|
Plagegeister aller Art und deren Bekämpfung: Windows 8.1 Metro-Apps starten minimiertWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
10.08.2015, 14:56 | #1 |
| Windows 8.1 Metro-Apps starten minimiert Hallo nochmal, ich habe ein Problem und zwar das seit etwa 3 Wochen meine Metro-Apps nur noch minimiert starten und sich nicht maximieren lassen. Ausser der Store und die PC-Einstellungen, die ich wie auch immer repariert habe. App-Troubleshooter o.ä habe ich schon verwendet. Jetzt wollte ich wissen, ob ich vielleicht einen Virus o.ä. habe. Meine Treiber sind aktuell. Mein System: Windows 8.1 64bit Hardware: AMD Dualcore Prozessor E1-2500(1.4 GHz) AMD Radeon HD 8240 mit 512 mb Grafikspeicher 15.6 Zoll HD LED LCD Display 4GB RAM HDD Festplatte mit 500GB |
10.08.2015, 15:08 | #2 |
/// the machine /// TB-Ausbilder | Windows 8.1 Metro-Apps starten minimiert hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
10.08.2015, 16:04 | #3 |
| Windows 8.1 Metro-Apps starten minimiert FRST.txt:
__________________FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:09-08-2015 durchgeführt von hendrik_2002 (Administrator) auf ARBEITSRECHNER (10-08-2015 16:54:04) Gestartet von C:\Users\hendr_000\Desktop Geladene Profile: hendrik_2002 (Verfügbare Profile: hendrik_2002 & Dirk & Niklas Steinmetz & Administrator) Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe (Apple Inc.) C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe (IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (IObit) C:\Program Files (x86)\IObit\iFreeUp\iFreeUpMini.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe ==================== Registry (Nicht auf der Ausnahmeliste) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation) HKLM-x32\...\Run: [iFreeUp] => C:\Program Files (x86)\IObit\iFreeUp\iFreeUpMini.exe [470304 2015-03-31] (IObit) HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2429728 2015-04-08] (IObit) HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd) ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Keine Datei ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Keine Datei ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Keine Datei ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Keine Datei ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Keine Datei ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Keine Datei ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ACHTUNG HKU\S-1-5-21-532561150-3242956754-1626305917-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ACHTUNG HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-532561150-3242956754-1626305917-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.msn.com/de-de/?pc=UP97&ocid=UP97DHP hxxp://www.google.com SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-532561150-3242956754-1626305917-1001 -> URL hxxp://search.conduit.com/Results.aspx?ctid=CT3323878&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPF4C30013-DBA8-4203-9422-5B83732DCF2E&q={searchTerms}&SSPV= SearchScopes: HKU\S-1-5-21-532561150-3242956754-1626305917-1001 -> SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms} SearchScopes: HKU\S-1-5-21-532561150-3242956754-1626305917-1001 -> {36A2063E-A8A8-41E0-B063-C2945B3B3AA1} URL = BHO: Kein Name -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> Keine Datei BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-06-09] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-21] (Oracle Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-21] (Oracle Corporation) BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2015-04-01] (IObit) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation) Tcpip\..\Interfaces\{0186D2C8-01F4-4F66-A6D2-3A87F13D817A}: [DhcpNameServer] 192.168.1.1 StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\hendr_000\AppData\Roaming\Mozilla\Firefox\Profiles\a42jhbp7.default-1396422616735 FF SelectedSearchEngine: Yahoo! FF Homepage: about:home FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-20] () FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-21] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-21] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-20] () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-01-26] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-21] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-21] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-532561150-3242956754-1626305917-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-06-20] () FF user.js: detected! => C:\Users\hendr_000\AppData\Roaming\Mozilla\Firefox\Profiles\a42jhbp7.default-1396422616735\user.js [2015-06-30] FF Extension: Advanced SystemCare Surfing Protection - C:\Users\hendr_000\AppData\Roaming\Mozilla\Firefox\Profiles\a42jhbp7.default-1396422616735\Extensions\iobitascsurfingprotection@iobit.com [2015-06-30] FF Extension: Kein Name - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-05-27] FF Extension: Kein Name - C:\Users\hendr_000\AppData\Roaming\Mozilla\Firefox\Profiles\a42jhbp7.default-1396422616735\extensions\amazon-icon@giga.de [nicht gefunden] StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Firefox Developer Edition\firefox.exe Chrome: ======= CHR Profile: C:\Users\hendr_000\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Adblock Plus) - C:\Users\hendr_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-06-06] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\hendr_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14] CHR Extension: (Chrome Web Store Payments) - C:\Users\hendr_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-22] CHR Extension: (Adblock Pro) - C:\Users\hendr_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2015-06-06] CHR Extension: (uMatrix) - C:\Users\hendr_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfcmafjalglgifnmanfmnieipoejdcf [2015-04-20] CHR Extension: (Chrome Apps & Extensions Developer Tool) - C:\Users\hendr_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohmmkhmmmpcnpikjeljgnaoabkaalbgc [2015-06-06] CHR HKU\S-1-5-21-532561150-3242956754-1626305917-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fkkcgfbgohboipdhliafmacjnhjbhmim] - https://clients2.google.com/service/update2/crx Opera: ======= StartMenuInternet: (HKU\S-1-5-21-532561150-3242956754-1626305917-1001) OperaStable - "C:\Users\hendr_000\AppData\Local\Programs\Opera\Launcher.exe" ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-02-04] (Adobe Systems) [Datei ist nicht signiert] R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [814880 2015-04-03] (IObit) S4 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-03-17] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert] S4 Apache2.4; C:\xampp\apache\bin\httpd.exe [22016 2014-07-17] (Apache Software Foundation) [Datei ist nicht signiert] R2 Bonjour Service; C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe [384512 2015-07-21] (Apple Inc.) [Datei ist nicht signiert] S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation) S4 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-27] (Acer Incorporated) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2753720 2015-07-01] (Microsoft Corporation) S4 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2015\DfsdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany) [Datei ist nicht signiert] R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21744 2015-07-09] (Microsoft Corporation) R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-08-09] (IObit) S4 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.) S4 metasploitPostgreSQL; C:\metasploit\postgresql\bin\pg_ctl.exe [76288 2015-03-04] (PostgreSQL Global Development Group) [Datei ist nicht signiert] S4 metasploitProSvc; C:\metasploit\ruby\bin\ruby.exe [107178 2015-03-04] (hxxp://www.ruby-lang.org/) [Datei ist nicht signiert] S4 metasploitThin; C:\metasploit\ruby\bin\ruby.exe [107178 2015-03-04] (hxxp://www.ruby-lang.org/) [Datei ist nicht signiert] S4 metasploitWorker; C:\metasploit\ruby\bin\ruby.exe [107178 2015-03-04] (hxxp://www.ruby-lang.org/) [Datei ist nicht signiert] S4 mysql; C:\xampp\mysql\bin\mysqld.exe [10982912 2014-07-18] () [Datei ist nicht signiert] S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [Datei ist nicht signiert] S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [Datei ist nicht signiert] S3 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2015-06-22] () S4 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia) S4 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia) S3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Mister Group) S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [134656 2015-07-09] (Microsoft Corporation) [Datei ist nicht signiert] S4 Tomcat7; C:\xampp\tomcat\bin\tomcat7.exe [80896 2013-07-02] (Apache Software Foundation) [Datei ist nicht signiert] S4 vncserver; C:\Program Files\RealVNC\VNC Server\vncservice.exe [639808 2015-01-28] (RealVNC Ltd) S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-07] (Microsoft Corporation) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.) R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4265984 2014-12-11] (Qualcomm Atheros Communications, Inc.) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-12-21] (Advanced Micro Devices) S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-04-15] (Qualcomm Atheros) R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation) R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-03-30] (LogMeIn Inc.) S3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated) R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2014-08-19] (Riverbed Technology, Inc.) S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia) S3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated) R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation) S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16056 2015-08-07] (SlimWare Utilities, Inc.) R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-07-09] (Oracle Corporation) R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [146072 2015-07-09] (Oracle Corporation) R0 vsock; C:\Windows\System32\drivers\vsock.sys [76480 2015-05-21] (VMware, Inc.) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-08-10 16:54 - 2015-08-10 16:55 - 00017135 _____ C:\Users\hendr_000\Desktop\FRST.txt 2015-08-10 16:53 - 2015-08-10 16:53 - 02171392 _____ (Farbar) C:\Users\hendr_000\Desktop\FRST64.exe 2015-08-10 16:53 - 2015-08-10 16:53 - 00000000 ____D C:\Users\hendr_000\Desktop\FRST-OlderVersion 2015-08-10 15:57 - 2015-08-10 15:57 - 00000000 ____D C:\Users\hendr_000\Downloads\metasploitable-linux-2.0.0 2015-08-10 15:53 - 2015-08-10 15:53 - 00000000 ____D C:\Users\hendr_000\AppData\Local\Xamarin 2015-08-10 15:53 - 2015-08-10 15:53 - 00000000 ____D C:\ProgramData\MonoTouch 2015-08-10 15:53 - 2015-08-10 15:53 - 00000000 ____D C:\ProgramData\Mono for Android 2015-08-09 22:25 - 2015-08-09 22:25 - 00001894 _____ C:\Users\hendr_000\Desktop\VS 2015.lnk 2015-08-09 22:14 - 2015-08-09 22:14 - 00016422 _____ C:\Windows\PFRO.log 2015-08-09 21:59 - 2015-08-10 16:14 - 00000000 ____D C:\Users\hendr_000\Documents\Visual Studio 2015 2015-08-09 21:55 - 2015-08-09 21:55 - 00000000 ____D C:\Program Files (x86)\Xamarin 2015-08-09 21:54 - 2015-08-09 21:55 - 00000000 ____D C:\ProgramData\Monodoc 2015-08-09 20:42 - 2015-08-09 20:42 - 00000000 ____D C:\Program Files\Application Verifier 2015-08-09 20:42 - 2015-08-09 20:42 - 00000000 ____D C:\Program Files (x86)\Application Verifier 2015-08-09 20:41 - 2015-08-09 20:41 - 00000000 ____D C:\ProgramData\Windows App Certification Kit 2015-08-09 20:27 - 2015-08-09 20:27 - 00000000 ____D C:\Program Files (x86)\AppInsights 2015-08-09 20:26 - 2015-08-09 20:26 - 00000000 ____D C:\ProgramData\NuGet 2015-08-09 20:26 - 2015-08-09 20:26 - 00000000 ____D C:\Program Files (x86)\NuGet 2015-08-09 19:56 - 2015-08-09 19:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android SDK Tools 2015-08-09 19:54 - 2015-08-09 19:54 - 00000000 ____D C:\Program Files (x86)\Android 2015-08-09 19:50 - 2015-08-09 19:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 8.0 2015-08-09 19:43 - 2015-08-09 19:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 5 SDK - Deutsch 2015-08-09 19:39 - 2015-08-09 19:39 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition 2015-08-09 19:30 - 2015-08-09 20:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits 2015-08-09 19:29 - 2015-08-09 19:29 - 00000000 ____D C:\ProgramData\PreEmptive Solutions 2015-08-09 19:28 - 2015-08-09 19:28 - 00000000 ____D C:\Program Files (x86)\ShellDir 2015-08-09 19:21 - 2015-08-09 19:21 - 00000000 ____D C:\ProgramData\Microsoft DNX 2015-08-09 19:21 - 2015-08-09 19:21 - 00000000 ____D C:\Program Files\Microsoft DNX 2015-08-09 19:08 - 2015-08-09 19:16 - 00000000 ____D C:\Program Files (x86)\Microsoft Web Tools 2015-08-09 19:08 - 2015-08-09 19:08 - 00000000 ____D C:\Users\Administrator\Documents\ManageYourLife 1.0.0 2015-08-09 19:05 - 2015-08-09 19:05 - 00000000 ____D C:\Program Files\IIS Express 2015-08-09 19:05 - 2015-08-09 19:05 - 00000000 ____D C:\Program Files (x86)\IIS Express 2015-08-09 19:03 - 2015-08-09 19:03 - 00000000 ____D C:\Program Files (x86)\Microsoft Office365 Tools 2015-08-09 19:01 - 2015-08-09 19:01 - 00000000 ____D C:\Program Files (x86)\Microsoft WCF Data Services 2015-08-09 18:58 - 2015-08-09 18:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression 2015-08-09 18:56 - 2015-08-09 18:56 - 00001536 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2015.lnk 2015-08-09 18:53 - 2015-08-09 18:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 8.1 2015-08-09 18:53 - 2015-08-09 18:53 - 00000000 ____D C:\Program Files (x86)\Windows Phone Silverlight Kits 2015-08-09 18:52 - 2015-08-09 19:50 - 00000000 ____D C:\Program Files (x86)\Windows Phone Kits 2015-08-09 18:52 - 2015-08-09 19:48 - 00000000 ____D C:\Program Files (x86)\Microsoft XDE 2015-08-09 18:48 - 2015-08-09 18:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012 2015-08-09 18:40 - 2015-08-09 18:40 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 12.0 2015-08-09 18:40 - 2015-08-09 18:40 - 00000000 ____D C:\Program Files (x86)\HTML Help Workshop 2015-08-09 18:30 - 2015-08-09 18:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015 2015-08-09 18:27 - 2015-08-09 18:27 - 00000000 ____D C:\Windows\symbols 2015-08-09 18:22 - 2015-08-09 19:40 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server 2015-08-09 18:22 - 2015-08-09 18:35 - 00000000 ____D C:\Windows\SysWOW64\1031 2015-08-09 18:22 - 2015-08-09 18:26 - 00000000 ____D C:\Windows\system32\1033 2015-08-09 18:22 - 2015-08-09 18:22 - 00001537 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015.lnk 2015-08-09 18:22 - 2015-08-09 18:22 - 00000000 ____D C:\Windows\SysWOW64\1033 2015-08-09 18:12 - 2015-08-10 15:42 - 00001022 _____ C:\Windows\setupact.log 2015-08-09 18:12 - 2015-08-09 21:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 14.0 2015-08-09 18:12 - 2015-08-09 18:22 - 00000000 ____D C:\Windows\system32\1031 2015-08-09 18:12 - 2015-08-09 18:12 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 14.0 2015-08-09 18:12 - 2015-08-09 18:12 - 00000000 _____ C:\Windows\setuperr.log 2015-08-09 17:57 - 2015-06-22 08:31 - 00027840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll 2015-08-09 17:56 - 2015-06-22 08:30 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll 2015-08-09 17:54 - 2015-08-09 17:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iFreeUp 2015-08-09 17:47 - 2015-08-09 17:47 - 64294912 _____ C:\Windows\system32\config\COMPONENTS.iobit 2015-08-09 17:47 - 2015-08-09 17:47 - 05189632 _____ C:\Windows\system32\config\DRIVERS.iobit 2015-08-09 17:32 - 2015-06-04 15:28 - 00961192 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll 2015-08-09 17:32 - 2015-06-04 15:28 - 00062304 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:28 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:28 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:28 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:28 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:28 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:28 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:28 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:28 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:28 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:28 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:28 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:28 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:28 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:28 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00883712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00064352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2015-08-09 17:24 - 2015-08-09 17:43 - 873116238 _____ C:\Users\hendr_000\Downloads\metasploitable-linux-2.0.0.zip 2015-08-09 17:23 - 2015-08-10 15:46 - 00000000 ____D C:\ProgramData\VsTelemetry 2015-08-09 17:23 - 2015-08-09 17:23 - 03099760 _____ (Microsoft Corporation) C:\Users\hendr_000\Downloads\vs_community.exe 2015-08-08 19:48 - 2015-08-08 19:48 - 00000000 ____D C:\Program Files\Registrar Registry Manager 2015-08-08 19:45 - 2015-08-08 19:45 - 05032752 _____ (Resplendence Software Projects Sp. ) C:\Users\hendr_000\Downloads\RegistrarHomeV7.exe 2015-08-08 18:39 - 2015-08-09 19:24 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET 2015-08-08 18:39 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-08-08 18:39 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-08-08 18:39 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-08-08 18:39 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-08-08 18:39 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-08-08 18:39 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-08-08 18:39 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-08-08 18:39 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-08-08 18:39 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-08-08 18:39 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-08-08 18:39 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2015-08-08 18:39 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-08-08 18:39 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-08-08 18:39 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-08-08 18:39 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-08-08 18:39 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-08-08 18:39 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-08-08 18:38 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2015-08-08 18:38 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-08-07 17:20 - 2015-08-07 17:20 - 00052736 _____ C:\Users\hendr_000\Desktop\CopyBootLog.exe 2015-08-07 15:41 - 2015-08-07 15:41 - 00000000 ____D C:\Users\hendr_000\Downloads\geek_13346 2015-08-07 14:07 - 2015-08-07 14:07 - 00000000 ____D C:\Users\hendr_000\Downloads\gcc-5.1.0 2015-08-06 20:42 - 2015-08-06 20:42 - 01188200 _____ (Uniblue Systems Limited ) C:\Users\hendr_000\Downloads\pcmechanicpm.exe 2015-08-06 19:46 - 2015-08-06 20:38 - 00075139 _____ C:\Users\hendr_000\Desktop\Storereparatur.log 2015-08-06 18:26 - 2015-08-06 18:26 - 00000000 ____D C:\RefreshImage 2015-08-02 14:06 - 2015-08-02 14:07 - 07407166 _____ C:\Users\hendr_000\Downloads\AdventureMap ZeFlu.zip 2015-08-01 11:12 - 2015-08-01 11:12 - 00000440 _____ C:\Users\hendr_000\Downloads\App-Fix.zip 2015-08-01 11:00 - 2015-08-01 11:00 - 00000000 ____D C:\Windows\SysWOW64\RTCOM 2015-08-01 10:59 - 2015-08-01 10:59 - 00000000 ____D C:\Program Files\Realtek 2015-08-01 10:58 - 2000-01-01 02:00 - 05804772 _____ C:\Windows\system32\Drivers\rtvienna.dat 2015-08-01 10:58 - 2000-01-01 02:00 - 04460760 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys 2015-08-01 10:58 - 2000-01-01 02:00 - 03262184 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 02907864 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 02702040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl 2015-08-01 10:58 - 2000-01-01 02:00 - 02162992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 01413776 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 01104040 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00943784 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00856992 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00837776 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00734376 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00654480 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00544400 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.DLL 2015-08-01 10:58 - 2000-01-01 02:00 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00454288 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00435344 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00369296 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00329360 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00329360 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00250536 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00213432 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaemaxapo64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 72113152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat 2015-08-01 10:57 - 2000-01-01 02:00 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 05706688 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV2apo.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 03218800 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 02847448 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 02532056 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 02036495 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT 2015-08-01 10:57 - 2000-01-01 02:00 - 01739992 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 01316056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 00631000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 00168816 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 14048512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 12975360 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 12834736 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO4064.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 05234952 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 02789808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO7064.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 01499984 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 01365768 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 01313904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 01136728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 00995120 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 00979280 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 00922880 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 07087448 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 06242576 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 03182104 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 01939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 01933584 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 01559744 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00336144 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00328816 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00284944 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00096568 _____ C:\Windows\system32\audioLibVc.dll 2015-08-01 10:54 - 2000-01-01 02:00 - 00560328 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll 2015-08-01 10:54 - 2000-01-01 02:00 - 00109848 _____ C:\Windows\system32\AcpiServiceVnA64.dll 2015-07-31 17:00 - 2015-07-31 17:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved 2015-07-31 16:59 - 2015-08-01 10:52 - 00000000 ____D C:\Users\hendr_000\AppData\Roaming\Raptr 2015-07-31 16:59 - 2015-07-31 17:00 - 00000000 ____D C:\Program Files (x86)\Raptr 2015-07-31 16:49 - 2015-07-31 16:51 - 00192816 _____ C:\Users\hendr_000\Downloads\raptr_installer.exe 2015-07-31 14:18 - 2015-08-06 19:03 - 00004270 _____ C:\Users\hendr_000\Desktop\FixMetro.cmd 2015-07-31 10:17 - 2015-07-31 10:17 - 00000308 _____ C:\Users\hendr_000\Desktop\MetroTwit.appref-ms 2015-07-31 10:17 - 2015-07-31 10:17 - 00000000 ____D C:\Users\hendr_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pixel Tucker Pty Ltd 2015-07-30 19:07 - 2015-07-30 20:49 - 2147484783 _____ C:\Users\hendr_000\Downloads\kali-linux-1.1.0a-i386.iso 2015-07-29 20:55 - 2015-07-29 20:58 - 19302676 _____ C:\Users\hendr_000\Downloads\CommunityShowcaseNaturalLandscapes3.themepack 2015-07-29 20:48 - 2015-07-29 20:48 - 00536906 _____ C:\Users\hendr_000\Downloads\apps.diagcab 2015-07-29 20:48 - 2015-07-29 20:48 - 00423962 _____ C:\Users\hendr_000\Downloads\AppsDiagnostic.diagcab 2015-07-29 17:25 - 2013-06-18 15:12 - 00090304 _____ (Sysinternals) C:\Windows\system32\strings.exe 2015-07-29 17:24 - 2013-06-18 15:12 - 00090304 _____ (Sysinternals) C:\Users\hendr_000\Downloads\strings.exe 2015-07-29 17:23 - 2015-07-29 17:23 - 00050298 _____ C:\Users\hendr_000\Downloads\Strings.zip 2015-07-29 17:13 - 2015-07-29 17:13 - 00000000 ____D C:\Users\hendr_000\AppData\Local\GWX 2015-07-29 17:12 - 2015-07-29 17:12 - 00000000 ____D C:\Users\hendr_000\Downloads\win10fix_full_german.bat_ 2015-07-29 17:11 - 2015-07-29 17:11 - 00002929 _____ C:\Users\hendr_000\Downloads\win10fix_full_german.bat_.zip 2015-07-29 16:55 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll 2015-07-29 16:55 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll 2015-07-29 16:54 - 2015-06-09 20:27 - 00411133 _____ C:\Windows\system32\ApnDatabase.xml 2015-07-29 16:53 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2015-07-29 16:53 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll 2015-07-29 16:53 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll 2015-07-29 16:52 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2015-07-29 16:52 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2015-07-29 16:52 - 2015-06-10 00:39 - 00081920 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS 2015-07-29 16:52 - 2015-06-10 00:39 - 00053248 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys 2015-07-29 16:52 - 2015-06-10 00:38 - 01201664 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys 2015-07-28 16:43 - 2015-07-28 16:43 - 00001011 _____ C:\Users\hendr_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FastCopy.lnk 2015-07-28 16:43 - 2015-07-28 16:43 - 00000981 _____ C:\Users\hendr_000\Desktop\FastCopy.lnk 2015-07-28 16:43 - 2015-07-28 16:43 - 00000000 ____D C:\Users\hendr_000\AppData\Roaming\FastCopy 2015-07-28 16:43 - 2015-07-28 16:43 - 00000000 ____D C:\Program Files\FastCopy 2015-07-27 18:36 - 2015-07-27 18:37 - 04954736 _____ (Microsoft Corporation) C:\Users\hendr_000\Downloads\WindowsSetupBox.exe 2015-07-27 18:10 - 2015-07-27 18:10 - 00060965 _____ C:\Users\hendr_000\Downloads\pkeyuibx_v1.5.0.zip 2015-07-27 18:08 - 2015-07-27 18:08 - 01198368 _____ C:\Users\hendr_000\Downloads\Windows Product Key Viewer - CHIP-Installer.exe 2015-07-27 18:02 - 2015-07-27 18:02 - 01198368 _____ C:\Users\hendr_000\Downloads\Windows 8 1 Setup Tool - CHIP-Installer.exe 2015-07-26 17:15 - 2015-07-26 17:15 - 00000000 ____D C:\Users\hendr_000\Downloads\rawwritewin-0.7 2015-07-26 16:33 - 2015-07-26 16:33 - 00000000 ____D C:\Users\hendr_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++ 2015-07-26 16:30 - 2015-07-26 17:14 - 00000000 ____D C:\Users\hendr_000\Desktop\ownOS 2015-07-26 16:27 - 2015-07-26 16:27 - 00214786 _____ C:\Users\hendr_000\Downloads\rawwritewin-0.7.zip 2015-07-26 16:27 - 2015-07-26 16:27 - 00000000 ____D C:\rawrite 2015-07-26 16:24 - 2015-07-26 16:25 - 00000000 ____D C:\NASM 2.11.08 2015-07-26 16:23 - 2015-07-26 16:23 - 00802892 _____ C:\Users\hendr_000\Downloads\nasm-2.11.08-installer.exe 2015-07-26 16:21 - 2015-07-26 16:22 - 01398894 _____ C:\Users\hendr_000\Downloads\nasm-2.11.08.zip 2015-07-25 21:07 - 2015-07-25 21:41 - 00428047 _____ C:\Users\hendr_000\Desktop\FastCopy211_x64.zip 2015-07-25 21:07 - 2015-07-25 21:07 - 00427277 _____ C:\Windows\SysWOW64\FastCopy211_x64.zip 2015-07-25 21:05 - 2015-07-25 21:05 - 00516664 _____ ( ) C:\Users\hendr_000\Downloads\FastCopy211_x64_CB-DL-Manager.exe 2015-07-25 16:55 - 2015-07-25 16:55 - 00000000 _____ C:\Windows\SysWOW64\InstallLocation 2015-07-24 14:03 - 2015-07-24 14:03 - 00000000 ____D C:\Users\hendr_000\AppData\Local\Steam 2015-07-24 14:03 - 2015-07-24 14:03 - 00000000 ____D C:\Users\hendr_000\AppData\Local\CEF 2015-07-23 19:02 - 2015-07-31 10:26 - 00000000 ____D C:\Program Files (x86)\Steam 2015-07-23 19:02 - 2015-07-23 19:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2015-07-23 19:00 - 2015-07-23 19:01 - 01476720 _____ C:\Users\hendr_000\Downloads\SteamSetup.exe 2015-07-23 18:25 - 2015-07-23 18:35 - 606076928 _____ C:\Users\hendr_000\Downloads\ubuntu-14.04.2-server-i386.iso 2015-07-23 18:21 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-07-23 18:10 - 2015-07-23 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox 2015-07-23 18:10 - 2015-07-23 18:10 - 00000000 ____D C:\Program Files\Oracle 2015-07-23 18:10 - 2015-07-09 12:09 - 00958736 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys 2015-07-23 18:10 - 2015-07-09 12:09 - 00138904 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys 2015-07-21 14:11 - 2015-06-25 04:31 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-07-21 14:10 - 2015-06-16 00:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe 2015-07-21 14:10 - 2015-06-16 00:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2015-07-21 14:10 - 2015-06-15 23:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe 2015-07-21 14:10 - 2015-06-15 23:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2015-07-21 14:10 - 2015-06-15 22:50 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2015-07-21 14:10 - 2015-06-15 21:57 - 02460160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2015-07-21 14:09 - 2015-06-28 07:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-07-21 14:09 - 2015-06-28 07:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-07-21 14:09 - 2015-06-28 07:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2015-07-21 14:09 - 2015-06-28 07:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-07-21 14:09 - 2015-06-27 18:42 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2015-07-21 14:09 - 2015-06-27 05:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2015-07-21 14:09 - 2015-06-27 05:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2015-07-21 14:09 - 2015-06-27 05:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2015-07-21 14:09 - 2015-06-27 04:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2015-07-21 14:09 - 2015-06-27 04:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-07-21 14:09 - 2015-06-27 04:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-07-21 14:09 - 2015-06-27 03:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2015-07-21 14:09 - 2015-06-27 03:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-07-21 14:07 - 2015-07-09 20:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-07-21 14:07 - 2015-06-27 05:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-07-21 14:07 - 2015-06-27 05:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-07-21 14:07 - 2015-06-27 04:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-07-21 14:07 - 2015-05-30 23:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll 2015-07-21 14:07 - 2015-05-30 21:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll 2015-07-21 14:07 - 2015-05-30 21:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2015-07-21 12:56 - 2015-07-02 00:08 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-07-21 12:56 - 2015-07-01 23:14 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-07-21 12:55 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-07-21 12:55 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-07-21 12:53 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-07-21 12:52 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-07-21 12:52 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-07-21 12:52 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-07-21 12:52 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-07-21 12:52 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-07-21 12:51 - 2015-06-16 00:39 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-07-21 12:51 - 2015-06-16 00:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-07-21 12:51 - 2015-06-16 00:26 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-07-21 12:51 - 2015-06-16 00:24 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-07-21 12:51 - 2015-06-16 00:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2015-07-21 12:51 - 2015-06-15 23:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-07-21 12:51 - 2015-06-15 23:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-07-21 12:51 - 2015-06-15 23:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2015-07-21 12:51 - 2015-06-15 23:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-07-21 12:51 - 2015-06-15 23:49 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2015-07-21 12:51 - 2015-06-15 23:41 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-07-21 12:51 - 2015-06-15 23:38 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-07-21 12:51 - 2015-06-15 23:36 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-07-21 12:51 - 2015-06-15 23:17 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2015-07-21 12:51 - 2015-06-15 23:16 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-07-21 12:51 - 2015-06-15 23:15 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-07-21 12:51 - 2015-06-15 23:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-07-21 12:51 - 2015-06-15 23:04 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-07-21 12:51 - 2015-06-15 23:03 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-07-21 12:51 - 2015-06-15 22:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-07-21 12:51 - 2015-06-15 22:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2015-07-21 12:51 - 2015-06-15 22:44 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-07-21 12:51 - 2015-06-15 22:43 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-07-21 12:51 - 2015-06-15 22:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2015-07-21 12:51 - 2015-06-15 22:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-07-21 12:51 - 2015-06-15 22:37 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2015-07-21 12:51 - 2015-06-15 22:32 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2015-07-21 12:51 - 2015-06-15 22:31 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-07-21 12:51 - 2015-06-15 22:30 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-07-21 12:51 - 2015-06-15 22:30 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-07-21 12:51 - 2015-06-15 22:17 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll 2015-07-21 12:51 - 2015-06-15 22:07 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-07-21 12:51 - 2015-06-15 22:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-07-21 12:48 - 2015-06-16 07:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2015-07-21 12:48 - 2015-06-16 07:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2015-07-21 12:48 - 2015-06-11 05:49 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2015-07-21 12:48 - 2015-06-10 18:13 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2015-07-21 12:47 - 2015-07-14 16:14 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-07-21 12:47 - 2015-07-14 16:14 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2015-07-21 12:47 - 2015-07-14 16:14 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2015-07-21 12:47 - 2015-07-14 16:13 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-07-21 12:34 - 2015-07-21 12:48 - 00000000 ____D C:\ftb 2015-07-21 12:22 - 2015-07-21 12:45 - 00000000 ____D C:\Users\hendr_000\AppData\Local\ftblauncher 2015-07-21 12:22 - 2015-07-21 12:37 - 00000000 ____D C:\Users\hendr_000\AppData\Roaming\ftblauncher 2015-07-21 12:20 - 2015-07-21 12:21 - 06628862 _____ () C:\Users\hendr_000\Downloads\FTB_Launcher.exe ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-08-10 16:54 - 2015-06-07 17:02 - 00000000 ____D C:\FRST 2015-08-10 16:53 - 2015-05-30 06:36 - 01305758 _____ C:\Windows\WindowsUpdate.log 2015-08-10 16:45 - 2014-06-21 18:57 - 00000000 ____D C:\Users\hendr_000\AppData\Roaming\.minecraft 2015-08-10 16:39 - 2014-01-27 17:50 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-08-10 16:38 - 2015-06-24 19:06 - 00038372 _____ C:\Users\hendr_000\Desktop\loaded_drivers.txt 2015-08-10 16:11 - 2015-01-29 19:22 - 00000000 ____D C:\Users\hendr_000\AppData\Local\VMware 2015-08-10 16:05 - 2015-01-29 19:22 - 00000000 ____D C:\Users\hendr_000\AppData\Roaming\VMware 2015-08-10 16:02 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru 2015-08-10 15:50 - 2015-04-08 14:50 - 00005188 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for ARBEITSRECHNER-hendrik_2002 Arbeitsrechner 2015-08-10 15:47 - 2014-01-25 17:33 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-532561150-3242956754-1626305917-1001 2015-08-10 15:46 - 2014-01-25 17:44 - 00000000 ___DO C:\Users\hendr_000\SkyDrive 2015-08-10 15:42 - 2015-01-29 19:14 - 00000000 ____D C:\ProgramData\VMware 2015-08-10 15:42 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-08-09 22:26 - 2014-02-23 22:06 - 00065536 _____ C:\Windows\system32\spu_storage.bin 2015-08-09 22:14 - 2013-08-22 16:44 - 00396520 _____ C:\Windows\system32\FNTCACHE.DAT 2015-08-09 22:10 - 2015-06-30 10:08 - 00000286 _____ C:\Windows\Tasks\ASC8_SkipUac_hendrik_2002.job 2015-08-09 21:54 - 2014-02-23 21:45 - 00000000 ____D C:\Program Files (x86)\MSBuild 2015-08-09 21:52 - 2015-01-21 12:40 - 00000000 ____D C:\ProgramData\Package Cache 2015-08-09 21:43 - 2014-12-06 13:11 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs 2015-08-09 21:22 - 2014-03-07 20:13 - 00000000 ____D C:\Users\hendr_000\.android 2015-08-09 19:40 - 2015-05-12 17:39 - 00000000 ____D C:\Program Files\Microsoft SQL Server 2015-08-09 19:40 - 2014-12-06 13:23 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2015-08-09 19:38 - 2015-05-12 17:44 - 00000000 ____D C:\Program Files (x86)\Windows Kits 2015-08-09 19:08 - 2014-09-06 11:25 - 00000000 ____D C:\Users\Administrator 2015-08-09 19:05 - 2012-07-26 09:59 - 00000000 ____D C:\Windows\CbsTemp 2015-08-09 18:53 - 2015-05-12 17:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0 2015-08-09 18:47 - 2015-05-12 17:29 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0 2015-08-09 18:27 - 2015-05-12 17:43 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer 2015-08-09 18:14 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2015-08-09 18:03 - 2015-03-09 20:30 - 00000000 ____D C:\Users\hendr_000\AppData\Local\Eclipse 2015-08-09 17:55 - 2015-02-04 18:03 - 00000000 ____D C:\ProgramData\ProductData 2015-08-09 17:53 - 2015-02-04 18:04 - 00000000 ____D C:\Users\hendr_000\AppData\Roaming\IObit 2015-08-09 17:53 - 2015-02-04 18:03 - 00000000 ____D C:\Program Files (x86)\IObit 2015-08-09 17:50 - 2015-01-30 12:12 - 00000000 ____D C:\Users\hendr_000\VirtualBox VMs 2015-08-09 17:50 - 2015-01-30 12:11 - 00000000 ____D C:\Users\hendr_000\.VirtualBox 2015-08-09 17:47 - 2014-02-06 21:33 - 00246272 ___SH C:\Users\hendr_000\Desktop\Thumbs.db 2015-08-09 17:20 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF 2015-08-08 20:21 - 2014-02-23 22:13 - 00000000 ____D C:\Users\hendr_000 2015-08-08 20:08 - 2015-04-07 08:46 - 00000000 ____D C:\Users\hendr_000\workspace_projects 2015-08-08 19:58 - 2014-12-10 21:15 - 00000000 ____D C:\Windows\system32\appraiser 2015-08-08 19:58 - 2014-07-31 18:06 - 00000000 ___SD C:\Windows\system32\CompatTel 2015-08-08 19:55 - 2014-02-09 10:06 - 00000000 ____D C:\Users\hendr_000\AppData\Local\CrashDumps 2015-08-08 18:14 - 2015-06-30 10:08 - 00000322 _____ C:\Windows\Tasks\Uninstaller_SkipUac_hendrik_2002.job 2015-08-07 18:28 - 2015-05-12 17:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2013 2015-08-07 17:18 - 2015-06-30 10:08 - 00002438 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_hendrik_2002 2015-08-07 11:03 - 2015-06-06 13:32 - 00016056 _____ (SlimWare Utilities, Inc.) C:\Windows\system32\Drivers\SWDUMon.sys 2015-08-06 18:29 - 2014-02-23 22:13 - 00012102 _____ C:\Windows\diagerr.xml 2015-08-06 18:29 - 2014-02-23 22:13 - 00011231 _____ C:\Windows\diagwrn.xml 2015-08-05 20:13 - 2015-06-07 16:59 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2015-08-05 18:37 - 2015-06-06 13:31 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-08-05 18:36 - 2015-06-06 13:30 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-08-05 16:05 - 2015-06-06 13:56 - 00000000 ____D C:\ProgramData\HitmanPro 2015-08-02 19:14 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache 2015-08-01 11:02 - 2013-10-08 16:45 - 00000000 ___HD C:\Program Files (x86)\Temp 2015-07-31 18:02 - 2014-02-23 22:06 - 00000000 ____D C:\AMD 2015-07-31 14:12 - 2014-07-27 17:04 - 00000000 ____D C:\Users\hendr_000\.eclipse 2015-07-31 10:28 - 2015-01-29 19:28 - 00000000 ____D C:\Users\hendr_000\Documents\Virtual Machines 2015-07-31 10:20 - 2014-03-22 10:15 - 00000000 ____D C:\Users\hendr_000\AppData\Local\Deployment 2015-07-30 21:48 - 2013-08-22 15:25 - 00786432 ___SH C:\Windows\system32\config\BBI 2015-07-30 16:49 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\FxsTmp 2015-07-29 18:34 - 2014-01-25 17:39 - 00000000 ____D C:\Users\hendr_000\AppData\Local\Apps\2.0 2015-07-26 16:34 - 2014-08-23 12:55 - 00000000 ____D C:\Users\hendr_000\AppData\Roaming\Notepad++ 2015-07-26 16:33 - 2014-08-23 12:55 - 00000000 ____D C:\Program Files (x86)\Notepad++ 2015-07-25 21:05 - 2015-04-09 11:57 - 00000000 ___SD C:\Windows\system32\GWX 2015-07-25 17:32 - 2014-01-25 17:00 - 00000000 ____D C:\Users\hendr_000\AppData\Local\Packages 2015-07-24 16:28 - 2014-12-24 19:48 - 00000000 ____D C:\Program Files (x86)\Minecraft 2015-07-24 16:27 - 2015-01-14 12:48 - 00000000 ____D C:\Users\hendr_000\.gimp-2.8 2015-07-24 14:10 - 2015-02-04 18:03 - 00000000 ____D C:\ProgramData\IObit 2015-07-23 21:37 - 2015-04-09 11:57 - 00000000 ___SD C:\Windows\SysWOW64\GWX 2015-07-23 20:17 - 2014-02-06 20:36 - 00000000 ____D C:\Windows\system32\MRT 2015-07-23 19:20 - 2014-02-11 19:35 - 00000000 ____D C:\Users\hendr_000\AppData\Roaming\FileZilla 2015-07-23 18:12 - 2015-06-09 16:53 - 00000000 ____D C:\Users\hendr_000\Downloads\forge 2015-07-23 18:11 - 2015-06-09 16:57 - 00000000 ____D C:\Users\hendr_000\Downloads\setups 2015-07-21 14:09 - 2014-01-25 17:21 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2015-07-21 14:08 - 2014-12-23 17:32 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2015-07-21 12:50 - 2014-03-29 20:01 - 00004120 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-07-21 12:50 - 2014-03-29 20:01 - 00003884 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-07-21 12:50 - 2014-03-29 20:01 - 00001148 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-07-21 12:50 - 2014-03-29 20:01 - 00001144 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-07-21 12:36 - 2014-01-25 17:34 - 00000000 ____D C:\Program Files\Microsoft Office 15 2015-07-21 12:28 - 2014-03-07 21:33 - 00000000 ____D C:\ProgramData\Oracle 2015-07-21 12:25 - 2014-12-24 21:28 - 00110688 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2015-07-21 12:25 - 2014-12-24 21:27 - 00000000 ____D C:\Program Files\Java 2015-07-13 23:10 - 2015-03-14 09:02 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-07-13 23:10 - 2015-03-14 09:02 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-02-26 20:51 - 2015-02-26 20:51 - 0000000 ___RH () C:\Users\hendr_000\AppData\Roaming\b4d6e8f4ed70928182ebe608f6b39bab2 2015-05-15 12:12 - 2015-05-15 12:12 - 0000046 _____ () C:\Users\hendr_000\AppData\Roaming\Camdata.ini 2015-05-15 12:12 - 2015-05-15 12:12 - 0000408 _____ () C:\Users\hendr_000\AppData\Roaming\CamLayout.ini 2015-05-15 12:12 - 2015-05-15 12:12 - 0000408 _____ () C:\Users\hendr_000\AppData\Roaming\CamShapes.ini 2015-05-15 12:12 - 2015-05-15 12:12 - 0004536 _____ () C:\Users\hendr_000\AppData\Roaming\CamStudio.cfg 2014-09-01 10:18 - 2014-09-01 10:18 - 0002086 _____ () C:\Users\hendr_000\AppData\Roaming\UIZJU 2015-05-15 12:11 - 2015-05-15 12:11 - 0000096 _____ () C:\Users\hendr_000\AppData\Roaming\version2.xml 2014-03-07 21:43 - 2014-12-23 16:55 - 0000113 _____ () C:\Users\hendr_000\AppData\Roaming\WB.CFG 2014-12-08 18:03 - 2014-12-08 18:03 - 0202370 _____ () C:\Users\hendr_000\AppData\Local\debuggee.mdmp 2015-01-29 21:01 - 2015-07-01 11:23 - 0000600 _____ () C:\Users\hendr_000\AppData\Local\PUTTY.RND 2015-06-22 17:08 - 2015-06-22 17:08 - 0002836 _____ () C:\Users\hendr_000\AppData\Local\recently-used.xbel 2014-12-26 12:55 - 2015-04-18 07:59 - 0007595 _____ () C:\Users\hendr_000\AppData\Local\Resmon.ResmonCfg 2015-01-27 09:36 - 2015-01-27 09:36 - 0000000 _____ () C:\Users\hendr_000\AppData\Local\{A9E8EC64-9A12-4DF0-8909-6F0BE58BB854} 2015-03-22 17:22 - 2015-03-22 17:22 - 0740775 _____ () C:\ProgramData\AndyDrivers.zip 2015-06-06 14:28 - 2015-06-06 14:28 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Einige Dateien in TEMP: ==================== C:\Users\Administrator\AppData\Local\Temp\borlndlm.dll C:\Users\Dirk\AppData\Local\Temp\{9AB2D6BA-D314-4579-92EB-5166BD3BD792}-35.0.1916.153_chrome_installer.exe ==================== Bamital & volsnap Check ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-08-06 17:13 ==================== Ende von log ============================ |
10.08.2015, 16:05 | #4 |
| Windows 8.1 Metro-Apps starten minimiert Addition.txt: FRST Additions Logfile: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:09-08-2015 durchgeführt von hendrik_2002 (2015-08-10 16:57:39) Gestartet von C:\Users\hendr_000\Desktop Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-532561150-3242956754-1626305917-500 - Administrator - Enabled) => C:\Users\Administrator Dirk (S-1-5-21-532561150-3242956754-1626305917-1004 - Administrator - Enabled) => C:\Users\Dirk Dummy-Account (S-1-5-21-532561150-3242956754-1626305917-1013 - Limited - Enabled) Gast (S-1-5-21-532561150-3242956754-1626305917-501 - Limited - Disabled) Hendrik2002 (S-1-5-21-532561150-3242956754-1626305917-1017 - Administrator - Enabled) hendrik_2002 (S-1-5-21-532561150-3242956754-1626305917-1001 - Administrator - Enabled) => C:\Users\hendr_000 HomeGroupUser$ (S-1-5-21-532561150-3242956754-1626305917-1006 - Limited - Enabled) Katja (S-1-5-21-532561150-3242956754-1626305917-1009 - Administrator - Enabled) Niklas Steinmetz (S-1-5-21-532561150-3242956754-1626305917-1008 - Limited - Enabled) => C:\Users\Niklas Steinmetz.HendriksPodpal ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated) AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2022 - Acer Incorporated) Adobe After Effects 7.0 (HKLM-x32\...\Adobe After Effects 7.0) (Version: 7.0.0.244 - Adobe Systems, Inc.) Adobe Flash Player 17 NPAPI (HKLM-x32\...\{F22C3C05-B1D9-47FF-AA17-4F9DCBFE850F}) (Version: 17.0.0.134 - Adobe Systems Incorporated) Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated) Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.) Adobe Premiere Pro 2.0 (HKLM-x32\...\Adobe Premiere Pro 2.0) (Version: 2.000.000 - Adobe Systems, Inc.) Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated) Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.3.0 - IObit) AMD Catalyst Install Manager (HKLM\...\{ACF4E7FE-650D-9BD7-BAE5-1AD061F40F69}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.) Application Insights Tools for Visual Studio 2015 (x32 Version: 3.3.1 - Microsoft Corporation) Hidden Ashampoo WinOptimizer 2015 v.11.00.50 (HKLM-x32\...\{4209F371-3276-A8F7-B851-845A83732AB4}_is1) (Version: 11.00.50 - Ashampoo GmbH & Co. KG) Assassin's Creed Revelations 1.03 (HKLM-x32\...\{33A22B2D-55BA-4508-B767-BF2E9C21A73F}) (Version: 1.03 - Ubisoft) Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team) Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden Bandicam (HKLM-x32\...\Bandicam) (Version: 2.1.2.740 - Bandisoft.com) Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com) Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.51210.80 - Microsoft Corporation) Hidden Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.51210.80 - Microsoft Corporation) Hidden Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden Blend for Visual Studio SDK for Windows Phone 8.0 (x32 Version: 3.0.30924.0 - Microsoft Corporation) Hidden Blender (HKLM\...\Blender) (Version: 2.73a - Blender Foundation) Borland C++Builder 6 (HKLM-x32\...\{2864C41B-EF2D-4640-95A2-526276524519}) (Version: 6.0 - Borland Software Corporation) Brackets (HKLM-x32\...\{4BCC5124-095C-4871-8562-55FA29DD8773}) (Version: 1.1 - brackets.io) Build Tools - amd64 (Version: 12.0.31010 - Microsoft Corporation) Hidden Build Tools - x86 (x32 Version: 12.0.31010 - Microsoft Corporation) Hidden Build Tools for Windows 10 (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden Build Tools Language Resources - amd64 (Version: 12.0.31010 - Microsoft Corporation) Hidden Build Tools Language Resources - x86 (x32 Version: 12.0.31010 - Microsoft Corporation) Hidden Buildtools für Windows 10 - DEU (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform) clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.2012 - Acer Incorporated) clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.2016 - Acer Incorporated) clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden CodedUITest81 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden CodedUITestUAP (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden Craften Terminal 4.1.1 (HKLM-x32\...\{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1) (Version: 4.1.1 - Craften.de) Crossfire Europe (HKLM-x32\...\Crossfire Europe) (Version: 1.172 - SG Europe) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Devenv-Ressourcen für Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden Dotfuscator and Analytics Community Edition 5.18.1 (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden Dotfuscator and Analytics Community Edition Language Pack 5.18.1 de-DE (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden Entity Framework 6.1.3 Tools for Visual Studio 2015 (HKLM-x32\...\{1A8A9739-BAD7-491F-B5B9-A79A2B965422}) (Version: 14.0.40302.0 - Microsoft Corporation) Epic Games Launcher (HKLM\...\{84438A71-40ED-4E6F-9C7E-58FE0F61F692}) (Version: 1.1.28.0 - Epic Games, Inc.) Erforderliche Komponenten für SSDT (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation) FileZilla (remove only) (HKLM-x32\...\FileZilla) (Version: - ) FileZilla Client 3.10.2 (HKLM-x32\...\FileZilla Client) (Version: 3.10.2 - Tim Kosse) Firefox Developer Edition 40.0a2 (x86 en-US) (HKLM-x32\...\Firefox Developer Edition 40.0a2 (x86 en-US)) (Version: 40.0a2 - Mozilla) Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Free Pascal 2.6.4 (HKLM-x32\...\FreePascal_is1) (Version: - Free Pascal Team) Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2015 Sprachpaket (DEU) - v1.5 (x32 Version: 1.5.30619.1602 - Microsoft Corporation) Hidden GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team) Git version 1.9.5-preview20150319 (HKLM-x32\...\Git_is1) (Version: 1.9.5-preview20150319 - The Git Development Community) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.130 - Google Inc.) Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software) HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.242 - SurfRight B.V.) IDE Tools for Windows 10 (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3006 - Acer Incorporated) IDE-Tools für Windows 10 - DEU (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden iFreeUp 1.0 (HKLM-x32\...\iFreeUp_is1) (Version: 1.0.10 - IObit) IIS 10.0 Express (HKLM\...\{5984D8DA-C1AF-4284-9C88-D7150425B315}) (Version: 10.0.1734 - Microsoft Corporation) IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - ) IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - ) Intellisense Lang Pack Mobile Extension SDK 10.0.10240.0 (x32 Version: 10.0.10240.0 - Microsoft Corporation) Hidden Java 7 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417025F0}) (Version: 7.0.250 - Oracle) Java 7 Update 75 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417075FF}) (Version: 7.0.750 - Oracle) Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation) Java SE Development Kit 7 Update 75 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170750}) (Version: 1.7.0.750 - Oracle) Java SE Development Kit 8 Update 31 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180310}) (Version: 8.0.310.13 - Oracle Corporation) Kits Configuration Installer (x32 Version: 10.0.26624 - Microsoft) Hidden League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games ) League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3010 - Acer Incorporated) LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden LocalESPCui for de-de (x32 Version: 8.59.29989 - Microsoft) Hidden LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.) LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation) Metasploit (HKLM-x32\...\Metasploit 4.11.1) (Version: 4.11.1 - Rapid7) MetroTwit (HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\6d9570ab26892611) (Version: 1.2.0.1 - Pixel Tucker Pty Ltd) Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation) Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{21B0F482-5EF9-45DA-8840-340AFE705A6C}) (Version: 4.5.50710 - Microsoft Corporation) Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation) Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation) Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation) Microsoft Help Viewer 2.1 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.1 Sprachpaket - DEU) (Version: 2.1.21005 - Microsoft Corporation) Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation) Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.23107 - Microsoft Corporation) Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4737.1003 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\OneDriveSetup.exe) (Version: 17.3.5907.0716 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft Silverlight 5 SDK - DEU (HKLM-x32\...\{F351AA2C-723C-4CFE-A7CB-8E43AB164F7F}) (Version: 5.0.61118.0 - Microsoft Corporation) Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation) Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation) Microsoft SQL Server Data Tools - DEU (14.0.50616.0) (HKLM-x32\...\{FA604873-01A0-4834-AF87-418534E465BB}) (Version: 14.0.50616.0 - Microsoft Corporation) Microsoft SQL Server*2014 Management Objects (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server*2014 Transact-SQL ScriptDom (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server*2014 T-SQL Language Service (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio Community 2015 (HKLM-x32\...\{5c2b89b0-08cc-492f-b086-21e4d6ae7be4}) (Version: 14.0.23107.10 - Microsoft Corporation) Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation) Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{63967E7E-5D53-42FA-A7B2-DC50FB0F976F}) (Version: 12.0.2402.11 - Microsoft Corporation) Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{2ADB6B9D-83C6-494E-B8AE-E815956A4670}) (Version: 12.0.2402.11 - Microsoft Corporation) Minecraft (HKLM-x32\...\{02BAAFC5-4E16-42E6-A9F6-8DDE0B7ED3B8}) (Version: 1.0.0.0 - Mojang) Mit C# erstellte geräteübergreifende Hybrid-Apps - Vorlagen - DEU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 36.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0 (x86 de)) (Version: 36.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0 - Mozilla) Mozilla Thunderbird 24.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.3.0 (x86 de)) (Version: 24.3.0 - Mozilla) MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden Nidhogg v1.0 (HKLM-x32\...\Nidhogg v1.01.0) (Version: 1.0 - Friends in War) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.9.2 - Notepad++ Team) OEM Application Profile (HKLM-x32\...\{276FD4A2-030F-8A24-7DFE-9B1384131BCD}) (Version: 1.00.0000 - Ihr Firmenname) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4737.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4737.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4737.1003 - Microsoft Corporation) Hidden Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer) Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.02.2008 - Acer) Opera Stable 30.0.1835.59 (HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\Opera 30.0.1835.59) (Version: 30.0.1835.59 - Opera Software) Oracle VM VirtualBox 5.0.0 (HKLM\...\{FCD0B365-2189-45F3-9AF2-2BCED86C121A}) (Version: 5.0.0 - Oracle Corporation) paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC) Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation) Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM-x32\...\{3F514FDC-F0F2-3B99-86D6-F7B3A2679B39}) (Version: 4.5.51209 - Microsoft Corporation) Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6 (Deutsch) (HKLM-x32\...\{7227EFF8-BC26-44D4-B91D-969A82DBDF4A}) (Version: 4.6.00081 - Microsoft Corporation) PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden Prerequisites for SSDT (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation) Projekt- und Elementvorlagen für Visual Studio Community 2015 – DEU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden Projekt- und Elementvorlagen für Visual Studio Express 2015 für Windows 10 – DEU (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden Projekt- und Elementvorlagen für Visual Studio Professional 2015 – DEU (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden Python 3.4.3 (HKLM-x32\...\{CCD588A7-8D55-49F1-A30C-47FAB40889ED}) (Version: 3.4.16490 - Python Software Foundation) Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.224 - Qualcomm Atheros Communications) Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.20 - Qualcomm Atheros Inc.) Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.55 - Qualcomm Atheros) Raptr (HKLM-x32\...\Raptr) (Version: - ) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7509 - Realtek Semiconductor Corp.) Registrar Registry Manager 7.75 (HKLM\...\RegistrarHome_is1) (Version: - Resplendence Software Projects Sp.) Resource Hacker Version 4.0.0 (HKLM-x32\...\ResourceHacker_is1) (Version: - ) Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden Secunia PSI (3.0.0.10004) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia) Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) Silent Hunter 4 Wolves of the Pacific (HKLM-x32\...\{0D005F09-A5F4-473B-A901-5735C6AF5628}) (Version: 1.00.0000 - Ubisoft) Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.) Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit) System Explorer 6.4.2 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version: - Mister Group) Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.23102 - Microsoft Corporation) Hidden TeamSpeak 3 Client (HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden TIPP10 Version 2.1.0 (HKLM-x32\...\TIPP10_is1) (Version: - (c) 2006-2011, Tom Thielicke IT Solutions) TypeScript Power Tool (x32 Version: 1.5.4.0 - Microsoft Corporation) Hidden TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.5.4.0 - Microsoft Corporation) Hidden TypeScript Tools for Microsoft Visual Studio 2015 1.5.4.0 (HKLM-x32\...\{4cde0c8c-47b3-448f-babf-fe5d392432a6}) (Version: 1.5.23128.0 - Microsoft Corporation) Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT) UltraUXThemePatcher (HKLM-x32\...\UltraUXThemePatcher) (Version: 2.5.6.0 - Manuel Hoefs (Zottel)) Unity (HKLM-x32\...\Unity) (Version: 5.0.1f1 - Unity Technologies ApS) Universal CRT Extension SDK (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden Universal CRT Extension SDK (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden Universal CRT Headers Libraries and Sources (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden Universal CRT Headers Libraries and Sources (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden Universal CRT Redistributable (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden Universal CRT Tools x64 (Version: 10.0.26624 - Microsoft Corporation) Hidden Universal CRT Tools x86 (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden Universal General MIDI DLS Extension SDK (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden Visual C++ für Mobile-Entwicklung (Android-Unterstützung) (HKLM-x32\...\{fd8b6372-b8b3-4a14-bb21-fbc5cb94f7ac}) (Version: 14.0.23027.0 - Microsoft Corporation) Visual C++ für Mobile-Entwicklung (iOS-Unterstützung) (HKLM-x32\...\{8fd9a549-20ac-4daf-8da3-c54b6621ac29}) (Version: 14.0.23027.0 - Microsoft Corporation) Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation) Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation) Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation) VMware Player (HKLM-x32\...\VMware_Player) (Version: 7.1.2 - VMware, Inc) VMware Player (Version: 7.1.2 - VMware, Inc.) Hidden VNC Server 5.2.3 (HKLM\...\{0D2201F0-2E7B-4C89-8C5D-03D3F5BB5042}) (Version: 5.2.3 - RealVNC Ltd) VNC Viewer 5.2.3 (HKLM\...\{8824CB84-60DF-4CBC-AB3A-7C5AB2A41F31}) (Version: 5.2.3 - RealVNC Ltd) WCF Data Services 5.6.4 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden WCF Data Services Tools for Microsoft Visual Studio 2015 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation) Webocton - Scriptly 0.8.95.6 (HKLM-x32\...\Webocton - Scriptly_is1) (Version: 0.8.95.6 - Webocton) WinAppDeploy (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Windows Software Development Kit - Windows 10.0.26624 (HKLM-x32\...\{e7a0c8b6-b0e9-41e2-8a0a-a6784f88d1d4}) (Version: 10.0.26624 - Microsoft Corporation) WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies) WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) WinRT Intellisense Desktop - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden WinRT Intellisense Desktop - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden WinRT Intellisense IoT - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden WinRT Intellisense IoT - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden WinRT Intellisense PPI - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden WinRT Intellisense PPI - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden WinRT Intellisense UAP - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden WinRT Intellisense UAP - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden WinRT Intellisense Xbox Live Extension SDK - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden WinRT Intellisense Xbox Live Extension SDK - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden Wireshark 1.12.3 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.12.3 - The Wireshark developer community, hxxp://www.wireshark.org) Wise Registry Cleaner 8.61 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 8.61 - WiseCleaner.com, Inc.) Xamarin (HKLM-x32\...\{B6F4249F-5053-43D5-BA37-D942230C825B}) (Version: 3.11.816.0 - Xamarin) XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-5 - Bitnami) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Wiederherstellungspunkte ========================= 09-08-2015 17:28:59 Microsoft Visual Studio Community 2015 09-08-2015 17:33:34 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 09-08-2015 17:37:30 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 09-08-2015 17:41:56 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 09-08-2015 17:44:22 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 09-08-2015 17:47:02 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 09-08-2015 18:16:58 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 09-08-2015 19:56:48 TypeScript Tools for Microsoft Visual Studio 2015 1.5.4.0 09-08-2015 20:03:53 Update for Microsoft Visual Studio 2015 (KB3073097) 09-08-2015 20:28:43 Windows Software Development Kit - Windows 10.0.26624 09-08-2015 21:37:52 Microsoft Visual Studio 2015 Tools für Windows 10 (Technical Preview) 09-08-2015 21:47:29 Update for Microsoft Visual Studio 2015 (KB3073097) 09-08-2015 21:48:46 Visual C++ für Mobile-Entwicklung (iOS-Unterstützung) 09-08-2015 21:50:23 Visual C++ für Mobile-Entwicklung (Android-Unterstützung) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {07B9F40D-4E63-4DAF-8FD6-4EE67D558E0E} - System32\Tasks\{C7EAF7A5-FBDB-4A82-91B9-18268A1FDEE1} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.73.105.457/de/abandoninstall?page=tsMain Task: {09F3DD2C-71B3-4A85-9364-C6386EA7E94C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated) Task: {2676A993-D66B-4448-A860-F9763BEEDE42} - System32\Tasks\Opera scheduled Autoupdate 1426179695 => C:\Users\hendr_000\AppData\Local\Programs\Opera\launcher.exe [2015-06-10] (Opera Software) Task: {33A65D12-4ED9-434B-96F9-68D1F9241A8B} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-532561150-3242956754-1626305917-1001 Task: {37CB870C-FA33-4F14-9834-5B919D4B56F6} - System32\Tasks\Uninstaller_SkipUac_hendrik_2002 => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe Task: {395A679E-F1C7-4FA0-A08F-2B1F3D7E8E0F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd) Task: {3C052D58-9ADE-4287-94F2-CA7AEFE0D177} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser Task: {45BB8FB7-E03E-47DC-9513-D76090D256DB} - System32\Tasks\{2EFDEB36-276A-48F3-BFAA-5F39F38EB409} => pcalua.exe -a C:\Users\hendr_000\Desktop\Forge_Server\forge-1.8-11.14.0.1285-1.8-installer-win.exe -d C:\Users\hendr_000\Desktop\Forge_Server Task: {5960B03A-15EA-446B-A907-4FACA2EF3BDD} - System32\Tasks\{AA50E2BC-3878-43CC-9F92-EAF47C08AB82} => pcalua.exe -a C:\Users\hendr_000\Downloads\forge-1.7.10-10.13.3.1355-1.7.10-installer-win.exe -d C:\Users\hendr_000\Downloads Task: {66C3A4D9-DEB8-4C5B-A1B7-F5C5B803BEA4} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] () Task: {6FE0E8CB-D288-41EA-BA1E-74239258B658} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-29] (Google Inc.) Task: {74768E11-5380-4F57-93C3-438B4A630F6A} - System32\Tasks\ASC8_SkipUac_hendrik_2002 => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2015-06-16] (IObit) Task: {BB059E76-F9BF-44C9-B6ED-13F7B3CEF254} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-01] (Microsoft Corporation) Task: {C426D609-BEA0-4503-A8F1-8EBBCE15C292} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe [2015-06-10] (IObit) Task: {CB016BC7-2B36-4262-A1E8-B434854BFE31} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-01] (Microsoft Corporation) Task: {D2174D06-84F3-46A9-9998-A0B5934A7B07} - System32\Tasks\Microsoft Office 15 Sync Maintenance for ARBEITSRECHNER-hendrik_2002 Arbeitsrechner => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-06-02] (Microsoft Corporation) Task: {E2F4864D-34CE-4271-9B2D-F92D332804DB} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] () Task: {E95F795D-D6BF-41F2-95CF-E279E4F0C080} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-07-03] (Microsoft Corporation) Task: {E9D16D5F-9981-4966-AF14-EC8FFEC0427B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-29] (Google Inc.) Task: {EC96A4FB-11A6-4682-82A5-ADD27F0D47CA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-23] (Adobe Systems Incorporated) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\ASC8_SkipUac_hendrik_2002.job => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\UIZJU.job => C:\Users\hendr_000\AppData\Roaming\UIZJU.exe <==== ACHTUNG Task: C:\Windows\Tasks\Uninstaller_SkipUac_hendrik_2002.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2014-06-20 13:15 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2013-10-08 17:14 - 2013-02-20 22:58 - 00111176 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll 2015-03-02 16:43 - 2015-03-02 16:43 - 00099288 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll 2015-06-30 10:04 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\sqlite3.dll 2015-06-30 10:06 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madExcept_.bpl 2015-06-30 10:06 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madBasic_.bpl 2015-06-30 10:06 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madDisAsm_.bpl 2015-02-04 18:03 - 2014-12-18 21:04 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll 2015-08-09 17:53 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\iFreeUp\madExcept_.bpl 2015-08-09 17:53 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\iFreeUp\madBasic_.bpl 2015-08-09 17:53 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\iFreeUp\madDisAsm_.bpl 2015-05-31 07:59 - 2015-05-31 07:59 - 01301696 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\Users\Dirk\OneDrive:ms-properties AlternateDataStreams: C:\Users\Dirk\SkyDrive:ms-properties AlternateDataStreams: C:\Users\hendr_000\SkyDrive:ms-properties ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service" ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com IE trusted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\freerealms.com -> freerealms.com IE trusted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\google.de -> hxxps://www.google.de IE trusted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\it-fachportal.de -> hxxps://www.it-fachportal.de IE trusted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\localhost -> hxxps://localhost IE trusted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\localhost -> hxxp://localhost IE trusted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\soe.com -> soe.com IE trusted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\sony.com -> sony.com IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\1001movie.com -> 1001movie.com IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\1001night.biz -> 1001night.biz IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\100gal.net -> 100gal.net IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\100sexlinks.com -> 100sexlinks.com IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\101hotteens.com -> 101hotteens.com IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\101lottery.com -> 101lottery.com IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\123expressview.com -> 123expressview.com IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\123found.com -> 123found.com Da befinden sich 4787 mehr eingeschränkte Seiten. ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-532561150-3242956754-1626305917-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\hendr_000\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) MSCONFIG\Services: a2AntiMalware => 2 MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: AMD External Events Utility => 2 MSCONFIG\Services: AMD FUEL Service => 2 MSCONFIG\Services: Apache2.4 => 2 MSCONFIG\Services: AtherosSvc => 2 MSCONFIG\Services: Avira.OE.ServiceHost => 2 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: BstHdAndroidSvc => 2 MSCONFIG\Services: BstHdLogRotatorSvc => 2 MSCONFIG\Services: CCDMonitorService => 2 MSCONFIG\Services: DfSdkS => 3 MSCONFIG\Services: Fax => 3 MSCONFIG\Services: FileZilla Server => 2 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: Hamachi2Svc => 2 MSCONFIG\Services: LiveUpdateSvc => 2 MSCONFIG\Services: LMIGuardianSvc => 2 MSCONFIG\Services: MBAMScheduler => 2 MSCONFIG\Services: MBAMService => 2 MSCONFIG\Services: McAfee SiteAdvisor Service => 2 MSCONFIG\Services: metasploitPostgreSQL => 2 MSCONFIG\Services: metasploitProSvc => 2 MSCONFIG\Services: metasploitThin => 2 MSCONFIG\Services: metasploitWorker => 2 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: mysql => 2 MSCONFIG\Services: NAUpdate => 2 MSCONFIG\Services: Razer Game Scanner Service => 2 MSCONFIG\Services: rpcapd => 3 MSCONFIG\Services: RzKLService => 2 MSCONFIG\Services: Secunia PSI Agent => 2 MSCONFIG\Services: Secunia Update Agent => 2 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: SlimService => 2 MSCONFIG\Services: StartMenuService => 2 MSCONFIG\Services: Steam Client Service => 3 MSCONFIG\Services: SystemExplorerHelpService => 3 MSCONFIG\Services: TeamViewer => 2 MSCONFIG\Services: Tomcat7 => 2 MSCONFIG\Services: TuneUp.UtilitiesSvc => 2 MSCONFIG\Services: vncserver => 3 MSCONFIG\Services: WSearch => 2 HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk" HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKLM\...\StartupApproved\Run32: => "StartCCC" HKLM\...\StartupApproved\Run32: => "mcpltui_exe" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "YTDownloader" HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui" HKLM\...\StartupApproved\Run32: => "Raptr" HKLM\...\StartupApproved\Run32: => "FileZilla Server Interface" HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive" HKLM\...\StartupApproved\Run32: => "BlueStacks Agent" HKLM\...\StartupApproved\Run32: => "Andy" HKLM\...\StartupApproved\Run32: => "avgnt" HKLM\...\StartupApproved\Run32: => "emsisoft anti-malware" HKLM\...\StartupApproved\Run32: => "SystemExplorerAutoStart" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\StartupFolder: => "baerenmarke-widget.lnk" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\StartupFolder: => "Adobe Gamma.lnk" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\Run: => "SkyDrive" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\Run: => "Spotify Web Helper" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\Run: => "YTDownloader" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\Run: => "Dxtory Update Checker 2.0" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\Run: => "AppEx Accelerator UI" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\Run: => "msnmsgr" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\Run: => "Browser Extensions" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\Run: => "DesktopOK" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\Run: => "Search Protection" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\Run: => "XAMPP Control Panel" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\Run: => "Advanced SystemCare 8" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\Run: => "Steam" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{F603271F-944B-498D-AC22-4EAF1D17D497}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe FirewallRules: [{8124257A-9E01-4AA5-ABC1-9A3123988F8B}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe FirewallRules: [{58F47C55-D17A-47EC-8210-FC35A9ECA66D}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe FirewallRules: [{F9C56998-E744-46C8-9D5A-4B17A51170BA}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe FirewallRules: [{110661DB-3FDC-4FBB-9541-3908BC904AFC}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe FirewallRules: [{21DE293D-9203-44EC-B297-61B809F74DB0}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe FirewallRules: [{3E8C9A49-86D9-4A33-9F0E-66247067111A}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe FirewallRules: [{0B99A754-8F02-41E1-9E03-86D4B31C07A4}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe FirewallRules: [{937AF17E-DE8A-4FF7-BFE5-5ECE5D746A91}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe FirewallRules: [{201F7BC2-A8E6-435C-9C22-3E3C55CD16D2}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe FirewallRules: [{7065C90E-0A0D-4152-992B-29659584DB4D}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe FirewallRules: [{AD4DBDEE-AFF6-4623-B635-59FBD7140C4F}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe FirewallRules: [{A062D843-8F1F-4086-A697-0FD176A8A4CE}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe FirewallRules: [{6517DA4C-6C29-4B63-B979-26646CB38DE9}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe FirewallRules: [{F3988EAE-EE5B-4C4E-8577-5531B31B2D54}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe FirewallRules: [{30FC91E0-54F5-4661-A362-22391693FBD1}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe FirewallRules: [{14A5D67B-A0CC-4FC1-B8E0-27E11FE3C812}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe FirewallRules: [{AC7545A3-C40E-42BC-B021-A409093FD5D5}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe FirewallRules: [{C49ED8EA-CEDC-480F-8268-72D9D2E80236}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe FirewallRules: [{98895709-AB83-40CA-98C2-0FCEB9C11B0F}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe FirewallRules: [{ED980AF1-7766-421D-9BEF-34D3EAD5ED61}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe FirewallRules: [TCP Query User{C51DEAA9-3A39-4D25-8CAE-98D98A6CCA14}C:\users\hendr_000\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\hendr_000\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{78A6F80D-4855-4333-A219-533386A8846C}C:\users\hendr_000\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\hendr_000\appdata\roaming\spotify\spotify.exe FirewallRules: [{25D3D9EE-3067-4C7D-A001-C7BB1501B972}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe FirewallRules: [{3E6B2FAB-02C6-4785-8D12-F3F53D61F4B2}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe FirewallRules: [{E3EDC567-9BD2-40E6-A1EB-5E7D22EE01F1}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe FirewallRules: [{D0A6FA2F-DAD8-4F17-87BF-E3A9B2741487}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe FirewallRules: [TCP Query User{966E9B2B-C676-4293-BB2D-AB13D02E8721}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{5CAC66F1-A67C-437B-8AF5-800A25FE0B92}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{F25D1282-8486-4566-9071-614CA365D414}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{2F74FC5E-6F3A-4C68-B41B-92313370478D}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{D4291174-E709-442A-8B13-5907C13CDD1C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe FirewallRules: [{EF07999A-2EC7-4029-A9DD-087B14ED9F38}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe FirewallRules: [{D704C46B-A0E9-4437-A026-DD697C261F3C}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRSP.exe FirewallRules: [{F2F5AFF0-B67A-4812-9D68-04A5CF501D01}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRSP.exe FirewallRules: [{1E82290E-6F43-4839-9A25-504EE7BC17A8}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRMP.exe FirewallRules: [{4EC33B1B-7105-458D-8AC5-CC5D4F756A28}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRMP.exe FirewallRules: [{B68AA5F6-9E41-465D-B3F3-48242FAFFABD}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\AssassinsCreedRevelations.exe FirewallRules: [{8416B314-3B5C-4D5D-99A6-EC2DE485097C}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\AssassinsCreedRevelations.exe FirewallRules: [TCP Query User{8228AF30-B5A9-4EC1-B545-6FA81CE74AE7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{E6F40B64-B57A-4C15-8C2C-49BC6E3E8FB3}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{BCA36857-D883-44C0-8DC2-9B618BF56C6B}] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{C7578792-77F8-46BE-B86E-3A5F838C3B48}] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{77ADEE26-B33C-4BF0-9F83-8E82C83D39F0}C:\program files (x86)\ubisoft\assassin's creed revelations\acrpr.exe] => (Allow) C:\program files (x86)\ubisoft\assassin's creed revelations\acrpr.exe FirewallRules: [UDP Query User{71EA72B4-D2F6-4874-B079-256FB5001B34}C:\program files (x86)\ubisoft\assassin's creed revelations\acrpr.exe] => (Allow) C:\program files (x86)\ubisoft\assassin's creed revelations\acrpr.exe FirewallRules: [{13AD290E-BC56-40BC-993D-552F7C50D99F}] => (Block) C:\program files (x86)\ubisoft\assassin's creed revelations\acrpr.exe FirewallRules: [{2E56D11E-1DD0-4C6E-97A0-D8AEB420D402}] => (Block) C:\program files (x86)\ubisoft\assassin's creed revelations\acrpr.exe FirewallRules: [{11B68A8A-F88A-4C59-8D9B-863AFC4A8FA8}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{F0B07D80-7C82-412A-BFDE-F0C3AF2FBC4B}] => (Allow) LPort=2869 FirewallRules: [{0BC3FFDC-99C1-4A49-9F60-86A73EB7C207}] => (Allow) LPort=1900 FirewallRules: [TCP Query User{5026E3CD-CE3F-4F23-B7A1-EEBEBE6B93A3}C:\program files (x86)\brackets\node.exe] => (Allow) C:\program files (x86)\brackets\node.exe FirewallRules: [UDP Query User{3B8F6EAA-C35F-42E8-9FEC-0CB57CC15A05}C:\program files (x86)\brackets\node.exe] => (Allow) C:\program files (x86)\brackets\node.exe FirewallRules: [{1EC34949-E805-4158-AA08-5C4EA2CF8CA9}] => (Block) C:\program files (x86)\brackets\node.exe FirewallRules: [{312D4831-5FB1-441E-8ADD-05B62262FDE2}] => (Block) C:\program files (x86)\brackets\node.exe FirewallRules: [TCP Query User{75B351CF-A13D-47E9-A3D2-91B4CD61C40A}C:\users\hendr_000\mystuff\programmierung\java\eclipse\eclipse.exe] => (Allow) C:\users\hendr_000\mystuff\programmierung\java\eclipse\eclipse.exe FirewallRules: [UDP Query User{1FB4D50B-A12B-4E8D-B4C7-B68FDFEBB3C5}C:\users\hendr_000\mystuff\programmierung\java\eclipse\eclipse.exe] => (Allow) C:\users\hendr_000\mystuff\programmierung\java\eclipse\eclipse.exe FirewallRules: [{0843895D-6295-4013-8667-8D73952E5907}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{C1FDEF06-46C9-4C74-A413-A6FB6C898410}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{E5E28012-02C1-46F0-96DA-B1F6099ABFDF}C:\metasploit\ruby\bin\ruby.exe] => (Allow) C:\metasploit\ruby\bin\ruby.exe FirewallRules: [UDP Query User{D4482865-0BDB-4A24-9FD2-72567ABB7E8E}C:\metasploit\ruby\bin\ruby.exe] => (Allow) C:\metasploit\ruby\bin\ruby.exe FirewallRules: [{8B632EB9-B21D-406E-B9D0-B30D6C4E377A}] => (Block) C:\metasploit\ruby\bin\ruby.exe FirewallRules: [{6C37860C-6BDC-4F3C-A726-82BB64A610BE}] => (Block) C:\metasploit\ruby\bin\ruby.exe FirewallRules: [TCP Query User{C2BF4B57-117F-4B6C-BB07-9F5A32E4FC8F}C:\users\hendr_000\mystuff\programmierung\editoren\aptana\aptanastudio3.exe] => (Allow) C:\users\hendr_000\mystuff\programmierung\editoren\aptana\aptanastudio3.exe FirewallRules: [UDP Query User{45A7B396-1FF5-4D6B-9B7B-2B5A030BF2A2}C:\users\hendr_000\mystuff\programmierung\editoren\aptana\aptanastudio3.exe] => (Allow) C:\users\hendr_000\mystuff\programmierung\editoren\aptana\aptanastudio3.exe FirewallRules: [TCP Query User{0469D19F-D3D1-4857-9795-59CDD7F044CF}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe FirewallRules: [UDP Query User{6F497ACC-EA15-437F-8940-453641BC42EB}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe FirewallRules: [{A8770975-DA84-498D-B8DA-8C5513D789AB}] => (Block) C:\xampp\apache\bin\httpd.exe FirewallRules: [{3E26A083-9947-4AEC-8A50-300623DCCDAE}] => (Block) C:\xampp\apache\bin\httpd.exe FirewallRules: [TCP Query User{DD19F79F-C9BC-4DDC-982B-73EF0ABB22EB}C:\program files (x86)\cryengine\bin64\editor.exe] => (Allow) C:\program files (x86)\cryengine\bin64\editor.exe FirewallRules: [UDP Query User{6D15D010-03CE-4475-BB59-FA9ADA3C83D2}C:\program files (x86)\cryengine\bin64\editor.exe] => (Allow) C:\program files (x86)\cryengine\bin64\editor.exe FirewallRules: [{BF69B881-B3AA-4C53-A25E-A6B884D9E701}] => (Block) C:\program files (x86)\cryengine\bin64\editor.exe FirewallRules: [{68E88234-A025-4671-A891-776DB26DA38B}] => (Block) C:\program files (x86)\cryengine\bin64\editor.exe FirewallRules: [TCP Query User{B7B9E0B8-B1F3-435B-9788-62E8A6B9A872}C:\program files (x86)\unity\editor\unity.exe] => (Allow) C:\program files (x86)\unity\editor\unity.exe FirewallRules: [UDP Query User{00AAE738-611C-48EC-900A-12AFD3FCAFF9}C:\program files (x86)\unity\editor\unity.exe] => (Allow) C:\program files (x86)\unity\editor\unity.exe FirewallRules: [{D5D98A23-ADE4-44D5-81F9-CAC1B3950615}] => (Block) C:\program files (x86)\unity\editor\unity.exe FirewallRules: [{1054CED2-AD7C-4B03-8A49-1EED7C02EFB9}] => (Block) C:\program files (x86)\unity\editor\unity.exe FirewallRules: [TCP Query User{AB1D47A1-9E92-4AAC-BB5E-DA0C8FD4EF7C}C:\program files (x86)\cryengine\bin64\gamesdk.exe] => (Allow) C:\program files (x86)\cryengine\bin64\gamesdk.exe FirewallRules: [UDP Query User{6178A0C5-398B-48E1-9D81-FE61B22EEA6F}C:\program files (x86)\cryengine\bin64\gamesdk.exe] => (Allow) C:\program files (x86)\cryengine\bin64\gamesdk.exe FirewallRules: [{E51989AF-29B9-4EA4-A139-47DB360F67E0}] => (Block) C:\program files (x86)\cryengine\bin64\gamesdk.exe FirewallRules: [{2BF15603-7089-4657-AD03-C61CDE23538E}] => (Block) C:\program files (x86)\cryengine\bin64\gamesdk.exe FirewallRules: [TCP Query User{79A5DCA7-57DE-48B1-A927-D33F287E54B2}C:\users\hendr_000\documents\cryengine\bin64\editor.exe] => (Allow) C:\users\hendr_000\documents\cryengine\bin64\editor.exe FirewallRules: [UDP Query User{32A12F2F-F112-44DA-BE11-31BF731E9E3C}C:\users\hendr_000\documents\cryengine\bin64\editor.exe] => (Allow) C:\users\hendr_000\documents\cryengine\bin64\editor.exe FirewallRules: [{458335D4-AF90-4202-A408-1C24E6B62BBB}] => (Block) C:\users\hendr_000\documents\cryengine\bin64\editor.exe FirewallRules: [{20CDAE8E-5115-4272-B9E6-037EFCB98608}] => (Block) C:\users\hendr_000\documents\cryengine\bin64\editor.exe FirewallRules: [TCP Query User{6A9E6584-6304-42F5-993B-FBDCF075838A}C:\users\hendr_000\documents\cryengine\bin64\gamesdk.exe] => (Allow) C:\users\hendr_000\documents\cryengine\bin64\gamesdk.exe FirewallRules: [UDP Query User{376D2007-B844-47FD-BE56-641712F1D324}C:\users\hendr_000\documents\cryengine\bin64\gamesdk.exe] => (Allow) C:\users\hendr_000\documents\cryengine\bin64\gamesdk.exe FirewallRules: [TCP Query User{C95AF740-FE53-4E45-8DCA-33EB7B1AAED9}C:\program files\epic games\epic games\4.7\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\epic games\4.7\engine\binaries\win64\ue4editor.exe FirewallRules: [UDP Query User{8BCD298F-9269-4428-9D23-151F1538120A}C:\program files\epic games\epic games\4.7\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\epic games\4.7\engine\binaries\win64\ue4editor.exe FirewallRules: [{D2F96B2D-CCD8-4891-8050-C2DFD04EACBA}] => (Block) C:\program files\epic games\epic games\4.7\engine\binaries\win64\ue4editor.exe FirewallRules: [{C76A41AD-FA49-43E4-96FE-5EE84A3DD881}] => (Block) C:\program files\epic games\epic games\4.7\engine\binaries\win64\ue4editor.exe FirewallRules: [TCP Query User{8D602232-55C1-41DD-8A01-F33A236DB5AE}C:\users\hendr_000\documents\cryengine\bin32\editor.exe] => (Allow) C:\users\hendr_000\documents\cryengine\bin32\editor.exe FirewallRules: [UDP Query User{106CDF08-7E78-4A34-8001-6EE16CB96766}C:\users\hendr_000\documents\cryengine\bin32\editor.exe] => (Allow) C:\users\hendr_000\documents\cryengine\bin32\editor.exe FirewallRules: [{D0A9B9B4-68D4-4FEC-B37F-67AEEFF0B203}] => (Block) C:\users\hendr_000\documents\cryengine\bin32\editor.exe FirewallRules: [{323C0C18-6D80-4559-896D-E5AF6911C1E7}] => (Block) C:\users\hendr_000\documents\cryengine\bin32\editor.exe FirewallRules: [TCP Query User{6FE9F28C-F70D-4C5D-B9FF-019AFEEC7B93}C:\users\hendr_000\documents\cryengine\bin32\gamesdk.exe] => (Allow) C:\users\hendr_000\documents\cryengine\bin32\gamesdk.exe FirewallRules: [UDP Query User{C1804E13-76AB-41DB-9328-5257004FE841}C:\users\hendr_000\documents\cryengine\bin32\gamesdk.exe] => (Allow) C:\users\hendr_000\documents\cryengine\bin32\gamesdk.exe FirewallRules: [{D6EB6422-202A-4A5E-BF0B-B0A6B59D50E4}] => (Block) C:\users\hendr_000\documents\cryengine\bin32\gamesdk.exe FirewallRules: [{242B9913-EA5A-4C4E-AAE3-16230FB957E4}] => (Block) C:\users\hendr_000\documents\cryengine\bin32\gamesdk.exe FirewallRules: [TCP Query User{195EE537-01C6-44CD-A307-800C1CF94A87}C:\cpp\examples\internet\chat\chat.exe] => (Allow) C:\cpp\examples\internet\chat\chat.exe FirewallRules: [UDP Query User{DABE827D-34BA-44A8-9A8B-B6BC17E4E3C5}C:\cpp\examples\internet\chat\chat.exe] => (Allow) C:\cpp\examples\internet\chat\chat.exe FirewallRules: [{56CF1C8A-1443-4F27-8C85-F6F5F743323A}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe FirewallRules: [{6409AB8A-8598-45F1-AE83-8F1624FE5B58}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe FirewallRules: [TCP Query User{314F0CD0-1A80-483F-82FF-36198B8A1FDB}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe FirewallRules: [UDP Query User{9957FF52-D7D5-4B4B-8FA1-FCA9A71A2BF3}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe FirewallRules: [{F87B52C1-E5E6-47DB-BCA6-B162A70A7ACC}] => (Block) C:\program files\java\jre7\bin\java.exe FirewallRules: [{63A0C587-58E4-407A-8430-F91740892A6D}] => (Block) C:\program files\java\jre7\bin\java.exe FirewallRules: [TCP Query User{A49BFC24-9286-49C3-9304-21FC0750A1DA}C:\program files\unity 5\unity\editor\unity.exe] => (Allow) C:\program files\unity 5\unity\editor\unity.exe FirewallRules: [UDP Query User{B3EDA260-403F-428A-A8B9-B5762318613D}C:\program files\unity 5\unity\editor\unity.exe] => (Allow) C:\program files\unity 5\unity\editor\unity.exe FirewallRules: [{9FC5CAC6-6A24-4340-85AF-9B8620A4E552}] => (Block) C:\program files\unity 5\unity\editor\unity.exe FirewallRules: [{7C4DEE34-41D9-4C38-B29B-A54F75A853AB}] => (Block) C:\program files\unity 5\unity\editor\unity.exe FirewallRules: [TCP Query User{854AD037-515D-4925-96DC-1AF287E7C42B}C:\program files\unity 5\unity\monodevelop\bin\monodevelop.exe] => (Allow) C:\program files\unity 5\unity\monodevelop\bin\monodevelop.exe FirewallRules: [UDP Query User{D8EC7D10-43E7-4BC2-B202-3CA1FF1E8950}C:\program files\unity 5\unity\monodevelop\bin\monodevelop.exe] => (Allow) C:\program files\unity 5\unity\monodevelop\bin\monodevelop.exe FirewallRules: [{03B02D1A-6516-46D2-960D-452EC55DCBF3}] => (Block) C:\program files\unity 5\unity\monodevelop\bin\monodevelop.exe FirewallRules: [{2A9E7B31-8490-426A-A6E9-FCCC572E6557}] => (Block) C:\program files\unity 5\unity\monodevelop\bin\monodevelop.exe FirewallRules: [{B4AFDC92-AA95-41B4-8257-B150514410FA}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe FirewallRules: [{FF23AC4E-554B-4AA2-9E9A-5778B5A891E5}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe FirewallRules: [{1EAA34F2-4342-4CD9-893A-1307A4F12A04}] => (Allow) C:\Program Files (x86)\Firefox Developer Edition\firefox.exe FirewallRules: [{50A8C8BE-7BBC-442E-A24D-898131A9B1D7}] => (Allow) C:\Program Files (x86)\Firefox Developer Edition\firefox.exe FirewallRules: [TCP Query User{EC3AE3A3-7D9A-4A24-8D07-781EA2C5AF3D}C:\program files\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_51\bin\javaw.exe FirewallRules: [UDP Query User{9229B7E1-BB80-4D3C-93E0-DC19562706F8}C:\program files\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_51\bin\javaw.exe FirewallRules: [{9D113644-2AC2-463B-925A-5D8955B6716B}] => (Block) C:\program files\java\jre1.8.0_51\bin\javaw.exe FirewallRules: [{4DD836E9-2A23-4519-8B28-47FF1B608D07}] => (Block) C:\program files\java\jre1.8.0_51\bin\javaw.exe FirewallRules: [{1EBFDC13-43FF-4939-9C24-F738E8D2DFFF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{FBBADDCD-8B85-42A5-9977-CD685D11827B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{E58493BE-881A-4D98-9E39-7E9F29C8366A}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{313285AD-26AB-4542-BD25-A04B23F389A7}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{64A382BA-47D7-4C03-93D9-9DFF6BAD8F24}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{8B089474-445E-4F28-A5B4-B0E92401E283}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{B0FC994D-1EB8-4F27-BE21-59537526801E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{EFAB1B06-094C-4AD0-B928-EF375946CC03}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe FirewallRules: [{EFC62194-F61D-417B-A09C-166CD65856EF}] => (Allow) C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (08/10/2015 04:53:37 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT) Description: Die Klassenregistrierungsdatei kann nicht geladen werden. DETAIL - Die Datenbank der Konfigurationsregistrierung ist beschädigt. Error: (08/10/2015 04:53:37 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÄT) Description: Die Registrierung konnte nicht geladen werden. Dieses Problem wird oft durch zuwenig Arbeitsspeicher oder nicht ausreichende Sicherheitsberechtigungen verursacht. Details - Die Datenbank der Konfigurationsregistrierung ist beschädigt. for C:\Users\hendr_000\AppData\Local\Microsoft\Windows\\UsrClass.dat Error: (08/10/2015 04:53:37 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT) Description: Die Klassenregistrierungsdatei kann nicht geladen werden. DETAIL - Die Datenbank der Konfigurationsregistrierung ist beschädigt. Error: (08/10/2015 04:53:37 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÄT) Description: Die Registrierung konnte nicht geladen werden. Dieses Problem wird oft durch zuwenig Arbeitsspeicher oder nicht ausreichende Sicherheitsberechtigungen verursacht. Details - Die Datenbank der Konfigurationsregistrierung ist beschädigt. for C:\Users\hendr_000\AppData\Local\Microsoft\Windows\\UsrClass.dat Error: (08/10/2015 04:37:25 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (08/10/2015 04:31:24 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: LogonUI.exe, Version: 6.3.9600.17415, Zeitstempel: 0x5450541b Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000000000003b179 ID des fehlerhaften Prozesses: 0x138c Startzeit der fehlerhaften Anwendung: 0xLogonUI.exe0 Pfad der fehlerhaften Anwendung: LogonUI.exe1 Pfad des fehlerhaften Moduls: LogonUI.exe2 Berichtskennung: LogonUI.exe3 Vollständiger Name des fehlerhaften Pakets: LogonUI.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LogonUI.exe5 Error: (08/10/2015 04:30:37 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 4954 Error: (08/10/2015 04:30:37 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 4954 Error: (08/10/2015 04:30:37 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (08/10/2015 04:30:35 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 3360 Systemfehler: ============= Error: (08/09/2015 10:26:50 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet: %%1062 Error: (08/09/2015 05:19:10 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 09.08.2015 um 12:02:45 unerwartet heruntergefahren. Error: (08/08/2015 07:57:34 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 08.08.2015 um 19:54:40 unerwartet heruntergefahren. Error: (08/08/2015 07:53:32 PM) (Source: DCOM) (EventID: 10010) (User: ARBEITSRECHNER) Description: {5C65F4B0-3651-4514-B207-D10CB699B14B} Error: (08/08/2015 07:53:02 PM) (Source: DCOM) (EventID: 10010) (User: ARBEITSRECHNER) Description: {5C65F4B0-3651-4514-B207-D10CB699B14B} Error: (08/08/2015 07:52:27 PM) (Source: DCOM) (EventID: 10010) (User: ARBEITSRECHNER) Description: {5C65F4B0-3651-4514-B207-D10CB699B14B} Error: (08/07/2015 12:36:05 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 07.08.2015 um 11:03:24 unerwartet heruntergefahren. Error: (08/06/2015 08:51:47 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Microsoft.Reader Error: (08/06/2015 08:51:20 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Microsoft.ZuneVideo Error: (08/06/2015 08:39:23 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 06.08.2015 um 20:38:12 unerwartet heruntergefahren. Microsoft Office: ========================= Error: (08/10/2015 04:53:37 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT) Description: Die Datenbank der Konfigurationsregistrierung ist beschädigt. Error: (08/10/2015 04:53:37 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÄT) Description: Die Datenbank der Konfigurationsregistrierung ist beschädigt. C:\Users\hendr_000\AppData\Local\Microsoft\Windows\\UsrClass.dat Error: (08/10/2015 04:53:37 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT) Description: Die Datenbank der Konfigurationsregistrierung ist beschädigt. Error: (08/10/2015 04:53:37 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÄT) Description: Die Datenbank der Konfigurationsregistrierung ist beschädigt. C:\Users\hendr_000\AppData\Local\Microsoft\Windows\\UsrClass.dat Error: (08/10/2015 04:37:25 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (08/10/2015 04:31:24 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: LogonUI.exe6.3.9600.174155450541bntdll.dll6.3.9600.17736550f4336c0000005000000000003b179138c01d0d379152bb6abC:\Windows\system32\LogonUI.exeC:\Windows\SYSTEM32\ntdll.dll79cb3c19-3f6c-11e5-8014-a4db3080e4a1 Error: (08/10/2015 04:30:37 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 4954 Error: (08/10/2015 04:30:37 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 4954 Error: (08/10/2015 04:30:37 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (08/10/2015 04:30:35 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 3360 CodeIntegrity: =================================== Date: 2015-08-10 16:06:04.164 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-10 16:06:02.149 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-10 16:05:59.777 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-07 17:36:56.369 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-07 17:36:54.362 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-07 17:36:51.817 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-07 17:36:10.881 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-07 17:36:04.691 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-07 14:09:10.418 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-07 14:09:08.762 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Speicherinformationen =========================== Processor: AMD E1-2500 APU with Radeon(TM) HD Graphics Prozentuale Nutzung des RAM: 38% Installierter physikalischer RAM: 3525.01 MB Verfügbarer physikalischer RAM: 2180.29 MB Summe virtueller Speicher: 7109.01 MB Verfügbarer virtueller Speicher: 5650.45 MB ==================== Laufwerke ================================ Drive c: (Acer) (Fixed) (Total:444.6 GB) (Free:220.79 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D5A694CC) Partition: GPT. ==================== Ende von log ============================ |
11.08.2015, 09:32 | #5 |
/// the machine /// TB-Ausbilder | Windows 8.1 Metro-Apps starten minimiert Downloade Dir bitte Malwarebytes Anti-Malware
Downloade Dir bitte AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
11.08.2015, 19:57 | #6 |
| Windows 8.1 Metro-Apps starten minimiert mbam.txt: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 11.08.2015 Suchlaufzeit: 18:26 Protokolldatei: mbam.txt Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.08.11.06 Rootkit-Datenbank: v2015.08.06.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: hendrik_2002 Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 674433 Abgelaufene Zeit: 1 Std., 44 Min., 18 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 1 PUP.Optional.PCMechanic, C:\Users\hendr_000\Downloads\pcmechanicpm.exe, , [375bc1468b00c3732e442c9a0ef3d729], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) ADWCleaner.txt: AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v4.201 - Bericht erstellt 11/08/2015 um 20:21:45 # Aktualisiert 08/04/2015 von Xplode # Datenbank : 2015-08-11.1 [Server] # Betriebssystem : Windows 8.1 (x64) # Benutzername : hendrik_2002 - ARBEITSRECHNER # Gestarted von : C:\Users\hendr_000\Desktop\adwcleaner_4.201.exe # Option : Löschen ***** [ Dienste ] ***** Dienst Gelöscht : swdumon ***** [ Dateien / Ordner ] ***** Ordner Gelöscht : C:\ftb Ordner Gelöscht : C:\Users\hendr_000\AppData\Local\slimware utilities inc Ordner Gelöscht : C:\Users\hendr_000\AppData\Roaming\Solvusoft Datei Gelöscht : C:\Windows\System32\roboot64.exe Datei Gelöscht : C:\Windows\System32\drivers\swdumon.sys Datei Gelöscht : C:\Users\hendr_000\AppData\Roaming\Mozilla\Firefox\Profiles\2famRptk.default\user.js Datei Gelöscht : C:\Users\hendr_000\AppData\Roaming\Mozilla\Firefox\Profiles\a42jhbp7.default-1396422616735\user.js ***** [ Geplante Tasks ] ***** ***** [ Verknüpfungen ] ***** ***** [ Registrierungsdatenbank ] ***** Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ChromaticHTM Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814} Schlüssel Gelöscht : HKCU\Software\OCS Schlüssel Gelöscht : HKCU\Software\SlimWare Utilities Inc Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue Schlüssel Gelöscht : HKLM\SOFTWARE\SecurityUtility Schlüssel Gelöscht : HKLM\SOFTWARE\SlimWare Utilities Inc Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FAD0F79E-5EA4-542B-76A3-46093E52C1F5} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\SecurityUtility ***** [ Internetbrowser ] ***** -\\ Internet Explorer v11.0.9600.17840 -\\ Mozilla Firefox v36.0 (x86 de) -\\ Google Chrome v44.0.2403.130 -\\ Opera v0.0.0.0 ************************* AdwCleaner[R0].txt - [14361 Bytes] - [02/04/2014 09:03:53] AdwCleaner[R10].txt - [2522 Bytes] - [22/04/2015 16:37:13] AdwCleaner[R11].txt - [2299 Bytes] - [31/05/2015 08:49:31] AdwCleaner[R12].txt - [2359 Bytes] - [31/05/2015 08:53:03] AdwCleaner[R13].txt - [2290 Bytes] - [13/06/2015 10:04:20] AdwCleaner[R14].txt - [4124 Bytes] - [11/08/2015 20:21:19] AdwCleaner[R1].txt - [19934 Bytes] - [27/01/2015 19:31:34] AdwCleaner[R2].txt - [1050 Bytes] - [30/01/2015 14:48:34] AdwCleaner[R3].txt - [2028 Bytes] - [08/02/2015 10:26:18] AdwCleaner[R4].txt - [1891 Bytes] - [12/02/2015 11:06:10] AdwCleaner[R5].txt - [1456 Bytes] - [16/02/2015 15:21:28] AdwCleaner[R6].txt - [1515 Bytes] - [16/02/2015 15:28:33] AdwCleaner[R7].txt - [1978 Bytes] - [06/03/2015 21:32:13] AdwCleaner[R8].txt - [1774 Bytes] - [07/03/2015 19:27:03] AdwCleaner[R9].txt - [25450 Bytes] - [09/04/2015 11:49:10] AdwCleaner[S0].txt - [11202 Bytes] - [02/04/2014 09:05:15] AdwCleaner[S10].txt - [3392 Bytes] - [11/08/2015 20:21:45] AdwCleaner[S1].txt - [17070 Bytes] - [27/01/2015 19:38:50] AdwCleaner[S2].txt - [1965 Bytes] - [12/02/2015 11:15:26] AdwCleaner[S3].txt - [1530 Bytes] - [16/02/2015 15:33:08] AdwCleaner[S4].txt - [1997 Bytes] - [06/03/2015 21:37:18] AdwCleaner[S5].txt - [1839 Bytes] - [07/03/2015 19:36:47] AdwCleaner[S6].txt - [3828 Bytes] - [09/04/2015 12:07:25] AdwCleaner[S7].txt - [2453 Bytes] - [22/04/2015 16:39:41] AdwCleaner[S8].txt - [2417 Bytes] - [31/05/2015 08:54:53] AdwCleaner[S9].txt - [2306 Bytes] - [13/06/2015 10:22:34] ########## EOF - C:\AdwCleaner\AdwCleaner[S10].txt - [3984 Bytes] ########## [/CODE] JRT.txt: JRT Logfile: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 7.5.5 (08.05.2015:1) OS: Windows 8.1 x64 Ran by hendrik_2002 on 11.08.2015 at 20:33:14,87 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Tasks Successfully deleted: [Task] C:\Windows\system32\tasks\Uninstaller_SkipUac_hendrik_2002 Successfully deleted: [Task] C:\Windows\Tasks\Uninstaller_SkipUac_hendrik_2002.job ~~~ Registry Values Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer ~~~ Files ~~~ Folders Successfully deleted: [Folder] C:\ProgramData\productdata Successfully deleted: [Folder] C:\Users\hendr_000\Appdata\Local\icsharpcode.net Successfully deleted: [Folder] C:\Users\hendr_000\AppData\Roaming\goldengate Successfully deleted: [Folder] C:\Users\hendr_000\AppData\Roaming\productdata Successfully deleted: [Folder] C:\users\Public\Documents\downloaded installers Successfully deleted: [Folder] C:\ProgramData\7b24ec7cc000461ebe26d116b88142c8 Successfully deleted: [Folder] C:\Users\hendr_000\Appdata\Local\14405 ~~~ FireFox Successfully deleted: [Folder] C:\Users\hendr_000\AppData\Roaming\mozilla\firefox\profiles\a42jhbp7.default-1396422616735\extensions\iobitascsurfingprotection@iobit.com Emptied folder: C:\Users\hendr_000\AppData\Roaming\mozilla\firefox\profiles\a42jhbp7.default-1396422616735\minidumps [2 files] ~~~ Chrome [C:\Users\hendr_000\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset [C:\Users\hendr_000\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted: [C:\Users\hendr_000\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset [C:\Users\hendr_000\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted: [] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 11.08.2015 at 20:42:06,51 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ FRST.txt: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:11-08-2015 durchgeführt von hendrik_2002 (Administrator) auf ARBEITSRECHNER (11-08-2015 20:46:55) Gestartet von C:\Users\hendr_000\Desktop Geladene Profile: hendrik_2002 (Verfügbare Profile: hendrik_2002 & Dirk & Niklas Steinmetz & Administrator) Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Mister Group) C:\Program Files (x86)\System Explorer\SystemExplorer.exe (Mister Group) C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation) HKLM-x32\...\Run: [iFreeUp] => C:\Program Files (x86)\IObit\iFreeUp\iFreeUpMini.exe [470304 2015-03-31] (IObit) HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2429728 2015-04-08] (IObit) HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd) ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Keine Datei ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Keine Datei ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Keine Datei ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Keine Datei ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Keine Datei ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Keine Datei ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-532561150-3242956754-1626305917-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.msn.com/de-de/?pc=UP97&ocid=UP97DHP hxxp://www.google.com SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-532561150-3242956754-1626305917-1001 -> URL hxxp://search.conduit.com/Results.aspx?ctid=CT3323878&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPF4C30013-DBA8-4203-9422-5B83732DCF2E&q={searchTerms}&SSPV= SearchScopes: HKU\S-1-5-21-532561150-3242956754-1626305917-1001 -> SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms} SearchScopes: HKU\S-1-5-21-532561150-3242956754-1626305917-1001 -> {36A2063E-A8A8-41E0-B063-C2945B3B3AA1} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-06-09] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-21] (Oracle Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-21] (Oracle Corporation) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{0186D2C8-01F4-4F66-A6D2-3A87F13D817A}: [DhcpNameServer] 192.168.1.1 StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\hendr_000\AppData\Roaming\Mozilla\Firefox\Profiles\a42jhbp7.default-1396422616735 FF SelectedSearchEngine: Yahoo! FF Homepage: about:home FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-20] () FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-21] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-21] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-20] () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-01-26] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-21] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-21] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-532561150-3242956754-1626305917-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-06-20] () FF Extension: Kein Name - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-05-27] FF Extension: Kein Name - C:\Users\hendr_000\AppData\Roaming\Mozilla\Firefox\Profiles\a42jhbp7.default-1396422616735\extensions\amazon-icon@giga.de [nicht gefunden] FF Extension: Kein Name - C:\Users\hendr_000\AppData\Roaming\Mozilla\Firefox\Profiles\a42jhbp7.default-1396422616735\extensions\iobitascsurfingprotection@iobit.com [nicht gefunden] StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Firefox Developer Edition\firefox.exe Chrome: ======= CHR Profile: C:\Users\hendr_000\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Adblock Plus) - C:\Users\hendr_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-06-06] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\hendr_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14] CHR Extension: (Chrome Web Store Payments) - C:\Users\hendr_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-22] CHR Extension: (Adblock Pro) - C:\Users\hendr_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2015-06-06] CHR Extension: (uMatrix) - C:\Users\hendr_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfcmafjalglgifnmanfmnieipoejdcf [2015-04-20] CHR Extension: (Chrome Apps & Extensions Developer Tool) - C:\Users\hendr_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohmmkhmmmpcnpikjeljgnaoabkaalbgc [2015-06-06] CHR HKU\S-1-5-21-532561150-3242956754-1626305917-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fkkcgfbgohboipdhliafmacjnhjbhmim] - https://clients2.google.com/service/update2/crx Opera: ======= StartMenuInternet: (HKU\S-1-5-21-532561150-3242956754-1626305917-1001) OperaStable - "C:\Users\hendr_000\AppData\Local\Programs\Opera\Launcher.exe" ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-02-04] (Adobe Systems) [Datei ist nicht signiert] S2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [814880 2015-04-03] (IObit) S4 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-03-17] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert] S4 Apache2.4; C:\xampp\apache\bin\httpd.exe [22016 2014-07-17] (Apache Software Foundation) [Datei ist nicht signiert] S2 Bonjour Service; C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe [384512 2015-07-21] (Apple Inc.) [Datei ist nicht signiert] S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation) S4 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-27] (Acer Incorporated) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2753720 2015-07-01] (Microsoft Corporation) S4 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2015\DfsdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany) [Datei ist nicht signiert] S2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21744 2015-07-09] (Microsoft Corporation) S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-08-09] (IObit) S4 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) S4 metasploitPostgreSQL; C:\metasploit\postgresql\bin\pg_ctl.exe [76288 2015-03-04] (PostgreSQL Global Development Group) [Datei ist nicht signiert] S4 metasploitProSvc; C:\metasploit\ruby\bin\ruby.exe [107178 2015-03-04] (hxxp://www.ruby-lang.org/) [Datei ist nicht signiert] S4 metasploitThin; C:\metasploit\ruby\bin\ruby.exe [107178 2015-03-04] (hxxp://www.ruby-lang.org/) [Datei ist nicht signiert] S4 metasploitWorker; C:\metasploit\ruby\bin\ruby.exe [107178 2015-03-04] (hxxp://www.ruby-lang.org/) [Datei ist nicht signiert] S4 mysql; C:\xampp\mysql\bin\mysqld.exe [10982912 2014-07-18] () [Datei ist nicht signiert] R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [Datei ist nicht signiert] R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [Datei ist nicht signiert] S3 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2015-06-22] () S4 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia) S4 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia) R3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Mister Group) S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [134656 2015-07-09] (Microsoft Corporation) [Datei ist nicht signiert] S4 Tomcat7; C:\xampp\tomcat\bin\tomcat7.exe [80896 2013-07-02] (Apache Software Foundation) [Datei ist nicht signiert] S4 vncserver; C:\Program Files\RealVNC\VNC Server\vncservice.exe [639808 2015-01-28] (RealVNC Ltd) S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-07] (Microsoft Corporation) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.) R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4265984 2014-12-11] (Qualcomm Atheros Communications, Inc.) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-12-21] (Advanced Micro Devices) S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-04-15] (Qualcomm Atheros) R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation) R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-03-30] (LogMeIn Inc.) S3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation) R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2014-08-19] (Riverbed Technology, Inc.) S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia) S3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated) R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation) R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-07-09] (Oracle Corporation) R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [146072 2015-07-09] (Oracle Corporation) R0 vsock; C:\Windows\System32\drivers\vsock.sys [76480 2015-05-21] (VMware, Inc.) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation) S3 cpuz137; \??\C:\Users\HENDR_~1\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-08-11 20:46 - 2015-08-11 20:47 - 00016402 _____ C:\Users\hendr_000\Desktop\FRST.txt 2015-08-11 20:46 - 2015-08-11 20:46 - 02172416 _____ (Farbar) C:\Users\hendr_000\Desktop\FRST64.exe 2015-08-11 20:46 - 2015-08-11 20:46 - 00000000 ____D C:\Users\hendr_000\Desktop\FRST-OlderVersion 2015-08-11 20:33 - 2015-08-11 20:32 - 01797896 _____ (Malwarebytes Corporation) C:\Users\hendr_000\Desktop\JRT.exe 2015-08-11 20:32 - 2015-08-11 20:32 - 01797896 _____ (Malwarebytes Corporation) C:\Users\hendr_000\Downloads\JRT.exe 2015-08-11 18:25 - 2015-08-11 18:25 - 00001078 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-08-11 18:25 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-08-11 18:25 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-08-11 18:25 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-08-10 15:57 - 2015-08-10 15:57 - 00000000 ____D C:\Users\hendr_000\Downloads\metasploitable-linux-2.0.0 2015-08-10 15:53 - 2015-08-10 15:53 - 00000000 ____D C:\Users\hendr_000\AppData\Local\Xamarin 2015-08-10 15:53 - 2015-08-10 15:53 - 00000000 ____D C:\ProgramData\MonoTouch 2015-08-10 15:53 - 2015-08-10 15:53 - 00000000 ____D C:\ProgramData\Mono for Android 2015-08-09 22:25 - 2015-08-09 22:25 - 00001894 _____ C:\Users\hendr_000\Desktop\VS 2015.lnk 2015-08-09 22:14 - 2015-08-11 20:23 - 00017114 _____ C:\Windows\PFRO.log 2015-08-09 21:59 - 2015-08-10 16:14 - 00000000 ____D C:\Users\hendr_000\Documents\Visual Studio 2015 2015-08-09 21:55 - 2015-08-09 21:55 - 00000000 ____D C:\Program Files (x86)\Xamarin 2015-08-09 21:54 - 2015-08-09 21:55 - 00000000 ____D C:\ProgramData\Monodoc 2015-08-09 20:42 - 2015-08-09 20:42 - 00000000 ____D C:\Program Files\Application Verifier 2015-08-09 20:42 - 2015-08-09 20:42 - 00000000 ____D C:\Program Files (x86)\Application Verifier 2015-08-09 20:41 - 2015-08-09 20:41 - 00000000 ____D C:\ProgramData\Windows App Certification Kit 2015-08-09 20:27 - 2015-08-09 20:27 - 00000000 ____D C:\Program Files (x86)\AppInsights 2015-08-09 20:26 - 2015-08-09 20:26 - 00000000 ____D C:\ProgramData\NuGet 2015-08-09 20:26 - 2015-08-09 20:26 - 00000000 ____D C:\Program Files (x86)\NuGet 2015-08-09 19:56 - 2015-08-09 19:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android SDK Tools 2015-08-09 19:54 - 2015-08-09 19:54 - 00000000 ____D C:\Program Files (x86)\Android 2015-08-09 19:50 - 2015-08-09 19:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 8.0 2015-08-09 19:43 - 2015-08-09 19:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 5 SDK - Deutsch 2015-08-09 19:39 - 2015-08-09 19:39 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition 2015-08-09 19:30 - 2015-08-09 20:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits 2015-08-09 19:29 - 2015-08-09 19:29 - 00000000 ____D C:\ProgramData\PreEmptive Solutions 2015-08-09 19:28 - 2015-08-09 19:28 - 00000000 ____D C:\Program Files (x86)\ShellDir 2015-08-09 19:21 - 2015-08-09 19:21 - 00000000 ____D C:\ProgramData\Microsoft DNX 2015-08-09 19:21 - 2015-08-09 19:21 - 00000000 ____D C:\Program Files\Microsoft DNX 2015-08-09 19:08 - 2015-08-09 19:16 - 00000000 ____D C:\Program Files (x86)\Microsoft Web Tools 2015-08-09 19:08 - 2015-08-09 19:08 - 00000000 ____D C:\Users\Administrator\Documents\ManageYourLife 1.0.0 2015-08-09 19:05 - 2015-08-09 19:05 - 00000000 ____D C:\Program Files\IIS Express 2015-08-09 19:05 - 2015-08-09 19:05 - 00000000 ____D C:\Program Files (x86)\IIS Express 2015-08-09 19:03 - 2015-08-09 19:03 - 00000000 ____D C:\Program Files (x86)\Microsoft Office365 Tools 2015-08-09 19:01 - 2015-08-09 19:01 - 00000000 ____D C:\Program Files (x86)\Microsoft WCF Data Services 2015-08-09 18:58 - 2015-08-09 18:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression 2015-08-09 18:56 - 2015-08-09 18:56 - 00001536 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2015.lnk 2015-08-09 18:53 - 2015-08-09 18:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 8.1 2015-08-09 18:53 - 2015-08-09 18:53 - 00000000 ____D C:\Program Files (x86)\Windows Phone Silverlight Kits 2015-08-09 18:52 - 2015-08-09 19:50 - 00000000 ____D C:\Program Files (x86)\Windows Phone Kits 2015-08-09 18:52 - 2015-08-09 19:48 - 00000000 ____D C:\Program Files (x86)\Microsoft XDE 2015-08-09 18:48 - 2015-08-09 18:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012 2015-08-09 18:40 - 2015-08-09 18:40 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 12.0 2015-08-09 18:40 - 2015-08-09 18:40 - 00000000 ____D C:\Program Files (x86)\HTML Help Workshop 2015-08-09 18:30 - 2015-08-09 18:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015 2015-08-09 18:27 - 2015-08-09 18:27 - 00000000 ____D C:\Windows\symbols 2015-08-09 18:22 - 2015-08-09 19:40 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server 2015-08-09 18:22 - 2015-08-09 18:35 - 00000000 ____D C:\Windows\SysWOW64\1031 2015-08-09 18:22 - 2015-08-09 18:26 - 00000000 ____D C:\Windows\system32\1033 2015-08-09 18:22 - 2015-08-09 18:22 - 00001537 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015.lnk 2015-08-09 18:22 - 2015-08-09 18:22 - 00000000 ____D C:\Windows\SysWOW64\1033 2015-08-09 18:12 - 2015-08-11 20:24 - 00001330 _____ C:\Windows\setupact.log 2015-08-09 18:12 - 2015-08-09 21:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 14.0 2015-08-09 18:12 - 2015-08-09 18:22 - 00000000 ____D C:\Windows\system32\1031 2015-08-09 18:12 - 2015-08-09 18:12 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 14.0 2015-08-09 18:12 - 2015-08-09 18:12 - 00000000 _____ C:\Windows\setuperr.log 2015-08-09 17:57 - 2015-06-22 08:31 - 00027840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll 2015-08-09 17:56 - 2015-06-22 08:30 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll 2015-08-09 17:54 - 2015-08-09 17:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iFreeUp 2015-08-09 17:47 - 2015-08-09 17:47 - 64294912 _____ C:\Windows\system32\config\COMPONENTS.iobit 2015-08-09 17:47 - 2015-08-09 17:47 - 05189632 _____ C:\Windows\system32\config\DRIVERS.iobit 2015-08-09 17:32 - 2015-06-04 15:28 - 00961192 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll 2015-08-09 17:32 - 2015-06-04 15:28 - 00062304 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:28 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:28 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:28 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:28 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:28 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:28 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:28 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:28 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:28 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:28 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:28 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:28 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:28 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:28 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00883712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00064352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2015-08-09 17:24 - 2015-08-09 17:43 - 873116238 _____ C:\Users\hendr_000\Downloads\metasploitable-linux-2.0.0.zip 2015-08-09 17:23 - 2015-08-10 15:46 - 00000000 ____D C:\ProgramData\VsTelemetry 2015-08-09 17:23 - 2015-08-09 17:23 - 03099760 _____ (Microsoft Corporation) C:\Users\hendr_000\Downloads\vs_community.exe 2015-08-08 19:48 - 2015-08-08 19:48 - 00000000 ____D C:\Program Files\Registrar Registry Manager 2015-08-08 19:45 - 2015-08-08 19:45 - 05032752 _____ (Resplendence Software Projects Sp. ) C:\Users\hendr_000\Downloads\RegistrarHomeV7.exe 2015-08-08 18:39 - 2015-08-09 19:24 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET 2015-08-08 18:39 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-08-08 18:39 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-08-08 18:39 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-08-08 18:39 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-08-08 18:39 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-08-08 18:39 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-08-08 18:39 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-08-08 18:39 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-08-08 18:39 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-08-08 18:39 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-08-08 18:39 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2015-08-08 18:39 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-08-08 18:39 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-08-08 18:39 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-08-08 18:39 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-08-08 18:39 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-08-08 18:39 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-08-08 18:38 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2015-08-08 18:38 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-08-07 17:20 - 2015-08-07 17:20 - 00052736 _____ C:\Users\hendr_000\Desktop\CopyBootLog.exe 2015-08-07 15:41 - 2015-08-07 15:41 - 00000000 ____D C:\Users\hendr_000\Downloads\geek_13346 2015-08-07 14:07 - 2015-08-07 14:07 - 00000000 ____D C:\Users\hendr_000\Downloads\gcc-5.1.0 2015-08-06 19:46 - 2015-08-06 20:38 - 00075139 _____ C:\Users\hendr_000\Desktop\Storereparatur.log 2015-08-06 18:26 - 2015-08-06 18:26 - 00000000 ____D C:\RefreshImage 2015-08-02 14:06 - 2015-08-02 14:07 - 07407166 _____ C:\Users\hendr_000\Downloads\AdventureMap ZeFlu.zip 2015-08-01 11:12 - 2015-08-01 11:12 - 00000440 _____ C:\Users\hendr_000\Downloads\App-Fix.zip 2015-08-01 11:00 - 2015-08-01 11:00 - 00000000 ____D C:\Windows\SysWOW64\RTCOM 2015-08-01 10:59 - 2015-08-01 10:59 - 00000000 ____D C:\Program Files\Realtek 2015-08-01 10:58 - 2000-01-01 02:00 - 05804772 _____ C:\Windows\system32\Drivers\rtvienna.dat 2015-08-01 10:58 - 2000-01-01 02:00 - 04460760 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys 2015-08-01 10:58 - 2000-01-01 02:00 - 03262184 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 02907864 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 02702040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl 2015-08-01 10:58 - 2000-01-01 02:00 - 02162992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 01413776 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 01104040 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00943784 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00856992 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00837776 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00734376 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00654480 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00544400 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.DLL 2015-08-01 10:58 - 2000-01-01 02:00 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00454288 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00435344 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00369296 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00329360 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00329360 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00250536 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00213432 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaemaxapo64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 72113152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat 2015-08-01 10:57 - 2000-01-01 02:00 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 05706688 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV2apo.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 03218800 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 02847448 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 02532056 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 02036495 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT 2015-08-01 10:57 - 2000-01-01 02:00 - 01739992 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 01316056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 00631000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 00168816 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 14048512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 12975360 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 12834736 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO4064.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 05234952 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 02789808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO7064.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 01499984 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 01365768 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 01313904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 01136728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 00995120 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 00979280 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 00922880 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 07087448 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 06242576 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 03182104 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 01939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 01933584 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 01559744 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00336144 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00328816 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00284944 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00096568 _____ C:\Windows\system32\audioLibVc.dll 2015-08-01 10:54 - 2000-01-01 02:00 - 00560328 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll 2015-08-01 10:54 - 2000-01-01 02:00 - 00109848 _____ C:\Windows\system32\AcpiServiceVnA64.dll 2015-07-31 17:00 - 2015-07-31 17:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved 2015-07-31 16:59 - 2015-08-01 10:52 - 00000000 ____D C:\Users\hendr_000\AppData\Roaming\Raptr 2015-07-31 16:59 - 2015-07-31 17:00 - 00000000 ____D C:\Program Files (x86)\Raptr 2015-07-31 16:49 - 2015-07-31 16:51 - 00192816 _____ C:\Users\hendr_000\Downloads\raptr_installer.exe 2015-07-31 14:18 - 2015-08-06 19:03 - 00004270 _____ C:\Users\hendr_000\Desktop\FixMetro.cmd 2015-07-31 10:17 - 2015-07-31 10:17 - 00000308 _____ C:\Users\hendr_000\Desktop\MetroTwit.appref-ms 2015-07-31 10:17 - 2015-07-31 10:17 - 00000000 ____D C:\Users\hendr_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pixel Tucker Pty Ltd 2015-07-30 19:07 - 2015-07-30 20:49 - 2147484783 _____ C:\Users\hendr_000\Downloads\kali-linux-1.1.0a-i386.iso 2015-07-29 20:55 - 2015-07-29 20:58 - 19302676 _____ C:\Users\hendr_000\Downloads\CommunityShowcaseNaturalLandscapes3.themepack 2015-07-29 20:48 - 2015-07-29 20:48 - 00536906 _____ C:\Users\hendr_000\Downloads\apps.diagcab 2015-07-29 20:48 - 2015-07-29 20:48 - 00423962 _____ C:\Users\hendr_000\Downloads\AppsDiagnostic.diagcab 2015-07-29 17:25 - 2013-06-18 15:12 - 00090304 _____ (Sysinternals) C:\Windows\system32\strings.exe 2015-07-29 17:24 - 2013-06-18 15:12 - 00090304 _____ (Sysinternals) C:\Users\hendr_000\Downloads\strings.exe 2015-07-29 17:23 - 2015-07-29 17:23 - 00050298 _____ C:\Users\hendr_000\Downloads\Strings.zip 2015-07-29 17:13 - 2015-07-29 17:13 - 00000000 ____D C:\Users\hendr_000\AppData\Local\GWX 2015-07-29 17:12 - 2015-07-29 17:12 - 00000000 ____D C:\Users\hendr_000\Downloads\win10fix_full_german.bat_ 2015-07-29 17:11 - 2015-07-29 17:11 - 00002929 _____ C:\Users\hendr_000\Downloads\win10fix_full_german.bat_.zip 2015-07-29 16:55 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll 2015-07-29 16:55 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll 2015-07-29 16:54 - 2015-06-09 20:27 - 00411133 _____ C:\Windows\system32\ApnDatabase.xml 2015-07-29 16:53 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2015-07-29 16:53 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll 2015-07-29 16:53 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll 2015-07-29 16:52 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2015-07-29 16:52 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2015-07-29 16:52 - 2015-06-10 00:39 - 00081920 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS 2015-07-29 16:52 - 2015-06-10 00:39 - 00053248 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys 2015-07-29 16:52 - 2015-06-10 00:38 - 01201664 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys 2015-07-28 16:43 - 2015-07-28 16:43 - 00001011 _____ C:\Users\hendr_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FastCopy.lnk 2015-07-28 16:43 - 2015-07-28 16:43 - 00000981 _____ C:\Users\hendr_000\Desktop\FastCopy.lnk 2015-07-28 16:43 - 2015-07-28 16:43 - 00000000 ____D C:\Users\hendr_000\AppData\Roaming\FastCopy 2015-07-28 16:43 - 2015-07-28 16:43 - 00000000 ____D C:\Program Files\FastCopy 2015-07-27 18:36 - 2015-07-27 18:37 - 04954736 _____ (Microsoft Corporation) C:\Users\hendr_000\Downloads\WindowsSetupBox.exe 2015-07-27 18:10 - 2015-07-27 18:10 - 00060965 _____ C:\Users\hendr_000\Downloads\pkeyuibx_v1.5.0.zip 2015-07-27 18:08 - 2015-07-27 18:08 - 01198368 _____ C:\Users\hendr_000\Downloads\Windows Product Key Viewer - CHIP-Installer.exe 2015-07-27 18:02 - 2015-07-27 18:02 - 01198368 _____ C:\Users\hendr_000\Downloads\Windows 8 1 Setup Tool - CHIP-Installer.exe 2015-07-26 17:15 - 2015-07-26 17:15 - 00000000 ____D C:\Users\hendr_000\Downloads\rawwritewin-0.7 2015-07-26 16:33 - 2015-07-26 16:33 - 00000000 ____D C:\Users\hendr_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++ 2015-07-26 16:30 - 2015-07-26 17:14 - 00000000 ____D C:\Users\hendr_000\Desktop\ownOS 2015-07-26 16:27 - 2015-07-26 16:27 - 00214786 _____ C:\Users\hendr_000\Downloads\rawwritewin-0.7.zip 2015-07-26 16:27 - 2015-07-26 16:27 - 00000000 ____D C:\rawrite 2015-07-26 16:24 - 2015-07-26 16:25 - 00000000 ____D C:\NASM 2.11.08 2015-07-26 16:23 - 2015-07-26 16:23 - 00802892 _____ C:\Users\hendr_000\Downloads\nasm-2.11.08-installer.exe 2015-07-26 16:21 - 2015-07-26 16:22 - 01398894 _____ C:\Users\hendr_000\Downloads\nasm-2.11.08.zip 2015-07-25 21:07 - 2015-07-25 21:41 - 00428047 _____ C:\Users\hendr_000\Desktop\FastCopy211_x64.zip 2015-07-25 21:07 - 2015-07-25 21:07 - 00427277 _____ C:\Windows\SysWOW64\FastCopy211_x64.zip 2015-07-25 21:05 - 2015-07-25 21:05 - 00516664 _____ ( ) C:\Users\hendr_000\Downloads\FastCopy211_x64_CB-DL-Manager.exe 2015-07-25 16:55 - 2015-07-25 16:55 - 00000000 _____ C:\Windows\SysWOW64\InstallLocation 2015-07-24 14:03 - 2015-07-24 14:03 - 00000000 ____D C:\Users\hendr_000\AppData\Local\Steam 2015-07-24 14:03 - 2015-07-24 14:03 - 00000000 ____D C:\Users\hendr_000\AppData\Local\CEF 2015-07-23 19:02 - 2015-07-31 10:26 - 00000000 ____D C:\Program Files (x86)\Steam 2015-07-23 19:02 - 2015-07-23 19:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2015-07-23 19:00 - 2015-07-23 19:01 - 01476720 _____ C:\Users\hendr_000\Downloads\SteamSetup.exe 2015-07-23 18:25 - 2015-07-23 18:35 - 606076928 _____ C:\Users\hendr_000\Downloads\ubuntu-14.04.2-server-i386.iso 2015-07-23 18:21 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-07-23 18:10 - 2015-07-23 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox 2015-07-23 18:10 - 2015-07-23 18:10 - 00000000 ____D C:\Program Files\Oracle 2015-07-23 18:10 - 2015-07-09 12:09 - 00958736 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys 2015-07-23 18:10 - 2015-07-09 12:09 - 00138904 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys 2015-07-21 14:11 - 2015-06-25 04:31 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-07-21 14:10 - 2015-06-16 00:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe 2015-07-21 14:10 - 2015-06-16 00:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2015-07-21 14:10 - 2015-06-15 23:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe 2015-07-21 14:10 - 2015-06-15 23:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2015-07-21 14:10 - 2015-06-15 22:50 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2015-07-21 14:10 - 2015-06-15 21:57 - 02460160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2015-07-21 14:09 - 2015-06-28 07:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-07-21 14:09 - 2015-06-28 07:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-07-21 14:09 - 2015-06-28 07:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2015-07-21 14:09 - 2015-06-28 07:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-07-21 14:09 - 2015-06-27 18:42 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2015-07-21 14:09 - 2015-06-27 05:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2015-07-21 14:09 - 2015-06-27 05:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2015-07-21 14:09 - 2015-06-27 05:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2015-07-21 14:09 - 2015-06-27 04:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2015-07-21 14:09 - 2015-06-27 04:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-07-21 14:09 - 2015-06-27 04:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-07-21 14:09 - 2015-06-27 03:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2015-07-21 14:09 - 2015-06-27 03:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-07-21 14:07 - 2015-07-09 20:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-07-21 14:07 - 2015-06-27 05:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-07-21 14:07 - 2015-06-27 05:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-07-21 14:07 - 2015-06-27 04:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-07-21 14:07 - 2015-05-30 23:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll 2015-07-21 14:07 - 2015-05-30 21:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll 2015-07-21 14:07 - 2015-05-30 21:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2015-07-21 12:56 - 2015-07-02 00:08 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-07-21 12:56 - 2015-07-01 23:14 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-07-21 12:55 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-07-21 12:55 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-07-21 12:53 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-07-21 12:52 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-07-21 12:52 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-07-21 12:52 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-07-21 12:52 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-07-21 12:52 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-07-21 12:51 - 2015-06-16 00:39 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-07-21 12:51 - 2015-06-16 00:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-07-21 12:51 - 2015-06-16 00:26 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-07-21 12:51 - 2015-06-16 00:24 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-07-21 12:51 - 2015-06-16 00:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2015-07-21 12:51 - 2015-06-15 23:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-07-21 12:51 - 2015-06-15 23:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-07-21 12:51 - 2015-06-15 23:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2015-07-21 12:51 - 2015-06-15 23:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-07-21 12:51 - 2015-06-15 23:49 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2015-07-21 12:51 - 2015-06-15 23:41 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-07-21 12:51 - 2015-06-15 23:38 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-07-21 12:51 - 2015-06-15 23:36 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-07-21 12:51 - 2015-06-15 23:17 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2015-07-21 12:51 - 2015-06-15 23:16 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-07-21 12:51 - 2015-06-15 23:15 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-07-21 12:51 - 2015-06-15 23:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-07-21 12:51 - 2015-06-15 23:04 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-07-21 12:51 - 2015-06-15 23:03 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-07-21 12:51 - 2015-06-15 22:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-07-21 12:51 - 2015-06-15 22:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2015-07-21 12:51 - 2015-06-15 22:44 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-07-21 12:51 - 2015-06-15 22:43 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-07-21 12:51 - 2015-06-15 22:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2015-07-21 12:51 - 2015-06-15 22:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-07-21 12:51 - 2015-06-15 22:37 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2015-07-21 12:51 - 2015-06-15 22:32 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2015-07-21 12:51 - 2015-06-15 22:31 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-07-21 12:51 - 2015-06-15 22:30 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-07-21 12:51 - 2015-06-15 22:30 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-07-21 12:51 - 2015-06-15 22:17 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll 2015-07-21 12:51 - 2015-06-15 22:07 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-07-21 12:51 - 2015-06-15 22:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-07-21 12:48 - 2015-06-16 07:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2015-07-21 12:48 - 2015-06-16 07:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2015-07-21 12:48 - 2015-06-11 05:49 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2015-07-21 12:48 - 2015-06-10 18:13 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2015-07-21 12:47 - 2015-07-14 16:14 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-07-21 12:47 - 2015-07-14 16:14 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2015-07-21 12:47 - 2015-07-14 16:14 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2015-07-21 12:47 - 2015-07-14 16:13 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-07-21 12:22 - 2015-07-21 12:45 - 00000000 ____D C:\Users\hendr_000\AppData\Local\ftblauncher 2015-07-21 12:22 - 2015-07-21 12:37 - 00000000 ____D C:\Users\hendr_000\AppData\Roaming\ftblauncher 2015-07-21 12:20 - 2015-07-21 12:21 - 06628862 _____ () C:\Users\hendr_000\Downloads\FTB_Launcher.exe ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-08-11 20:47 - 2015-06-07 17:02 - 00000000 ____D C:\FRST 2015-08-11 20:46 - 2015-05-30 06:36 - 01591694 _____ C:\Windows\WindowsUpdate.log 2015-08-11 20:46 - 2015-04-08 14:50 - 00005188 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for ARBEITSRECHNER-hendrik_2002 Arbeitsrechner 2015-08-11 20:46 - 2014-01-25 17:44 - 00000000 ___DO C:\Users\hendr_000\SkyDrive 2015-08-11 20:39 - 2014-01-27 17:50 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-08-11 20:30 - 2014-01-25 17:33 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-532561150-3242956754-1626305917-1001 2015-08-11 20:25 - 2015-01-29 19:14 - 00000000 ____D C:\ProgramData\VMware 2015-08-11 20:24 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-08-11 20:23 - 2014-02-23 22:06 - 00065536 _____ C:\Windows\system32\spu_storage.bin 2015-08-11 20:22 - 2014-04-02 09:03 - 00000000 ____D C:\AdwCleaner 2015-08-11 20:13 - 2014-09-06 11:25 - 00000000 ____D C:\Users\Administrator 2015-08-11 20:13 - 2014-08-24 11:19 - 00000000 ____D C:\Users\Niklas Steinmetz.HendriksPodpal 2015-08-11 20:13 - 2014-02-23 22:13 - 00000000 ____D C:\Users\Dirk 2015-08-11 20:13 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\Resources 2015-08-11 20:02 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru 2015-08-11 18:26 - 2015-06-06 13:31 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-08-11 18:25 - 2015-06-06 13:30 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-08-10 18:36 - 2014-06-21 18:57 - 00000000 ____D C:\Users\hendr_000\AppData\Roaming\.minecraft 2015-08-10 18:36 - 2014-02-23 22:13 - 00000000 ____D C:\Users\hendr_000 2015-08-10 18:05 - 2015-06-24 19:06 - 00057216 _____ C:\Users\hendr_000\Desktop\loaded_drivers.txt 2015-08-10 16:11 - 2015-01-29 19:22 - 00000000 ____D C:\Users\hendr_000\AppData\Local\VMware 2015-08-10 16:05 - 2015-01-29 19:22 - 00000000 ____D C:\Users\hendr_000\AppData\Roaming\VMware 2015-08-09 22:14 - 2013-08-22 16:44 - 00396520 _____ C:\Windows\system32\FNTCACHE.DAT 2015-08-09 22:10 - 2015-06-30 10:08 - 00000286 _____ C:\Windows\Tasks\ASC8_SkipUac_hendrik_2002.job 2015-08-09 21:54 - 2014-02-23 21:45 - 00000000 ____D C:\Program Files (x86)\MSBuild 2015-08-09 21:52 - 2015-01-21 12:40 - 00000000 ____D C:\ProgramData\Package Cache 2015-08-09 21:43 - 2014-12-06 13:11 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs 2015-08-09 21:22 - 2014-03-07 20:13 - 00000000 ____D C:\Users\hendr_000\.android 2015-08-09 19:40 - 2015-05-12 17:39 - 00000000 ____D C:\Program Files\Microsoft SQL Server 2015-08-09 19:40 - 2014-12-06 13:23 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2015-08-09 19:38 - 2015-05-12 17:44 - 00000000 ____D C:\Program Files (x86)\Windows Kits 2015-08-09 19:05 - 2012-07-26 09:59 - 00000000 ____D C:\Windows\CbsTemp 2015-08-09 18:53 - 2015-05-12 17:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0 2015-08-09 18:47 - 2015-05-12 17:29 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0 2015-08-09 18:27 - 2015-05-12 17:43 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer 2015-08-09 18:14 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2015-08-09 18:03 - 2015-03-09 20:30 - 00000000 ____D C:\Users\hendr_000\AppData\Local\Eclipse 2015-08-09 17:53 - 2015-02-04 18:04 - 00000000 ____D C:\Users\hendr_000\AppData\Roaming\IObit 2015-08-09 17:53 - 2015-02-04 18:03 - 00000000 ____D C:\Program Files (x86)\IObit 2015-08-09 17:50 - 2015-01-30 12:12 - 00000000 ____D C:\Users\hendr_000\VirtualBox VMs 2015-08-09 17:50 - 2015-01-30 12:11 - 00000000 ____D C:\Users\hendr_000\.VirtualBox 2015-08-09 17:47 - 2014-02-06 21:33 - 00246272 ___SH C:\Users\hendr_000\Desktop\Thumbs.db 2015-08-09 17:20 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF 2015-08-08 20:08 - 2015-04-07 08:46 - 00000000 ____D C:\Users\hendr_000\workspace_projects 2015-08-08 19:58 - 2014-12-10 21:15 - 00000000 ____D C:\Windows\system32\appraiser 2015-08-08 19:58 - 2014-07-31 18:06 - 00000000 ___SD C:\Windows\system32\CompatTel 2015-08-08 19:55 - 2014-02-09 10:06 - 00000000 ____D C:\Users\hendr_000\AppData\Local\CrashDumps 2015-08-07 18:28 - 2015-05-12 17:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2013 2015-08-06 18:29 - 2014-02-23 22:13 - 00012102 _____ C:\Windows\diagerr.xml 2015-08-06 18:29 - 2014-02-23 22:13 - 00011231 _____ C:\Windows\diagwrn.xml 2015-08-05 20:13 - 2015-06-07 16:59 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2015-08-05 16:05 - 2015-06-06 13:56 - 00000000 ____D C:\ProgramData\HitmanPro 2015-08-02 19:14 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache 2015-08-01 11:02 - 2013-10-08 16:45 - 00000000 ___HD C:\Program Files (x86)\Temp 2015-07-31 18:02 - 2014-02-23 22:06 - 00000000 ____D C:\AMD 2015-07-31 14:12 - 2014-07-27 17:04 - 00000000 ____D C:\Users\hendr_000\.eclipse 2015-07-31 10:28 - 2015-01-29 19:28 - 00000000 ____D C:\Users\hendr_000\Documents\Virtual Machines 2015-07-31 10:20 - 2014-03-22 10:15 - 00000000 ____D C:\Users\hendr_000\AppData\Local\Deployment 2015-07-30 21:48 - 2013-08-22 15:25 - 00786432 ___SH C:\Windows\system32\config\BBI 2015-07-30 16:49 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\FxsTmp 2015-07-29 18:34 - 2014-01-25 17:39 - 00000000 ____D C:\Users\hendr_000\AppData\Local\Apps\2.0 2015-07-26 16:34 - 2014-08-23 12:55 - 00000000 ____D C:\Users\hendr_000\AppData\Roaming\Notepad++ 2015-07-26 16:33 - 2014-08-23 12:55 - 00000000 ____D C:\Program Files (x86)\Notepad++ 2015-07-25 21:05 - 2015-04-09 11:57 - 00000000 ___SD C:\Windows\system32\GWX 2015-07-25 17:32 - 2014-01-25 17:00 - 00000000 ____D C:\Users\hendr_000\AppData\Local\Packages 2015-07-24 16:28 - 2014-12-24 19:48 - 00000000 ____D C:\Program Files (x86)\Minecraft 2015-07-24 16:27 - 2015-01-14 12:48 - 00000000 ____D C:\Users\hendr_000\.gimp-2.8 2015-07-24 14:10 - 2015-02-04 18:03 - 00000000 ____D C:\ProgramData\IObit 2015-07-23 21:37 - 2015-04-09 11:57 - 00000000 ___SD C:\Windows\SysWOW64\GWX 2015-07-23 20:17 - 2014-02-06 20:36 - 00000000 ____D C:\Windows\system32\MRT 2015-07-23 19:20 - 2014-02-11 19:35 - 00000000 ____D C:\Users\hendr_000\AppData\Roaming\FileZilla 2015-07-23 18:12 - 2015-06-09 16:53 - 00000000 ____D C:\Users\hendr_000\Downloads\forge 2015-07-23 18:11 - 2015-06-09 16:57 - 00000000 ____D C:\Users\hendr_000\Downloads\setups 2015-07-21 14:09 - 2014-01-25 17:21 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2015-07-21 14:08 - 2014-12-23 17:32 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2015-07-21 12:50 - 2014-03-29 20:01 - 00004120 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-07-21 12:50 - 2014-03-29 20:01 - 00003884 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-07-21 12:50 - 2014-03-29 20:01 - 00001148 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-07-21 12:50 - 2014-03-29 20:01 - 00001144 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-07-21 12:36 - 2014-01-25 17:34 - 00000000 ____D C:\Program Files\Microsoft Office 15 2015-07-21 12:28 - 2014-03-07 21:33 - 00000000 ____D C:\ProgramData\Oracle 2015-07-21 12:25 - 2014-12-24 21:28 - 00110688 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2015-07-21 12:25 - 2014-12-24 21:27 - 00000000 ____D C:\Program Files\Java 2015-07-13 23:10 - 2015-03-14 09:02 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-07-13 23:10 - 2015-03-14 09:02 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-02-26 20:51 - 2015-02-26 20:51 - 0000000 ___RH () C:\Users\hendr_000\AppData\Roaming\b4d6e8f4ed70928182ebe608f6b39bab2 2015-05-15 12:12 - 2015-05-15 12:12 - 0000046 _____ () C:\Users\hendr_000\AppData\Roaming\Camdata.ini 2015-05-15 12:12 - 2015-05-15 12:12 - 0000408 _____ () C:\Users\hendr_000\AppData\Roaming\CamLayout.ini 2015-05-15 12:12 - 2015-05-15 12:12 - 0000408 _____ () C:\Users\hendr_000\AppData\Roaming\CamShapes.ini 2015-05-15 12:12 - 2015-05-15 12:12 - 0004536 _____ () C:\Users\hendr_000\AppData\Roaming\CamStudio.cfg 2014-09-01 10:18 - 2014-09-01 10:18 - 0002086 _____ () C:\Users\hendr_000\AppData\Roaming\UIZJU 2015-05-15 12:11 - 2015-05-15 12:11 - 0000096 _____ () C:\Users\hendr_000\AppData\Roaming\version2.xml 2014-03-07 21:43 - 2014-12-23 16:55 - 0000113 _____ () C:\Users\hendr_000\AppData\Roaming\WB.CFG 2014-12-08 18:03 - 2014-12-08 18:03 - 0202370 _____ () C:\Users\hendr_000\AppData\Local\debuggee.mdmp 2015-01-29 21:01 - 2015-07-01 11:23 - 0000600 _____ () C:\Users\hendr_000\AppData\Local\PUTTY.RND 2015-06-22 17:08 - 2015-06-22 17:08 - 0002836 _____ () C:\Users\hendr_000\AppData\Local\recently-used.xbel 2014-12-26 12:55 - 2015-04-18 07:59 - 0007595 _____ () C:\Users\hendr_000\AppData\Local\Resmon.ResmonCfg 2015-01-27 09:36 - 2015-01-27 09:36 - 0000000 _____ () C:\Users\hendr_000\AppData\Local\{A9E8EC64-9A12-4DF0-8909-6F0BE58BB854} 2015-03-22 17:22 - 2015-03-22 17:22 - 0740775 _____ () C:\ProgramData\AndyDrivers.zip 2015-06-06 14:28 - 2015-06-06 14:28 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Einige Dateien in TEMP: ==================== C:\Users\Administrator\AppData\Local\Temp\borlndlm.dll C:\Users\Dirk\AppData\Local\Temp\{9AB2D6BA-D314-4579-92EB-5166BD3BD792}-35.0.1916.153_chrome_installer.exe C:\Users\hendr_000\AppData\Local\Temp\Quarantine.exe C:\Users\hendr_000\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-08-06 17:13 ==================== Ende von Ergebnis ============================ |
11.08.2015, 19:58 | #7 |
| Windows 8.1 Metro-Apps starten minimiert Addition.txt: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:11-08-2015 durchgeführt von hendrik_2002 (2015-08-11 20:49:41) Gestartet von C:\Users\hendr_000\Desktop Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-532561150-3242956754-1626305917-500 - Administrator - Enabled) => C:\Users\Administrator Dirk (S-1-5-21-532561150-3242956754-1626305917-1004 - Administrator - Enabled) => C:\Users\Dirk Dummy-Account (S-1-5-21-532561150-3242956754-1626305917-1013 - Limited - Enabled) Gast (S-1-5-21-532561150-3242956754-1626305917-501 - Limited - Disabled) Hendrik2002 (S-1-5-21-532561150-3242956754-1626305917-1017 - Administrator - Enabled) hendrik_2002 (S-1-5-21-532561150-3242956754-1626305917-1001 - Administrator - Enabled) => C:\Users\hendr_000 HomeGroupUser$ (S-1-5-21-532561150-3242956754-1626305917-1006 - Limited - Enabled) Katja (S-1-5-21-532561150-3242956754-1626305917-1009 - Administrator - Enabled) Niklas Steinmetz (S-1-5-21-532561150-3242956754-1626305917-1008 - Limited - Enabled) => C:\Users\Niklas Steinmetz.HendriksPodpal ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated) AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2022 - Acer Incorporated) Adobe After Effects 7.0 (HKLM-x32\...\Adobe After Effects 7.0) (Version: 7.0.0.244 - Adobe Systems, Inc.) Adobe Flash Player 17 NPAPI (HKLM-x32\...\{F22C3C05-B1D9-47FF-AA17-4F9DCBFE850F}) (Version: 17.0.0.134 - Adobe Systems Incorporated) Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated) Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.) Adobe Premiere Pro 2.0 (HKLM-x32\...\Adobe Premiere Pro 2.0) (Version: 2.000.000 - Adobe Systems, Inc.) Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated) Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.3.0 - IObit) AMD Catalyst Install Manager (HKLM\...\{ACF4E7FE-650D-9BD7-BAE5-1AD061F40F69}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.) Application Insights Tools for Visual Studio 2015 (x32 Version: 3.3.1 - Microsoft Corporation) Hidden Ashampoo WinOptimizer 2015 v.11.00.50 (HKLM-x32\...\{4209F371-3276-A8F7-B851-845A83732AB4}_is1) (Version: 11.00.50 - Ashampoo GmbH & Co. KG) Assassin's Creed Revelations 1.03 (HKLM-x32\...\{33A22B2D-55BA-4508-B767-BF2E9C21A73F}) (Version: 1.03 - Ubisoft) Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team) Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden Bandicam (HKLM-x32\...\Bandicam) (Version: 2.1.2.740 - Bandisoft.com) Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com) Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.51210.80 - Microsoft Corporation) Hidden Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.51210.80 - Microsoft Corporation) Hidden Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden Blend for Visual Studio SDK for Windows Phone 8.0 (x32 Version: 3.0.30924.0 - Microsoft Corporation) Hidden Blender (HKLM\...\Blender) (Version: 2.73a - Blender Foundation) Borland C++Builder 6 (HKLM-x32\...\{2864C41B-EF2D-4640-95A2-526276524519}) (Version: 6.0 - Borland Software Corporation) Brackets (HKLM-x32\...\{4BCC5124-095C-4871-8562-55FA29DD8773}) (Version: 1.1 - brackets.io) Build Tools - amd64 (Version: 12.0.31010 - Microsoft Corporation) Hidden Build Tools - x86 (x32 Version: 12.0.31010 - Microsoft Corporation) Hidden Build Tools for Windows 10 (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden Build Tools Language Resources - amd64 (Version: 12.0.31010 - Microsoft Corporation) Hidden Build Tools Language Resources - x86 (x32 Version: 12.0.31010 - Microsoft Corporation) Hidden Buildtools für Windows 10 - DEU (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform) clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.2012 - Acer Incorporated) clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.2016 - Acer Incorporated) clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden CodedUITest81 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden CodedUITestUAP (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden Craften Terminal 4.1.1 (HKLM-x32\...\{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1) (Version: 4.1.1 - Craften.de) Crossfire Europe (HKLM-x32\...\Crossfire Europe) (Version: 1.172 - SG Europe) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Devenv-Ressourcen für Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden Dotfuscator and Analytics Community Edition 5.18.1 (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden Dotfuscator and Analytics Community Edition Language Pack 5.18.1 de-DE (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden Entity Framework 6.1.3 Tools for Visual Studio 2015 (HKLM-x32\...\{1A8A9739-BAD7-491F-B5B9-A79A2B965422}) (Version: 14.0.40302.0 - Microsoft Corporation) Epic Games Launcher (HKLM\...\{84438A71-40ED-4E6F-9C7E-58FE0F61F692}) (Version: 1.1.28.0 - Epic Games, Inc.) Erforderliche Komponenten für SSDT (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation) FileZilla (remove only) (HKLM-x32\...\FileZilla) (Version: - ) FileZilla Client 3.10.2 (HKLM-x32\...\FileZilla Client) (Version: 3.10.2 - Tim Kosse) Firefox Developer Edition 40.0a2 (x86 en-US) (HKLM-x32\...\Firefox Developer Edition 40.0a2 (x86 en-US)) (Version: 40.0a2 - Mozilla) Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Free Pascal 2.6.4 (HKLM-x32\...\FreePascal_is1) (Version: - Free Pascal Team) Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2015 Sprachpaket (DEU) - v1.5 (x32 Version: 1.5.30619.1602 - Microsoft Corporation) Hidden GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team) Git version 1.9.5-preview20150319 (HKLM-x32\...\Git_is1) (Version: 1.9.5-preview20150319 - The Git Development Community) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.130 - Google Inc.) Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software) HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.242 - SurfRight B.V.) IDE Tools for Windows 10 (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3006 - Acer Incorporated) IDE-Tools für Windows 10 - DEU (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden iFreeUp 1.0 (HKLM-x32\...\iFreeUp_is1) (Version: 1.0.10 - IObit) IIS 10.0 Express (HKLM\...\{5984D8DA-C1AF-4284-9C88-D7150425B315}) (Version: 10.0.1734 - Microsoft Corporation) IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - ) IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - ) Intellisense Lang Pack Mobile Extension SDK 10.0.10240.0 (x32 Version: 10.0.10240.0 - Microsoft Corporation) Hidden Java 7 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417025F0}) (Version: 7.0.250 - Oracle) Java 7 Update 75 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417075FF}) (Version: 7.0.750 - Oracle) Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation) Java SE Development Kit 7 Update 75 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170750}) (Version: 1.7.0.750 - Oracle) Java SE Development Kit 8 Update 31 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180310}) (Version: 8.0.310.13 - Oracle Corporation) Kits Configuration Installer (x32 Version: 10.0.26624 - Microsoft) Hidden League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games ) League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3010 - Acer Incorporated) LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden LocalESPCui for de-de (x32 Version: 8.59.29989 - Microsoft) Hidden LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.) LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) Metasploit (HKLM-x32\...\Metasploit 4.11.1) (Version: 4.11.1 - Rapid7) MetroTwit (HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\6d9570ab26892611) (Version: 1.2.0.1 - Pixel Tucker Pty Ltd) Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation) Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{21B0F482-5EF9-45DA-8840-340AFE705A6C}) (Version: 4.5.50710 - Microsoft Corporation) Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation) Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation) Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation) Microsoft Help Viewer 2.1 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.1 Sprachpaket - DEU) (Version: 2.1.21005 - Microsoft Corporation) Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation) Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.23107 - Microsoft Corporation) Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4737.1003 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\OneDriveSetup.exe) (Version: 17.3.5907.0716 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft Silverlight 5 SDK - DEU (HKLM-x32\...\{F351AA2C-723C-4CFE-A7CB-8E43AB164F7F}) (Version: 5.0.61118.0 - Microsoft Corporation) Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation) Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation) Microsoft SQL Server Data Tools - DEU (14.0.50616.0) (HKLM-x32\...\{FA604873-01A0-4834-AF87-418534E465BB}) (Version: 14.0.50616.0 - Microsoft Corporation) Microsoft SQL Server*2014 Management Objects (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server*2014 Transact-SQL ScriptDom (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server*2014 T-SQL Language Service (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio Community 2015 (HKLM-x32\...\{5c2b89b0-08cc-492f-b086-21e4d6ae7be4}) (Version: 14.0.23107.10 - Microsoft Corporation) Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation) Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{63967E7E-5D53-42FA-A7B2-DC50FB0F976F}) (Version: 12.0.2402.11 - Microsoft Corporation) Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{2ADB6B9D-83C6-494E-B8AE-E815956A4670}) (Version: 12.0.2402.11 - Microsoft Corporation) Minecraft (HKLM-x32\...\{02BAAFC5-4E16-42E6-A9F6-8DDE0B7ED3B8}) (Version: 1.0.0.0 - Mojang) Mit C# erstellte geräteübergreifende Hybrid-Apps - Vorlagen - DEU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 36.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0 (x86 de)) (Version: 36.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0 - Mozilla) Mozilla Thunderbird 24.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.3.0 (x86 de)) (Version: 24.3.0 - Mozilla) MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden Nidhogg v1.0 (HKLM-x32\...\Nidhogg v1.01.0) (Version: 1.0 - Friends in War) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.9.2 - Notepad++ Team) OEM Application Profile (HKLM-x32\...\{276FD4A2-030F-8A24-7DFE-9B1384131BCD}) (Version: 1.00.0000 - Ihr Firmenname) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4737.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4737.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4737.1003 - Microsoft Corporation) Hidden Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer) Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.02.2008 - Acer) Opera Stable 30.0.1835.59 (HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\Opera 30.0.1835.59) (Version: 30.0.1835.59 - Opera Software) Oracle VM VirtualBox 5.0.0 (HKLM\...\{FCD0B365-2189-45F3-9AF2-2BCED86C121A}) (Version: 5.0.0 - Oracle Corporation) paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC) Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation) Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM-x32\...\{3F514FDC-F0F2-3B99-86D6-F7B3A2679B39}) (Version: 4.5.51209 - Microsoft Corporation) Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6 (Deutsch) (HKLM-x32\...\{7227EFF8-BC26-44D4-B91D-969A82DBDF4A}) (Version: 4.6.00081 - Microsoft Corporation) PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden Prerequisites for SSDT (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation) Projekt- und Elementvorlagen für Visual Studio Community 2015 – DEU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden Projekt- und Elementvorlagen für Visual Studio Express 2015 für Windows 10 – DEU (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden Projekt- und Elementvorlagen für Visual Studio Professional 2015 – DEU (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden Python 3.4.3 (HKLM-x32\...\{CCD588A7-8D55-49F1-A30C-47FAB40889ED}) (Version: 3.4.16490 - Python Software Foundation) Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.224 - Qualcomm Atheros Communications) Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.20 - Qualcomm Atheros Inc.) Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.55 - Qualcomm Atheros) Raptr (HKLM-x32\...\Raptr) (Version: - ) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7509 - Realtek Semiconductor Corp.) Registrar Registry Manager 7.75 (HKLM\...\RegistrarHome_is1) (Version: - Resplendence Software Projects Sp.) Resource Hacker Version 4.0.0 (HKLM-x32\...\ResourceHacker_is1) (Version: - ) Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden Secunia PSI (3.0.0.10004) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia) Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) Silent Hunter 4 Wolves of the Pacific (HKLM-x32\...\{0D005F09-A5F4-473B-A901-5735C6AF5628}) (Version: 1.00.0000 - Ubisoft) Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.) Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit) System Explorer 6.4.2 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version: - Mister Group) Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.23102 - Microsoft Corporation) Hidden TeamSpeak 3 Client (HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden TIPP10 Version 2.1.0 (HKLM-x32\...\TIPP10_is1) (Version: - (c) 2006-2011, Tom Thielicke IT Solutions) TypeScript Power Tool (x32 Version: 1.5.4.0 - Microsoft Corporation) Hidden TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.5.4.0 - Microsoft Corporation) Hidden TypeScript Tools for Microsoft Visual Studio 2015 1.5.4.0 (HKLM-x32\...\{4cde0c8c-47b3-448f-babf-fe5d392432a6}) (Version: 1.5.23128.0 - Microsoft Corporation) Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT) UltraUXThemePatcher (HKLM-x32\...\UltraUXThemePatcher) (Version: 2.5.6.0 - Manuel Hoefs (Zottel)) Unity (HKLM-x32\...\Unity) (Version: 5.0.1f1 - Unity Technologies ApS) Universal CRT Extension SDK (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden Universal CRT Extension SDK (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden Universal CRT Headers Libraries and Sources (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden Universal CRT Headers Libraries and Sources (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden Universal CRT Redistributable (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden Universal CRT Tools x64 (Version: 10.0.26624 - Microsoft Corporation) Hidden Universal CRT Tools x86 (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden Universal General MIDI DLS Extension SDK (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden Visual C++ für Mobile-Entwicklung (Android-Unterstützung) (HKLM-x32\...\{fd8b6372-b8b3-4a14-bb21-fbc5cb94f7ac}) (Version: 14.0.23027.0 - Microsoft Corporation) Visual C++ für Mobile-Entwicklung (iOS-Unterstützung) (HKLM-x32\...\{8fd9a549-20ac-4daf-8da3-c54b6621ac29}) (Version: 14.0.23027.0 - Microsoft Corporation) Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation) Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation) Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation) VMware Player (HKLM-x32\...\VMware_Player) (Version: 7.1.2 - VMware, Inc) VMware Player (Version: 7.1.2 - VMware, Inc.) Hidden VNC Server 5.2.3 (HKLM\...\{0D2201F0-2E7B-4C89-8C5D-03D3F5BB5042}) (Version: 5.2.3 - RealVNC Ltd) VNC Viewer 5.2.3 (HKLM\...\{8824CB84-60DF-4CBC-AB3A-7C5AB2A41F31}) (Version: 5.2.3 - RealVNC Ltd) WCF Data Services 5.6.4 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden WCF Data Services Tools for Microsoft Visual Studio 2015 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation) Webocton - Scriptly 0.8.95.6 (HKLM-x32\...\Webocton - Scriptly_is1) (Version: 0.8.95.6 - Webocton) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Windows Software Development Kit - Windows 10.0.26624 (HKLM-x32\...\{e7a0c8b6-b0e9-41e2-8a0a-a6784f88d1d4}) (Version: 10.0.26624 - Microsoft Corporation) WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies) WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) WinRT Intellisense Desktop - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden WinRT Intellisense Desktop - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden WinRT Intellisense IoT - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden WinRT Intellisense IoT - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden WinRT Intellisense PPI - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden WinRT Intellisense PPI - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden WinRT Intellisense UAP - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden WinRT Intellisense UAP - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden WinRT Intellisense Xbox Live Extension SDK - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden WinRT Intellisense Xbox Live Extension SDK - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden Wireshark 1.12.3 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.12.3 - The Wireshark developer community, hxxp://www.wireshark.org) Wise Registry Cleaner 8.61 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 8.61 - WiseCleaner.com, Inc.) Xamarin (HKLM-x32\...\{B6F4249F-5053-43D5-BA37-D942230C825B}) (Version: 3.11.816.0 - Xamarin) XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-5 - Bitnami) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Wiederherstellungspunkte ========================= 09-08-2015 17:28:59 Microsoft Visual Studio Community 2015 09-08-2015 17:33:34 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 09-08-2015 17:37:30 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 09-08-2015 17:41:56 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 09-08-2015 17:44:22 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 09-08-2015 17:47:02 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 09-08-2015 18:16:58 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 09-08-2015 19:56:48 TypeScript Tools for Microsoft Visual Studio 2015 1.5.4.0 09-08-2015 20:03:53 Update for Microsoft Visual Studio 2015 (KB3073097) 09-08-2015 20:28:43 Windows Software Development Kit - Windows 10.0.26624 09-08-2015 21:37:52 Microsoft Visual Studio 2015 Tools für Windows 10 (Technical Preview) 09-08-2015 21:47:29 Update for Microsoft Visual Studio 2015 (KB3073097) 09-08-2015 21:48:46 Visual C++ für Mobile-Entwicklung (iOS-Unterstützung) 09-08-2015 21:50:23 Visual C++ für Mobile-Entwicklung (Android-Unterstützung) 11-08-2015 20:33:22 JRT Pre-Junkware Removal ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {07B9F40D-4E63-4DAF-8FD6-4EE67D558E0E} - System32\Tasks\{C7EAF7A5-FBDB-4A82-91B9-18268A1FDEE1} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.73.105.457/de/abandoninstall?page=tsMain Task: {09F3DD2C-71B3-4A85-9364-C6386EA7E94C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated) Task: {2676A993-D66B-4448-A860-F9763BEEDE42} - System32\Tasks\Opera scheduled Autoupdate 1426179695 => C:\Users\hendr_000\AppData\Local\Programs\Opera\launcher.exe [2015-06-10] (Opera Software) Task: {33A65D12-4ED9-434B-96F9-68D1F9241A8B} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-532561150-3242956754-1626305917-1001 Task: {395A679E-F1C7-4FA0-A08F-2B1F3D7E8E0F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd) Task: {3C052D58-9ADE-4287-94F2-CA7AEFE0D177} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser Task: {45BB8FB7-E03E-47DC-9513-D76090D256DB} - System32\Tasks\{2EFDEB36-276A-48F3-BFAA-5F39F38EB409} => pcalua.exe -a C:\Users\hendr_000\Desktop\Forge_Server\forge-1.8-11.14.0.1285-1.8-installer-win.exe -d C:\Users\hendr_000\Desktop\Forge_Server Task: {5960B03A-15EA-446B-A907-4FACA2EF3BDD} - System32\Tasks\{AA50E2BC-3878-43CC-9F92-EAF47C08AB82} => pcalua.exe -a C:\Users\hendr_000\Downloads\forge-1.7.10-10.13.3.1355-1.7.10-installer-win.exe -d C:\Users\hendr_000\Downloads Task: {66C3A4D9-DEB8-4C5B-A1B7-F5C5B803BEA4} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] () Task: {6FE0E8CB-D288-41EA-BA1E-74239258B658} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-29] (Google Inc.) Task: {74768E11-5380-4F57-93C3-438B4A630F6A} - System32\Tasks\ASC8_SkipUac_hendrik_2002 => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2015-06-16] (IObit) Task: {BB059E76-F9BF-44C9-B6ED-13F7B3CEF254} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-01] (Microsoft Corporation) Task: {C426D609-BEA0-4503-A8F1-8EBBCE15C292} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe [2015-06-10] (IObit) Task: {CB016BC7-2B36-4262-A1E8-B434854BFE31} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-01] (Microsoft Corporation) Task: {D2174D06-84F3-46A9-9998-A0B5934A7B07} - System32\Tasks\Microsoft Office 15 Sync Maintenance for ARBEITSRECHNER-hendrik_2002 Arbeitsrechner => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-06-02] (Microsoft Corporation) Task: {E2F4864D-34CE-4271-9B2D-F92D332804DB} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] () Task: {E95F795D-D6BF-41F2-95CF-E279E4F0C080} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-07-03] (Microsoft Corporation) Task: {E9D16D5F-9981-4966-AF14-EC8FFEC0427B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-29] (Google Inc.) Task: {EC96A4FB-11A6-4682-82A5-ADD27F0D47CA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-23] (Adobe Systems Incorporated) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\ASC8_SkipUac_hendrik_2002.job => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\UIZJU.job => C:\Users\hendr_000\AppData\Roaming\UIZJU.exe <==== ACHTUNG ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2014-06-20 13:15 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\Users\Dirk\OneDrive:ms-properties AlternateDataStreams: C:\Users\Dirk\SkyDrive:ms-properties AlternateDataStreams: C:\Users\hendr_000\SkyDrive:ms-properties ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service" ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com IE trusted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\freerealms.com -> freerealms.com IE trusted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\google.de -> hxxps://www.google.de IE trusted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\it-fachportal.de -> hxxps://www.it-fachportal.de IE trusted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\localhost -> hxxps://localhost IE trusted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\localhost -> hxxp://localhost IE trusted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\soe.com -> soe.com IE trusted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\sony.com -> sony.com IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\1001movie.com -> 1001movie.com IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\1001night.biz -> 1001night.biz IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\100gal.net -> 100gal.net IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\100sexlinks.com -> 100sexlinks.com IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\101hotteens.com -> 101hotteens.com IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\101lottery.com -> 101lottery.com IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\123expressview.com -> 123expressview.com IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\123found.com -> 123found.com Da befinden sich 4787 mehr eingeschränkte Seiten. ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-532561150-3242956754-1626305917-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\hendr_000\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) MSCONFIG\Services: a2AntiMalware => 2 MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: AMD External Events Utility => 2 MSCONFIG\Services: AMD FUEL Service => 2 MSCONFIG\Services: Apache2.4 => 2 MSCONFIG\Services: AtherosSvc => 2 MSCONFIG\Services: Avira.OE.ServiceHost => 2 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: BstHdAndroidSvc => 2 MSCONFIG\Services: BstHdLogRotatorSvc => 2 MSCONFIG\Services: CCDMonitorService => 2 MSCONFIG\Services: DfSdkS => 3 MSCONFIG\Services: Fax => 3 MSCONFIG\Services: FileZilla Server => 2 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: Hamachi2Svc => 2 MSCONFIG\Services: LiveUpdateSvc => 2 MSCONFIG\Services: LMIGuardianSvc => 2 MSCONFIG\Services: MBAMScheduler => 2 MSCONFIG\Services: MBAMService => 2 MSCONFIG\Services: McAfee SiteAdvisor Service => 2 MSCONFIG\Services: metasploitPostgreSQL => 2 MSCONFIG\Services: metasploitProSvc => 2 MSCONFIG\Services: metasploitThin => 2 MSCONFIG\Services: metasploitWorker => 2 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: mysql => 2 MSCONFIG\Services: NAUpdate => 2 MSCONFIG\Services: Razer Game Scanner Service => 2 MSCONFIG\Services: rpcapd => 3 MSCONFIG\Services: RzKLService => 2 MSCONFIG\Services: Secunia PSI Agent => 2 MSCONFIG\Services: Secunia Update Agent => 2 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: SlimService => 2 MSCONFIG\Services: StartMenuService => 2 MSCONFIG\Services: Steam Client Service => 3 MSCONFIG\Services: SystemExplorerHelpService => 3 MSCONFIG\Services: TeamViewer => 2 MSCONFIG\Services: Tomcat7 => 2 MSCONFIG\Services: TuneUp.UtilitiesSvc => 2 MSCONFIG\Services: vncserver => 3 MSCONFIG\Services: WSearch => 2 HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk" HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKLM\...\StartupApproved\Run32: => "StartCCC" HKLM\...\StartupApproved\Run32: => "mcpltui_exe" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "YTDownloader" HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui" HKLM\...\StartupApproved\Run32: => "Raptr" HKLM\...\StartupApproved\Run32: => "FileZilla Server Interface" HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive" HKLM\...\StartupApproved\Run32: => "BlueStacks Agent" HKLM\...\StartupApproved\Run32: => "Andy" HKLM\...\StartupApproved\Run32: => "avgnt" HKLM\...\StartupApproved\Run32: => "emsisoft anti-malware" HKLM\...\StartupApproved\Run32: => "SystemExplorerAutoStart" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\StartupFolder: => "baerenmarke-widget.lnk" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\StartupFolder: => "Adobe Gamma.lnk" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\Run: => "SkyDrive" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\Run: => "Spotify Web Helper" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\Run: => "YTDownloader" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\Run: => "Dxtory Update Checker 2.0" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\Run: => "AppEx Accelerator UI" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\Run: => "msnmsgr" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\Run: => "Browser Extensions" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\Run: => "DesktopOK" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\Run: => "Search Protection" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\Run: => "XAMPP Control Panel" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\Run: => "Advanced SystemCare 8" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\Run: => "Steam" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{F603271F-944B-498D-AC22-4EAF1D17D497}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe FirewallRules: [{8124257A-9E01-4AA5-ABC1-9A3123988F8B}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe FirewallRules: [{58F47C55-D17A-47EC-8210-FC35A9ECA66D}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe FirewallRules: [{F9C56998-E744-46C8-9D5A-4B17A51170BA}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe FirewallRules: [{110661DB-3FDC-4FBB-9541-3908BC904AFC}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe FirewallRules: [{21DE293D-9203-44EC-B297-61B809F74DB0}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe FirewallRules: [{3E8C9A49-86D9-4A33-9F0E-66247067111A}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe FirewallRules: [{0B99A754-8F02-41E1-9E03-86D4B31C07A4}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe FirewallRules: [{937AF17E-DE8A-4FF7-BFE5-5ECE5D746A91}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe FirewallRules: [{201F7BC2-A8E6-435C-9C22-3E3C55CD16D2}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe FirewallRules: [{7065C90E-0A0D-4152-992B-29659584DB4D}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe FirewallRules: [{AD4DBDEE-AFF6-4623-B635-59FBD7140C4F}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe FirewallRules: [{A062D843-8F1F-4086-A697-0FD176A8A4CE}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe FirewallRules: [{6517DA4C-6C29-4B63-B979-26646CB38DE9}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe FirewallRules: [{F3988EAE-EE5B-4C4E-8577-5531B31B2D54}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe FirewallRules: [{30FC91E0-54F5-4661-A362-22391693FBD1}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe FirewallRules: [{14A5D67B-A0CC-4FC1-B8E0-27E11FE3C812}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe FirewallRules: [{AC7545A3-C40E-42BC-B021-A409093FD5D5}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe FirewallRules: [{C49ED8EA-CEDC-480F-8268-72D9D2E80236}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe FirewallRules: [{98895709-AB83-40CA-98C2-0FCEB9C11B0F}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe FirewallRules: [{ED980AF1-7766-421D-9BEF-34D3EAD5ED61}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe FirewallRules: [TCP Query User{C51DEAA9-3A39-4D25-8CAE-98D98A6CCA14}C:\users\hendr_000\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\hendr_000\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{78A6F80D-4855-4333-A219-533386A8846C}C:\users\hendr_000\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\hendr_000\appdata\roaming\spotify\spotify.exe FirewallRules: [{25D3D9EE-3067-4C7D-A001-C7BB1501B972}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe FirewallRules: [{3E6B2FAB-02C6-4785-8D12-F3F53D61F4B2}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe FirewallRules: [{E3EDC567-9BD2-40E6-A1EB-5E7D22EE01F1}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe FirewallRules: [{D0A6FA2F-DAD8-4F17-87BF-E3A9B2741487}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe FirewallRules: [TCP Query User{966E9B2B-C676-4293-BB2D-AB13D02E8721}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{5CAC66F1-A67C-437B-8AF5-800A25FE0B92}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{F25D1282-8486-4566-9071-614CA365D414}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{2F74FC5E-6F3A-4C68-B41B-92313370478D}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{D4291174-E709-442A-8B13-5907C13CDD1C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe FirewallRules: [{EF07999A-2EC7-4029-A9DD-087B14ED9F38}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe FirewallRules: [{D704C46B-A0E9-4437-A026-DD697C261F3C}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRSP.exe FirewallRules: [{F2F5AFF0-B67A-4812-9D68-04A5CF501D01}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRSP.exe FirewallRules: [{1E82290E-6F43-4839-9A25-504EE7BC17A8}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRMP.exe FirewallRules: [{4EC33B1B-7105-458D-8AC5-CC5D4F756A28}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRMP.exe FirewallRules: [{B68AA5F6-9E41-465D-B3F3-48242FAFFABD}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\AssassinsCreedRevelations.exe FirewallRules: [{8416B314-3B5C-4D5D-99A6-EC2DE485097C}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\AssassinsCreedRevelations.exe FirewallRules: [TCP Query User{8228AF30-B5A9-4EC1-B545-6FA81CE74AE7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{E6F40B64-B57A-4C15-8C2C-49BC6E3E8FB3}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{BCA36857-D883-44C0-8DC2-9B618BF56C6B}] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{C7578792-77F8-46BE-B86E-3A5F838C3B48}] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{77ADEE26-B33C-4BF0-9F83-8E82C83D39F0}C:\program files (x86)\ubisoft\assassin's creed revelations\acrpr.exe] => (Allow) C:\program files (x86)\ubisoft\assassin's creed revelations\acrpr.exe FirewallRules: [UDP Query User{71EA72B4-D2F6-4874-B079-256FB5001B34}C:\program files (x86)\ubisoft\assassin's creed revelations\acrpr.exe] => (Allow) C:\program files (x86)\ubisoft\assassin's creed revelations\acrpr.exe FirewallRules: [{13AD290E-BC56-40BC-993D-552F7C50D99F}] => (Block) C:\program files (x86)\ubisoft\assassin's creed revelations\acrpr.exe FirewallRules: [{2E56D11E-1DD0-4C6E-97A0-D8AEB420D402}] => (Block) C:\program files (x86)\ubisoft\assassin's creed revelations\acrpr.exe FirewallRules: [{11B68A8A-F88A-4C59-8D9B-863AFC4A8FA8}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{F0B07D80-7C82-412A-BFDE-F0C3AF2FBC4B}] => (Allow) LPort=2869 FirewallRules: [{0BC3FFDC-99C1-4A49-9F60-86A73EB7C207}] => (Allow) LPort=1900 FirewallRules: [TCP Query User{5026E3CD-CE3F-4F23-B7A1-EEBEBE6B93A3}C:\program files (x86)\brackets\node.exe] => (Allow) C:\program files (x86)\brackets\node.exe FirewallRules: [UDP Query User{3B8F6EAA-C35F-42E8-9FEC-0CB57CC15A05}C:\program files (x86)\brackets\node.exe] => (Allow) C:\program files (x86)\brackets\node.exe FirewallRules: [{1EC34949-E805-4158-AA08-5C4EA2CF8CA9}] => (Block) C:\program files (x86)\brackets\node.exe FirewallRules: [{312D4831-5FB1-441E-8ADD-05B62262FDE2}] => (Block) C:\program files (x86)\brackets\node.exe FirewallRules: [TCP Query User{75B351CF-A13D-47E9-A3D2-91B4CD61C40A}C:\users\hendr_000\mystuff\programmierung\java\eclipse\eclipse.exe] => (Allow) C:\users\hendr_000\mystuff\programmierung\java\eclipse\eclipse.exe FirewallRules: [UDP Query User{1FB4D50B-A12B-4E8D-B4C7-B68FDFEBB3C5}C:\users\hendr_000\mystuff\programmierung\java\eclipse\eclipse.exe] => (Allow) C:\users\hendr_000\mystuff\programmierung\java\eclipse\eclipse.exe FirewallRules: [{0843895D-6295-4013-8667-8D73952E5907}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{C1FDEF06-46C9-4C74-A413-A6FB6C898410}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{E5E28012-02C1-46F0-96DA-B1F6099ABFDF}C:\metasploit\ruby\bin\ruby.exe] => (Allow) C:\metasploit\ruby\bin\ruby.exe FirewallRules: [UDP Query User{D4482865-0BDB-4A24-9FD2-72567ABB7E8E}C:\metasploit\ruby\bin\ruby.exe] => (Allow) C:\metasploit\ruby\bin\ruby.exe FirewallRules: [{8B632EB9-B21D-406E-B9D0-B30D6C4E377A}] => (Block) C:\metasploit\ruby\bin\ruby.exe FirewallRules: [{6C37860C-6BDC-4F3C-A726-82BB64A610BE}] => (Block) C:\metasploit\ruby\bin\ruby.exe FirewallRules: [TCP Query User{C2BF4B57-117F-4B6C-BB07-9F5A32E4FC8F}C:\users\hendr_000\mystuff\programmierung\editoren\aptana\aptanastudio3.exe] => (Allow) C:\users\hendr_000\mystuff\programmierung\editoren\aptana\aptanastudio3.exe FirewallRules: [UDP Query User{45A7B396-1FF5-4D6B-9B7B-2B5A030BF2A2}C:\users\hendr_000\mystuff\programmierung\editoren\aptana\aptanastudio3.exe] => (Allow) C:\users\hendr_000\mystuff\programmierung\editoren\aptana\aptanastudio3.exe FirewallRules: [TCP Query User{0469D19F-D3D1-4857-9795-59CDD7F044CF}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe FirewallRules: [UDP Query User{6F497ACC-EA15-437F-8940-453641BC42EB}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe FirewallRules: [{A8770975-DA84-498D-B8DA-8C5513D789AB}] => (Block) C:\xampp\apache\bin\httpd.exe FirewallRules: [{3E26A083-9947-4AEC-8A50-300623DCCDAE}] => (Block) C:\xampp\apache\bin\httpd.exe FirewallRules: [TCP Query User{DD19F79F-C9BC-4DDC-982B-73EF0ABB22EB}C:\program files (x86)\cryengine\bin64\editor.exe] => (Allow) C:\program files (x86)\cryengine\bin64\editor.exe FirewallRules: [UDP Query User{6D15D010-03CE-4475-BB59-FA9ADA3C83D2}C:\program files (x86)\cryengine\bin64\editor.exe] => (Allow) C:\program files (x86)\cryengine\bin64\editor.exe FirewallRules: [{BF69B881-B3AA-4C53-A25E-A6B884D9E701}] => (Block) C:\program files (x86)\cryengine\bin64\editor.exe FirewallRules: [{68E88234-A025-4671-A891-776DB26DA38B}] => (Block) C:\program files (x86)\cryengine\bin64\editor.exe FirewallRules: [TCP Query User{B7B9E0B8-B1F3-435B-9788-62E8A6B9A872}C:\program files (x86)\unity\editor\unity.exe] => (Allow) C:\program files (x86)\unity\editor\unity.exe FirewallRules: [UDP Query User{00AAE738-611C-48EC-900A-12AFD3FCAFF9}C:\program files (x86)\unity\editor\unity.exe] => (Allow) C:\program files (x86)\unity\editor\unity.exe FirewallRules: [{D5D98A23-ADE4-44D5-81F9-CAC1B3950615}] => (Block) C:\program files (x86)\unity\editor\unity.exe FirewallRules: [{1054CED2-AD7C-4B03-8A49-1EED7C02EFB9}] => (Block) C:\program files (x86)\unity\editor\unity.exe FirewallRules: [TCP Query User{AB1D47A1-9E92-4AAC-BB5E-DA0C8FD4EF7C}C:\program files (x86)\cryengine\bin64\gamesdk.exe] => (Allow) C:\program files (x86)\cryengine\bin64\gamesdk.exe FirewallRules: [UDP Query User{6178A0C5-398B-48E1-9D81-FE61B22EEA6F}C:\program files (x86)\cryengine\bin64\gamesdk.exe] => (Allow) C:\program files (x86)\cryengine\bin64\gamesdk.exe FirewallRules: [{E51989AF-29B9-4EA4-A139-47DB360F67E0}] => (Block) C:\program files (x86)\cryengine\bin64\gamesdk.exe FirewallRules: [{2BF15603-7089-4657-AD03-C61CDE23538E}] => (Block) C:\program files (x86)\cryengine\bin64\gamesdk.exe FirewallRules: [TCP Query User{79A5DCA7-57DE-48B1-A927-D33F287E54B2}C:\users\hendr_000\documents\cryengine\bin64\editor.exe] => (Allow) C:\users\hendr_000\documents\cryengine\bin64\editor.exe FirewallRules: [UDP Query User{32A12F2F-F112-44DA-BE11-31BF731E9E3C}C:\users\hendr_000\documents\cryengine\bin64\editor.exe] => (Allow) C:\users\hendr_000\documents\cryengine\bin64\editor.exe FirewallRules: [{458335D4-AF90-4202-A408-1C24E6B62BBB}] => (Block) C:\users\hendr_000\documents\cryengine\bin64\editor.exe FirewallRules: [{20CDAE8E-5115-4272-B9E6-037EFCB98608}] => (Block) C:\users\hendr_000\documents\cryengine\bin64\editor.exe FirewallRules: [TCP Query User{6A9E6584-6304-42F5-993B-FBDCF075838A}C:\users\hendr_000\documents\cryengine\bin64\gamesdk.exe] => (Allow) C:\users\hendr_000\documents\cryengine\bin64\gamesdk.exe FirewallRules: [UDP Query User{376D2007-B844-47FD-BE56-641712F1D324}C:\users\hendr_000\documents\cryengine\bin64\gamesdk.exe] => (Allow) C:\users\hendr_000\documents\cryengine\bin64\gamesdk.exe FirewallRules: [TCP Query User{C95AF740-FE53-4E45-8DCA-33EB7B1AAED9}C:\program files\epic games\epic games\4.7\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\epic games\4.7\engine\binaries\win64\ue4editor.exe FirewallRules: [UDP Query User{8BCD298F-9269-4428-9D23-151F1538120A}C:\program files\epic games\epic games\4.7\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\epic games\4.7\engine\binaries\win64\ue4editor.exe FirewallRules: [{D2F96B2D-CCD8-4891-8050-C2DFD04EACBA}] => (Block) C:\program files\epic games\epic games\4.7\engine\binaries\win64\ue4editor.exe FirewallRules: [{C76A41AD-FA49-43E4-96FE-5EE84A3DD881}] => (Block) C:\program files\epic games\epic games\4.7\engine\binaries\win64\ue4editor.exe FirewallRules: [TCP Query User{8D602232-55C1-41DD-8A01-F33A236DB5AE}C:\users\hendr_000\documents\cryengine\bin32\editor.exe] => (Allow) C:\users\hendr_000\documents\cryengine\bin32\editor.exe FirewallRules: [UDP Query User{106CDF08-7E78-4A34-8001-6EE16CB96766}C:\users\hendr_000\documents\cryengine\bin32\editor.exe] => (Allow) C:\users\hendr_000\documents\cryengine\bin32\editor.exe FirewallRules: [{D0A9B9B4-68D4-4FEC-B37F-67AEEFF0B203}] => (Block) C:\users\hendr_000\documents\cryengine\bin32\editor.exe FirewallRules: [{323C0C18-6D80-4559-896D-E5AF6911C1E7}] => (Block) C:\users\hendr_000\documents\cryengine\bin32\editor.exe FirewallRules: [TCP Query User{6FE9F28C-F70D-4C5D-B9FF-019AFEEC7B93}C:\users\hendr_000\documents\cryengine\bin32\gamesdk.exe] => (Allow) C:\users\hendr_000\documents\cryengine\bin32\gamesdk.exe FirewallRules: [UDP Query User{C1804E13-76AB-41DB-9328-5257004FE841}C:\users\hendr_000\documents\cryengine\bin32\gamesdk.exe] => (Allow) C:\users\hendr_000\documents\cryengine\bin32\gamesdk.exe FirewallRules: [{D6EB6422-202A-4A5E-BF0B-B0A6B59D50E4}] => (Block) C:\users\hendr_000\documents\cryengine\bin32\gamesdk.exe FirewallRules: [{242B9913-EA5A-4C4E-AAE3-16230FB957E4}] => (Block) C:\users\hendr_000\documents\cryengine\bin32\gamesdk.exe FirewallRules: [TCP Query User{195EE537-01C6-44CD-A307-800C1CF94A87}C:\cpp\examples\internet\chat\chat.exe] => (Allow) C:\cpp\examples\internet\chat\chat.exe FirewallRules: [UDP Query User{DABE827D-34BA-44A8-9A8B-B6BC17E4E3C5}C:\cpp\examples\internet\chat\chat.exe] => (Allow) C:\cpp\examples\internet\chat\chat.exe FirewallRules: [{56CF1C8A-1443-4F27-8C85-F6F5F743323A}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe FirewallRules: [{6409AB8A-8598-45F1-AE83-8F1624FE5B58}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe FirewallRules: [TCP Query User{314F0CD0-1A80-483F-82FF-36198B8A1FDB}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe FirewallRules: [UDP Query User{9957FF52-D7D5-4B4B-8FA1-FCA9A71A2BF3}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe FirewallRules: [{F87B52C1-E5E6-47DB-BCA6-B162A70A7ACC}] => (Block) C:\program files\java\jre7\bin\java.exe FirewallRules: [{63A0C587-58E4-407A-8430-F91740892A6D}] => (Block) C:\program files\java\jre7\bin\java.exe FirewallRules: [TCP Query User{A49BFC24-9286-49C3-9304-21FC0750A1DA}C:\program files\unity 5\unity\editor\unity.exe] => (Allow) C:\program files\unity 5\unity\editor\unity.exe FirewallRules: [UDP Query User{B3EDA260-403F-428A-A8B9-B5762318613D}C:\program files\unity 5\unity\editor\unity.exe] => (Allow) C:\program files\unity 5\unity\editor\unity.exe FirewallRules: [{9FC5CAC6-6A24-4340-85AF-9B8620A4E552}] => (Block) C:\program files\unity 5\unity\editor\unity.exe FirewallRules: [{7C4DEE34-41D9-4C38-B29B-A54F75A853AB}] => (Block) C:\program files\unity 5\unity\editor\unity.exe FirewallRules: [TCP Query User{854AD037-515D-4925-96DC-1AF287E7C42B}C:\program files\unity 5\unity\monodevelop\bin\monodevelop.exe] => (Allow) C:\program files\unity 5\unity\monodevelop\bin\monodevelop.exe FirewallRules: [UDP Query User{D8EC7D10-43E7-4BC2-B202-3CA1FF1E8950}C:\program files\unity 5\unity\monodevelop\bin\monodevelop.exe] => (Allow) C:\program files\unity 5\unity\monodevelop\bin\monodevelop.exe FirewallRules: [{03B02D1A-6516-46D2-960D-452EC55DCBF3}] => (Block) C:\program files\unity 5\unity\monodevelop\bin\monodevelop.exe FirewallRules: [{2A9E7B31-8490-426A-A6E9-FCCC572E6557}] => (Block) C:\program files\unity 5\unity\monodevelop\bin\monodevelop.exe FirewallRules: [{B4AFDC92-AA95-41B4-8257-B150514410FA}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe FirewallRules: [{FF23AC4E-554B-4AA2-9E9A-5778B5A891E5}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe FirewallRules: [{1EAA34F2-4342-4CD9-893A-1307A4F12A04}] => (Allow) C:\Program Files (x86)\Firefox Developer Edition\firefox.exe FirewallRules: [{50A8C8BE-7BBC-442E-A24D-898131A9B1D7}] => (Allow) C:\Program Files (x86)\Firefox Developer Edition\firefox.exe FirewallRules: [TCP Query User{EC3AE3A3-7D9A-4A24-8D07-781EA2C5AF3D}C:\program files\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_51\bin\javaw.exe FirewallRules: [UDP Query User{9229B7E1-BB80-4D3C-93E0-DC19562706F8}C:\program files\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_51\bin\javaw.exe FirewallRules: [{9D113644-2AC2-463B-925A-5D8955B6716B}] => (Block) C:\program files\java\jre1.8.0_51\bin\javaw.exe FirewallRules: [{4DD836E9-2A23-4519-8B28-47FF1B608D07}] => (Block) C:\program files\java\jre1.8.0_51\bin\javaw.exe FirewallRules: [{1EBFDC13-43FF-4939-9C24-F738E8D2DFFF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{FBBADDCD-8B85-42A5-9977-CD685D11827B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{E58493BE-881A-4D98-9E39-7E9F29C8366A}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{313285AD-26AB-4542-BD25-A04B23F389A7}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{64A382BA-47D7-4C03-93D9-9DFF6BAD8F24}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{8B089474-445E-4F28-A5B4-B0E92401E283}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{B0FC994D-1EB8-4F27-BE21-59537526801E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{EFAB1B06-094C-4AD0-B928-EF375946CC03}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe FirewallRules: [{EFC62194-F61D-417B-A09C-166CD65856EF}] => (Allow) C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (08/11/2015 08:49:13 PM) (Source: Windows Search Service) (EventID: 7042) (User: ) Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet. Details: Der Inhaltsindexkatalog ist fehlerhaft. 0xc0041801 (0xc0041801) Error: (08/11/2015 08:49:13 PM) (Source: Windows Search Service) (EventID: 7040) (User: ) Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=4810 - enduser\mssearch2\search\ytrip\tripoli\inverted\decodinglayerpages.h (591)} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben. Details: Die Daten sind unzulässig. 0x8007000d (0x8007000d) Error: (08/11/2015 08:46:37 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT) Description: Die Klassenregistrierungsdatei kann nicht geladen werden. DETAIL - Die Datenbank der Konfigurationsregistrierung ist beschädigt. Error: (08/11/2015 08:46:37 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÄT) Description: Die Registrierung konnte nicht geladen werden. Dieses Problem wird oft durch zuwenig Arbeitsspeicher oder nicht ausreichende Sicherheitsberechtigungen verursacht. Details - Die Datenbank der Konfigurationsregistrierung ist beschädigt. for C:\Users\hendr_000\AppData\Local\Microsoft\Windows\\UsrClass.dat Error: (08/11/2015 08:46:37 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT) Description: Die Klassenregistrierungsdatei kann nicht geladen werden. DETAIL - Die Datenbank der Konfigurationsregistrierung ist beschädigt. Error: (08/11/2015 08:46:37 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÄT) Description: Die Registrierung konnte nicht geladen werden. Dieses Problem wird oft durch zuwenig Arbeitsspeicher oder nicht ausreichende Sicherheitsberechtigungen verursacht. Details - Die Datenbank der Konfigurationsregistrierung ist beschädigt. for C:\Users\hendr_000\AppData\Local\Microsoft\Windows\\UsrClass.dat Error: (08/11/2015 08:34:56 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT) Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich. Error: (08/11/2015 08:34:56 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT) Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich. Error: (08/11/2015 08:34:56 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT) Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich. Error: (08/11/2015 08:33:06 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT) Description: Die Klassenregistrierungsdatei kann nicht geladen werden. DETAIL - Die Datenbank der Konfigurationsregistrierung ist beschädigt. Systemfehler: ============= Error: (08/11/2015 08:34:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "WMI-Leistungsadapter" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts. Error: (08/11/2015 08:34:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "VMware Authorization Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (08/11/2015 08:34:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "VMware USB Arbitration Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (08/11/2015 08:34:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "VMware DHCP Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (08/11/2015 08:34:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "VMware NAT Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts. Error: (08/11/2015 08:34:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "LiveUpdate" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (08/11/2015 08:34:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Windows Phone IP over USB Transport (IpOverUsbSvc)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (08/11/2015 08:34:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Microsoft Office-Klick-und-Los-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts. Error: (08/11/2015 08:34:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Xamarin Bonjour Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (08/11/2015 08:34:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Advanced SystemCare Service 8" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Microsoft Office: ========================= Error: (08/11/2015 08:49:13 PM) (Source: Windows Search Service) (EventID: 7042) (User: ) Description: Details: Der Inhaltsindexkatalog ist fehlerhaft. 0xc0041801 (0xc0041801) The catalog is corrupt Error: (08/11/2015 08:49:13 PM) (Source: Windows Search Service) (EventID: 7040) (User: ) Description: Details: Die Daten sind unzulässig. 0x8007000d (0x8007000d) 4810 - enduser\mssearch2\search\ytrip\tripoli\inverted\decodinglayerpages.h (591) Error: (08/11/2015 08:46:37 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT) Description: Die Datenbank der Konfigurationsregistrierung ist beschädigt. Error: (08/11/2015 08:46:37 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÄT) Description: Die Datenbank der Konfigurationsregistrierung ist beschädigt. C:\Users\hendr_000\AppData\Local\Microsoft\Windows\\UsrClass.dat Error: (08/11/2015 08:46:37 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT) Description: Die Datenbank der Konfigurationsregistrierung ist beschädigt. Error: (08/11/2015 08:46:37 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÄT) Description: Die Datenbank der Konfigurationsregistrierung ist beschädigt. C:\Users\hendr_000\AppData\Local\Microsoft\Windows\\UsrClass.dat Error: (08/11/2015 08:34:56 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT) Description: WmiApRplWmiApRpl8F2030000E5050000 Error: (08/11/2015 08:34:56 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT) Description: Performance163707000000000000000000008F020000 Error: (08/11/2015 08:34:56 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT) Description: Performance163707000000000000000000008F020000 Error: (08/11/2015 08:33:06 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT) Description: Die Datenbank der Konfigurationsregistrierung ist beschädigt. CodeIntegrity: =================================== Date: 2015-08-10 16:06:04.164 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-10 16:06:02.149 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-10 16:05:59.777 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-07 17:36:56.369 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-07 17:36:54.362 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-07 17:36:51.817 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-07 17:36:10.881 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-07 17:36:04.691 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-07 14:09:10.418 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-07 14:09:08.762 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Speicherinformationen =========================== Processor: AMD E1-2500 APU with Radeon(TM) HD Graphics Prozentuale Nutzung des RAM: 37% Installierter physikalischer RAM: 3525.01 MB Verfügbarer physikalischer RAM: 2201.13 MB Summe virtueller Speicher: 7109.01 MB Verfügbarer virtueller Speicher: 5768.75 MB ==================== Laufwerke ================================ Drive c: (Acer) (Fixed) (Total:444.6 GB) (Free:220.64 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D5A694CC) Partition: GPT. ==================== Ende von Ergebnis ============================ |
12.08.2015, 11:31 | #8 |
/// the machine /// TB-Ausbilder | Windows 8.1 Metro-Apps starten minimiertESET Online Scanner
Downloade Dir bitte SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
12.08.2015, 15:09 | #9 |
| Windows 8.1 Metro-Apps starten minimiert ESET-Log: Code:
ATTFilter ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=ab4d3949036bb34aadba8d29f8c7089d # end=init # utc_time=2015-08-12 01:07:08 # local_time=2015-08-12 03:07:08 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # osver=6.2.9200 NT Update Init Update Download Update Finalize Updated modules version: 25244 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=ab4d3949036bb34aadba8d29f8c7089d # end=updated # utc_time=2015-08-12 01:12:31 # local_time=2015-08-12 03:12:31 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # osver=6.2.9200 NT # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7777 # api_version=3.1.1 # EOSSerial=ab4d3949036bb34aadba8d29f8c7089d # engine=25244 # end=stopped # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2015-08-12 01:29:34 # local_time=2015-08-12 03:29:34 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1031 # osver=6.2.9200 NT # compatibility_mode_1='' # compatibility_mode=5893 16776573 100 94 171347 16468564 0 0 # scanned=5834 # found=48 # cleaned=0 # scan_time=1018 sh=7DBCF0EE965D167E91F201F7316C3D24121A506A ft=1 fh=c71c001123e782a4 vn="Variante von Win32/AdWare.AddLyrics.AI Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Buzz-it-soft\Buzzi.exe.vir" sh=47E1AAB49E4BBE6ED704F804A4B402ACA07D74FE ft=1 fh=d4dd8a748ee934d3 vn="MSIL/Tuguu.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\NewPlayer\LTV.exe.vir" sh=77AED229C7D6010F888A35E2E62698B659EAFD15 ft=1 fh=ae276fc3176aec5b vn="Variante von MSIL/NewPlayer.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\NewPlayer\NewPlayer.exe.vir" sh=9151592DCBBBA22DA88A7D1EB5CB8DCD422C11A8 ft=1 fh=7f79c4a3570c96e6 vn="MSIL/NewPlayer.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\NewPlayer\NewPlayerUpdaterService.exe.vir" sh=5416A12A9D3D9A4BCC4D675EB6013F1881C66616 ft=1 fh=98db3d886a06d0e8 vn="Variante von MSIL/NewPlayer.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\NewPlayer\references\NewPlayerChecker.exe.vir" sh=523D4519CC48397A5A156E498062C6BC467E39CF ft=1 fh=04c87c71e00c7149 vn="Win32/Systweak.O evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\CleanSchedule.exe.vir" sh=29537B5D9E0B9006067890E1D21D0CE6F22E8A99 ft=1 fh=6e7ef67f604e413f vn="Win32/MyPCBackup.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\Cloud_Backup_Setup.exe.vir" sh=EE0DBC090D6FC9DA0D0A84516D8D34BF1F96E196 ft=1 fh=44b5db033c27eea0 vn="Win32/MyPCBackup.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\Cloud_Backup_Setup_Intl.exe.vir" sh=56EB7E29FBBF247123649AFC75AA2CAE31AA859D ft=1 fh=987f044246c72784 vn="Variante von Win32/Systweak.K evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\RCPUninstall.exe.vir" sh=A99C38C5C60D2C80CB4839C6F00A6CD7EAF63FB2 ft=1 fh=32fe293d6b992c7d vn="Variante von Win32/Systweak evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\RegCleanPro.exe.vir" sh=476063885747EDD774A6B8CB2790703503A75A55 ft=1 fh=d7bb79193adaee2e vn="Win32/Systweak.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\SSDPTstub.exe.vir" sh=4E949509F87DCD9EA158D52BCD4391ADFF211475 ft=1 fh=2cfdf23b0e178625 vn="MSIL/AdvancedSystemProtector.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\RegClean Pro\systweakasp.exe.vir" sh=AFB95723B245EB95106EC407D2443BE30426C079 ft=1 fh=045fdc84af3b3525 vn="Variante von Win32/Thinknice.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\BHOEnabler.exe.vir" sh=53F226B3D1D3828304E40C6C7A50667ADF23B42A ft=1 fh=e1ea10a5e9416a5c vn="Win32/Thinknice.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface32.dll.vir" sh=0CB68F399D491465198E3E86F1D2923A211614E7 ft=1 fh=021f675753f993f2 vn="Win64/Thinknice.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface64.dll.vir" sh=A8B6642986C14994DCDD0AD231A2A972F0DAE16B ft=1 fh=c71c0011202d025d vn="Variante von Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterfacef32.dll.vir" sh=86EA851108D635D9ED47C01E86899845DFDA3EC7 ft=1 fh=90733a3b10b3e858 vn="Variante von Win32/Thinknice.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\HpUI.exe.vir" sh=12EBF6FC8AD543662053CA101C2D5DA175137EB2 ft=1 fh=c71c00119e5c1a87 vn="Win32/Thinknice.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\Loader32.exe.vir" sh=8F0ABE23DDA3F9DC04497B1A4F455AF8CE9D45B8 ft=1 fh=787e176d56997de7 vn="Win64/Thinknice.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\Loader64.exe.vir" sh=A8E3A9E6972C6F8B253EA0E1837AEEBF0A07B187 ft=1 fh=e2a5b168a3934371 vn="Win32/Thinknice.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\RSHP.exe.vir" sh=30E2FB1C671B2808D2E80518D793575965AF2416 ft=1 fh=d06e6f3f3f60e357 vn="Variante von Win32/Thinknice.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect32.dll.vir" sh=AC11914CC02E023E2EF06A80DEE1701419A5473A ft=1 fh=4cb2d0bd10147652 vn="Win64/Thinknice.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect64.dll.vir" sh=36F969E522FD53A189312D946C430EFD02D5A982 ft=1 fh=5d022c015afe1524 vn="Variante von Win32/ELEX.AV evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupIePluginServiceUpdate.exe.vir" sh=D037F58CF4B36F3B437FAA0D9500720445B27D65 ft=1 fh=b07c7921935b766c vn="Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir" sh=4139F95644E13A650D4827C943BCC9F2F0F6AA93 ft=1 fh=3b96e1736604b8bc vn="Win32/Thinknice.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\uninstall.exe.vir" sh=79C9BD304C93AB8FD0544108656A899993DB14EF ft=1 fh=e6f80544d6e8089f vn="Win32/Thinknice.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\WindowsSupportDll32.dll.vir" sh=96B85214CD9E4FF85AC6144E7EF3DDF9E0F215E6 ft=1 fh=098a6735f96a550a vn="Win64/Thinknice.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\WindowsSupportDll64.dll.vir" sh=46560D0E2662C1C44F72B68EA5A3C2D7F0E77EBE ft=1 fh=c71c001105569964 vn="Variante von Win32/ELEX.AD evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\IePluginService\PluginService.exe.vir" sh=36F969E522FD53A189312D946C430EFD02D5A982 ft=1 fh=5d022c015afe1524 vn="Variante von Win32/ELEX.AV evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\IePluginServices\PluginService.exe.vir" sh=4028A3345B3E38EB46A30912717A944C7FC9200E ft=1 fh=316b7ff0219da2f1 vn="Variante von Win32/Adware.CouponMarvel.D Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\SecurityUtility\NSISHelper.dll.vir" sh=A03F0DFEF029A6987DB237FBAF966ABCD7B2E3D0 ft=1 fh=1f2e7f89fdfb1176 vn="Variante von Win32/Adware.CouponMarvel.D Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\SecurityUtility\RfndNSIS.dll.vir" sh=2435622D8AF70F746E792AE2607C9709C19C21C2 ft=1 fh=5badd635c189694a vn="Variante von Win64/Adware.CouponMarvel.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\SecurityUtility\SecurityUtility.exe.vir" sh=E71AFC3E771572B0EB1FB8699303038B7844B081 ft=1 fh=e7fd84d70d17f2ae vn="Variante von Win32/Adware.CouponMarvel.D Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\SecurityUtility\SecurityUtility32.dll.vir" sh=660FA4C627579411A0491AC2A094B0F988B57FD2 ft=1 fh=7f2b9ab44b52df60 vn="Variante von Win64/Adware.CouponMarvel.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\SecurityUtility\SecurityUtility64.dll.vir" sh=54E3EF4EBDC919E599C943D98D0D504112B8278A ft=1 fh=ce3bc784202b61f5 vn="Variante von Win32/Adware.CouponMarvel.D Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\SecurityUtility\SoftConfigTest.exe.vir" sh=061B2D9CC0A4D5087045D42C9E81C96702B29FC0 ft=1 fh=c71c0011496d5a80 vn="Variante von Win32/ELEX.BN evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\update\update.exe.vir" sh=A57A0DBBB1F4509E15617380DE4A0D02B2751622 ft=1 fh=c71c001135f763b4 vn="Variante von Win32/ELEX.AE evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\WPM\wprotectmanager.exe.vir" sh=3592FF950CE4975BC39F51F057D4343585A5367F ft=1 fh=c71c0011eaadbd0d vn="Win32/AnyProtect.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\hendr_000\AppData\Local\AnyProtectScannerSetup.exe.vir" sh=2DAAB83B0439BC76845E58F3F7DDB84EE8E210C4 ft=1 fh=855a37aa5dbeb36f vn="Win32/InstallCore.PC evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\hendr_000\AppData\Roaming\0F1F1C2Y1H1P1C0I0T\FRAPS Packages\uninstaller.exe.vir" sh=1E380A2D4B4138B280EE3063C0F9B0558C131271 ft=0 fh=0000000000000000 vn="JS/Trackware.Agent.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\hendr_000\AppData\Roaming\Mozilla\Firefox\Profiles\a42jhbp7.default-1396422616735\Extensions\detgdp@gmail.com\chrome\content\js\epurls.js.vir" sh=8B414057414E369B9B99B5DE95F198A1DA5E182C ft=0 fh=0000000000000000 vn="JS/Trackware.Agent.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\hendr_000\AppData\Roaming\Mozilla\Firefox\Profiles\a42jhbp7.default-1396422616735\Extensions\detgdp@gmail.com\chrome\content\js\inject.js.vir" sh=8E84B3369C409B88BFF2F167495B5BDA08485065 ft=1 fh=cea6bc5b1fc91d53 vn="Variante von Win32/DealPly.S evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\hendr_000\AppData\Roaming\SaveSense\UpdateProc\UpdateTask.exe.vir" sh=079B025C4704D1D26F6B4AC4D1729C5DF4A3D489 ft=1 fh=c71c001104e3a0de vn="Win32/Thinknice.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\hendr_000\AppData\Roaming\SupTab\SupTab.dll.vir" sh=9E77E1D2FD7B77B0FD8A71A70C35DD5A16836CF3 ft=1 fh=b241df9fafd25e77 vn="Win32/Systweak.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\hendr_000\AppData\Roaming\Systweak\ssd\SSDPTstub.exe.vir" sh=9777335A8170D7E75A4DFD2E765751E5BC1EE05C ft=1 fh=f8e0bce96f009e45 vn="Win32/Adware.ConvertAd.AQ Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\hendr_000\AppData\Roaming\VOPackage\Uninstall.exe.vir" sh=3E757B27DBAF69F456D841C4A01686DFAB7D6BAD ft=1 fh=0cc39972fe10ba08 vn="Variante von Win32/Adware.ConvertAd.KZ.gen Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\hendr_000\AppData\Roaming\VOPackage\VOPackage.exe.vir" sh=9CE5F659BDD89907624541CB98681224CA75D886 ft=1 fh=9b9a5086efdbb0a1 vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\WINDOWS\System32\roboot64.exe.vir" sh=70B795B641AE13A220CA59A0A49E46F43C9CB182 ft=1 fh=76d4263cc727e821 vn="Variante von Win64/BrowseFox.AD evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\WINDOWS\System32\drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64.sys.vir" Code:
ATTFilter Results of screen317's Security Check version 1.006 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Defender WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Secunia PSI (3.0.0.10004) Wise Registry Cleaner 8.61 Visual Studio Extensions for Windows Library for JavaScript Microsoft VisualStudio JavaScript Language Service Java SE Development Kit 7 Update 75 Microsoft VisualStudio JavaScript Project System Java version 32-bit out of Date! Adobe Flash Player 17.0.0.134 Flash Player out of Date! Adobe Reader XI Mozilla Firefox (36.0) Mozilla Thunderbird 24.3.0 Thunderbird out of Date! Google Chrome (44.0.2403.125) Google Chrome (44.0.2403.130) ````````Process Check: objlist.exe by Laurent```````` Windows Defender MSMpEng.exe Windows Defender MpCmdRun.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:11-08-2015 02 durchgeführt von hendrik_2002 (Administrator) auf ARBEITSRECHNER (12-08-2015 16:00:55) Gestartet von C:\Users\hendr_000\Desktop\Logs Geladene Profile: hendrik_2002 (Verfügbare Profile: hendrik_2002 & Dirk & Niklas Steinmetz & Administrator) Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe (Apple Inc.) C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe (IObit) C:\Program Files (x86)\IObit\iFreeUp\iFreeUpMini.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe () C:\Users\hendr_000\Desktop\SecurityCheck.exe () C:\Users\hendr_000\Desktop\SecurityCheck.exe ==================== Registry (Nicht auf der Ausnahmeliste) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation) HKLM-x32\...\Run: [iFreeUp] => C:\Program Files (x86)\IObit\iFreeUp\iFreeUpMini.exe [470304 2015-03-31] (IObit) HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2429728 2015-04-08] (IObit) HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd) ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Keine Datei ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Keine Datei ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Keine Datei ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Keine Datei ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Keine Datei ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Keine Datei ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-532561150-3242956754-1626305917-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.msn.com/de-de/?pc=UP97&ocid=UP97DHP hxxp://www.google.com SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-532561150-3242956754-1626305917-1001 -> URL hxxp://search.conduit.com/Results.aspx?ctid=CT3323878&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPF4C30013-DBA8-4203-9422-5B83732DCF2E&q={searchTerms}&SSPV= SearchScopes: HKU\S-1-5-21-532561150-3242956754-1626305917-1001 -> SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms} SearchScopes: HKU\S-1-5-21-532561150-3242956754-1626305917-1001 -> {36A2063E-A8A8-41E0-B063-C2945B3B3AA1} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-06-09] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-21] (Oracle Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-21] (Oracle Corporation) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{0186D2C8-01F4-4F66-A6D2-3A87F13D817A}: [DhcpNameServer] 192.168.1.1 StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\hendr_000\AppData\Roaming\Mozilla\Firefox\Profiles\a42jhbp7.default-1396422616735 FF SelectedSearchEngine: Yahoo! FF Homepage: about:home FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-20] () FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-21] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-21] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-20] () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-01-26] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-21] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-21] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-532561150-3242956754-1626305917-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-06-20] () FF Extension: Kein Name - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-05-27] FF Extension: Kein Name - C:\Users\hendr_000\AppData\Roaming\Mozilla\Firefox\Profiles\a42jhbp7.default-1396422616735\extensions\amazon-icon@giga.de [nicht gefunden] FF Extension: Kein Name - C:\Users\hendr_000\AppData\Roaming\Mozilla\Firefox\Profiles\a42jhbp7.default-1396422616735\extensions\iobitascsurfingprotection@iobit.com [nicht gefunden] StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Firefox Developer Edition\firefox.exe Chrome: ======= CHR Profile: C:\Users\hendr_000\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Adblock Plus) - C:\Users\hendr_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-06-06] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\hendr_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14] CHR Extension: (Chrome Web Store Payments) - C:\Users\hendr_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-22] CHR Extension: (Adblock Pro) - C:\Users\hendr_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2015-06-06] CHR Extension: (uMatrix) - C:\Users\hendr_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfcmafjalglgifnmanfmnieipoejdcf [2015-04-20] CHR Extension: (Chrome Apps & Extensions Developer Tool) - C:\Users\hendr_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohmmkhmmmpcnpikjeljgnaoabkaalbgc [2015-06-06] CHR HKU\S-1-5-21-532561150-3242956754-1626305917-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fkkcgfbgohboipdhliafmacjnhjbhmim] - https://clients2.google.com/service/update2/crx Opera: ======= StartMenuInternet: (HKU\S-1-5-21-532561150-3242956754-1626305917-1001) OperaStable - "C:\Users\hendr_000\AppData\Local\Programs\Opera\Launcher.exe" ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-02-04] (Adobe Systems) [Datei ist nicht signiert] R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [814880 2015-04-03] (IObit) S4 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-03-17] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert] S4 Apache2.4; C:\xampp\apache\bin\httpd.exe [22016 2014-07-17] (Apache Software Foundation) [Datei ist nicht signiert] R2 Bonjour Service; C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe [384512 2015-07-21] (Apple Inc.) [Datei ist nicht signiert] S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation) S4 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-27] (Acer Incorporated) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2753720 2015-07-01] (Microsoft Corporation) S4 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2015\DfsdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany) [Datei ist nicht signiert] R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21744 2015-07-09] (Microsoft Corporation) R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-08-09] (IObit) S4 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) S4 metasploitPostgreSQL; C:\metasploit\postgresql\bin\pg_ctl.exe [76288 2015-03-04] (PostgreSQL Global Development Group) [Datei ist nicht signiert] S4 metasploitProSvc; C:\metasploit\ruby\bin\ruby.exe [107178 2015-03-04] (hxxp://www.ruby-lang.org/) [Datei ist nicht signiert] S4 metasploitThin; C:\metasploit\ruby\bin\ruby.exe [107178 2015-03-04] (hxxp://www.ruby-lang.org/) [Datei ist nicht signiert] S4 metasploitWorker; C:\metasploit\ruby\bin\ruby.exe [107178 2015-03-04] (hxxp://www.ruby-lang.org/) [Datei ist nicht signiert] S4 mysql; C:\xampp\mysql\bin\mysqld.exe [10982912 2014-07-18] () [Datei ist nicht signiert] R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [Datei ist nicht signiert] R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [Datei ist nicht signiert] S3 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2015-06-22] () S4 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia) S4 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia) S3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Mister Group) S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [134656 2015-07-09] (Microsoft Corporation) [Datei ist nicht signiert] S4 Tomcat7; C:\xampp\tomcat\bin\tomcat7.exe [80896 2013-07-02] (Apache Software Foundation) [Datei ist nicht signiert] S4 vncserver; C:\Program Files\RealVNC\VNC Server\vncservice.exe [639808 2015-01-28] (RealVNC Ltd) S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-07] (Microsoft Corporation) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.) R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4265984 2014-12-11] (Qualcomm Atheros Communications, Inc.) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-12-21] (Advanced Micro Devices) S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-04-15] (Qualcomm Atheros) R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation) R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-03-30] (LogMeIn Inc.) S3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation) R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2014-08-19] (Riverbed Technology, Inc.) S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia) S3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated) R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation) R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-07-09] (Oracle Corporation) R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [146072 2015-07-09] (Oracle Corporation) R0 vsock; C:\Windows\System32\drivers\vsock.sys [76480 2015-05-21] (VMware, Inc.) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation) S3 cpuz137; \??\C:\Users\HENDR_~1\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-08-12 15:32 - 2015-08-12 15:32 - 00852684 _____ C:\Users\hendr_000\Downloads\SecurityCheck.exe 2015-08-12 15:32 - 2015-08-12 15:32 - 00852684 _____ C:\Users\hendr_000\Desktop\SecurityCheck.exe 2015-08-12 15:06 - 2015-08-12 15:06 - 00000000 ____D C:\Program Files (x86)\ESET 2015-08-12 15:05 - 2015-08-12 15:06 - 02870984 _____ (ESET) C:\Users\hendr_000\Downloads\esetsmartinstaller_deu.exe 2015-08-12 15:05 - 2015-08-12 15:05 - 00000000 ___HD C:\OneDriveTemp 2015-08-12 15:02 - 2015-08-12 15:03 - 00000000 ____D C:\Users\hendr_000\AppData\Roaming\ProductData 2015-08-12 15:02 - 2015-08-12 15:02 - 00000000 ____D C:\ProgramData\ProductData 2015-08-11 20:32 - 2015-08-11 20:32 - 01797896 _____ (Malwarebytes Corporation) C:\Users\hendr_000\Downloads\JRT.exe 2015-08-11 18:25 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-08-11 18:25 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-08-11 18:25 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-08-10 15:57 - 2015-08-10 15:57 - 00000000 ____D C:\Users\hendr_000\Downloads\metasploitable-linux-2.0.0 2015-08-10 15:53 - 2015-08-10 15:53 - 00000000 ____D C:\Users\hendr_000\AppData\Local\Xamarin 2015-08-10 15:53 - 2015-08-10 15:53 - 00000000 ____D C:\ProgramData\MonoTouch 2015-08-10 15:53 - 2015-08-10 15:53 - 00000000 ____D C:\ProgramData\Mono for Android 2015-08-09 22:25 - 2015-08-09 22:25 - 00001894 _____ C:\Users\hendr_000\Desktop\VS 2015.lnk 2015-08-09 22:14 - 2015-08-11 20:23 - 00017114 _____ C:\Windows\PFRO.log 2015-08-09 21:59 - 2015-08-10 16:14 - 00000000 ____D C:\Users\hendr_000\Documents\Visual Studio 2015 2015-08-09 21:55 - 2015-08-09 21:55 - 00000000 ____D C:\Program Files (x86)\Xamarin 2015-08-09 21:54 - 2015-08-09 21:55 - 00000000 ____D C:\ProgramData\Monodoc 2015-08-09 20:42 - 2015-08-09 20:42 - 00000000 ____D C:\Program Files\Application Verifier 2015-08-09 20:42 - 2015-08-09 20:42 - 00000000 ____D C:\Program Files (x86)\Application Verifier 2015-08-09 20:41 - 2015-08-09 20:41 - 00000000 ____D C:\ProgramData\Windows App Certification Kit 2015-08-09 20:27 - 2015-08-09 20:27 - 00000000 ____D C:\Program Files (x86)\AppInsights 2015-08-09 20:26 - 2015-08-09 20:26 - 00000000 ____D C:\ProgramData\NuGet 2015-08-09 20:26 - 2015-08-09 20:26 - 00000000 ____D C:\Program Files (x86)\NuGet 2015-08-09 19:56 - 2015-08-09 19:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android SDK Tools 2015-08-09 19:54 - 2015-08-09 19:54 - 00000000 ____D C:\Program Files (x86)\Android 2015-08-09 19:50 - 2015-08-09 19:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 8.0 2015-08-09 19:43 - 2015-08-09 19:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 5 SDK - Deutsch 2015-08-09 19:39 - 2015-08-09 19:39 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition 2015-08-09 19:30 - 2015-08-09 20:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits 2015-08-09 19:29 - 2015-08-09 19:29 - 00000000 ____D C:\ProgramData\PreEmptive Solutions 2015-08-09 19:28 - 2015-08-09 19:28 - 00000000 ____D C:\Program Files (x86)\ShellDir 2015-08-09 19:21 - 2015-08-09 19:21 - 00000000 ____D C:\ProgramData\Microsoft DNX 2015-08-09 19:21 - 2015-08-09 19:21 - 00000000 ____D C:\Program Files\Microsoft DNX 2015-08-09 19:08 - 2015-08-09 19:16 - 00000000 ____D C:\Program Files (x86)\Microsoft Web Tools 2015-08-09 19:08 - 2015-08-09 19:08 - 00000000 ____D C:\Users\Administrator\Documents\ManageYourLife 1.0.0 2015-08-09 19:05 - 2015-08-09 19:05 - 00000000 ____D C:\Program Files\IIS Express 2015-08-09 19:05 - 2015-08-09 19:05 - 00000000 ____D C:\Program Files (x86)\IIS Express 2015-08-09 19:03 - 2015-08-09 19:03 - 00000000 ____D C:\Program Files (x86)\Microsoft Office365 Tools 2015-08-09 19:01 - 2015-08-09 19:01 - 00000000 ____D C:\Program Files (x86)\Microsoft WCF Data Services 2015-08-09 18:58 - 2015-08-09 18:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression 2015-08-09 18:56 - 2015-08-09 18:56 - 00001536 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2015.lnk 2015-08-09 18:53 - 2015-08-09 18:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 8.1 2015-08-09 18:53 - 2015-08-09 18:53 - 00000000 ____D C:\Program Files (x86)\Windows Phone Silverlight Kits 2015-08-09 18:52 - 2015-08-09 19:50 - 00000000 ____D C:\Program Files (x86)\Windows Phone Kits 2015-08-09 18:52 - 2015-08-09 19:48 - 00000000 ____D C:\Program Files (x86)\Microsoft XDE 2015-08-09 18:48 - 2015-08-09 18:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012 2015-08-09 18:40 - 2015-08-09 18:40 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 12.0 2015-08-09 18:40 - 2015-08-09 18:40 - 00000000 ____D C:\Program Files (x86)\HTML Help Workshop 2015-08-09 18:30 - 2015-08-09 18:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015 2015-08-09 18:27 - 2015-08-09 18:27 - 00000000 ____D C:\Windows\symbols 2015-08-09 18:22 - 2015-08-09 19:40 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server 2015-08-09 18:22 - 2015-08-09 18:35 - 00000000 ____D C:\Windows\SysWOW64\1031 2015-08-09 18:22 - 2015-08-09 18:26 - 00000000 ____D C:\Windows\system32\1033 2015-08-09 18:22 - 2015-08-09 18:22 - 00001537 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015.lnk 2015-08-09 18:22 - 2015-08-09 18:22 - 00000000 ____D C:\Windows\SysWOW64\1033 2015-08-09 18:12 - 2015-08-12 15:01 - 00001407 _____ C:\Windows\setupact.log 2015-08-09 18:12 - 2015-08-09 21:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 14.0 2015-08-09 18:12 - 2015-08-09 18:22 - 00000000 ____D C:\Windows\system32\1031 2015-08-09 18:12 - 2015-08-09 18:12 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 14.0 2015-08-09 18:12 - 2015-08-09 18:12 - 00000000 _____ C:\Windows\setuperr.log 2015-08-09 17:57 - 2015-06-22 08:31 - 00027840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll 2015-08-09 17:56 - 2015-06-22 08:30 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll 2015-08-09 17:54 - 2015-08-09 17:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iFreeUp 2015-08-09 17:47 - 2015-08-09 17:47 - 64294912 _____ C:\Windows\system32\config\COMPONENTS.iobit 2015-08-09 17:47 - 2015-08-09 17:47 - 05189632 _____ C:\Windows\system32\config\DRIVERS.iobit 2015-08-09 17:32 - 2015-06-04 15:28 - 00961192 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll 2015-08-09 17:32 - 2015-06-04 15:28 - 00062304 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:28 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:28 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:28 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:28 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:28 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:28 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:28 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:28 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:28 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:28 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:28 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:28 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:28 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:28 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00883712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00064352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2015-08-09 17:32 - 2015-06-04 15:26 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2015-08-09 17:24 - 2015-08-09 17:43 - 873116238 _____ C:\Users\hendr_000\Downloads\metasploitable-linux-2.0.0.zip 2015-08-09 17:23 - 2015-08-10 15:46 - 00000000 ____D C:\ProgramData\VsTelemetry 2015-08-09 17:23 - 2015-08-09 17:23 - 03099760 _____ (Microsoft Corporation) C:\Users\hendr_000\Downloads\vs_community.exe 2015-08-08 19:48 - 2015-08-08 19:48 - 00000000 ____D C:\Program Files\Registrar Registry Manager 2015-08-08 19:45 - 2015-08-08 19:45 - 05032752 _____ (Resplendence Software Projects Sp. ) C:\Users\hendr_000\Downloads\RegistrarHomeV7.exe 2015-08-08 18:39 - 2015-08-09 19:24 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET 2015-08-08 18:39 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-08-08 18:39 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-08-08 18:39 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-08-08 18:39 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-08-08 18:39 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-08-08 18:39 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-08-08 18:39 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-08-08 18:39 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-08-08 18:39 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-08-08 18:39 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-08-08 18:39 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2015-08-08 18:39 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-08-08 18:39 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-08-08 18:39 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-08-08 18:39 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-08-08 18:39 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-08-08 18:39 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-08-08 18:38 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2015-08-08 18:38 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-08-07 17:20 - 2015-08-07 17:20 - 00052736 _____ C:\Users\hendr_000\Desktop\CopyBootLog.exe 2015-08-07 15:41 - 2015-08-07 15:41 - 00000000 ____D C:\Users\hendr_000\Downloads\geek_13346 2015-08-07 14:07 - 2015-08-07 14:07 - 00000000 ____D C:\Users\hendr_000\Downloads\gcc-5.1.0 2015-08-06 19:46 - 2015-08-06 20:38 - 00075139 _____ C:\Users\hendr_000\Desktop\Storereparatur.log 2015-08-06 18:26 - 2015-08-06 18:26 - 00000000 ____D C:\RefreshImage 2015-08-02 14:06 - 2015-08-02 14:07 - 07407166 _____ C:\Users\hendr_000\Downloads\AdventureMap ZeFlu.zip 2015-08-01 11:12 - 2015-08-01 11:12 - 00000440 _____ C:\Users\hendr_000\Downloads\App-Fix.zip 2015-08-01 11:00 - 2015-08-01 11:00 - 00000000 ____D C:\Windows\SysWOW64\RTCOM 2015-08-01 10:59 - 2015-08-01 10:59 - 00000000 ____D C:\Program Files\Realtek 2015-08-01 10:58 - 2000-01-01 02:00 - 05804772 _____ C:\Windows\system32\Drivers\rtvienna.dat 2015-08-01 10:58 - 2000-01-01 02:00 - 04460760 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys 2015-08-01 10:58 - 2000-01-01 02:00 - 03262184 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 02907864 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 02702040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl 2015-08-01 10:58 - 2000-01-01 02:00 - 02162992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 01413776 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 01104040 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00943784 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00856992 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00837776 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00734376 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00654480 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00544400 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.DLL 2015-08-01 10:58 - 2000-01-01 02:00 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00454288 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00435344 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00369296 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00329360 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00329360 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00250536 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00213432 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaemaxapo64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll 2015-08-01 10:58 - 2000-01-01 02:00 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 72113152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat 2015-08-01 10:57 - 2000-01-01 02:00 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 05706688 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV2apo.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 03218800 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 02847448 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 02532056 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 02036495 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT 2015-08-01 10:57 - 2000-01-01 02:00 - 01739992 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 01316056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 00631000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 00168816 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll 2015-08-01 10:57 - 2000-01-01 02:00 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 14048512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 12975360 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 12834736 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO4064.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 05234952 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 02789808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO7064.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 01499984 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 01365768 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 01313904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 01136728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 00995120 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 00979280 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 00922880 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll 2015-08-01 10:56 - 2000-01-01 02:00 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 07087448 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 06242576 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 03182104 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 01939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 01933584 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 01559744 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00336144 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00328816 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00284944 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll 2015-08-01 10:55 - 2000-01-01 02:00 - 00096568 _____ C:\Windows\system32\audioLibVc.dll 2015-08-01 10:54 - 2000-01-01 02:00 - 00560328 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll 2015-08-01 10:54 - 2000-01-01 02:00 - 00109848 _____ C:\Windows\system32\AcpiServiceVnA64.dll 2015-07-31 17:00 - 2015-07-31 17:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved 2015-07-31 16:59 - 2015-08-01 10:52 - 00000000 ____D C:\Users\hendr_000\AppData\Roaming\Raptr 2015-07-31 16:59 - 2015-07-31 17:00 - 00000000 ____D C:\Program Files (x86)\Raptr 2015-07-31 16:49 - 2015-07-31 16:51 - 00192816 _____ C:\Users\hendr_000\Downloads\raptr_installer.exe 2015-07-31 14:18 - 2015-08-06 19:03 - 00004270 _____ C:\Users\hendr_000\Desktop\FixMetro.cmd 2015-07-31 10:17 - 2015-07-31 10:17 - 00000308 _____ C:\Users\hendr_000\Desktop\MetroTwit.appref-ms 2015-07-31 10:17 - 2015-07-31 10:17 - 00000000 ____D C:\Users\hendr_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pixel Tucker Pty Ltd 2015-07-30 19:07 - 2015-07-30 20:49 - 2147484783 _____ C:\Users\hendr_000\Downloads\kali-linux-1.1.0a-i386.iso 2015-07-29 20:55 - 2015-07-29 20:58 - 19302676 _____ C:\Users\hendr_000\Downloads\CommunityShowcaseNaturalLandscapes3.themepack 2015-07-29 20:48 - 2015-07-29 20:48 - 00536906 _____ C:\Users\hendr_000\Downloads\apps.diagcab 2015-07-29 20:48 - 2015-07-29 20:48 - 00423962 _____ C:\Users\hendr_000\Downloads\AppsDiagnostic.diagcab 2015-07-29 17:25 - 2013-06-18 15:12 - 00090304 _____ (Sysinternals) C:\Windows\system32\strings.exe 2015-07-29 17:24 - 2013-06-18 15:12 - 00090304 _____ (Sysinternals) C:\Users\hendr_000\Downloads\strings.exe 2015-07-29 17:23 - 2015-07-29 17:23 - 00050298 _____ C:\Users\hendr_000\Downloads\Strings.zip 2015-07-29 17:13 - 2015-07-29 17:13 - 00000000 ____D C:\Users\hendr_000\AppData\Local\GWX 2015-07-29 17:12 - 2015-07-29 17:12 - 00000000 ____D C:\Users\hendr_000\Downloads\win10fix_full_german.bat_ 2015-07-29 17:11 - 2015-07-29 17:11 - 00002929 _____ C:\Users\hendr_000\Downloads\win10fix_full_german.bat_.zip 2015-07-29 16:55 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll 2015-07-29 16:55 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll 2015-07-29 16:54 - 2015-06-09 20:27 - 00411133 _____ C:\Windows\system32\ApnDatabase.xml 2015-07-29 16:53 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2015-07-29 16:53 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll 2015-07-29 16:53 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll 2015-07-29 16:52 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2015-07-29 16:52 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2015-07-29 16:52 - 2015-06-10 00:39 - 00081920 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS 2015-07-29 16:52 - 2015-06-10 00:39 - 00053248 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys 2015-07-29 16:52 - 2015-06-10 00:38 - 01201664 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys 2015-07-28 16:43 - 2015-07-28 16:43 - 00001011 _____ C:\Users\hendr_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FastCopy.lnk 2015-07-28 16:43 - 2015-07-28 16:43 - 00000981 _____ C:\Users\hendr_000\Desktop\FastCopy.lnk 2015-07-28 16:43 - 2015-07-28 16:43 - 00000000 ____D C:\Users\hendr_000\AppData\Roaming\FastCopy 2015-07-28 16:43 - 2015-07-28 16:43 - 00000000 ____D C:\Program Files\FastCopy 2015-07-27 18:36 - 2015-07-27 18:37 - 04954736 _____ (Microsoft Corporation) C:\Users\hendr_000\Downloads\WindowsSetupBox.exe 2015-07-27 18:10 - 2015-07-27 18:10 - 00060965 _____ C:\Users\hendr_000\Downloads\pkeyuibx_v1.5.0.zip 2015-07-27 18:08 - 2015-07-27 18:08 - 01198368 _____ C:\Users\hendr_000\Downloads\Windows Product Key Viewer - CHIP-Installer.exe 2015-07-27 18:02 - 2015-07-27 18:02 - 01198368 _____ C:\Users\hendr_000\Downloads\Windows 8 1 Setup Tool - CHIP-Installer.exe 2015-07-26 17:15 - 2015-07-26 17:15 - 00000000 ____D C:\Users\hendr_000\Downloads\rawwritewin-0.7 2015-07-26 16:33 - 2015-07-26 16:33 - 00000000 ____D C:\Users\hendr_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++ 2015-07-26 16:30 - 2015-07-26 17:14 - 00000000 ____D C:\Users\hendr_000\Desktop\ownOS 2015-07-26 16:27 - 2015-07-26 16:27 - 00214786 _____ C:\Users\hendr_000\Downloads\rawwritewin-0.7.zip 2015-07-26 16:27 - 2015-07-26 16:27 - 00000000 ____D C:\rawrite 2015-07-26 16:24 - 2015-07-26 16:25 - 00000000 ____D C:\NASM 2.11.08 2015-07-26 16:23 - 2015-07-26 16:23 - 00802892 _____ C:\Users\hendr_000\Downloads\nasm-2.11.08-installer.exe 2015-07-26 16:21 - 2015-07-26 16:22 - 01398894 _____ C:\Users\hendr_000\Downloads\nasm-2.11.08.zip 2015-07-25 21:07 - 2015-07-25 21:41 - 00428047 _____ C:\Users\hendr_000\Desktop\FastCopy211_x64.zip 2015-07-25 21:07 - 2015-07-25 21:07 - 00427277 _____ C:\Windows\SysWOW64\FastCopy211_x64.zip 2015-07-25 21:05 - 2015-07-25 21:05 - 00516664 _____ ( ) C:\Users\hendr_000\Downloads\FastCopy211_x64_CB-DL-Manager.exe 2015-07-25 16:55 - 2015-07-25 16:55 - 00000000 _____ C:\Windows\SysWOW64\InstallLocation 2015-07-24 14:03 - 2015-07-24 14:03 - 00000000 ____D C:\Users\hendr_000\AppData\Local\Steam 2015-07-24 14:03 - 2015-07-24 14:03 - 00000000 ____D C:\Users\hendr_000\AppData\Local\CEF 2015-07-23 19:02 - 2015-07-31 10:26 - 00000000 ____D C:\Program Files (x86)\Steam 2015-07-23 19:02 - 2015-07-23 19:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2015-07-23 19:00 - 2015-07-23 19:01 - 01476720 _____ C:\Users\hendr_000\Downloads\SteamSetup.exe 2015-07-23 18:25 - 2015-07-23 18:35 - 606076928 _____ C:\Users\hendr_000\Downloads\ubuntu-14.04.2-server-i386.iso 2015-07-23 18:21 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-07-23 18:10 - 2015-07-23 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox 2015-07-23 18:10 - 2015-07-23 18:10 - 00000000 ____D C:\Program Files\Oracle 2015-07-23 18:10 - 2015-07-09 12:09 - 00958736 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys 2015-07-23 18:10 - 2015-07-09 12:09 - 00138904 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys 2015-07-21 14:11 - 2015-06-25 04:31 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-07-21 14:10 - 2015-06-16 00:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe 2015-07-21 14:10 - 2015-06-16 00:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2015-07-21 14:10 - 2015-06-15 23:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe 2015-07-21 14:10 - 2015-06-15 23:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2015-07-21 14:10 - 2015-06-15 22:50 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2015-07-21 14:10 - 2015-06-15 21:57 - 02460160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2015-07-21 14:09 - 2015-06-28 07:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-07-21 14:09 - 2015-06-28 07:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-07-21 14:09 - 2015-06-28 07:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2015-07-21 14:09 - 2015-06-28 07:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-07-21 14:09 - 2015-06-27 18:42 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2015-07-21 14:09 - 2015-06-27 05:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2015-07-21 14:09 - 2015-06-27 05:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2015-07-21 14:09 - 2015-06-27 05:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2015-07-21 14:09 - 2015-06-27 04:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2015-07-21 14:09 - 2015-06-27 04:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-07-21 14:09 - 2015-06-27 04:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-07-21 14:09 - 2015-06-27 03:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2015-07-21 14:09 - 2015-06-27 03:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-07-21 14:07 - 2015-07-09 20:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-07-21 14:07 - 2015-06-27 05:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-07-21 14:07 - 2015-06-27 05:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-07-21 14:07 - 2015-06-27 04:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-07-21 14:07 - 2015-05-30 23:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll 2015-07-21 14:07 - 2015-05-30 21:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll 2015-07-21 14:07 - 2015-05-30 21:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2015-07-21 12:56 - 2015-07-02 00:08 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-07-21 12:56 - 2015-07-01 23:14 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-07-21 12:55 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-07-21 12:55 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-07-21 12:53 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-07-21 12:52 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-07-21 12:52 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-07-21 12:52 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-07-21 12:52 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-07-21 12:52 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-07-21 12:51 - 2015-06-16 00:39 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-07-21 12:51 - 2015-06-16 00:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-07-21 12:51 - 2015-06-16 00:26 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-07-21 12:51 - 2015-06-16 00:24 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-07-21 12:51 - 2015-06-16 00:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2015-07-21 12:51 - 2015-06-15 23:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-07-21 12:51 - 2015-06-15 23:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-07-21 12:51 - 2015-06-15 23:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2015-07-21 12:51 - 2015-06-15 23:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-07-21 12:51 - 2015-06-15 23:49 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2015-07-21 12:51 - 2015-06-15 23:41 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-07-21 12:51 - 2015-06-15 23:38 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-07-21 12:51 - 2015-06-15 23:36 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-07-21 12:51 - 2015-06-15 23:17 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2015-07-21 12:51 - 2015-06-15 23:16 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-07-21 12:51 - 2015-06-15 23:15 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-07-21 12:51 - 2015-06-15 23:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-07-21 12:51 - 2015-06-15 23:04 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-07-21 12:51 - 2015-06-15 23:03 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-07-21 12:51 - 2015-06-15 22:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-07-21 12:51 - 2015-06-15 22:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2015-07-21 12:51 - 2015-06-15 22:44 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-07-21 12:51 - 2015-06-15 22:43 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-07-21 12:51 - 2015-06-15 22:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2015-07-21 12:51 - 2015-06-15 22:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-07-21 12:51 - 2015-06-15 22:37 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2015-07-21 12:51 - 2015-06-15 22:32 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2015-07-21 12:51 - 2015-06-15 22:31 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-07-21 12:51 - 2015-06-15 22:30 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-07-21 12:51 - 2015-06-15 22:30 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-07-21 12:51 - 2015-06-15 22:17 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll 2015-07-21 12:51 - 2015-06-15 22:07 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-07-21 12:51 - 2015-06-15 22:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-07-21 12:48 - 2015-06-16 07:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2015-07-21 12:48 - 2015-06-16 07:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2015-07-21 12:48 - 2015-06-11 05:49 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2015-07-21 12:48 - 2015-06-10 18:13 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2015-07-21 12:47 - 2015-07-14 16:14 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-07-21 12:47 - 2015-07-14 16:14 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2015-07-21 12:47 - 2015-07-14 16:14 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2015-07-21 12:47 - 2015-07-14 16:13 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-07-21 12:22 - 2015-07-21 12:45 - 00000000 ____D C:\Users\hendr_000\AppData\Local\ftblauncher 2015-07-21 12:22 - 2015-07-21 12:37 - 00000000 ____D C:\Users\hendr_000\AppData\Roaming\ftblauncher 2015-07-21 12:20 - 2015-07-21 12:21 - 06628862 _____ () C:\Users\hendr_000\Downloads\FTB_Launcher.exe ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-08-12 16:01 - 2015-06-07 17:02 - 00000000 ____D C:\FRST 2015-08-12 16:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru 2015-08-12 15:48 - 2014-01-25 17:33 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-532561150-3242956754-1626305917-1001 2015-08-12 15:43 - 2014-08-23 12:55 - 00000000 ____D C:\Users\hendr_000\AppData\Roaming\Notepad++ 2015-08-12 15:43 - 2014-08-23 12:55 - 00000000 ____D C:\Program Files (x86)\Notepad++ 2015-08-12 15:39 - 2014-01-27 17:50 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-08-12 15:32 - 2015-05-30 06:36 - 01746388 _____ C:\Windows\WindowsUpdate.log 2015-08-12 15:05 - 2015-04-08 14:50 - 00005188 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for ARBEITSRECHNER-hendrik_2002 Arbeitsrechner 2015-08-12 15:04 - 2014-01-25 17:44 - 00000000 __RDO C:\Users\hendr_000\SkyDrive 2015-08-12 15:01 - 2015-01-29 19:14 - 00000000 ____D C:\ProgramData\VMware 2015-08-12 15:01 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-08-11 21:00 - 2014-02-23 22:06 - 00065536 _____ C:\Windows\system32\spu_storage.bin 2015-08-11 20:22 - 2014-04-02 09:03 - 00000000 ____D C:\AdwCleaner 2015-08-11 20:13 - 2014-09-06 11:25 - 00000000 ____D C:\Users\Administrator 2015-08-11 20:13 - 2014-08-24 11:19 - 00000000 ____D C:\Users\Niklas Steinmetz.HendriksPodpal 2015-08-11 20:13 - 2014-02-23 22:13 - 00000000 ____D C:\Users\Dirk 2015-08-11 20:13 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\Resources 2015-08-11 18:26 - 2015-06-06 13:31 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-08-11 18:25 - 2015-06-06 13:30 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-08-10 18:36 - 2014-06-21 18:57 - 00000000 ____D C:\Users\hendr_000\AppData\Roaming\.minecraft 2015-08-10 18:36 - 2014-02-23 22:13 - 00000000 ____D C:\Users\hendr_000 2015-08-10 18:05 - 2015-06-24 19:06 - 00057216 _____ C:\Users\hendr_000\Desktop\loaded_drivers.txt 2015-08-10 16:11 - 2015-01-29 19:22 - 00000000 ____D C:\Users\hendr_000\AppData\Local\VMware 2015-08-10 16:05 - 2015-01-29 19:22 - 00000000 ____D C:\Users\hendr_000\AppData\Roaming\VMware 2015-08-09 22:14 - 2013-08-22 16:44 - 00396520 _____ C:\Windows\system32\FNTCACHE.DAT 2015-08-09 22:10 - 2015-06-30 10:08 - 00000286 _____ C:\Windows\Tasks\ASC8_SkipUac_hendrik_2002.job 2015-08-09 21:54 - 2014-02-23 21:45 - 00000000 ____D C:\Program Files (x86)\MSBuild 2015-08-09 21:52 - 2015-01-21 12:40 - 00000000 ____D C:\ProgramData\Package Cache 2015-08-09 21:43 - 2014-12-06 13:11 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs 2015-08-09 21:22 - 2014-03-07 20:13 - 00000000 ____D C:\Users\hendr_000\.android 2015-08-09 19:40 - 2015-05-12 17:39 - 00000000 ____D C:\Program Files\Microsoft SQL Server 2015-08-09 19:40 - 2014-12-06 13:23 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2015-08-09 19:38 - 2015-05-12 17:44 - 00000000 ____D C:\Program Files (x86)\Windows Kits 2015-08-09 19:05 - 2012-07-26 09:59 - 00000000 ____D C:\Windows\CbsTemp 2015-08-09 18:53 - 2015-05-12 17:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0 2015-08-09 18:47 - 2015-05-12 17:29 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0 2015-08-09 18:27 - 2015-05-12 17:43 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer 2015-08-09 18:14 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2015-08-09 18:03 - 2015-03-09 20:30 - 00000000 ____D C:\Users\hendr_000\AppData\Local\Eclipse 2015-08-09 17:53 - 2015-02-04 18:04 - 00000000 ____D C:\Users\hendr_000\AppData\Roaming\IObit 2015-08-09 17:53 - 2015-02-04 18:03 - 00000000 ____D C:\Program Files (x86)\IObit 2015-08-09 17:50 - 2015-01-30 12:12 - 00000000 ____D C:\Users\hendr_000\VirtualBox VMs 2015-08-09 17:50 - 2015-01-30 12:11 - 00000000 ____D C:\Users\hendr_000\.VirtualBox 2015-08-09 17:47 - 2014-02-06 21:33 - 00246272 ___SH C:\Users\hendr_000\Desktop\Thumbs.db 2015-08-09 17:20 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF 2015-08-08 20:08 - 2015-04-07 08:46 - 00000000 ____D C:\Users\hendr_000\workspace_projects 2015-08-08 19:58 - 2014-12-10 21:15 - 00000000 ____D C:\Windows\system32\appraiser 2015-08-08 19:58 - 2014-07-31 18:06 - 00000000 ___SD C:\Windows\system32\CompatTel 2015-08-08 19:55 - 2014-02-09 10:06 - 00000000 ____D C:\Users\hendr_000\AppData\Local\CrashDumps 2015-08-07 18:28 - 2015-05-12 17:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2013 2015-08-06 18:29 - 2014-02-23 22:13 - 00012102 _____ C:\Windows\diagerr.xml 2015-08-06 18:29 - 2014-02-23 22:13 - 00011231 _____ C:\Windows\diagwrn.xml 2015-08-05 20:13 - 2015-06-07 16:59 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2015-08-05 16:05 - 2015-06-06 13:56 - 00000000 ____D C:\ProgramData\HitmanPro 2015-08-02 19:14 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache 2015-08-01 11:02 - 2013-10-08 16:45 - 00000000 ___HD C:\Program Files (x86)\Temp 2015-07-31 18:02 - 2014-02-23 22:06 - 00000000 ____D C:\AMD 2015-07-31 14:12 - 2014-07-27 17:04 - 00000000 ____D C:\Users\hendr_000\.eclipse 2015-07-31 10:28 - 2015-01-29 19:28 - 00000000 ____D C:\Users\hendr_000\Documents\Virtual Machines 2015-07-31 10:20 - 2014-03-22 10:15 - 00000000 ____D C:\Users\hendr_000\AppData\Local\Deployment 2015-07-30 21:48 - 2013-08-22 15:25 - 00786432 ___SH C:\Windows\system32\config\BBI 2015-07-30 16:49 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\FxsTmp 2015-07-29 18:34 - 2014-01-25 17:39 - 00000000 ____D C:\Users\hendr_000\AppData\Local\Apps\2.0 2015-07-25 21:05 - 2015-04-09 11:57 - 00000000 ___SD C:\Windows\system32\GWX 2015-07-25 17:32 - 2014-01-25 17:00 - 00000000 ____D C:\Users\hendr_000\AppData\Local\Packages 2015-07-24 16:28 - 2014-12-24 19:48 - 00000000 ____D C:\Program Files (x86)\Minecraft 2015-07-24 16:27 - 2015-01-14 12:48 - 00000000 ____D C:\Users\hendr_000\.gimp-2.8 2015-07-24 14:10 - 2015-02-04 18:03 - 00000000 ____D C:\ProgramData\IObit 2015-07-23 21:37 - 2015-04-09 11:57 - 00000000 ___SD C:\Windows\SysWOW64\GWX 2015-07-23 20:17 - 2014-02-06 20:36 - 00000000 ____D C:\Windows\system32\MRT 2015-07-23 19:20 - 2014-02-11 19:35 - 00000000 ____D C:\Users\hendr_000\AppData\Roaming\FileZilla 2015-07-23 18:12 - 2015-06-09 16:53 - 00000000 ____D C:\Users\hendr_000\Downloads\forge 2015-07-23 18:11 - 2015-06-09 16:57 - 00000000 ____D C:\Users\hendr_000\Downloads\setups 2015-07-21 14:09 - 2014-01-25 17:21 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2015-07-21 14:08 - 2014-12-23 17:32 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2015-07-21 12:50 - 2014-03-29 20:01 - 00004120 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-07-21 12:50 - 2014-03-29 20:01 - 00003884 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-07-21 12:50 - 2014-03-29 20:01 - 00001148 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-07-21 12:50 - 2014-03-29 20:01 - 00001144 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-07-21 12:36 - 2014-01-25 17:34 - 00000000 ____D C:\Program Files\Microsoft Office 15 2015-07-21 12:28 - 2014-03-07 21:33 - 00000000 ____D C:\ProgramData\Oracle 2015-07-21 12:25 - 2014-12-24 21:28 - 00110688 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2015-07-21 12:25 - 2014-12-24 21:27 - 00000000 ____D C:\Program Files\Java 2015-07-13 23:10 - 2015-03-14 09:02 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-07-13 23:10 - 2015-03-14 09:02 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-02-26 20:51 - 2015-02-26 20:51 - 0000000 ___RH () C:\Users\hendr_000\AppData\Roaming\b4d6e8f4ed70928182ebe608f6b39bab2 2015-05-15 12:12 - 2015-05-15 12:12 - 0000046 _____ () C:\Users\hendr_000\AppData\Roaming\Camdata.ini 2015-05-15 12:12 - 2015-05-15 12:12 - 0000408 _____ () C:\Users\hendr_000\AppData\Roaming\CamLayout.ini 2015-05-15 12:12 - 2015-05-15 12:12 - 0000408 _____ () C:\Users\hendr_000\AppData\Roaming\CamShapes.ini 2015-05-15 12:12 - 2015-05-15 12:12 - 0004536 _____ () C:\Users\hendr_000\AppData\Roaming\CamStudio.cfg 2014-09-01 10:18 - 2014-09-01 10:18 - 0002086 _____ () C:\Users\hendr_000\AppData\Roaming\UIZJU 2015-05-15 12:11 - 2015-05-15 12:11 - 0000096 _____ () C:\Users\hendr_000\AppData\Roaming\version2.xml 2014-03-07 21:43 - 2014-12-23 16:55 - 0000113 _____ () C:\Users\hendr_000\AppData\Roaming\WB.CFG 2014-12-08 18:03 - 2014-12-08 18:03 - 0202370 _____ () C:\Users\hendr_000\AppData\Local\debuggee.mdmp 2015-01-29 21:01 - 2015-07-01 11:23 - 0000600 _____ () C:\Users\hendr_000\AppData\Local\PUTTY.RND 2015-06-22 17:08 - 2015-06-22 17:08 - 0002836 _____ () C:\Users\hendr_000\AppData\Local\recently-used.xbel 2014-12-26 12:55 - 2015-04-18 07:59 - 0007595 _____ () C:\Users\hendr_000\AppData\Local\Resmon.ResmonCfg 2015-01-27 09:36 - 2015-01-27 09:36 - 0000000 _____ () C:\Users\hendr_000\AppData\Local\{A9E8EC64-9A12-4DF0-8909-6F0BE58BB854} 2015-03-22 17:22 - 2015-03-22 17:22 - 0740775 _____ () C:\ProgramData\AndyDrivers.zip 2015-06-06 14:28 - 2015-06-06 14:28 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Einige Dateien in TEMP: ==================== C:\Users\Administrator\AppData\Local\Temp\borlndlm.dll C:\Users\Dirk\AppData\Local\Temp\{9AB2D6BA-D314-4579-92EB-5166BD3BD792}-35.0.1916.153_chrome_installer.exe C:\Users\hendr_000\AppData\Local\Temp\npp.6.8.1.Installer.exe C:\Users\hendr_000\AppData\Local\Temp\Quarantine.exe C:\Users\hendr_000\AppData\Local\Temp\sqlite3.dll C:\Users\hendr_000\AppData\Local\Temp\xmlUpdater.exe ==================== Bamital & volsnap Check ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-08-06 17:13 ==================== Ende von Ergebnis ============================ Geändert von Wandalensalz (12.08.2015 um 14:59 Uhr) |
12.08.2015, 15:10 | #10 |
| Windows 8.1 Metro-Apps starten minimiert Addtion.txt: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:11-08-2015 02 durchgeführt von hendrik_2002 (2015-08-12 16:04:29) Gestartet von C:\Users\hendr_000\Desktop\Logs Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-532561150-3242956754-1626305917-500 - Administrator - Enabled) => C:\Users\Administrator Dirk (S-1-5-21-532561150-3242956754-1626305917-1004 - Administrator - Enabled) => C:\Users\Dirk Dummy-Account (S-1-5-21-532561150-3242956754-1626305917-1013 - Limited - Enabled) Gast (S-1-5-21-532561150-3242956754-1626305917-501 - Limited - Disabled) Hendrik2002 (S-1-5-21-532561150-3242956754-1626305917-1017 - Administrator - Enabled) hendrik_2002 (S-1-5-21-532561150-3242956754-1626305917-1001 - Administrator - Enabled) => C:\Users\hendr_000 HomeGroupUser$ (S-1-5-21-532561150-3242956754-1626305917-1006 - Limited - Enabled) Katja (S-1-5-21-532561150-3242956754-1626305917-1009 - Administrator - Enabled) Niklas Steinmetz (S-1-5-21-532561150-3242956754-1626305917-1008 - Limited - Enabled) => C:\Users\Niklas Steinmetz.HendriksPodpal ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated) AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2022 - Acer Incorporated) Adobe After Effects 7.0 (HKLM-x32\...\Adobe After Effects 7.0) (Version: 7.0.0.244 - Adobe Systems, Inc.) Adobe Flash Player 17 NPAPI (HKLM-x32\...\{F22C3C05-B1D9-47FF-AA17-4F9DCBFE850F}) (Version: 17.0.0.134 - Adobe Systems Incorporated) Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated) Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.) Adobe Premiere Pro 2.0 (HKLM-x32\...\Adobe Premiere Pro 2.0) (Version: 2.000.000 - Adobe Systems, Inc.) Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated) Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.3.0 - IObit) AMD Catalyst Install Manager (HKLM\...\{ACF4E7FE-650D-9BD7-BAE5-1AD061F40F69}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.) Application Insights Tools for Visual Studio 2015 (x32 Version: 3.3.1 - Microsoft Corporation) Hidden Ashampoo WinOptimizer 2015 v.11.00.50 (HKLM-x32\...\{4209F371-3276-A8F7-B851-845A83732AB4}_is1) (Version: 11.00.50 - Ashampoo GmbH & Co. KG) Assassin's Creed Revelations 1.03 (HKLM-x32\...\{33A22B2D-55BA-4508-B767-BF2E9C21A73F}) (Version: 1.03 - Ubisoft) Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team) Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden Bandicam (HKLM-x32\...\Bandicam) (Version: 2.1.2.740 - Bandisoft.com) Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com) Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.51210.80 - Microsoft Corporation) Hidden Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.51210.80 - Microsoft Corporation) Hidden Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden Blend for Visual Studio SDK for Windows Phone 8.0 (x32 Version: 3.0.30924.0 - Microsoft Corporation) Hidden Blender (HKLM\...\Blender) (Version: 2.73a - Blender Foundation) Borland C++Builder 6 (HKLM-x32\...\{2864C41B-EF2D-4640-95A2-526276524519}) (Version: 6.0 - Borland Software Corporation) Brackets (HKLM-x32\...\{4BCC5124-095C-4871-8562-55FA29DD8773}) (Version: 1.1 - brackets.io) Build Tools - amd64 (Version: 12.0.31010 - Microsoft Corporation) Hidden Build Tools - x86 (x32 Version: 12.0.31010 - Microsoft Corporation) Hidden Build Tools for Windows 10 (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden Build Tools Language Resources - amd64 (Version: 12.0.31010 - Microsoft Corporation) Hidden Build Tools Language Resources - x86 (x32 Version: 12.0.31010 - Microsoft Corporation) Hidden Buildtools für Windows 10 - DEU (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform) clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.2012 - Acer Incorporated) clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.2016 - Acer Incorporated) clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden CodedUITest81 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden CodedUITestUAP (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden Craften Terminal 4.1.1 (HKLM-x32\...\{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1) (Version: 4.1.1 - Craften.de) Crossfire Europe (HKLM-x32\...\Crossfire Europe) (Version: 1.172 - SG Europe) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Devenv-Ressourcen für Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden Dotfuscator and Analytics Community Edition 5.18.1 (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden Dotfuscator and Analytics Community Edition Language Pack 5.18.1 de-DE (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden Entity Framework 6.1.3 Tools for Visual Studio 2015 (HKLM-x32\...\{1A8A9739-BAD7-491F-B5B9-A79A2B965422}) (Version: 14.0.40302.0 - Microsoft Corporation) Epic Games Launcher (HKLM\...\{84438A71-40ED-4E6F-9C7E-58FE0F61F692}) (Version: 1.1.28.0 - Epic Games, Inc.) Erforderliche Komponenten für SSDT (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation) ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) FileZilla (remove only) (HKLM-x32\...\FileZilla) (Version: - ) FileZilla Client 3.10.2 (HKLM-x32\...\FileZilla Client) (Version: 3.10.2 - Tim Kosse) Firefox Developer Edition 40.0a2 (x86 en-US) (HKLM-x32\...\Firefox Developer Edition 40.0a2 (x86 en-US)) (Version: 40.0a2 - Mozilla) Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Free Pascal 2.6.4 (HKLM-x32\...\FreePascal_is1) (Version: - Free Pascal Team) Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2015 Sprachpaket (DEU) - v1.5 (x32 Version: 1.5.30619.1602 - Microsoft Corporation) Hidden GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team) Git version 1.9.5-preview20150319 (HKLM-x32\...\Git_is1) (Version: 1.9.5-preview20150319 - The Git Development Community) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.130 - Google Inc.) Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software) HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.242 - SurfRight B.V.) IDE Tools for Windows 10 (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3006 - Acer Incorporated) IDE-Tools für Windows 10 - DEU (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden iFreeUp 1.0 (HKLM-x32\...\iFreeUp_is1) (Version: 1.0.10 - IObit) IIS 10.0 Express (HKLM\...\{5984D8DA-C1AF-4284-9C88-D7150425B315}) (Version: 10.0.1734 - Microsoft Corporation) IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - ) IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - ) Intellisense Lang Pack Mobile Extension SDK 10.0.10240.0 (x32 Version: 10.0.10240.0 - Microsoft Corporation) Hidden Java 7 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417025F0}) (Version: 7.0.250 - Oracle) Java 7 Update 75 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417075FF}) (Version: 7.0.750 - Oracle) Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation) Java SE Development Kit 7 Update 75 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170750}) (Version: 1.7.0.750 - Oracle) Java SE Development Kit 8 Update 31 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180310}) (Version: 8.0.310.13 - Oracle Corporation) Kits Configuration Installer (x32 Version: 10.0.26624 - Microsoft) Hidden League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games ) League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3010 - Acer Incorporated) LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden LocalESPCui for de-de (x32 Version: 8.59.29989 - Microsoft) Hidden LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.) LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) Metasploit (HKLM-x32\...\Metasploit 4.11.1) (Version: 4.11.1 - Rapid7) MetroTwit (HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\6d9570ab26892611) (Version: 1.2.0.1 - Pixel Tucker Pty Ltd) Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation) Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{21B0F482-5EF9-45DA-8840-340AFE705A6C}) (Version: 4.5.50710 - Microsoft Corporation) Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation) Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation) Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation) Microsoft Help Viewer 2.1 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.1 Sprachpaket - DEU) (Version: 2.1.21005 - Microsoft Corporation) Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation) Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.23107 - Microsoft Corporation) Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4737.1003 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\OneDriveSetup.exe) (Version: 17.3.5907.0716 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft Silverlight 5 SDK - DEU (HKLM-x32\...\{F351AA2C-723C-4CFE-A7CB-8E43AB164F7F}) (Version: 5.0.61118.0 - Microsoft Corporation) Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation) Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation) Microsoft SQL Server Data Tools - DEU (14.0.50616.0) (HKLM-x32\...\{FA604873-01A0-4834-AF87-418534E465BB}) (Version: 14.0.50616.0 - Microsoft Corporation) Microsoft SQL Server*2014 Management Objects (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server*2014 Transact-SQL ScriptDom (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server*2014 T-SQL Language Service (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio Community 2015 (HKLM-x32\...\{5c2b89b0-08cc-492f-b086-21e4d6ae7be4}) (Version: 14.0.23107.10 - Microsoft Corporation) Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation) Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{63967E7E-5D53-42FA-A7B2-DC50FB0F976F}) (Version: 12.0.2402.11 - Microsoft Corporation) Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{2ADB6B9D-83C6-494E-B8AE-E815956A4670}) (Version: 12.0.2402.11 - Microsoft Corporation) Minecraft (HKLM-x32\...\{02BAAFC5-4E16-42E6-A9F6-8DDE0B7ED3B8}) (Version: 1.0.0.0 - Mojang) Mit C# erstellte geräteübergreifende Hybrid-Apps - Vorlagen - DEU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 36.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0 (x86 de)) (Version: 36.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0 - Mozilla) Mozilla Thunderbird 24.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.3.0 (x86 de)) (Version: 24.3.0 - Mozilla) MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden Nidhogg v1.0 (HKLM-x32\...\Nidhogg v1.01.0) (Version: 1.0 - Friends in War) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.1 - Notepad++ Team) OEM Application Profile (HKLM-x32\...\{276FD4A2-030F-8A24-7DFE-9B1384131BCD}) (Version: 1.00.0000 - Ihr Firmenname) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4737.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4737.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4737.1003 - Microsoft Corporation) Hidden Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer) Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.02.2008 - Acer) Opera Stable 30.0.1835.59 (HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\Opera 30.0.1835.59) (Version: 30.0.1835.59 - Opera Software) Oracle VM VirtualBox 5.0.0 (HKLM\...\{FCD0B365-2189-45F3-9AF2-2BCED86C121A}) (Version: 5.0.0 - Oracle Corporation) paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC) Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation) Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM-x32\...\{3F514FDC-F0F2-3B99-86D6-F7B3A2679B39}) (Version: 4.5.51209 - Microsoft Corporation) Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6 (Deutsch) (HKLM-x32\...\{7227EFF8-BC26-44D4-B91D-969A82DBDF4A}) (Version: 4.6.00081 - Microsoft Corporation) PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden Prerequisites for SSDT (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation) Projekt- und Elementvorlagen für Visual Studio Community 2015 – DEU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden Projekt- und Elementvorlagen für Visual Studio Express 2015 für Windows 10 – DEU (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden Projekt- und Elementvorlagen für Visual Studio Professional 2015 – DEU (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden Python 3.4.3 (HKLM-x32\...\{CCD588A7-8D55-49F1-A30C-47FAB40889ED}) (Version: 3.4.16490 - Python Software Foundation) Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.224 - Qualcomm Atheros Communications) Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.20 - Qualcomm Atheros Inc.) Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.55 - Qualcomm Atheros) Raptr (HKLM-x32\...\Raptr) (Version: - ) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7509 - Realtek Semiconductor Corp.) Registrar Registry Manager 7.75 (HKLM\...\RegistrarHome_is1) (Version: - Resplendence Software Projects Sp.) Resource Hacker Version 4.0.0 (HKLM-x32\...\ResourceHacker_is1) (Version: - ) Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden Secunia PSI (3.0.0.10004) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia) Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) Silent Hunter 4 Wolves of the Pacific (HKLM-x32\...\{0D005F09-A5F4-473B-A901-5735C6AF5628}) (Version: 1.00.0000 - Ubisoft) Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.) Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit) System Explorer 6.4.2 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version: - Mister Group) Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.23102 - Microsoft Corporation) Hidden TeamSpeak 3 Client (HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden TIPP10 Version 2.1.0 (HKLM-x32\...\TIPP10_is1) (Version: - (c) 2006-2011, Tom Thielicke IT Solutions) TypeScript Power Tool (x32 Version: 1.5.4.0 - Microsoft Corporation) Hidden TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.5.4.0 - Microsoft Corporation) Hidden TypeScript Tools for Microsoft Visual Studio 2015 1.5.4.0 (HKLM-x32\...\{4cde0c8c-47b3-448f-babf-fe5d392432a6}) (Version: 1.5.23128.0 - Microsoft Corporation) Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT) UltraUXThemePatcher (HKLM-x32\...\UltraUXThemePatcher) (Version: 2.5.6.0 - Manuel Hoefs (Zottel)) Unity (HKLM-x32\...\Unity) (Version: 5.0.1f1 - Unity Technologies ApS) Universal CRT Extension SDK (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden Universal CRT Extension SDK (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden Universal CRT Headers Libraries and Sources (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden Universal CRT Headers Libraries and Sources (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden Universal CRT Redistributable (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden Universal CRT Tools x64 (Version: 10.0.26624 - Microsoft Corporation) Hidden Universal CRT Tools x86 (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden Universal General MIDI DLS Extension SDK (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden Visual C++ für Mobile-Entwicklung (Android-Unterstützung) (HKLM-x32\...\{fd8b6372-b8b3-4a14-bb21-fbc5cb94f7ac}) (Version: 14.0.23027.0 - Microsoft Corporation) Visual C++ für Mobile-Entwicklung (iOS-Unterstützung) (HKLM-x32\...\{8fd9a549-20ac-4daf-8da3-c54b6621ac29}) (Version: 14.0.23027.0 - Microsoft Corporation) Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation) Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation) Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation) VMware Player (HKLM-x32\...\VMware_Player) (Version: 7.1.2 - VMware, Inc) VMware Player (Version: 7.1.2 - VMware, Inc.) Hidden VNC Server 5.2.3 (HKLM\...\{0D2201F0-2E7B-4C89-8C5D-03D3F5BB5042}) (Version: 5.2.3 - RealVNC Ltd) VNC Viewer 5.2.3 (HKLM\...\{8824CB84-60DF-4CBC-AB3A-7C5AB2A41F31}) (Version: 5.2.3 - RealVNC Ltd) WCF Data Services 5.6.4 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden WCF Data Services Tools for Microsoft Visual Studio 2015 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation) Webocton - Scriptly 0.8.95.6 (HKLM-x32\...\Webocton - Scriptly_is1) (Version: 0.8.95.6 - Webocton) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Windows Software Development Kit - Windows 10.0.26624 (HKLM-x32\...\{e7a0c8b6-b0e9-41e2-8a0a-a6784f88d1d4}) (Version: 10.0.26624 - Microsoft Corporation) WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies) WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) WinRT Intellisense Desktop - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden WinRT Intellisense Desktop - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden WinRT Intellisense IoT - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden WinRT Intellisense IoT - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden WinRT Intellisense PPI - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden WinRT Intellisense PPI - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden WinRT Intellisense UAP - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden WinRT Intellisense UAP - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden WinRT Intellisense Xbox Live Extension SDK - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden WinRT Intellisense Xbox Live Extension SDK - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden Wireshark 1.12.3 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.12.3 - The Wireshark developer community, hxxp://www.wireshark.org) Wise Registry Cleaner 8.61 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 8.61 - WiseCleaner.com, Inc.) Xamarin (HKLM-x32\...