22:08 - 2017-02-21 20:01 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-10-14 17:40 - 2017-01-25 22:05 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2017-02-26 22:08 - 2017-02-21 20:01 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-10-14 17:40 - 2017-01-25 22:06 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-02-26 22:08 - 2017-02-21 20:01 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-10-14 17:40 - 2017-01-25 22:04 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-02-26 22:08 - 2017-02-21 20:01 - 01972536 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-02-26 22:08 - 2017-02-21 20:01 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-02-26 22:08 - 2017-02-21 20:01 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-02-26 21:58 - 2017-02-21 20:01 - 00053072 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2016-10-14 17:40 - 2017-02-21 20:01 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-02-26 22:08 - 2017-02-21 20:01 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-02-26 22:08 - 2017-02-21 20:01 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-02-26 22:08 - 2017-02-21 20:01 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-01-24 11:53 - 2017-02-21 20:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2016-10-14 17:40 - 2017-02-21 20:01 - 00069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-01-24 11:53 - 2017-02-21 20:01 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-01-24 11:53 - 2017-02-21 20:01 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-01-24 11:53 - 2017-02-21 20:01 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2016-10-14 17:40 - 2017-01-25 22:06 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-02-26 22:08 - 2017-02-21 20:01 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2016-10-14 17:40 - 2017-02-21 20:01 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-02-26 22:08 - 2017-02-21 20:01 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-02-26 22:08 - 2017-01-25 22:01 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-02-26 22:08 - 2017-02-21 20:01 - 00033112 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2017-02-26 22:08 - 2017-01-27 03:02 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2017-02-26 22:08 - 2017-02-21 20:01 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-02-26 22:08 - 2017-01-25 22:11 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-02-26 22:08 - 2017-01-25 22:11 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-02-26 22:08 - 2017-02-21 20:01 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-02-26 22:08 - 2017-02-21 20:01 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-02-26 22:08 - 2017-02-21 20:01 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-10-14 17:40 - 2017-01-25 22:06 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-10-14 17:40 - 2017-02-21 20:01 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-02-26 22:08 - 2017-02-21 20:01 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2014-09-24 16:13 - 2013-09-04 00:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-02-27 14:49 - 2017-02-27 14:49 - 00014336 _____ () C:\Users\R\AppData\Local\Temp\WDEC223.tmp\ml_online.lng
2017-02-27 14:49 - 2017-02-27 14:49 - 00036352 _____ () C:\Users\R\AppData\Local\Temp\WDEC223.tmp\ombrowser.lng
2017-02-17 20:34 - 2017-02-17 20:34 - 22958672 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.dll
2016-04-14 22:43 - 2015-08-13 15:08 - 03544576 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\Citavi Picker\CitaviPicker.api
2016-12-23 19:10 - 2016-12-23 19:10 - 00323152 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\sqlite.dll
2016-10-01 00:36 - 2016-10-01 00:36 - 46476472 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\libcef.dll
2016-10-05 18:18 - 2016-10-05 18:18 - 01041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-09-01 17:13 - 2016-09-01 17:13 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2010-12-17 11:56 - 2010-12-17 11:56 - 02603520 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll
2013-03-07 11:53 - 2013-03-07 11:53 - 00015872 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll
2010-12-17 11:56 - 2010-12-17 11:56 - 00382464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll
2010-12-17 11:56 - 2010-12-17 11:56 - 01006592 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll
2010-01-12 15:55 - 2010-01-12 15:55 - 00322048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll
2010-01-12 15:55 - 2010-01-12 15:55 - 00400384 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll
2010-12-16 11:16 - 2010-12-16 11:16 - 00195584 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll
2010-01-17 22:34 - 2010-01-17 22:34 - 00062464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll
2013-03-07 11:55 - 2013-03-07 11:55 - 00472576 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll
2013-03-07 11:58 - 2013-03-07 11:58 - 00499488 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll
2013-03-07 11:54 - 2013-03-07 11:54 - 00013824 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll
2010-12-17 11:56 - 2010-12-17 11:56 - 09224704 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtGui4.dll
2010-12-17 11:56 - 2010-12-17 11:56 - 14978048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtWebKit4.dll
2010-12-17 11:56 - 2010-12-17 11:56 - 00317952 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\phonon4.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Windows:nlsPreferences [386]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-2822847271-4213327418-2225454224-1001\...\localhost -> localhost
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2822847271-4213327418-2225454224-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 141.2.22.74 - 141.2.149.10
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{67F39610-8F0D-417E-BCCE-0344B6366BC1}] => (Allow) C:\Program Files\VueScan\vuescan.exe
FirewallRules: [{0C562B53-4660-4B31-A162-257B87268BB2}] => (Allow) C:\Program Files\VueScan\vuescan.exe
FirewallRules: [{DA98ED3D-59FF-49F5-B17B-9F7BBFA64781}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Quake Live\quakelive_steam.exe
FirewallRules: [{D09DA87C-4FDD-4312-9ED6-795F06F8EF8B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Quake Live\quakelive_steam.exe
FirewallRules: [{505E1B5A-530C-4872-B7F8-56A3B7809F4F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{07D515A2-C9E5-4F7B-9967-79CBC2EFB1B8}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{40297C3E-A9D1-40A8-81CF-0F9E17FB7CC9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{202762A7-DF4B-4DA0-A95B-79BCF590C4D6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E35D2971-3FC0-45EA-9BCA-7AEE28C6B4DE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5D5D0EA6-72E1-4F9D-9178-11B69353ABAC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CD4D5411-F03D-4D26-A36C-467DCC038C00}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{9262A87F-E085-42A4-BB7C-D6F725067E81}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [UDP Query User{582E347E-E114-4353-9F6C-AF9D80B481E7}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{FDDC1CA7-4604-45B7-9FBF-8AE60E4E473E}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{973E3AA1-7D5E-43D9-8FF6-48A3F4AF38EA}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{DB4F7DE8-FBDF-49B6-B5F1-60A3F37B9206}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{36E77361-2462-4E74-A624-997B1AB3524D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5C4FFCC0-F16E-4450-9FC9-63018F3197CE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{1A82174E-2534-4C8C-97AE-517AD9D77F45}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{985BCDA2-8801-442C-913D-0921F0CC2D2B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{0D9656D1-210A-4F51-A3D0-0A7E1352390D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D59D00F9-7F84-4F27-8D41-8CB39F2D0587}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{18C2FF7D-A455-44D4-9B3C-5FE2E92D023E}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{FD4F165A-FDA5-4A31-84E2-F418C16E04B9}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{1D99FE20-0FE4-4C9F-906C-4FA08169E667}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{8D7FC226-81E6-47C9-9914-3CD3C3CAA876}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoPlus.exe
FirewallRules: [{C323D5C6-CB70-48C5-BA8E-512239A03A03}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe
FirewallRules: [{E8E8CCCB-F22A-48E0-A7E9-F8BD685F72E6}] => (Allow) LPort=55100
FirewallRules: [{0B3492D9-41CE-471C-8A29-66FD2832F5DA}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe
FirewallRules: [{E42777AD-2818-4BB1-B066-C4743F73C6A7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CEA70514-EB5E-44C7-937C-44E2BD544434}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3EAE1E0E-4553-405A-90AA-FA8A32C497AD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2C491B58-FFE7-4BB2-A2DC-1B53228F5FE4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{DDDE4CB3-4CA5-4C5B-8310-51A6E4EF60D8}C:\users\r\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\r\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{E441D7CF-148A-4273-8F5B-74AC9BB56ABA}C:\users\r\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\r\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{53213FA2-F156-47C6-84D0-23188D85E6B2}C:\users\r\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\r\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{F59F0D77-42A2-4D29-A7F7-8608A8BE9242}C:\users\r\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\r\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{B1332849-2577-48CA-A117-CEA81E73AAFC}C:\program files\windowsapps\xbmcfoundation.kodi_16.9.808.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_16.9.808.0_x86__4n2hpmxwrvr6p\kodi.exe
FirewallRules: [UDP Query User{A537FDFB-59DB-4169-B7D2-487130A0831D}C:\program files\windowsapps\xbmcfoundation.kodi_16.9.808.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_16.9.808.0_x86__4n2hpmxwrvr6p\kodi.exe
FirewallRules: [{65E2E2AD-4E92-4CC9-B0DB-DC212FAC3E37}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{DBD9995B-1524-46D3-9005-EE2D462256D8}C:\program files\windowsapps\xbmcfoundation.kodi_16.9.902.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Block) C:\program files\windowsapps\xbmcfoundation.kodi_16.9.902.0_x86__4n2hpmxwrvr6p\kodi.exe
FirewallRules: [UDP Query User{DCBA810E-F53C-45D3-AF14-D34C78BB21B9}C:\program files\windowsapps\xbmcfoundation.kodi_16.9.902.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Block) C:\program files\windowsapps\xbmcfoundation.kodi_16.9.902.0_x86__4n2hpmxwrvr6p\kodi.exe
FirewallRules: [{016FD575-03E4-4D2D-8B9C-426F940B8968}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\FaxApplications.exe
FirewallRules: [{C69A7583-3937-4388-BF19-8F1C9DA8427F}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\DigitalWizards.exe
FirewallRules: [{5406A824-5E0A-4656-8EB4-463D8AC62758}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\SendAFax.exe
FirewallRules: [{068FD20F-41CD-4117-BBAB-C3EBE401D123}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\Bin\DeviceSetup.exe
FirewallRules: [{DFE34A77-325D-4624-9344-A3B6E10E861A}] => (Allow) LPort=5357