\{B6F4249F-5053-43D5-BA37-D942230C825B}) (Version: 3.11.816.0 - Xamarin) XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-5 - Bitnami) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Wiederherstellungspunkte ========================= 09-08-2015 17:28:59 Microsoft Visual Studio Community 2015 09-08-2015 17:33:34 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 09-08-2015 17:37:30 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 09-08-2015 17:41:56 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 09-08-2015 17:44:22 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 09-08-2015 17:47:02 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 09-08-2015 18:16:58 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 09-08-2015 19:56:48 TypeScript Tools for Microsoft Visual Studio 2015 1.5.4.0 09-08-2015 20:03:53 Update for Microsoft Visual Studio 2015 (KB3073097) 09-08-2015 20:28:43 Windows Software Development Kit - Windows 10.0.26624 09-08-2015 21:37:52 Microsoft Visual Studio 2015 Tools für Windows 10 (Technical Preview) 09-08-2015 21:47:29 Update for Microsoft Visual Studio 2015 (KB3073097) 09-08-2015 21:48:46 Visual C++ für Mobile-Entwicklung (iOS-Unterstützung) 09-08-2015 21:50:23 Visual C++ für Mobile-Entwicklung (Android-Unterstützung) 11-08-2015 20:33:22 JRT Pre-Junkware Removal ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {07B9F40D-4E63-4DAF-8FD6-4EE67D558E0E} - System32\Tasks\{C7EAF7A5-FBDB-4A82-91B9-18268A1FDEE1} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.73.105.457/de/abandoninstall?page=tsMain Task: {09F3DD2C-71B3-4A85-9364-C6386EA7E94C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated) Task: {2676A993-D66B-4448-A860-F9763BEEDE42} - System32\Tasks\Opera scheduled Autoupdate 1426179695 => C:\Users\hendr_000\AppData\Local\Programs\Opera\launcher.exe [2015-06-10] (Opera Software) Task: {33A65D12-4ED9-434B-96F9-68D1F9241A8B} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-532561150-3242956754-1626305917-1001 Task: {395A679E-F1C7-4FA0-A08F-2B1F3D7E8E0F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd) Task: {3C052D58-9ADE-4287-94F2-CA7AEFE0D177} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser Task: {45BB8FB7-E03E-47DC-9513-D76090D256DB} - System32\Tasks\{2EFDEB36-276A-48F3-BFAA-5F39F38EB409} => pcalua.exe -a C:\Users\hendr_000\Desktop\Forge_Server\forge-1.8-11.14.0.1285-1.8-installer-win.exe -d C:\Users\hendr_000\Desktop\Forge_Server Task: {5960B03A-15EA-446B-A907-4FACA2EF3BDD} - System32\Tasks\{AA50E2BC-3878-43CC-9F92-EAF47C08AB82} => pcalua.exe -a C:\Users\hendr_000\Downloads\forge-1.7.10-10.13.3.1355-1.7.10-installer-win.exe -d C:\Users\hendr_000\Downloads Task: {66C3A4D9-DEB8-4C5B-A1B7-F5C5B803BEA4} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] () Task: {6FE0E8CB-D288-41EA-BA1E-74239258B658} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-29] (Google Inc.) Task: {74768E11-5380-4F57-93C3-438B4A630F6A} - System32\Tasks\ASC8_SkipUac_hendrik_2002 => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2015-06-16] (IObit) Task: {BB059E76-F9BF-44C9-B6ED-13F7B3CEF254} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-01] (Microsoft Corporation) Task: {C426D609-BEA0-4503-A8F1-8EBBCE15C292} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe [2015-06-10] (IObit) Task: {CB016BC7-2B36-4262-A1E8-B434854BFE31} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-01] (Microsoft Corporation) Task: {D2174D06-84F3-46A9-9998-A0B5934A7B07} - System32\Tasks\Microsoft Office 15 Sync Maintenance for ARBEITSRECHNER-hendrik_2002 Arbeitsrechner => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-06-02] (Microsoft Corporation) Task: {E2F4864D-34CE-4271-9B2D-F92D332804DB} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] () Task: {E95F795D-D6BF-41F2-95CF-E279E4F0C080} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-07-03] (Microsoft Corporation) Task: {E9D16D5F-9981-4966-AF14-EC8FFEC0427B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-29] (Google Inc.) Task: {EC96A4FB-11A6-4682-82A5-ADD27F0D47CA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-23] (Adobe Systems Incorporated) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\ASC8_SkipUac_hendrik_2002.job => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\UIZJU.job => C:\Users\hendr_000\AppData\Roaming\UIZJU.exe <==== ACHTUNG ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2014-06-20 13:15 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2013-10-08 17:14 - 2013-02-20 22:58 - 00111176 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll 2015-03-02 16:43 - 2015-03-02 16:43 - 00099288 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll 2015-08-12 15:32 - 2015-08-12 15:32 - 00852684 _____ () C:\Users\hendr_000\Desktop\SecurityCheck.exe 2015-06-30 10:04 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\sqlite3.dll 2015-02-04 18:03 - 2014-12-18 21:04 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll 2015-05-31 07:59 - 2015-05-31 07:59 - 01301696 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll 2015-06-30 10:06 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madExcept_.bpl 2015-06-30 10:06 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madBasic_.bpl 2015-06-30 10:06 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madDisAsm_.bpl 2015-08-09 17:53 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\iFreeUp\madExcept_.bpl 2015-08-09 17:53 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\iFreeUp\madBasic_.bpl 2015-08-09 17:53 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\iFreeUp\madDisAsm_.bpl 2013-10-08 17:14 - 2013-02-20 22:58 - 00089672 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll 2015-03-02 22:30 - 2015-03-02 22:30 - 00039384 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll 2015-08-05 20:18 - 2015-07-31 08:19 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.130\libglesv2.dll 2015-08-05 20:18 - 2015-07-31 08:19 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.130\libegl.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\Users\Dirk\OneDrive:ms-properties AlternateDataStreams: C:\Users\Dirk\SkyDrive:ms-properties AlternateDataStreams: C:\Users\hendr_000\SkyDrive:ms-properties ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service" ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com IE trusted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\freerealms.com -> freerealms.com IE trusted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\google.de -> hxxps://www.google.de IE trusted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\it-fachportal.de -> hxxps://www.it-fachportal.de IE trusted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\localhost -> hxxps://localhost IE trusted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\localhost -> hxxp://localhost IE trusted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\soe.com -> soe.com IE trusted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\sony.com -> sony.com IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\1001movie.com -> 1001movie.com IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\1001night.biz -> 1001night.biz IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\100gal.net -> 100gal.net IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\100sexlinks.com -> 100sexlinks.com IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\101hotteens.com -> 101hotteens.com IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\101lottery.com -> 101lottery.com IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\123expressview.com -> 123expressview.com IE restricted site: HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\123found.com -> 123found.com Da befinden sich 4787 mehr eingeschränkte Seiten. ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-532561150-3242956754-1626305917-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\hendr_000\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) MSCONFIG\Services: a2AntiMalware => 2 MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: AMD External Events Utility => 2 MSCONFIG\Services: AMD FUEL Service => 2 MSCONFIG\Services: Apache2.4 => 2 MSCONFIG\Services: AtherosSvc => 2 MSCONFIG\Services: Avira.OE.ServiceHost => 2 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: BstHdAndroidSvc => 2 MSCONFIG\Services: BstHdLogRotatorSvc => 2 MSCONFIG\Services: CCDMonitorService => 2 MSCONFIG\Services: DfSdkS => 3 MSCONFIG\Services: Fax => 3 MSCONFIG\Services: FileZilla Server => 2 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: Hamachi2Svc => 2 MSCONFIG\Services: LiveUpdateSvc => 2 MSCONFIG\Services: LMIGuardianSvc => 2 MSCONFIG\Services: MBAMScheduler => 2 MSCONFIG\Services: MBAMService => 2 MSCONFIG\Services: McAfee SiteAdvisor Service => 2 MSCONFIG\Services: metasploitPostgreSQL => 2 MSCONFIG\Services: metasploitProSvc => 2 MSCONFIG\Services: metasploitThin => 2 MSCONFIG\Services: metasploitWorker => 2 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: mysql => 2 MSCONFIG\Services: NAUpdate => 2 MSCONFIG\Services: Razer Game Scanner Service => 2 MSCONFIG\Services: rpcapd => 3 MSCONFIG\Services: RzKLService => 2 MSCONFIG\Services: Secunia PSI Agent => 2 MSCONFIG\Services: Secunia Update Agent => 2 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: SlimService => 2 MSCONFIG\Services: StartMenuService => 2 MSCONFIG\Services: Steam Client Service => 3 MSCONFIG\Services: SystemExplorerHelpService => 3 MSCONFIG\Services: TeamViewer => 2 MSCONFIG\Services: Tomcat7 => 2 MSCONFIG\Services: TuneUp.UtilitiesSvc => 2 MSCONFIG\Services: vncserver => 3 MSCONFIG\Services: WSearch => 2 HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk" HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKLM\...\StartupApproved\Run32: => "StartCCC" HKLM\...\StartupApproved\Run32: => "mcpltui_exe" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "YTDownloader" HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui" HKLM\...\StartupApproved\Run32: => "Raptr" HKLM\...\StartupApproved\Run32: => "FileZilla Server Interface" HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive" HKLM\...\StartupApproved\Run32: => "BlueStacks Agent" HKLM\...\StartupApproved\Run32: => "Andy" HKLM\...\StartupApproved\Run32: => "avgnt" HKLM\...\StartupApproved\Run32: => "emsisoft anti-malware" HKLM\...\StartupApproved\Run32: => "SystemExplorerAutoStart" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\StartupFolder: => "baerenmarke-widget.lnk" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\StartupFolder: => "Adobe Gamma.lnk" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\Run: => "SkyDrive" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\Run: => "Spotify Web Helper" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\Run: => "YTDownloader" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\Run: => "Dxtory Update Checker 2.0" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\Run: => "AppEx Accelerator UI" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\Run: => "msnmsgr" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\Run: => "Browser Extensions" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\Run: => "DesktopOK" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\Run: => "Search Protection" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\Run: => "XAMPP Control Panel" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\Run: => "Advanced SystemCare 8" HKU\S-1-5-21-532561150-3242956754-1626305917-1001\...\StartupApproved\Run: => "Steam" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{F603271F-944B-498D-AC22-4EAF1D17D497}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe FirewallRules: [{8124257A-9E01-4AA5-ABC1-9A3123988F8B}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe FirewallRules: [{58F47C55-D17A-47EC-8210-FC35A9ECA66D}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe FirewallRules: [{F9C56998-E744-46C8-9D5A-4B17A51170BA}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe FirewallRules: [{110661DB-3FDC-4FBB-9541-3908BC904AFC}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe FirewallRules: [{21DE293D-9203-44EC-B297-61B809F74DB0}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe FirewallRules: [{3E8C9A49-86D9-4A33-9F0E-66247067111A}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe FirewallRules: [{0B99A754-8F02-41E1-9E03-86D4B31C07A4}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe FirewallRules: [{937AF17E-DE8A-4FF7-BFE5-5ECE5D746A91}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe FirewallRules: [{201F7BC2-A8E6-435C-9C22-3E3C55CD16D2}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe FirewallRules: [{7065C90E-0A0D-4152-992B-29659584DB4D}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe FirewallRules: [{AD4DBDEE-AFF6-4623-B635-59FBD7140C4F}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe FirewallRules: [{A062D843-8F1F-4086-A697-0FD176A8A4CE}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe FirewallRules: [{6517DA4C-6C29-4B63-B979-26646CB38DE9}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe FirewallRules: [{F3988EAE-EE5B-4C4E-8577-5531B31B2D54}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe FirewallRules: [{30FC91E0-54F5-4661-A362-22391693FBD1}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe FirewallRules: [{14A5D67B-A0CC-4FC1-B8E0-27E11FE3C812}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe FirewallRules: [{AC7545A3-C40E-42BC-B021-A409093FD5D5}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe FirewallRules: [{C49ED8EA-CEDC-480F-8268-72D9D2E80236}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe FirewallRules: [{98895709-AB83-40CA-98C2-0FCEB9C11B0F}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe FirewallRules: [{ED980AF1-7766-421D-9BEF-34D3EAD5ED61}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe FirewallRules: [TCP Query User{C51DEAA9-3A39-4D25-8CAE-98D98A6CCA14}C:\users\hendr_000\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\hendr_000\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{78A6F80D-4855-4333-A219-533386A8846C}C:\users\hendr_000\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\hendr_000\appdata\roaming\spotify\spotify.exe FirewallRules: [{25D3D9EE-3067-4C7D-A001-C7BB1501B972}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe FirewallRules: [{3E6B2FAB-02C6-4785-8D12-F3F53D61F4B2}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe FirewallRules: [{E3EDC567-9BD2-40E6-A1EB-5E7D22EE01F1}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe FirewallRules: [{D0A6FA2F-DAD8-4F17-87BF-E3A9B2741487}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe FirewallRules: [TCP Query User{966E9B2B-C676-4293-BB2D-AB13D02E8721}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{5CAC66F1-A67C-437B-8AF5-800A25FE0B92}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{F25D1282-8486-4566-9071-614CA365D414}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{2F74FC5E-6F3A-4C68-B41B-92313370478D}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{D4291174-E709-442A-8B13-5907C13CDD1C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe FirewallRules: [{EF07999A-2EC7-4029-A9DD-087B14ED9F38}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe FirewallRules: [{D704C46B-A0E9-4437-A026-DD697C261F3C}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRSP.exe FirewallRules: [{F2F5AFF0-B67A-4812-9D68-04A5CF501D01}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRSP.exe FirewallRules: [{1E82290E-6F43-4839-9A25-504EE7BC17A8}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRMP.exe FirewallRules: [{4EC33B1B-7105-458D-8AC5-CC5D4F756A28}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRMP.exe FirewallRules: [{B68AA5F6-9E41-465D-B3F3-48242FAFFABD}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\AssassinsCreedRevelations.exe FirewallRules: [{8416B314-3B5C-4D5D-99A6-EC2DE485097C}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\AssassinsCreedRevelations.exe FirewallRules: [TCP Query User{8228AF30-B5A9-4EC1-B545-6FA81CE74AE7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{E6F40B64-B57A-4C15-8C2C-49BC6E3E8FB3}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{BCA36857-D883-44C0-8DC2-9B618BF56C6B}] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{C7578792-77F8-46BE-B86E-3A5F838C3B48}] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{77ADEE26-B33C-4BF0-9F83-8E82C83D39F0}C:\program files (x86)\ubisoft\assassin's creed revelations\acrpr.exe] => (Allow) C:\program files (x86)\ubisoft\assassin's creed revelations\acrpr.exe FirewallRules: [UDP Query User{71EA72B4-D2F6-4874-B079-256FB5001B34}C:\program files (x86)\ubisoft\assassin's creed revelations\acrpr.exe] => (Allow) C:\program files (x86)\ubisoft\assassin's creed revelations\acrpr.exe FirewallRules: [{13AD290E-BC56-40BC-993D-552F7C50D99F}] => (Block) C:\program files (x86)\ubisoft\assassin's creed revelations\acrpr.exe FirewallRules: [{2E56D11E-1DD0-4C6E-97A0-D8AEB420D402}] => (Block) C:\program files (x86)\ubisoft\assassin's creed revelations\acrpr.exe FirewallRules: [{11B68A8A-F88A-4C59-8D9B-863AFC4A8FA8}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{F0B07D80-7C82-412A-BFDE-F0C3AF2FBC4B}] => (Allow) LPort=2869 FirewallRules: [{0BC3FFDC-99C1-4A49-9F60-86A73EB7C207}] => (Allow) LPort=1900 FirewallRules: [TCP Query User{5026E3CD-CE3F-4F23-B7A1-EEBEBE6B93A3}C:\program files (x86)\brackets\node.exe] => (Allow) C:\program files (x86)\brackets\node.exe FirewallRules: [UDP Query User{3B8F6EAA-C35F-42E8-9FEC-0CB57CC15A05}C:\program files (x86)\brackets\node.exe] => (Allow) C:\program files (x86)\brackets\node.exe FirewallRules: [{1EC34949-E805-4158-AA08-5C4EA2CF8CA9}] => (Block) C:\program files (x86)\brackets\node.exe FirewallRules: [{312D4831-5FB1-441E-8ADD-05B62262FDE2}] => (Block) C:\program files (x86)\brackets\node.exe FirewallRules: [TCP Query User{75B351CF-A13D-47E9-A3D2-91B4CD61C40A}C:\users\hendr_000\mystuff\programmierung\java\eclipse\eclipse.exe] => (Allow) C:\users\hendr_000\mystuff\programmierung\java\eclipse\eclipse.exe FirewallRules: [UDP Query User{1FB4D50B-A12B-4E8D-B4C7-B68FDFEBB3C5}C:\users\hendr_000\mystuff\programmierung\java\eclipse\eclipse.exe] => (Allow) C:\users\hendr_000\mystuff\programmierung\java\eclipse\eclipse.exe FirewallRules: [{0843895D-6295-4013-8667-8D73952E5907}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{C1FDEF06-46C9-4C74-A413-A6FB6C898410}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{E5E28012-02C1-46F0-96DA-B1F6099ABFDF}C:\metasploit\ruby\bin\ruby.exe] => (Allow) C:\metasploit\ruby\bin\ruby.exe FirewallRules: [UDP Query User{D4482865-0BDB-4A24-9FD2-72567ABB7E8E}C:\metasploit\ruby\bin\ruby.exe] => (Allow) C:\metasploit\ruby\bin\ruby.exe FirewallRules: [{8B632EB9-B21D-406E-B9D0-B30D6C4E377A}] => (Block) C:\metasploit\ruby\bin\ruby.exe FirewallRules: [{6C37860C-6BDC-4F3C-A726-82BB64A610BE}] => (Block) C:\metasploit\ruby\bin\ruby.exe FirewallRules: [TCP Query User{C2BF4B57-117F-4B6C-BB07-9F5A32E4FC8F}C:\users\hendr_000\mystuff\programmierung\editoren\aptana\aptanastudio3.exe] => (Allow) C:\users\hendr_000\mystuff\programmierung\editoren\aptana\aptanastudio3.exe FirewallRules: [UDP Query User{45A7B396-1FF5-4D6B-9B7B-2B5A030BF2A2}C:\users\hendr_000\mystuff\programmierung\editoren\aptana\aptanastudio3.exe] => (Allow) C:\users\hendr_000\mystuff\programmierung\editoren\aptana\aptanastudio3.exe FirewallRules: [TCP Query User{0469D19F-D3D1-4857-9795-59CDD7F044CF}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe FirewallRules: [UDP Query User{6F497ACC-EA15-437F-8940-453641BC42EB}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe FirewallRules: [{A8770975-DA84-498D-B8DA-8C5513D789AB}] => (Block) C:\xampp\apache\bin\httpd.exe FirewallRules: [{3E26A083-9947-4AEC-8A50-300623DCCDAE}] => (Block) C:\xampp\apache\bin\httpd.exe FirewallRules: [TCP Query User{DD19F79F-C9BC-4DDC-982B-73EF0ABB22EB}C:\program files (x86)\cryengine\bin64\editor.exe] => (Allow) C:\program files (x86)\cryengine\bin64\editor.exe FirewallRules: [UDP Query User{6D15D010-03CE-4475-BB59-FA9ADA3C83D2}C:\program files (x86)\cryengine\bin64\editor.exe] => (Allow) C:\program files (x86)\cryengine\bin64\editor.exe FirewallRules: [{BF69B881-B3AA-4C53-A25E-A6B884D9E701}] => (Block) C:\program files (x86)\cryengine\bin64\editor.exe FirewallRules: [{68E88234-A025-4671-A891-776DB26DA38B}] => (Block) C:\program files (x86)\cryengine\bin64\editor.exe FirewallRules: [TCP Query User{B7B9E0B8-B1F3-435B-9788-62E8A6B9A872}C:\program files (x86)\unity\editor\unity.exe] => (Allow) C:\program files (x86)\unity\editor\unity.exe FirewallRules: [UDP Query User{00AAE738-611C-48EC-900A-12AFD3FCAFF9}C:\program files (x86)\unity\editor\unity.exe] => (Allow) C:\program files (x86)\unity\editor\unity.exe FirewallRules: [{D5D98A23-ADE4-44D5-81F9-CAC1B3950615}] => (Block) C:\program files (x86)\unity\editor\unity.exe FirewallRules: [{1054CED2-AD7C-4B03-8A49-1EED7C02EFB9}] => (Block) C:\program files (x86)\unity\editor\unity.exe FirewallRules: [TCP Query User{AB1D47A1-9E92-4AAC-BB5E-DA0C8FD4EF7C}C:\program files (x86)\cryengine\bin64\gamesdk.exe] => (Allow) C:\program files (x86)\cryengine\bin64\gamesdk.exe FirewallRules: [UDP Query User{6178A0C5-398B-48E1-9D81-FE61B22EEA6F}C:\program files (x86)\cryengine\bin64\gamesdk.exe] => (Allow) C:\program files (x86)\cryengine\bin64\gamesdk.exe FirewallRules: [{E51989AF-29B9-4EA4-A139-47DB360F67E0}] => (Block) C:\program files (x86)\cryengine\bin64\gamesdk.exe FirewallRules: [{2BF15603-7089-4657-AD03-C61CDE23538E}] => (Block) C:\program files (x86)\cryengine\bin64\gamesdk.exe FirewallRules: [TCP Query User{79A5DCA7-57DE-48B1-A927-D33F287E54B2}C:\users\hendr_000\documents\cryengine\bin64\editor.exe] => (Allow) C:\users\hendr_000\documents\cryengine\bin64\editor.exe FirewallRules: [UDP Query User{32A12F2F-F112-44DA-BE11-31BF731E9E3C}C:\users\hendr_000\documents\cryengine\bin64\editor.exe] => (Allow) C:\users\hendr_000\documents\cryengine\bin64\editor.exe FirewallRules: [{458335D4-AF90-4202-A408-1C24E6B62BBB}] => (Block) C:\users\hendr_000\documents\cryengine\bin64\editor.exe FirewallRules: [{20CDAE8E-5115-4272-B9E6-037EFCB98608}] => (Block) C:\users\hendr_000\documents\cryengine\bin64\editor.exe FirewallRules: [TCP Query User{6A9E6584-6304-42F5-993B-FBDCF075838A}C:\users\hendr_000\documents\cryengine\bin64\gamesdk.exe] => (Allow) C:\users\hendr_000\documents\cryengine\bin64\gamesdk.exe FirewallRules: [UDP Query User{376D2007-B844-47FD-BE56-641712F1D324}C:\users\hendr_000\documents\cryengine\bin64\gamesdk.exe] => (Allow) C:\users\hendr_000\documents\cryengine\bin64\gamesdk.exe FirewallRules: [TCP Query User{C95AF740-FE53-4E45-8DCA-33EB7B1AAED9}C:\program files\epic games\epic games\4.7\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\epic games\4.7\engine\binaries\win64\ue4editor.exe FirewallRules: [UDP Query User{8BCD298F-9269-4428-9D23-151F1538120A}C:\program files\epic games\epic games\4.7\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files\epic games\epic games\4.7\engine\binaries\win64\ue4editor.exe FirewallRules: [{D2F96B2D-CCD8-4891-8050-C2DFD04EACBA}] => (Block) C:\program files\epic games\epic games\4.7\engine\binaries\win64\ue4editor.exe FirewallRules: [{C76A41AD-FA49-43E4-96FE-5EE84A3DD881}] => (Block) C:\program files\epic games\epic games\4.7\engine\binaries\win64\ue4editor.exe FirewallRules: [TCP Query User{8D602232-55C1-41DD-8A01-F33A236DB5AE}C:\users\hendr_000\documents\cryengine\bin32\editor.exe] => (Allow) C:\users\hendr_000\documents\cryengine\bin32\editor.exe FirewallRules: [UDP Query User{106CDF08-7E78-4A34-8001-6EE16CB96766}C:\users\hendr_000\documents\cryengine\bin32\editor.exe] => (Allow) C:\users\hendr_000\documents\cryengine\bin32\editor.exe FirewallRules: [{D0A9B9B4-68D4-4FEC-B37F-67AEEFF0B203}] => (Block) C:\users\hendr_000\documents\cryengine\bin32\editor.exe FirewallRules: [{323C0C18-6D80-4559-896D-E5AF6911C1E7}] => (Block) C:\users\hendr_000\documents\cryengine\bin32\editor.exe FirewallRules: [TCP Query User{6FE9F28C-F70D-4C5D-B9FF-019AFEEC7B93}C:\users\hendr_000\documents\cryengine\bin32\gamesdk.exe] => (Allow) C:\users\hendr_000\documents\cryengine\bin32\gamesdk.exe FirewallRules: [UDP Query User{C1804E13-76AB-41DB-9328-5257004FE841}C:\users\hendr_000\documents\cryengine\bin32\gamesdk.exe] => (Allow) C:\users\hendr_000\documents\cryengine\bin32\gamesdk.exe FirewallRules: [{D6EB6422-202A-4A5E-BF0B-B0A6B59D50E4}] => (Block) C:\users\hendr_000\documents\cryengine\bin32\gamesdk.exe FirewallRules: [{242B9913-EA5A-4C4E-AAE3-16230FB957E4}] => (Block) C:\users\hendr_000\documents\cryengine\bin32\gamesdk.exe FirewallRules: [TCP Query User{195EE537-01C6-44CD-A307-800C1CF94A87}C:\cpp\examples\internet\chat\chat.exe] => (Allow) C:\cpp\examples\internet\chat\chat.exe FirewallRules: [UDP Query User{DABE827D-34BA-44A8-9A8B-B6BC17E4E3C5}C:\cpp\examples\internet\chat\chat.exe] => (Allow) C:\cpp\examples\internet\chat\chat.exe FirewallRules: [{56CF1C8A-1443-4F27-8C85-F6F5F743323A}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe FirewallRules: [{6409AB8A-8598-45F1-AE83-8F1624FE5B58}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe FirewallRules: [TCP Query User{314F0CD0-1A80-483F-82FF-36198B8A1FDB}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe FirewallRules: [UDP Query User{9957FF52-D7D5-4B4B-8FA1-FCA9A71A2BF3}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe FirewallRules: [{F87B52C1-E5E6-47DB-BCA6-B162A70A7ACC}] => (Block) C:\program files\java\jre7\bin\java.exe FirewallRules: [{63A0C587-58E4-407A-8430-F91740892A6D}] => (Block) C:\program files\java\jre7\bin\java.exe FirewallRules: [TCP Query User{A49BFC24-9286-49C3-9304-21FC0750A1DA}C:\program files\unity 5\unity\editor\unity.exe] => (Allow) C:\program files\unity 5\unity\editor\unity.exe FirewallRules: [UDP Query User{B3EDA260-403F-428A-A8B9-B5762318613D}C:\program files\unity 5\unity\editor\unity.exe] => (Allow) C:\program files\unity 5\unity\editor\unity.exe FirewallRules: [{9FC5CAC6-6A24-4340-85AF-9B8620A4E552}] => (Block) C:\program files\unity 5\unity\editor\unity.exe FirewallRules: [{7C4DEE34-41D9-4C38-B29B-A54F75A853AB}] => (Block) C:\program files\unity 5\unity\editor\unity.exe FirewallRules: [TCP Query User{854AD037-515D-4925-96DC-1AF287E7C42B}C:\program files\unity 5\unity\monodevelop\bin\monodevelop.exe] => (Allow) C:\program files\unity 5\unity\monodevelop\bin\monodevelop.exe FirewallRules: [UDP Query User{D8EC7D10-43E7-4BC2-B202-3CA1FF1E8950}C:\program files\unity 5\unity\monodevelop\bin\monodevelop.exe] => (Allow) C:\program files\unity 5\unity\monodevelop\bin\monodevelop.exe FirewallRules: [{03B02D1A-6516-46D2-960D-452EC55DCBF3}] => (Block) C:\program files\unity 5\unity\monodevelop\bin\monodevelop.exe FirewallRules: [{2A9E7B31-8490-426A-A6E9-FCCC572E6557}] => (Block) C:\program files\unity 5\unity\monodevelop\bin\monodevelop.exe FirewallRules: [{B4AFDC92-AA95-41B4-8257-B150514410FA}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe FirewallRules: [{FF23AC4E-554B-4AA2-9E9A-5778B5A891E5}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe FirewallRules: [{1EAA34F2-4342-4CD9-893A-1307A4F12A04}] => (Allow) C:\Program Files (x86)\Firefox Developer Edition\firefox.exe FirewallRules: [{50A8C8BE-7BBC-442E-A24D-898131A9B1D7}] => (Allow) C:\Program Files (x86)\Firefox Developer Edition\firefox.exe FirewallRules: [TCP Query User{EC3AE3A3-7D9A-4A24-8D07-781EA2C5AF3D}C:\program files\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_51\bin\javaw.exe FirewallRules: [UDP Query User{9229B7E1-BB80-4D3C-93E0-DC19562706F8}C:\program files\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_51\bin\javaw.exe FirewallRules: [{9D113644-2AC2-463B-925A-5D8955B6716B}] => (Block) C:\program files\java\jre1.8.0_51\bin\javaw.exe FirewallRules: [{4DD836E9-2A23-4519-8B28-47FF1B608D07}] => (Block) C:\program files\java\jre1.8.0_51\bin\javaw.exe FirewallRules: [{1EBFDC13-43FF-4939-9C24-F738E8D2DFFF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{FBBADDCD-8B85-42A5-9977-CD685D11827B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{E58493BE-881A-4D98-9E39-7E9F29C8366A}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{313285AD-26AB-4542-BD25-A04B23F389A7}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{64A382BA-47D7-4C03-93D9-9DFF6BAD8F24}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{8B089474-445E-4F28-A5B4-B0E92401E283}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{B0FC994D-1EB8-4F27-BE21-59537526801E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{EFAB1B06-094C-4AD0-B928-EF375946CC03}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe FirewallRules: [{EFC62194-F61D-417B-A09C-166CD65856EF}] => (Allow) C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (08/12/2015 04:00:17 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT) Description: Die Klassenregistrierungsdatei kann nicht geladen werden. DETAIL - Die Datenbank der Konfigurationsregistrierung ist beschädigt. Error: (08/12/2015 04:00:17 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÄT) Description: Die Registrierung konnte nicht geladen werden. Dieses Problem wird oft durch zuwenig Arbeitsspeicher oder nicht ausreichende Sicherheitsberechtigungen verursacht. Details - Die Datenbank der Konfigurationsregistrierung ist beschädigt. for C:\Users\hendr_000\AppData\Local\Microsoft\Windows\\UsrClass.dat Error: (08/12/2015 04:00:17 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT) Description: Die Klassenregistrierungsdatei kann nicht geladen werden. DETAIL - Die Datenbank der Konfigurationsregistrierung ist beschädigt. Error: (08/12/2015 04:00:17 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÄT) Description: Die Registrierung konnte nicht geladen werden. Dieses Problem wird oft durch zuwenig Arbeitsspeicher oder nicht ausreichende Sicherheitsberechtigungen verursacht. Details - Die Datenbank der Konfigurationsregistrierung ist beschädigt. for C:\Users\hendr_000\AppData\Local\Microsoft\Windows\\UsrClass.dat Error: (08/12/2015 03:45:39 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT) Description: Die Klassenregistrierungsdatei kann nicht geladen werden. DETAIL - Die Datenbank der Konfigurationsregistrierung ist beschädigt. Error: (08/12/2015 03:45:39 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÄT) Description: Die Registrierung konnte nicht geladen werden. Dieses Problem wird oft durch zuwenig Arbeitsspeicher oder nicht ausreichende Sicherheitsberechtigungen verursacht. Details - Die Datenbank der Konfigurationsregistrierung ist beschädigt. for C:\Users\hendr_000\AppData\Local\Microsoft\Windows\\UsrClass.dat Error: (08/12/2015 03:45:39 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT) Description: Die Klassenregistrierungsdatei kann nicht geladen werden. DETAIL - Die Datenbank der Konfigurationsregistrierung ist beschädigt. Error: (08/12/2015 03:45:39 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÄT) Description: Die Registrierung konnte nicht geladen werden. Dieses Problem wird oft durch zuwenig Arbeitsspeicher oder nicht ausreichende Sicherheitsberechtigungen verursacht. Details - Die Datenbank der Konfigurationsregistrierung ist beschädigt. for C:\Users\hendr_000\AppData\Local\Microsoft\Windows\\UsrClass.dat Error: (08/12/2015 03:36:56 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (08/12/2015 03:32:44 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT) Description: Die Klassenregistrierungsdatei kann nicht geladen werden. DETAIL - Die Datenbank der Konfigurationsregistrierung ist beschädigt. Systemfehler: ============= Error: (08/12/2015 03:09:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: %%1275 Error: (08/12/2015 03:09:28 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\HENDR_~1\AppData\Local\Temp\ehdrv.sys Error: (08/12/2015 03:09:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: %%1275 Error: (08/12/2015 03:09:28 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\HENDR_~1\AppData\Local\Temp\ehdrv.sys Error: (08/12/2015 03:09:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: %%1275 Error: (08/12/2015 03:09:28 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\HENDR_~1\AppData\Local\Temp\ehdrv.sys Error: (08/11/2015 08:59:59 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet: %%1062 Error: (08/11/2015 08:34:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "WMI-Leistungsadapter" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts. Error: (08/11/2015 08:34:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "VMware Authorization Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (08/11/2015 08:34:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "VMware USB Arbitration Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Microsoft Office: ========================= Error: (08/12/2015 04:00:17 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT) Description: Die Datenbank der Konfigurationsregistrierung ist beschädigt. Error: (08/12/2015 04:00:17 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÄT) Description: Die Datenbank der Konfigurationsregistrierung ist beschädigt. C:\Users\hendr_000\AppData\Local\Microsoft\Windows\\UsrClass.dat Error: (08/12/2015 04:00:17 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT) Description: Die Datenbank der Konfigurationsregistrierung ist beschädigt. Error: (08/12/2015 04:00:17 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÄT) Description: Die Datenbank der Konfigurationsregistrierung ist beschädigt. C:\Users\hendr_000\AppData\Local\Microsoft\Windows\\UsrClass.dat Error: (08/12/2015 03:45:39 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT) Description: Die Datenbank der Konfigurationsregistrierung ist beschädigt. Error: (08/12/2015 03:45:39 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÄT) Description: Die Datenbank der Konfigurationsregistrierung ist beschädigt. C:\Users\hendr_000\AppData\Local\Microsoft\Windows\\UsrClass.dat Error: (08/12/2015 03:45:39 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT) Description: Die Datenbank der Konfigurationsregistrierung ist beschädigt. Error: (08/12/2015 03:45:39 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÄT) Description: Die Datenbank der Konfigurationsregistrierung ist beschädigt. C:\Users\hendr_000\AppData\Local\Microsoft\Windows\\UsrClass.dat Error: (08/12/2015 03:36:56 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (08/12/2015 03:32:44 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT) Description: Die Datenbank der Konfigurationsregistrierung ist beschädigt. CodeIntegrity: =================================== Date: 2015-08-12 15:25:04.718 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-12 15:25:03.656 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-12 15:25:02.500 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-12 15:25:01.031 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-12 15:24:44.202 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-12 15:24:43.186 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-12 15:24:42.046 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-12 15:24:41.014 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-12 15:24:39.889 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-12 15:24:38.671 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Speicherinformationen =========================== Processor: AMD E1-2500 APU with Radeon(TM) HD Graphics Prozentuale Nutzung des RAM: 43% Installierter physikalischer RAM: 3525.01 MB Verfügbarer physikalischer RAM: 1976.29 MB Summe virtueller Speicher: 7109.01 MB Verfügbarer virtueller Speicher: 5268.23 MB ==================== Laufwerke ================================ Drive c: (Acer) (Fixed) (Total:444.6 GB) (Free:220.12 GB) NTFS Drive d: () (Removable) (Total:14.89 GB) (Free:0.86 GB) FAT32 Drive e: (WINDOWS 8) (Removable) (Total:2.77 GB) (Free:2.77 GB) FAT32 ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D5A694CC) Partition: GPT. ======================================================== Disk: 1 (Size: 14.9 GB) (Disk ID: 00000000) Partition: GPT. ======================================================== Disk: 2 (Size: 7.3 GB) (Disk ID: 588C9F2A) Partition 1: (Active) - (Size=2.8 GB) - (Type=0B) Partition 2: (Not Active) - (Size=63 MB) - (Type=01) ==================== Ende von Ergebnis ============================ Geändert von Wandalensalz (12.08.2015 um 15:21 Uhr) |
13.08.2015, 09:47 | #11 |
/// the machine /// TB-Ausbilder | Windows 8.1 Metro-Apps starten minimiert Java, Flash und Thunderbird updaten. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter Task: C:\Windows\Tasks\UIZJU.job => C:\Users\hendr_000\AppData\Roaming\UIZJU.exe <==== ACHTUNG C:\Users\hendr_000\AppData\Roaming\UIZJU.exe Emptytemp: Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Bitte Windows Repair laufen lassen: Windows reparieren - so geht's - Anleitungen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
15.08.2015, 16:30 | #12 |
| Windows 8.1 Metro-Apps starten minimiert Fixlog.txt: Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:13-08-2015 durchgeführt von hendrik_2002 (2015-08-14 14:58:08) Run:1 Gestartet von C:\Users\hendr_000\Desktop\Logs\FRST Geladene Profile: hendrik_2002 (Verfügbare Profile: hendrik_2002 & Dirk & Niklas Steinmetz & Administrator) Start-Modus: Normal ============================================== fixlist Inhalt: ***************** Task: C:\Windows\Tasks\UIZJU.job => C:\Users\hendr_000\AppData\Roaming\UIZJU.exe <==== ACHTUNG C:\Users\hendr_000\AppData\Roaming\UIZJU.exe Emptytemp: ***************** C:\Windows\Tasks\UIZJU.job => erfolgreich verschoben. "C:\Users\hendr_000\AppData\Roaming\UIZJU.exe" => Datei/Ordner nicht gefunden. EmptyTemp: => 889.5 MB temporäre Dateien entfernt. Das System musste neu gestartet werden.. ==== Ende von Fixlog 14:58:38 ==== Ich habe noch alte Java-Versionen drauf, wegen JFX, das nur in Java 1.7.0_25 enthalten ist. Die Apps starten immer noch nicht, aber auf dem Metro-Screen sind jetzt neben allen Apps unten links auf der Kachel ein kleines Kreuz, habe leider keine Ahnung, was das be- deutet...(?) Geändert von Wandalensalz (15.08.2015 um 16:36 Uhr) |
16.08.2015, 06:43 | #13 | |
/// the machine /// TB-Ausbilder | Windows 8.1 Metro-Apps starten minimiertZitat:
Repair Tool komplett gemacht?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
16.08.2015, 16:59 | #14 |
| Windows 8.1 Metro-Apps starten minimiert RepairTool habe ich dutchlaufen lassen. Ich habe aus versehen bei der falschen FlashPlayer Version geguckt, habe deshalb wahrscheinlich kein Update gefunden, werde dies jetzt nachholen... |
17.08.2015, 07:24 | #15 |
/// the machine /// TB-Ausbilder | Windows 8.1 Metro-Apps starten minimiert Ok. Bestehen dann noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
Themen zu Windows 8.1 Metro-Apps starten minimiert |
500gb, arten, festplatte, gen, maximieren, minimiert, platte, problem, prozessor, radeon, starte, starten, system, treiber, windows, windows 8.1, wissen, woche, zoll |