FirewallRules: [{01476180-2F90-4604-82B5-16136F3D8186}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User{D6710DF4-F32B-4B43-BD3F-23380F390B6F}C:\program files\windowsapps\xbmcfoundation.kodi_16.9.903.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_16.9.903.0_x86__4n2hpmxwrvr6p\kodi.exe
FirewallRules: [UDP Query User{1C65C945-372A-4CD3-97F1-2A5A2ECC502E}C:\program files\windowsapps\xbmcfoundation.kodi_16.9.903.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_16.9.903.0_x86__4n2hpmxwrvr6p\kodi.exe
FirewallRules: [TCP Query User{CBB029A7-1AE0-462B-BA3C-779246A50ADD}C:\program files\windowsapps\xbmcfoundation.kodi_16.9.905.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_16.9.905.0_x86__4n2hpmxwrvr6p\kodi.exe
FirewallRules: [UDP Query User{4EDC3E5B-49A9-447E-BACA-746A9B597FFC}C:\program files\windowsapps\xbmcfoundation.kodi_16.9.905.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_16.9.905.0_x86__4n2hpmxwrvr6p\kodi.exe
FirewallRules: [{EA09B50D-5F3A-40E0-8676-80AD3085B967}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{4C86B09F-4785-42EA-B382-6D0BBA003C45}C:\program files\windowsapps\xbmcfoundation.kodi_17.0.0.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.0.0.0_x86__4n2hpmxwrvr6p\kodi.exe
FirewallRules: [UDP Query User{2A0D5C34-2454-48DC-815F-89397C6CB596}C:\program files\windowsapps\xbmcfoundation.kodi_17.0.0.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.0.0.0_x86__4n2hpmxwrvr6p\kodi.exe
FirewallRules: [{8B71435B-6401-45D4-B1E6-F727B321F43F}] => (Allow) LPort=8501
FirewallRules: [{6F3B6F74-AFE0-411C-8A2B-1B018E514628}] => (Allow) LPort=8501
FirewallRules: [{3705C08B-7D6F-459C-95EE-570965E78386}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
==================== Wiederherstellungspunkte =========================
24-02-2017 13:12:10 Windows Update
24-02-2017 15:27:27 chip 1-click download service wurde entfernt.
24-02-2017 15:29:03 Removed Bonjour
26-02-2017 22:29:28 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/26/2017 10:29:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (02/26/2017 09:58:13 PM) (Source: DbxSvc) (EventID: 270) (User: )
Description: (-2145452013) Der angegebene Filter wurde nicht gefunden.
Error: (02/24/2017 05:39:56 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: Event-ID 1
Error: (02/24/2017 03:55:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 10.0.14393.479, Zeitstempel: 0x58258a90
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.479, Zeitstempel: 0x5825887f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002e8ea
ID des fehlerhaften Prozesses: 0x1984
Startzeit der fehlerhaften Anwendung: 0x01d28ea437c5bcbc
Pfad der fehlerhaften Anwendung: C:\WINDOWS\Explorer.EXE
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: d205e651-ce32-4b2e-82be-6e0ceb880aa3
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (02/24/2017 03:34:31 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.
Vorgang:
Asynchroner Vorgang wird ausgeführt
Kontext:
Aktueller Status: DoSnapshotSet
Error: (02/24/2017 03:34:17 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (02/24/2017 03:33:29 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.
Vorgang:
Asynchroner Vorgang wird ausgeführt
Kontext:
Aktueller Status: DoSnapshotSet
Error: (02/24/2017 03:33:15 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (02/24/2017 03:31:50 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.
Vorgang:
Asynchroner Vorgang wird ausgeführt
Kontext:
Aktueller Status: DoSnapshotSet
Error: (02/24/2017 03:31:36 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Systemfehler:
=============
Error: (02/27/2017 02:44:39 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (02/27/2017 02:44:06 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (02/27/2017 02:43:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/27/2017 02:43:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/27/2017 02:43:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/27/2017 02:43:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/27/2017 02:43:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "LUService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/27/2017 02:43:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NitroPDFDriverCreatorReadSpool9" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/27/2017 02:43:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Lenovo System Agent Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/27/2017 02:43:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PGService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===================================
Date: 2017-02-27 13:12:09.469
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\nvltwu.inf_amd64_dc8ffafad3ea7ddd\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-27 13:12:09.410
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-24 15:11:41.968
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\nvltwu.inf_amd64_dc8ffafad3ea7ddd\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-24 15:11:41.917
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz
Prozentuale Nutzung des RAM: 33%
Installierter physikalischer RAM: 8100.01 MB
Verfügbarer physikalischer RAM: 5422.14 MB
Summe virtueller Speicher: 9380.01 MB
Verfügbarer virtueller Speicher: 6484.43 MB
==================== Laufwerke ================================
Drive c: (Windows8_OS) (Fixed) (Total:195.08 GB) (Free:83.46 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:12.49 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: DF1574A2)
Partition: GPT.
==================== Ende von Addition.txt ============================
Gruß,
Highrize |
Malwarebytes Anti-Malware 
SecurityCheck und: