| |
| |||||||
Log-Analyse und Auswertung: TR/Crypt.ZPACK.*, TR.Crypt.XPACK.*, nicht gefundene AdWareWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
07.11.2015, 14:40
| #1 | |
| |  TR/Crypt.ZPACK.*, TR.Crypt.XPACK.*, nicht gefundene AdWare Hallo zusammen, um die Geschehnisse einmal von vorne zu erklären: System: Terra Mobile 1548 Laptop mit Windows 10 (64 bit) (Upgrade von Windows 8.1 Pro) und Ubuntu 14.04 LTS Aktiver Virenscanner: Windows Defender Mein Ausgangsproblem war, dass Skype 3 Mal in den vergangenen 2 Monaten plötzlich angefangen hat, regelmäßig Werbung mit Ton laufen zu lassen (laut Lautstärkemixer; In Skype selbst sah man keine Werbung). Als sich dann vorgestern plötzlich watch4.com (oder .de?) geöffnet hatte, ohne dass ich irgendwas gehört habe, habe ich mich dazu entschlossen, mit einer Rescue CD (Avira Rescue System, gebrannt auf einem unbeteiligten Drittrechner) mein System einmal zu überprüfen. (Von Windows Defender habe ich bis dahin nichts gehört) Ergebnis: Folgende Meldung: "Beim Prüfung wurden einige Viren gefunden, die Reparatur konnte aber nicht durchgeführt werden. Der Reparaturdienst wurde unerwartet beendet." (Tolles Deutsch, ich weiß  )Log: Zitat:
Virustotal-Ergebnisse (nur der Vollständigkeit halber): https://www.virustotal.com/de/file/136424a7ad1fcc002d430c317f76fb3c3dac1914df067bf0fbe630ecd951b7b5/analysis/1446891096/ https://www.virustotal.com/de/file/f85870df7c005509a527a99f4e2488489c6f20cbff290c25762e7c7d087160a8/analysis/1446890700/ https://www.virustotal.com/de/file/ab5ab68b541c0de51d7e9eafe1cbe5267347c1e6edf1faeedc79e01fd774375e/analysis/ Mehr Sorgen machen mir einerseits die TR/Crypt-Einträge und die Tatsache, dass der Grund, warum ich den Virenscan überhaupt erstmal gemacht habe, nicht gefunden wurde. Bei dem betroffenen Thunderbird-Profil (ich habe 2, eines mit aktuellen Konten und eines mit E-Mail-Konten, die eigentlich nicht aktiv in Benutzung sind, die eher als Archiv fungieren; das Betroffene ist letzteres) gibt es leider das Problem, dass ich die E-Mails nicht mehr auf dem E-Mail-Server liegen habe und somit ein Verlust der Postfach-Dateien ziemlich unangenehm werden würde. Bekannt ist mir, dass ich einerseits bereits eine ganze Reihe an Phishing-Mails bekommen und andererseits auch schon Phishing-Mails in damaliger Gutgläubigkeit an die Internet-Beschwerdestelle weitergeleitet habe. Insgesamt also: * Ist es möglich, dass diese TR/Crypt-Einträge nur entsprechende Phishing-Mails sind, die ich einfach löschen kann? * Kann ich meinen Posteingang unter Ubuntu gefahrlos öffnen, oder kann das System dadurch auch infiziert werden? * Warum zum Teufel verhält sich Skype so und wurde diese watch4.com-Seite geöffnet? * Kann ich unbesorgt auf Ubuntu auf diesem Laptop arbeiten, oder sollte ich den am Besten komplett ausgeschaltet lassen? Hoffe, ihr könnt mir helfen. Vielen Dank schonmal! Mythenmetz PS: Diese Nachricht habe ich mit dem Firefox über die Rescue CD gesendet. PPS: Bin neu hier, wenn ich also an der falschen Stelle gepostet habe, zur Not Thema in richtiges Forum schieben  |
|
07.11.2015, 15:42
| #2 |
| /// the machine /// TB-Ausbilder    | TR/Crypt.ZPACK.*, TR.Crypt.XPACK.*, nicht gefundene AdWare hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
07.11.2015, 16:19
| #3 |
| | TR/Crypt.ZPACK.*, TR.Crypt.XPACK.*, nicht gefundene AdWare Bitteschön
__________________ FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-11-2015
durchgeführt von Eichhörnchen (Administrator) auf EICHHOERNCHEN (07-11-2015 16:02:15)
Gestartet von C:\Users\Eichhörnchen\Desktop
Geladene Profile: UpdatusUser & Eichhörnchen (Verfügbare Profile: UpdatusUser & Eichhörnchen & DSA Rollenspiel)
Platform: Windows 10 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
() C:\Program Files (x86)\Hotkey\PowerBiosServer.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.EXE
() C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\ownCloud\owncloud.exe
() C:\Program Files (x86)\sciebo\sciebo.exe
(Microsoft Corporation) C:\Windows\System32\MusNotification.exe
() C:\Program Files (x86)\Hotkey\Hotkey.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
() C:\Users\Eichhörnchen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\esc2pause.exe
(Nikon Corporation) C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10240.16565_none_1162030161f5c19b\TiWorker.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6314.23751.0_x64__8wekyb3d8bbwe\HubTaskHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6310.42251.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-10] (ELAN Microelectronics Corp.)
HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5675184 2013-05-10] (VIA)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [373760 2014-03-18] (shbox.de)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [570880 2013-12-27] (Nikon Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707496 2014-08-15] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [CitrixReceiver] => "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk"
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [407904 2014-11-27] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [153952 2014-11-27] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-3033165532-1905040069-832013410-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-3033165532-1905040069-832013410-1002\...\Run: [Visual Subst] => C:\Program Files (x86)\Visual Subst\VSubst.exe [139672 2008-02-02] (NTWind Software)
HKU\S-1-5-21-3033165532-1905040069-832013410-1002\...\Run: [ownCloud] => C:\Program Files (x86)\ownCloud\owncloud.exe [1704974 2015-10-21] ()
HKU\S-1-5-21-3033165532-1905040069-832013410-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [57981568 2015-09-27] (Skype Technologies S.A.)
HKU\S-1-5-21-3033165532-1905040069-832013410-1002\...\Run: [sciebo] => C:\Program Files (x86)\sciebo\sciebo.exe [30462190 2015-11-02] ()
HKU\S-1-5-21-3033165532-1905040069-832013410-1002\...\RunOnce: [Uninstall C:\Users\Eichh�rnchen\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Eichhörnchen\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64"
HKU\S-1-5-21-3033165532-1905040069-832013410-1002\...\RunOnce: [Uninstall C:\Users\Eichh�rnchen\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Eichhörnchen\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1"
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [176904 2015-07-23] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ OCError] -> {0960F090-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCErrorShared] -> {0960F091-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCOK] -> {0960F092-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCOKShared] -> {0960F093-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCSync] -> {0960F094-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCSyncShared] -> {0960F095-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCWarning] -> {0960F096-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCWarningShared] -> {0960F097-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Eichhörnchen\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll [2015-10-07] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Eichhörnchen\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll [2015-10-07] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Eichhörnchen\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll [2015-10-07] (Microsoft Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Eichhörnchen\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll [2015-10-07] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Eichhörnchen\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll [2015-10-07] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Eichhörnchen\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll [2015-10-07] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hotkey.lnk [2013-12-04]
ShortcutTarget: Hotkey.lnk -> C:\Program Files (x86)\Hotkey\Hotkey.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-06-23]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\DSA Rollenspiel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\esc2pause.exe [2015-05-16] ()
Startup: C:\Users\Eichhörnchen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2014-12-01]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
Startup: C:\Users\Eichhörnchen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\esc2pause.exe [2015-05-16] ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{49630252-1044-4207-9304-39e014ed1c0e}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{aa36e5cf-a2ae-4e32-b4dc-4609169e0fb6}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKU\S-1-5-21-3033165532-1905040069-832013410-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com
SearchScopes: HKU\S-1-5-21-3033165532-1905040069-832013410-1002 -> DefaultScope {C18F63A7-39AF-42F1-90E5-5ED701D3B42D} URL =
SearchScopes: HKU\S-1-5-21-3033165532-1905040069-832013410-1002 -> {C18F63A7-39AF-42F1-90E5-5ED701D3B42D} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-09-29] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-10-17] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-27] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-10-17] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-10-03] (Oracle Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-10-03] (Oracle Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-3033165532-1905040069-832013410-1002 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
FireFox:
========
FF ProfilePath: C:\Users\Eichhörnchen\AppData\Roaming\Mozilla\Firefox\Profiles\t619xc98.default
FF DefaultSearchEngine: DuckDuckGo
FF SelectedSearchEngine: Ecosia
FF Session Restore: -> ist aktiviert.
FF NetworkProxy: "ftp", "192.168.11.1"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "http", "192.168.11.1"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "socks", "192.168.11.1"
FF NetworkProxy: "socks_port", 8080
FF NetworkProxy: "ssl", "192.168.11.1"
FF NetworkProxy: "ssl_port", 8080
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-17] ()
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-10-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-17] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2014-11-27] (Citrix Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.20 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-20] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-10-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-03] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-3033165532-1905040069-832013410-1002: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF SearchPlugin: C:\Users\Eichhörnchen\AppData\Roaming\Mozilla\Firefox\Profiles\t619xc98.default\searchplugins\ecosia.xml [2014-01-22]
FF Extension: Cookies Manager+ - C:\Users\Eichhörnchen\AppData\Roaming\Mozilla\Firefox\Profiles\t619xc98.default\Extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} [2015-05-29]
FF Extension: UploadProgress - C:\Users\Eichhörnchen\AppData\Roaming\Mozilla\Firefox\Profiles\t619xc98.default\Extensions\fvicente@gmail.com.xpi [2015-05-29]
FF Extension: NoScript - C:\Users\Eichhörnchen\AppData\Roaming\Mozilla\Firefox\Profiles\t619xc98.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-10-27]
FF Extension: Tamper Data - C:\Users\Eichhörnchen\AppData\Roaming\Mozilla\Firefox\Profiles\t619xc98.default\Extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}.xpi [2015-05-29]
FF Extension: Download YouTube Videos as MP4 - C:\Users\Eichhörnchen\AppData\Roaming\Mozilla\Firefox\Profiles\t619xc98.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2015-05-29]
FF Extension: Adblock Edge - C:\Users\Eichhörnchen\AppData\Roaming\Mozilla\Firefox\Profiles\t619xc98.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2015-05-29]
FF Extension: Kein Name - C:\Users\Eichhörnchen\AppData\Roaming\Mozilla\Firefox\Profiles\t619xc98.default\extensions\fvicente@gmail.com.xpi [nicht gefunden]
FF Extension: Kein Name - C:\Users\Eichhörnchen\AppData\Roaming\Mozilla\Firefox\Profiles\t619xc98.default\extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} [nicht gefunden]
FF Extension: Kein Name - C:\Users\Eichhörnchen\AppData\Roaming\Mozilla\Firefox\Profiles\t619xc98.default\extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}.xpi [nicht gefunden]
FF Extension: Kein Name - C:\Users\Eichhörnchen\AppData\Roaming\Mozilla\Firefox\Profiles\t619xc98.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [nicht gefunden]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2780856 2015-10-07] (Microsoft Corporation)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [216576 2014-11-25] () [Datei ist nicht signiert]
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-10] (ELAN Microelectronics Corp.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-07-17] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [671744 2013-02-05] () [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-20] (Intel Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 PowerBiosServer; c:\Program Files (x86)\Hotkey\PowerBiosServer.exe [47104 2013-05-29] () [Datei ist nicht signiert]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [621336 2013-12-04] (Wacom Technology, Corp.)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AirplaneModeHid; C:\Windows\system32\DRIVERS\AirplaneModeHid.sys [33488 2015-06-25] (Insyde Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-02-26] (LogMeIn Inc.)
S3 huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [245248 2013-04-10] (Huawei Technologies Co., Ltd.)
S3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [253680 2015-03-19] (Intel Corporation)
S3 libusb0; C:\Windows\system32\DRIVERS\libusb0.sys [52832 2014-05-02] (hxxp://libusb-win32.sourceforge.net)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-03-20] (Intel Corporation)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3496216 2015-07-10] (Intel Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-06-18] (Realtek )
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 vpnva; C:\Windows\System32\drivers\vpnva64-6.sys [52592 2014-08-15] (Cisco Systems, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-07 16:02 - 2015-11-07 16:02 - 00028918 _____ C:\Users\Eichhörnchen\Desktop\FRST.txt
2015-11-07 16:01 - 2015-11-07 16:02 - 00000000 ____D C:\FRST
2015-11-07 15:58 - 2015-11-07 15:58 - 00016148 _____ C:\WINDOWS\system32\EICHHOERNCHEN_Eichhörnchen_HistoryPrediction.bin
2015-11-07 15:57 - 2015-11-07 15:57 - 00000022 _____ C:\WINDOWS\S.dirmngr
2015-11-07 15:54 - 2015-11-07 15:53 - 02198528 _____ (Farbar) C:\Users\Eichhörnchen\Desktop\FRST64.exe
2015-11-01 15:56 - 2015-11-01 15:56 - 00016148 _____ C:\WINDOWS\system32\EICHHOERNCHEN_DSA Rollenspiel_HistoryPrediction.bin
2015-10-31 18:48 - 2015-10-31 18:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft - Story Mode [GOG.com]
2015-10-31 18:39 - 2015-10-31 18:39 - 06539752 _____ (Tim Kosse) C:\Users\Eichhörnchen\Downloads\FileZilla_3.14.1_win64-setup.exe
2015-10-31 18:39 - 2015-10-31 18:39 - 06539752 _____ (Tim Kosse) C:\Users\Eichhörnchen\Downloads\FileZilla_3.14.1_win64-setup (2).exe
2015-10-31 14:52 - 2015-10-31 14:52 - 00000000 ____D C:\Program Files\GOG Games
2015-10-29 23:54 - 2015-10-28 00:38 - 21871616 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-29 23:54 - 2015-10-28 00:16 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-29 23:54 - 2015-10-21 13:00 - 24595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-29 23:54 - 2015-10-21 06:13 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-29 23:53 - 2015-10-21 13:45 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-10-29 23:53 - 2015-10-21 13:44 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-10-29 23:53 - 2015-10-21 13:43 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-29 23:53 - 2015-10-21 13:39 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-10-29 23:53 - 2015-10-21 13:00 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-29 23:53 - 2015-10-21 12:59 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-10-29 23:53 - 2015-10-21 12:57 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-29 23:53 - 2015-10-21 12:52 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-29 23:53 - 2015-10-21 12:50 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-10-29 23:53 - 2015-10-21 12:48 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-29 23:53 - 2015-10-21 12:47 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-10-29 23:53 - 2015-10-21 12:46 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-29 23:53 - 2015-10-21 12:46 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-10-29 23:53 - 2015-10-21 12:44 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-10-29 23:53 - 2015-10-21 12:44 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-29 23:53 - 2015-10-21 12:43 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-10-29 23:53 - 2015-10-21 12:42 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-29 23:53 - 2015-10-21 12:41 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-29 23:53 - 2015-10-21 12:40 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-10-29 23:53 - 2015-10-21 12:38 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-10-29 23:53 - 2015-10-21 06:53 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-29 23:53 - 2015-10-21 06:49 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-10-29 23:53 - 2015-10-21 06:11 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-29 23:53 - 2015-10-21 06:08 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-29 23:53 - 2015-10-21 06:05 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-29 23:53 - 2015-10-21 06:03 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-10-29 23:53 - 2015-10-21 06:03 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-10-29 23:53 - 2015-10-21 05:58 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-10-29 23:53 - 2015-10-21 05:58 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-29 23:53 - 2015-10-21 05:55 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-10-26 18:35 - 2015-10-26 18:42 - 74465412 _____ C:\Users\DSA Rollenspiel\Downloads\rescue-system.iso.part
2015-10-25 18:29 - 2015-10-25 18:29 - 00000000 ____D C:\Users\Eichhörnchen\Documents\Telltale Games
2015-10-25 18:29 - 2015-10-25 18:29 - 00000000 ____D C:\Users\Eichhörnchen\Documents\Minecraft - Story Mode
2015-10-25 18:27 - 2015-10-25 18:27 - 00469776 _____ (Microsoft Corporation) C:\WINDOWS\system32\coin98ip.dll
2015-10-25 18:27 - 2015-10-25 18:27 - 00466736 _____ (Microsoft Corporation) C:\WINDOWS\system32\coin98itp.dll
2015-10-21 17:00 - 2015-10-21 17:39 - 00000227 _____ C:\Users\DSA Rollenspiel\Desktop\Pizza.txt
2015-10-19 18:00 - 2015-10-26 22:22 - 00000138 _____ C:\Users\DSA Rollenspiel\Documents\JENS Lienn Kevendoch.txt
2015-10-19 14:25 - 2015-10-19 14:25 - 00079966 _____ C:\Users\Eichhörnchen\AppData\Local\recently-used.xbel
2015-10-19 12:48 - 2015-10-19 12:50 - 00365528 _____ C:\WINDOWS\Minidump\101915-56359-01.dmp
2015-10-19 12:24 - 2015-10-19 17:56 - 00000000 ____D C:\Users\DSA Rollenspiel\.oracle_jre_usage
2015-10-19 12:24 - 2015-10-19 12:24 - 00000000 ____D C:\Users\DSA Rollenspiel\AppData\Roaming\Sun
2015-10-17 14:23 - 2015-10-17 14:22 - 00110688 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-10-17 14:17 - 2015-10-17 14:17 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2015-10-15 18:57 - 2015-10-16 17:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-14 15:55 - 2015-10-10 08:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-14 15:55 - 2015-10-06 04:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-14 15:55 - 2015-10-06 03:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-14 15:55 - 2015-10-01 05:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-14 15:55 - 2015-10-01 05:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-14 15:55 - 2015-10-01 05:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-14 15:55 - 2015-10-01 05:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-14 15:55 - 2015-10-01 05:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-14 15:55 - 2015-10-01 04:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-14 15:55 - 2015-09-25 05:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-14 15:55 - 2015-09-25 05:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-14 15:55 - 2015-09-25 04:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-14 15:55 - 2015-09-25 04:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-14 15:55 - 2015-09-25 04:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-14 15:55 - 2015-09-25 04:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-14 15:55 - 2015-09-25 04:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-14 15:55 - 2015-09-25 04:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-14 15:55 - 2015-09-25 04:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-14 15:55 - 2015-09-25 04:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-14 15:55 - 2015-09-25 04:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-14 15:55 - 2015-09-25 04:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-14 15:55 - 2015-09-25 04:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-14 15:55 - 2015-09-25 04:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-14 15:55 - 2015-09-25 04:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-14 15:55 - 2015-09-25 04:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-14 15:55 - 2015-09-25 04:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-14 15:55 - 2015-09-25 04:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-14 15:55 - 2015-09-25 04:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-14 15:55 - 2015-09-25 04:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-14 15:55 - 2015-09-25 04:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-14 15:55 - 2015-09-25 04:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-14 15:55 - 2015-09-25 04:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-14 15:55 - 2015-09-25 03:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-14 15:55 - 2015-09-25 03:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-14 15:55 - 2015-09-25 03:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-14 15:55 - 2015-09-25 03:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-14 15:55 - 2015-09-25 03:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-14 15:55 - 2015-09-25 03:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-14 15:55 - 2015-09-25 03:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-14 15:55 - 2015-09-25 03:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-14 15:55 - 2015-09-25 03:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-14 15:55 - 2015-09-25 03:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-14 15:55 - 2015-09-25 03:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-14 15:55 - 2015-09-25 03:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-14 15:55 - 2015-09-25 03:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-14 15:55 - 2015-09-25 03:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-14 15:55 - 2015-09-25 03:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-14 15:55 - 2015-09-25 03:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-14 15:55 - 2015-09-25 03:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-14 15:55 - 2015-09-25 03:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-14 15:55 - 2015-09-25 03:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-14 15:55 - 2015-09-25 03:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-14 15:55 - 2015-09-25 03:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-14 15:55 - 2015-09-25 03:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-14 15:55 - 2015-09-25 03:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-14 15:55 - 2015-09-25 03:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-14 15:55 - 2015-09-25 03:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-14 15:55 - 2015-09-25 03:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-07 16:01 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-07 16:01 - 2015-04-07 11:51 - 00000000 ____D C:\Users\Eichhörnchen\AppData\Local\sciebo
2015-11-07 16:01 - 2014-02-03 20:01 - 00000000 ____D C:\Users\Eichhörnchen\AppData\Roaming\Skype
2015-11-07 16:00 - 2014-10-31 17:24 - 00000000 ____D C:\Users\Eichhörnchen\AppData\Local\ownCloud
2015-11-07 15:58 - 2015-08-10 15:16 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-11-07 15:57 - 2015-07-10 13:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-07 15:57 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-07 15:57 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-06 22:55 - 2015-07-10 10:05 - 01048576 ___SH C:\WINDOWS\system32\config\BBI
2015-11-06 22:42 - 2014-01-26 17:41 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-06 22:33 - 2015-09-12 14:49 - 00001067 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\sciebo.lnk
2015-11-06 22:32 - 2015-02-03 15:33 - 00000000 ____D C:\Users\Eichhörnchen\Sciebo
2015-11-06 00:10 - 2014-09-27 13:38 - 00000000 ____D C:\Users\Eichhörnchen\AppData\Roaming\Telegram Win (Unofficial)
2015-11-05 23:37 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-11-03 22:01 - 2015-06-04 18:12 - 00000000 ____D C:\Users\Eichhörnchen\AppData\Local\CrashDumps
2015-11-03 22:01 - 2014-01-25 00:21 - 00000000 ____D C:\Users\Eichhörnchen\AppData\Roaming\vlc
2015-11-03 20:03 - 2015-03-01 18:41 - 00000000 ____D C:\Users\Eichhörnchen\AppData\Roaming\gnupg
2015-11-02 01:27 - 2014-09-26 14:30 - 00000000 ____D C:\Users\Eichhörnchen\AppData\Roaming\TS3Client
2015-11-02 01:27 - 2014-07-17 20:47 - 00000000 ____D C:\Users\Eichhörnchen\AppData\Roaming\.minecraft
2015-10-31 23:08 - 2015-08-17 18:40 - 00002435 _____ C:\Users\DSA Rollenspiel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-10-31 23:08 - 2015-08-17 18:40 - 00000000 ___RD C:\Users\DSA Rollenspiel\OneDrive
2015-10-31 23:08 - 2014-12-15 20:30 - 00000000 ____D C:\Users\DSA Rollenspiel\AppData\Local\FreePDF_XP
2015-10-31 19:59 - 2015-08-10 15:20 - 00000000 ____D C:\Users\Eichhörnchen
2015-10-31 19:56 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-31 18:51 - 2013-12-04 00:17 - 00129262 _____ C:\WINDOWS\DirectX.log
2015-10-31 18:46 - 2014-02-28 23:30 - 00000000 ____D C:\Users\Eichhörnchen\AppData\Roaming\FileZilla
2015-10-31 18:40 - 2014-09-02 20:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-10-31 18:40 - 2014-09-02 20:20 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2015-10-30 21:28 - 2014-12-25 18:25 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-10-30 20:35 - 2014-09-26 14:28 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2015-10-30 00:00 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-28 13:31 - 2015-08-10 15:10 - 00017308 _____ C:\WINDOWS\PFRO.log
2015-10-28 08:33 - 2015-07-03 14:24 - 00001083 _____ C:\Users\Public\Desktop\ownCloud.lnk
2015-10-28 08:33 - 2014-10-31 17:24 - 00001095 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ownCloud.lnk
2015-10-28 08:33 - 2014-10-31 17:23 - 00000000 ____D C:\Program Files (x86)\ownCloud
2015-10-28 08:32 - 2014-10-31 17:25 - 00000000 ____D C:\Users\Eichhörnchen\ownCloud
2015-10-27 21:42 - 2014-01-21 23:39 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-10-26 11:21 - 2015-09-25 15:43 - 01790124 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-26 11:21 - 2015-07-10 17:34 - 00772342 _____ C:\WINDOWS\system32\perfh007.dat
2015-10-26 11:21 - 2015-07-10 17:34 - 00154170 _____ C:\WINDOWS\system32\perfc007.dat
2015-10-25 18:26 - 2015-07-10 13:20 - 00028159 _____ C:\WINDOWS\setupact.log
2015-10-24 22:35 - 2015-02-22 16:03 - 00000000 ____D C:\Users\Eichhörnchen\AppData\Local\Eclipse
2015-10-24 19:04 - 2014-01-21 19:07 - 00000000 ____D C:\Users\Eichhörnchen\AppData\Local\Packages
2015-10-23 14:51 - 2015-05-14 22:36 - 00003296 _____ C:\Users\Eichhörnchen\Desktop\TODO.txt
2015-10-22 21:59 - 2014-01-23 19:30 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-22 21:55 - 2014-01-23 19:30 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-21 18:40 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-10-19 17:56 - 2014-12-15 19:10 - 00000278 _____ C:\Users\DSA Rollenspiel\.dsa4.properties
2015-10-19 17:56 - 2014-12-15 19:10 - 00000000 ____D C:\Users\DSA Rollenspiel\helden
2015-10-19 14:25 - 2014-08-01 00:40 - 00000000 ____D C:\Users\Eichhörnchen\.gimp-2.8
2015-10-19 14:14 - 2014-08-01 00:45 - 00000000 ____D C:\Users\Eichhörnchen\AppData\Local\gtk-2.0
2015-10-19 12:48 - 2015-09-26 16:25 - 00000000 ____D C:\WINDOWS\Minidump
2015-10-19 12:48 - 2014-02-09 19:44 - 672120648 _____ C:\WINDOWS\MEMORY.DMP
2015-10-19 12:24 - 2015-08-10 15:20 - 00000000 ____D C:\Users\DSA Rollenspiel
2015-10-17 17:46 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-10-17 14:32 - 2015-10-03 20:14 - 00000000 ____D C:\Users\Eichhörnchen\.oracle_jre_usage
2015-10-17 14:23 - 2015-10-03 20:18 - 00002539 _____ C:\Users\Eichhörnchen\Desktop\JOSM.lnk
2015-10-17 14:23 - 2014-07-26 22:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-17 14:23 - 2014-07-26 22:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-10-17 14:22 - 2014-02-10 22:13 - 00000000 ____D C:\Program Files\Java
2015-10-16 17:01 - 2014-01-21 20:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-16 13:33 - 2015-08-15 02:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-10-16 13:33 - 2015-08-10 15:17 - 00000000 ____D C:\Program Files\Elantech
2015-10-16 13:29 - 2015-07-10 12:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-16 13:29 - 2015-07-10 12:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-16 13:29 - 2015-07-10 12:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-16 13:29 - 2015-07-10 12:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-16 13:29 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-16 13:29 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-16 13:29 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-16 13:29 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-10-16 04:10 - 2015-07-10 12:06 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-16 04:10 - 2015-07-10 12:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-14 15:31 - 2013-12-04 00:16 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-13 19:16 - 2014-10-10 13:43 - 00000000 ____D C:\Users\Eichhörnchen\AppData\Roaming\texstudio
2015-10-11 19:05 - 2015-05-29 21:57 - 00000000 ____D C:\tmp
2015-10-11 03:49 - 2015-02-15 23:14 - 00000000 ____D C:\Users\Eichhörnchen\AppData\Roaming\Audacity
2015-10-10 16:39 - 2015-08-10 16:17 - 00056008 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDCoInstaller01000.dll
2015-10-10 16:39 - 2013-11-07 08:56 - 00525512 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\Drivers\ETD.sys
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-01-09 22:09 - 2015-01-09 22:09 - 0000268 ___RH () C:\Users\Eichhörnchen\AppData\Roaming\Gems
2015-01-09 22:10 - 2015-01-09 22:10 - 0000268 ___RH () C:\Users\Eichhörnchen\AppData\Roaming\Generic
2015-01-09 22:09 - 2015-01-09 22:09 - 0000268 ___RH () C:\Users\Eichhörnchen\AppData\Roaming\Grand Piano
2015-06-21 04:17 - 2015-06-21 04:17 - 0003584 _____ () C:\Users\Eichhörnchen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-23 22:56 - 2014-04-26 13:47 - 0000600 _____ () C:\Users\Eichhörnchen\AppData\Local\PUTTY.RND
2015-10-19 14:25 - 2015-10-19 14:25 - 0079966 _____ () C:\Users\Eichhörnchen\AppData\Local\recently-used.xbel
2015-01-09 22:09 - 2015-01-09 22:09 - 0000268 ___RH () C:\ProgramData\Graphics
2015-01-09 22:10 - 2015-01-09 22:10 - 0000268 ___RH () C:\ProgramData\Guides
2015-01-09 22:09 - 2015-01-09 22:09 - 0000268 ___RH () C:\ProgramData\Guitar
2014-06-23 17:33 - 2014-06-23 17:42 - 0000828 _____ () C:\ProgramData\hpzinstall.log
2015-01-09 22:09 - 2015-01-09 22:09 - 0000012 ___RH () C:\ProgramData\Hybrid Basic
2015-01-09 22:10 - 2015-01-09 22:10 - 0000012 ___RH () C:\ProgramData\Hybrid Morph
2015-01-09 22:09 - 2015-01-09 22:09 - 0000012 ___RH () C:\ProgramData\Icons
2015-01-09 22:10 - 2015-01-09 22:10 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2015-01-09 22:09 - 2015-01-09 22:24 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2015-01-09 22:09 - 2015-01-09 22:09 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Eichhörnchen\Kegelkalkulator.exe
Einige Dateien in TEMP:
====================
C:\Users\Eichhörnchen\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-10-25 12:04
==================== Ende von FRST.txt ============================
|
|
07.11.2015, 16:20
| #4 |
| | TR/Crypt.ZPACK.*, TR.Crypt.XPACK.*, nicht gefundene AdWareCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-11-2015
durchgeführt von Eichhörnchen (2015-11-07 16:04:17)
Gestartet von C:\Users\Eichhörnchen\Desktop
Windows 10 Pro (X64) (2015-08-10 15:08:15)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3033165532-1905040069-832013410-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3033165532-1905040069-832013410-503 - Limited - Disabled)
DSA Rollenspiel (S-1-5-21-3033165532-1905040069-832013410-1005 - Limited - Enabled) => C:\Users\DSA Rollenspiel
Eichhörnchen (S-1-5-21-3033165532-1905040069-832013410-1002 - Administrator - Enabled) => C:\Users\Eichhörnchen
Gast (S-1-5-21-3033165532-1905040069-832013410-501 - Limited - Disabled)
UpdatusUser (S-1-5-21-3033165532-1905040069-832013410-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe Edge Code CC (HKLM-x32\...\{641F742F-1497-51B4-F481-1037096A90A0}) (Version: 0.97 - Adobe Systems Incorporated)
Adobe Edge Inspect CC (HKLM-x32\...\{67D22EA0-4601-4450-9C99-042DABB0A315}) (Version: 1.0.408 - Adobe Systems Incorporated)
Adobe Edge Reflow CC Preview (HKLM\...\{4CBD2327-FA4C-4D42-8903-CE1E96FE0FBF}) (Version: 0.37.15833 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Gaming SDK 1.3 (HKLM-x32\...\{62FFC6DD-18BB-49FC-AF65-71FB1C0B08AA}) (Version: 1.3 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Adobe Scout CC (HKLM\...\{BA573BFE-83B4-11E3-93D2-D231FEB1DC81}) (Version: 1.1.3.354121 - Adobe Systems Incorporated)
Airplane Mode Hid Installer (HKLM-x32\...\InstallShield_{5E5B067F-52A4-447E-A3F1-D6DD10565E73}) (Version: 2.0.0.5 - )
Airplane Mode Hid Installer (x32 Version: 2.0.0.5 - ) Hidden
Algodoo v2.1.0 (HKLM-x32\...\Algodoo_is1) (Version: - Algoryx)
ANNO 1404 - Königsedition (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 3.10.0000 - Ubisoft)
Apache Tomcat 5.5 (remove only) (HKLM\...\Apache Tomcat 5.5) (Version: - )
Apache Tomcat 8.0.15 (HKLM\...\nbi-tomcat-8.0.15.0.0) (Version: - )
Arduino (HKLM-x32\...\Arduino) (Version: 1.6.5-r2 - Arduino LLC)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
B209a-m (x32 Version: 140.0.851.000 - Hewlett-Packard) Hidden
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Blender (HKLM\...\{EA3C8A99-1565-44FF-89FC-926CEEB623B5}) (Version: 2.75.1 - Blender Foundation)
Blender (HKLM\...\Blender) (Version: 2.71 - Blender Foundation)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Calques 3D (HKLM-x32\...\{1B5E9727-A251-4804-9DBD-FE8E3B6AC770}) (Version: 2.5.0 - Nicolas Van Labeke)
Canon MG6100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6100_series) (Version: - )
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.05182 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.05182 - Cisco Systems, Inc.) Hidden
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.2.0.10 - Citrix Systems, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Deutsch - Custom (HKLM\...\{10A21C21-3501-4B8D-9FBA-7DC1A003FAA7}) (Version: 1.0.3.40 - Company)
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-3033165532-1905040069-832013410-1002\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
dvdisaster-0.79.1 (HKLM-x32\...\dvdisaster_is1) (Version: - dvdisaster project)
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
EPSON XP-600 Series Printer Uninstall (HKLM\...\EPSON XP-600 Series) (Version: - SEIKO EPSON Corporation)
FileZilla Client 3.14.1 (HKLM-x32\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version: - )
Galería de fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GeoGebra 4.4 (HKLM-x32\...\GeoGebra 4.4) (Version: 4.4.12.0 - International GeoGebra Institute)
GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.63.0 - International GeoGebra Institute)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Git version 1.9.5-preview20141217 (HKLM-x32\...\Git_is1) (Version: 1.9.5-preview20141217 - The Git Development Community)
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Gpg4win (2.2.3) (HKLM-x32\...\GPG4Win) (Version: 2.2.3 - The Gpg4win Project)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.10) (Version: 9.10 - Artifex Software Inc.)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.12) (Version: 9.12 - Artifex Software Inc.)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.14) (Version: 9.14 - Artifex Software Inc.)
Hotkey 8.0122 (HKLM-x32\...\InstallShield_{164714B6-46BC-4649-9A30-A6ED32F03B5A}) (Version: 8.0122 - NoteBook)
Hotkey 8.0122 (x32 Version: 8.0122 - NoteBook) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart Plus B209a-m All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{E5BC8CEA-6C57-491E-83C0-4D0FA958C7F3}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
ImageMagick 6.9.1-10 Q16 (64-bit) (2015-07-25) (HKLM\...\ImageMagick 6.9.1 Q16 (64-bit)_is1) (Version: 6.9.1 - ImageMagick Studio LLC)
Inkscape 0.48.4 (HKLM-x32\...\Inkscape) (Version: 0.48.4 - )
Insyde Airplane Mode HID Mini-Driver (HKLM\...\AirplaneModeHid) (Version: 1.4.0.2 - Insyde Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.0.1428 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4170 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Internet Manager (HKLM-x32\...\Internet Manager) (Version: 22.001.18.76.55 - Huawei Technologies Co.,Ltd)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java SE Development Kit 7 Update 79 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle)
Java SE Development Kit 8 Update 11 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180110}) (Version: 8.0.110 - Oracle Corporation)
Java SE Development Kit 8 Update 60 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation)
Krita Desktop (x64) 2.9.4.2 (HKLM\...\{5054B603-CDEA-4454-B845-9807FA078141}) (Version: 2.9.4.2 - Krita Foundation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft Flight Simulator X (HKLM-x32\...\InstallShield_{F535B2CF-C9BB-4162-B03A-02D6971F32CC}) (Version: 10.0.60905 - Microsoft Game Studios)
Microsoft Keyboard Layout Creator 1.4 (HKLM-x32\...\{99E66BC9-E4B6-485F-ABFC-31EFCE36DFDF}) (Version: 1.4.6000 - Microsoft Corp.)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4763.1003 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x64) ENU (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Midori 0.5.8 (HKLM-x32\...\Midori) (Version: 0.5.8 - Christian Dywan)
Minecraft - Story Mode (HKLM-x32\...\1444400283_is1) (Version: 2.1.0.2 - GOG.com)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 41.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla)
Mozilla Thunderbird 38.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.2.0 (x86 de)) (Version: 38.2.0 - Mozilla)
Mozilla Thunderbird 38.3.0 (x86 de) (HKU\S-1-5-21-3033165532-1905040069-832013410-1002\...\Mozilla Thunderbird 38.3.0 (x86 de)) (Version: 38.3.0 - Mozilla)
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Mumble 1.2.10 (HKLM-x32\...\{2A8C1469-B7F5-4EE2-95E1-316895A211A7}) (Version: 1.2.10 - Thorvald Natvig)
Natron (HKLM\...\{412CD274-92AE-44AF-BA76-A6AA2B824A1B}) (Version: 0.9.4 - Inria)
NEF Codec (HKLM-x32\...\{D6506521-0959-4FA3-875F-E2E28830B0D2}) (Version: 1.00.0000 - Nikon)
NetBeans IDE 8.0.2 (HKLM\...\nbi-nb-base-8.0.2.0.201411181905) (Version: 8.0.2 - NetBeans.org)
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.1 - Nikon)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.9.2 - Nikon)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.8 - Notepad++ Team)
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
OBS Multiplatform (HKLM-x32\...\OBS Multiplatform) (Version: 0.11.1 - OBS Project)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Online Plug-in (x32 Version: 14.2.0.10 - Citrix Systems, Inc.) Hidden
ownCloud (HKLM-x32\...\ownCloud) (Version: 2.0.2.5569 - ownCloud)
paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Picture Control Utility 2 (HKLM\...\{D4893C47-704F-4B84-8486-9DE4974ACA6F}) (Version: 2.0.1 - Nikon)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
PS_AIO_06_B209a-m_SW_Min (x32 Version: 140.0.863.000 - Hewlett-Packard) Hidden
PuTTY version 0.63 (HKLM-x32\...\PuTTY_is1) (Version: 0.63 - Simon Tatham)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Racket v6.1.1 (x86_64) (HKLM-x32\...\Racket-x86_64-6.1.1) (Version: 6.1.1 - PLT Design Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{0D61A55C-3ADC-409F-BF5B-A1766D1F5944}) (Version: 6.2.9200.27035 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: 1.90 - Ghostgum Software Pty Ltd)
ROBOPro (fischertechnik) Programm (HKU\S-1-5-21-3033165532-1905040069-832013410-1002\...\ROBOProFischertechnik) (Version: - )
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
sciebo (HKLM-x32\...\sciebo) (Version: 2.0.2.265 - Sync and Share NRW )
Scribus 1.4.3 (64bit) (HKLM\...\Scribus 1.4.3) (Version: 1.4.3 - The Scribus Team)
Self-Service Plug-in (x32 Version: 4.2.0.2495 - Citrix Systems, Inc.) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Telegram Desktop version 0.9.10 (HKU\S-1-5-21-3033165532-1905040069-832013410-1002\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.9.10 - Telegram Messenger LLP)
TeX Live 2014 (HKU\S-1-5-21-3033165532-1905040069-832013410-1002\...\TeXLive2014) (Version: 2014 - )
TeXstudio 2.10.0 (HKLM-x32\...\TeXstudio_is1) (Version: 2.10.0 - Benito van der Zander)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.10.1 - Nikon)
Visual Subst (HKLM-x32\...\Visual Subst) (Version: 1.0.6 - NTWind Software)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.7-6 - Wacom Technology Corp.)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows-Treiberpaket - Insyde (AirplaneModeHid) HIDClass (07/01/2013 1.3.0.0) (HKLM\...\E38E8D276444640BFCE21B5A73FD63C479B76259) (Version: 07/01/2013 1.3.0.0 - Insyde)
Xming 6.9.0.31 (HKLM-x32\...\Xming_is1) (Version: 6.9.0.31 - Colin Harrison)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3033165532-1905040069-832013410-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3033165532-1905040069-832013410-1002_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
CustomCLSID: HKU\S-1-5-21-3033165532-1905040069-832013410-1002_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()
CustomCLSID: HKU\S-1-5-21-3033165532-1905040069-832013410-1002_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-3033165532-1905040069-832013410-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3033165532-1905040069-832013410-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3033165532-1905040069-832013410-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3033165532-1905040069-832013410-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3033165532-1905040069-832013410-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3033165532-1905040069-832013410-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3033165532-1905040069-832013410-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3033165532-1905040069-832013410-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3033165532-1905040069-832013410-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Wiederherstellungspunkte =========================
22-10-2015 21:54:28 Windows Update
28-10-2015 08:32:22 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
31-10-2015 18:48:59 DirectX wurde installiert
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2015-03-01 21:51 - 00000827 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {041FEB66-23C8-46B2-A3B1-CA748311C967} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {05315C38-A3EF-4EC1-AD64-2B7721745829} - System32\Tasks\{E09E268C-ABE8-45EE-9588-301E8413AECE} => pcalua.exe -a "C:\Users\DSA Rollenspiel\Desktop\Flatout 2\FlatOut2.exe" -d "C:\Users\DSA Rollenspiel\Desktop\Flatout 2"
Task: {142C74D0-EF57-4949-9A28-B027C695856B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {199EFBD7-107A-4C55-919E-AC30243003BA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {19D06EA9-DADE-42CA-998D-7ACF1F15F8F0} - System32\Tasks\{B50F2412-D2FC-4762-B334-6D95AB1984AD} => Firefox.exe hxxp://ui.skype.com/ui/0/7.0.59.100/de/abandoninstall?page=tsMain
Task: {1CB71D3D-3E5A-48BB-BBD1-B8FB42FCD97B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {4592BE2E-E8E3-4CBE-9F6D-1C2F9BF29039} - System32\Tasks\{B84161E0-06AA-4353-894C-391DF4F37CB2} => pcalua.exe -a E:\setup.exe -d E:\ -c AUTORUN=1
Task: {4F60EF7D-7931-42CC-80E3-1FAE76ED9025} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {862CECEB-E7A5-4543-81FE-2878399F066A} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {88C19A6B-727F-4BC2-B454-2FF1E3062D8C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {9091BB70-DA58-4F3A-BAD5-8BD2845684EC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {9E47AA67-5892-4CB3-80C0-9D4B37B1BFB7} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {B0F38A4A-7B21-4541-9043-9CA55AF1DAD9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {BE13B41C-6BC3-4D59-84A0-6A6360229FFB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {D0FED816-40EB-410D-B8C3-6AAB13CA28DC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-22] (Microsoft Corporation)
Task: {E5BA3608-67C3-4A84-8DA5-3C379357BA3E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17] (Adobe Systems Incorporated)
Task: {EDA865A8-8817-48AC-949F-6FCED7D428B5} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {EEC88225-0EFD-400A-8FC7-C0255FA6276A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {F7C8C9C4-5ECC-41BF-A948-3AD8476C8526} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-08-10 16:03 - 2015-08-10 16:03 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-10 15:17 - 2015-07-23 02:10 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-02-06 21:46 - 2012-06-21 07:25 - 00113152 _____ () C:\WINDOWS\System32\redmon64.dll
2015-08-19 15:07 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2014-11-25 20:25 - 2014-11-25 20:25 - 00216576 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
2011-03-14 16:27 - 2011-03-14 16:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2014-03-24 16:49 - 2015-10-07 19:28 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-05-29 17:51 - 2013-05-29 17:51 - 00047104 _____ () c:\Program Files (x86)\Hotkey\PowerBiosServer.exe
2014-05-30 16:43 - 2013-02-05 08:24 - 00671744 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
2014-01-21 19:56 - 2013-12-04 17:35 - 01185048 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2015-10-01 14:49 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 14:49 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-06-19 02:31 - 2015-06-19 02:31 - 00059392 _____ () C:\Program Files (x86)\ownCloud\shellext\OCUtil_x64.dll
2015-10-16 11:02 - 2015-10-16 11:02 - 00043480 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 00396688 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-10-01 14:49 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-01 14:49 - 2015-09-17 07:04 - 00642048 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2015-10-01 14:50 - 2015-09-17 06:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-01 14:49 - 2015-09-17 06:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-01 14:49 - 2015-09-17 06:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 14:49 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-10-21 09:36 - 2015-10-21 09:36 - 01704974 _____ () C:\Program Files (x86)\ownCloud\owncloud.exe
2015-11-02 10:47 - 2015-11-02 10:47 - 30462190 _____ () C:\Program Files (x86)\sciebo\sciebo.exe
2013-06-14 15:42 - 2013-06-14 15:42 - 04813824 _____ () C:\Program Files (x86)\Hotkey\Hotkey.exe
2015-05-20 22:42 - 2015-05-16 00:32 - 00975872 _____ () C:\Users\Eichhörnchen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\esc2pause.exe
2015-07-10 12:00 - 2015-07-10 12:00 - 00215352 _____ () c:\windows\system32\WerEtw.dll
2015-10-24 01:45 - 2015-10-24 01:46 - 17686528 _____ () C:\Program Files\WindowsApps\64885BlueEdge.OneCalendar_2015.1023.1.0_x64__8kea50m9krsh2\CalendarApp.Gui.Win10.dll
2015-10-16 17:11 - 2015-10-16 17:12 - 00024232 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6314.23751.0_x64__8wekyb3d8bbwe\HubTaskHost.exe
2015-10-01 13:36 - 2015-10-01 13:39 - 00038400 _____ () C:\Program Files\WindowsApps\Microsoft.XboxApp_9.9.28033.0_x64__8wekyb3d8bbwe\BackgroundTaskWrappers.dll
2015-10-01 13:36 - 2015-10-01 13:39 - 27529728 _____ () C:\Program Files\WindowsApps\Microsoft.XboxApp_9.9.28033.0_x64__8wekyb3d8bbwe\XboxApp.dll
2015-08-19 15:08 - 2015-08-11 10:57 - 02641760 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
2015-08-13 11:16 - 2015-08-03 03:12 - 02108256 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentManagementSDK.dll
2015-11-05 23:08 - 2015-11-05 23:09 - 00048128 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.21.12.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2014-08-15 14:25 - 2014-08-15 14:25 - 00063400 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-11-25 19:57 - 2014-11-25 19:57 - 00050176 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll
2014-11-25 20:11 - 2014-11-25 20:11 - 00221184 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll
2014-11-25 20:10 - 2014-11-25 20:10 - 00070144 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll
2014-11-25 20:13 - 2014-11-25 20:13 - 00742912 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-20.dll
2014-11-25 20:05 - 2014-11-25 20:05 - 00038400 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll
2014-05-30 16:43 - 2009-01-10 11:32 - 00011362 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\mingwm10.dll
2014-05-30 16:43 - 2009-06-22 19:42 - 00043008 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\libgcc_s_dw2-1.dll
2014-05-30 16:43 - 2012-10-31 10:11 - 02417152 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtCore4.dll
2014-05-30 16:43 - 2012-10-31 10:14 - 01148416 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtNetwork4.dll
2015-10-21 09:36 - 2015-10-21 09:36 - 00670222 _____ () C:\Program Files (x86)\ownCloud\libocsync.dll
2015-10-21 09:36 - 2015-10-21 09:36 - 00977422 _____ () C:\Program Files (x86)\ownCloud\libowncloudsync.dll
2015-08-06 16:48 - 2015-08-06 16:48 - 00051095 _____ () C:\Program Files (x86)\ownCloud\libqt5keychain.dll
2015-08-06 08:59 - 2015-08-06 08:59 - 00097326 _____ () C:\Program Files (x86)\ownCloud\libgcc_s_sjlj-1.dll
2015-08-06 08:59 - 2015-08-06 08:59 - 00922727 _____ () C:\Program Files (x86)\ownCloud\libstdc++-6.dll
2015-08-06 08:10 - 2015-08-06 08:10 - 00085548 _____ () C:\Program Files (x86)\ownCloud\zlib1.dll
2015-08-06 08:16 - 2015-08-06 08:16 - 01366986 _____ () C:\Program Files (x86)\ownCloud\libGLESv2.dll
2015-08-06 08:14 - 2015-08-06 08:14 - 00209711 _____ () C:\Program Files (x86)\ownCloud\libpng16-16.dll
2015-08-06 08:21 - 2015-08-06 08:21 - 02197765 _____ () C:\Program Files (x86)\ownCloud\icui18n53.dll
2015-08-06 08:21 - 2015-08-06 08:21 - 01308778 _____ () C:\Program Files (x86)\ownCloud\icuuc53.dll
2015-08-06 08:11 - 2015-08-06 08:11 - 00148117 _____ () C:\Program Files (x86)\ownCloud\libpcre16-0.dll
2015-08-06 08:21 - 2015-08-06 08:21 - 21539975 _____ () C:\Program Files (x86)\ownCloud\icudata53.dll
2015-08-06 08:16 - 2015-08-06 08:16 - 00154982 _____ () C:\Program Files (x86)\ownCloud\libEGL.dll
2015-08-06 08:14 - 2015-08-06 08:14 - 00350662 _____ () C:\Program Files (x86)\ownCloud\libjpeg-8.dll
2015-08-06 08:17 - 2015-08-06 08:17 - 00689339 _____ () C:\Program Files (x86)\ownCloud\libsqlite3-0.dll
2015-08-06 10:35 - 2015-08-06 10:35 - 00247540 _____ () C:\Program Files (x86)\ownCloud\libwebp-4.dll
2015-08-06 08:26 - 2015-08-06 08:26 - 01169416 _____ () C:\Program Files (x86)\ownCloud\libxml2-2.dll
2015-08-06 10:38 - 2015-08-06 10:38 - 00231727 _____ () C:\Program Files (x86)\ownCloud\libxslt-1.dll
2015-11-02 10:47 - 2015-11-02 10:47 - 17335365 _____ () C:\Program Files (x86)\sciebo\libsciebosync.dll
2015-11-02 10:46 - 2015-11-02 10:46 - 03055762 _____ () C:\Program Files (x86)\sciebo\libocsync.dll
2015-08-06 16:48 - 2015-08-06 16:48 - 00051095 _____ () C:\Program Files (x86)\sciebo\libqt5keychain.dll
2015-08-06 08:59 - 2015-08-06 08:59 - 00097326 _____ () C:\Program Files (x86)\sciebo\libgcc_s_sjlj-1.dll
2015-08-06 08:59 - 2015-08-06 08:59 - 00922727 _____ () C:\Program Files (x86)\sciebo\libstdc++-6.dll
2015-08-06 08:10 - 2015-08-06 08:10 - 00085548 _____ () C:\Program Files (x86)\sciebo\zlib1.dll
2015-08-06 08:21 - 2015-08-06 08:21 - 02197765 _____ () C:\Program Files (x86)\sciebo\icui18n53.dll
2015-08-06 08:21 - 2015-08-06 08:21 - 01308778 _____ () C:\Program Files (x86)\sciebo\icuuc53.dll
2015-08-06 08:11 - 2015-08-06 08:11 - 00148117 _____ () C:\Program Files (x86)\sciebo\libpcre16-0.dll
2015-08-06 08:16 - 2015-08-06 08:16 - 01366986 _____ () C:\Program Files (x86)\sciebo\libGLESv2.dll
2015-08-06 08:14 - 2015-08-06 08:14 - 00209711 _____ () C:\Program Files (x86)\sciebo\libpng16-16.dll
2015-08-06 08:21 - 2015-08-06 08:21 - 21539975 _____ () C:\Program Files (x86)\sciebo\icudata53.dll
2015-08-06 08:16 - 2015-08-06 08:16 - 00154982 _____ () C:\Program Files (x86)\sciebo\libEGL.dll
2015-08-06 08:14 - 2015-08-06 08:14 - 00350662 _____ () C:\Program Files (x86)\sciebo\libjpeg-8.dll
2015-08-06 08:17 - 2015-08-06 08:17 - 00689339 _____ () C:\Program Files (x86)\sciebo\libsqlite3-0.dll
2015-08-06 10:35 - 2015-08-06 10:35 - 00247540 _____ () C:\Program Files (x86)\sciebo\libwebp-4.dll
2015-08-06 08:26 - 2015-08-06 08:26 - 01169416 _____ () C:\Program Files (x86)\sciebo\libxml2-2.dll
2015-08-06 10:38 - 2015-08-06 10:38 - 00231727 _____ () C:\Program Files (x86)\sciebo\libxslt-1.dll
2014-09-23 07:38 - 2014-11-18 06:21 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2013-12-04 00:06 - 2013-03-20 08:47 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3033165532-1905040069-832013410-1001\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-3033165532-1905040069-832013410-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Eichhörnchen\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{215BEAF7-DE91-4DC9-8EC1-6035F88BECA8}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Block) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [TCP Query User{FF88B00E-8B5C-4ABA-BB8F-3B67E618216E}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Block) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{7470CD58-F42E-4831-BE66-E8BAA1D029C0}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [TCP Query User{DB6A7FCA-7E73-4163-B8AA-BC5175366221}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{570701A0-75A4-40BB-9AD2-1ED767AB75D0}C:\users\eichhörnchen\documents\portabel\arduino-1.6.5-r2\java\bin\java.exe] => (Allow) C:\users\eichhörnchen\documents\portabel\arduino-1.6.5-r2\java\bin\java.exe
FirewallRules: [TCP Query User{04622380-F0AA-4A50-A32F-90D125C6FFD1}C:\users\eichhörnchen\documents\portabel\arduino-1.6.5-r2\java\bin\java.exe] => (Allow) C:\users\eichhörnchen\documents\portabel\arduino-1.6.5-r2\java\bin\java.exe
FirewallRules: [UDP Query User{0E41B197-14ED-43E8-8037-99E10D376EC9}C:\users\eichhörnchen\documents\portabel\arduino-1.6.5-r2\java\bin\javaw.exe] => (Allow) C:\users\eichhörnchen\documents\portabel\arduino-1.6.5-r2\java\bin\javaw.exe
FirewallRules: [TCP Query User{4A7BE881-D7DB-490E-B1F7-2B6FEE41910C}C:\users\eichhörnchen\documents\portabel\arduino-1.6.5-r2\java\bin\javaw.exe] => (Allow) C:\users\eichhörnchen\documents\portabel\arduino-1.6.5-r2\java\bin\javaw.exe
FirewallRules: [UDP Query User{3668F001-4AC3-41A9-8023-A19B45104556}C:\users\eichhörnchen\documents\portabel\teamspeak3-server_win64\ts3server_win64.exe] => (Allow) C:\users\eichhörnchen\documents\portabel\teamspeak3-server_win64\ts3server_win64.exe
FirewallRules: [TCP Query User{44401706-0B44-4870-A149-60BB480B2878}C:\users\eichhörnchen\documents\portabel\teamspeak3-server_win64\ts3server_win64.exe] => (Allow) C:\users\eichhörnchen\documents\portabel\teamspeak3-server_win64\ts3server_win64.exe
FirewallRules: [{6C143F01-608F-42DF-9187-96B530969B42}] => (Allow) LPort=3306
FirewallRules: [{9E85A080-197B-472B-A365-30CB4478E0B0}] => (Allow) LPort=1900
FirewallRules: [{33D74253-797E-4EE8-82F2-E00C74DD81F7}] => (Allow) LPort=2869
FirewallRules: [{0B211F41-9E8E-49C9-A94A-B460601537B2}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [UDP Query User{B6E7F9CF-14C9-4CFD-A57F-28CB459606CF}C:\windows\system32\javaw.exe] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [TCP Query User{8F8D1AB9-8BBF-4E68-B931-EF527C805B26}C:\windows\system32\javaw.exe] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [UDP Query User{6DA1B702-320F-400F-86DC-DE6D686472F3}C:\users\dsa rollenspiel\desktop\flatout 2\flatout2.exe] => (Allow) C:\users\dsa rollenspiel\desktop\flatout 2\flatout2.exe
FirewallRules: [TCP Query User{EB060086-6E71-4082-B188-BE672B2AE011}C:\users\dsa rollenspiel\desktop\flatout 2\flatout2.exe] => (Allow) C:\users\dsa rollenspiel\desktop\flatout 2\flatout2.exe
FirewallRules: [UDP Query User{70813AA6-CFFA-471C-AD43-14CCA214517D}C:\windows\system32\javaw.exe] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [TCP Query User{E1B3B1C8-BF8C-4D33-BC2E-76490A272FB8}C:\windows\system32\javaw.exe] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [UDP Query User{D142BE1E-33A4-406A-873F-5800C11E672E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{A5707FDB-7D34-45D0-B2E8-26CA041D65FE}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{80ABDB1C-40DF-426D-BB14-1D6E7668F5D5}C:\windows\system32\java.exe] => (Block) C:\windows\system32\java.exe
FirewallRules: [TCP Query User{6FE0751A-2FDA-4398-B49F-07E747230B60}C:\windows\system32\java.exe] => (Block) C:\windows\system32\java.exe
FirewallRules: [UDP Query User{DC4F9D37-DD2D-4BA4-99E0-AECAAB5A8818}C:\windows\system32\java.exe] => (Block) C:\windows\system32\java.exe
FirewallRules: [TCP Query User{7B45CA17-6B79-462A-A680-EC992B03B53B}C:\windows\system32\java.exe] => (Block) C:\windows\system32\java.exe
FirewallRules: [{C0B51B40-8B60-426C-8788-7DAA3FA6C39D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{63698EF6-146C-498C-A2AB-A92BBDDF7BD5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C5D96C47-C521-4655-8D0E-86C95FC952B7}] => (Allow) C:\glassfish3\jdk\bin\java.exe
FirewallRules: [{93FC04FA-D114-47B8-8F90-B25ABA760101}] => (Allow) C:\glassfish3\jdk\bin\java.exe
FirewallRules: [{02724BD2-4920-4B9C-852E-A116BDB9BAB8}] => (Allow) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [{941DA149-8CBF-4D5C-8321-8BC23ACE99F6}] => (Allow) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [{0BFDE3B1-C0BA-4DF6-8EBD-316E20BC64C3}] => (Allow) C:\Users\Eichhörnchen\Documents\Minecraft\Server\minecraft_server.1.8.1.exe
FirewallRules: [{797018D7-61BF-4D10-B755-B3AA6886821D}] => (Allow) C:\Users\Eichhörnchen\Documents\Minecraft\Server\minecraft_server.1.8.1.exe
FirewallRules: [{C8BD2052-D9BE-4824-ADE2-45D1523160EE}] => (Allow) C:\Users\Eichhörnchen\Documents\Minecraft\Server\minecraft_server.1.8.1.exe
FirewallRules: [{C6AB8EE2-CD16-4E65-B868-E13A96539049}] => (Allow) C:\Users\Eichhörnchen\Documents\Minecraft\Server\minecraft_server.1.8.1.exe
FirewallRules: [{97B3D015-233F-417E-B495-F3DFED468522}] => (Allow) LPort=3306
FirewallRules: [{266389FD-1C97-44EC-B7B8-DBA230D1F218}] => (Allow) LPort=9999
FirewallRules: [UDP Query User{77FA2EEE-A6FC-45E0-9693-2DDCA1F9A943}C:\users\eichhörnchen\documents\portabel\mysql-5.6.21-winx64\bin\mysqld.exe] => (Allow) C:\users\eichhörnchen\documents\portabel\mysql-5.6.21-winx64\bin\mysqld.exe
FirewallRules: [TCP Query User{52343ED0-86C1-46B2-B8FD-0A181A7D2021}C:\users\eichhörnchen\documents\portabel\mysql-5.6.21-winx64\bin\mysqld.exe] => (Allow) C:\users\eichhörnchen\documents\portabel\mysql-5.6.21-winx64\bin\mysqld.exe
FirewallRules: [{A5413FF0-609C-4A39-8AB3-C8E1CD26C903}] => (Allow) LPort=3306
FirewallRules: [UDP Query User{13476C96-E488-45CA-A6E0-8DA49D9173BC}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{BAC14DBF-85CB-4023-A0C7-D6CD0ED7597F}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{2C6F8A2A-B4C1-4072-8736-FD06EAFB1706}C:\glassfish3\jdk\bin\java.exe] => (Allow) C:\glassfish3\jdk\bin\java.exe
FirewallRules: [TCP Query User{AC654CFD-AF66-4DF3-B6FB-EFBC1658A3CF}C:\glassfish3\jdk\bin\java.exe] => (Allow) C:\glassfish3\jdk\bin\java.exe
FirewallRules: [{D0564F39-E479-4FC9-88BB-85F68DE22C26}] => (Allow) LPort=3306
FirewallRules: [{47A9A48D-ACCB-4C0C-A8EB-50525617E53C}] => (Allow) LPort=3306
FirewallRules: [{37C4F6A3-7F30-4540-A8D2-F5890828D0D6}] => (Allow) LPort=3306
FirewallRules: [{C8AB631E-23EC-4F6A-86A1-D02F6BC6AFF5}] => (Allow) LPort=3306
FirewallRules: [{0A77E1F4-AE3C-4130-956D-224E321849C3}] => (Allow) LPort=3306
FirewallRules: [{A31CBA45-8B58-4D69-8C31-B2C508BA45C0}] => (Allow) C:\Users\Eichhörnchen\Documents\Portabel\dhcpsrv2.4\dhcpsrv.exe
FirewallRules: [{024527DB-23E1-4526-B8BC-5DE07D07BEB6}] => (Allow) C:\Users\Eichhörnchen\Documents\Portabel\dhcpsrv2.4\dhcpsrv.exe
FirewallRules: [{E8CEA51F-803A-44C0-87BB-EB199F15A888}] => (Allow) C:\Users\Eichhörnchen\Desktop\Minecraft.exe
FirewallRules: [{BBBF37D1-0009-446F-8264-493E9B5CA952}] => (Allow) C:\Users\Eichhörnchen\Desktop\Minecraft.exe
FirewallRules: [{52C3D2B5-64AC-43D0-A8DA-10B035E6DDA9}] => (Allow) C:\Users\Eichhörnchen\Desktop\Minecraft.exe
FirewallRules: [{28D70172-3A36-482E-8049-EF9BF39C71BD}] => (Allow) C:\Users\Eichhörnchen\Desktop\Minecraft.exe
FirewallRules: [{2C0BF499-5870-465B-B6CA-12144A3B178A}] => (Allow) C:\Program Files\Adobe\Adobe Bridge CC (64 Bit)\Bridge.exe
FirewallRules: [{6F90533C-191F-42D6-873B-BB3A8AE0883D}] => (Allow) C:\Program Files\Adobe\Adobe Bridge CC (64 Bit)\Bridge.exe
FirewallRules: [{59C5AAA7-E3B1-438D-98DA-55DD49D47436}] => (Allow) C:\Program Files\Adobe\Adobe Bridge CC (64 Bit)\Bridge.exe
FirewallRules: [{69B20C95-516D-426B-B2A6-5BD2C016699F}] => (Allow) C:\Program Files\Adobe\Adobe Bridge CC (64 Bit)\Bridge.exe
FirewallRules: [{29F9E817-C31C-485F-85A0-274558B60D96}] => (Allow) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [{AA96E43F-A217-4362-97B2-4BD48A26C39D}] => (Allow) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [UDP Query User{4C847604-FB8E-4759-AC9D-37F79B8C9B4E}C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\addon.exe] => (Allow) C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\addon.exe
FirewallRules: [TCP Query User{81B37CB0-A24E-4DBA-9FEC-37E98496B617}C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\addon.exe] => (Allow) C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\addon.exe
FirewallRules: [UDP Query User{1E078935-19D5-4036-BD60-892763DCD892}C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\addonweb.exe] => (Allow) C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\addonweb.exe
FirewallRules: [TCP Query User{EF60BAD5-6195-44C8-93B8-C2BA04A3C893}C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\addonweb.exe] => (Allow) C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\addonweb.exe
FirewallRules: [{15EB3127-DD61-4A63-B788-05713054537B}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\Benchmark.exe
FirewallRules: [{C049BDE1-B651-4B87-BF98-CA5D24AF51E0}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\Benchmark.exe
FirewallRules: [{3F671649-F21F-4F91-BD77-D9B145A6541D}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\AddonWeb.exe
FirewallRules: [{9882C7C7-A419-4A2A-A641-1B4187E0E1B5}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\AddonWeb.exe
FirewallRules: [{98CAD265-4432-47D8-8A8F-6E1614A88DE1}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\Anno4Web.exe
FirewallRules: [{8D1F6EB1-5E62-492F-BEB7-DF802F7DF290}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\Anno4Web.exe
FirewallRules: [{7EE02E84-0342-44B7-A319-71D410C6A5F0}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\Addon.exe
FirewallRules: [{D7AD86ED-B3B4-4103-860C-0A581AEACC21}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\Addon.exe
FirewallRules: [{B00FC84C-D01C-4E43-AE12-B85DD5EF4735}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\Anno4.exe
FirewallRules: [{7FA775C2-9821-403A-A881-3BD1BDDCFEAA}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\Anno4.exe
FirewallRules: [UDP Query User{F564E44D-6133-43B4-96DF-6533EB33F8B8}C:\program files\java\jre8\bin\javaw.exe] => (Allow) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [TCP Query User{CD348A4A-DE05-4D4B-BE7B-B4A0EDB884CA}C:\program files\java\jre8\bin\javaw.exe] => (Allow) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [{BEAE9603-B4C3-4BFA-8E35-378473D46084}] => (Allow) C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D1EA28CB-5C8F-4E93-A7E4-35A9C3025F27}] => (Allow) C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{8B519504-F653-4AD0-B905-FE81304FD013}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [{9BB68EDD-E363-407A-98F9-EF46BE6A7BD0}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [{C698E75C-202A-4415-A60E-3AB8D40788CE}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [{1D45B635-6299-43E2-B63E-28C2E55AF32E}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [UDP Query User{AFCC9C08-F6EB-465E-8CF8-E6E5A4E3BF9F}C:\users\eichhörnchen\appdata\local\temp\java_ee_sdk-6u2-jdk-windows-x64.exe4\jdk\jre\bin\javaw.exe] => (Allow) C:\users\eichhörnchen\appdata\local\temp\java_ee_sdk-6u2-jdk-windows-x64.exe4\jdk\jre\bin\javaw.exe
FirewallRules: [TCP Query User{CF2D36BF-0A29-43F0-9278-1A9CDA9EBCF3}C:\users\eichhörnchen\appdata\local\temp\java_ee_sdk-6u2-jdk-windows-x64.exe4\jdk\jre\bin\javaw.exe] => (Allow) C:\users\eichhörnchen\appdata\local\temp\java_ee_sdk-6u2-jdk-windows-x64.exe4\jdk\jre\bin\javaw.exe
FirewallRules: [UDP Query User{8CC09DF1-33B2-4603-8789-DED25CB0182D}C:\program files\java\jdk1.8.0_11\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_11\bin\java.exe
FirewallRules: [TCP Query User{9E5FC2A3-1FF5-4C9B-98F9-ECA870C8C7F6}C:\program files\java\jdk1.8.0_11\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_11\bin\java.exe
FirewallRules: [UDP Query User{AD82DDEF-9101-445C-ACEB-5CC609F3478B}C:\program files\netbeans 8.0\bin\netbeans64.exe] => (Block) C:\program files\netbeans 8.0\bin\netbeans64.exe
FirewallRules: [TCP Query User{5D3048E3-8338-4975-A7A9-DA99969C65D6}C:\program files\netbeans 8.0\bin\netbeans64.exe] => (Block) C:\program files\netbeans 8.0\bin\netbeans64.exe
FirewallRules: [UDP Query User{FD3F89E1-0AA8-4FE7-88B9-E2268FE6C394}C:\users\eichhörnchen\appdata\local\temp\java_ee_sdk-6u2-jdk-windows-x64.exe3\jdk\jre\bin\javaw.exe] => (Allow) C:\users\eichhörnchen\appdata\local\temp\java_ee_sdk-6u2-jdk-windows-x64.exe3\jdk\jre\bin\javaw.exe
FirewallRules: [TCP Query User{535D8C2E-9ACC-40C3-B2B2-EAA05E321EB0}C:\users\eichhörnchen\appdata\local\temp\java_ee_sdk-6u2-jdk-windows-x64.exe3\jdk\jre\bin\javaw.exe] => (Allow) C:\users\eichhörnchen\appdata\local\temp\java_ee_sdk-6u2-jdk-windows-x64.exe3\jdk\jre\bin\javaw.exe
FirewallRules: [UDP Query User{A1033595-EEF3-4ED3-AA5C-7E53370A31AA}C:\glassfish3\jdk\jre\bin\javaw.exe] => (Allow) C:\glassfish3\jdk\jre\bin\javaw.exe
FirewallRules: [TCP Query User{2D3EE85F-CDDB-4226-8555-DDED2A0DB7F8}C:\glassfish3\jdk\jre\bin\javaw.exe] => (Allow) C:\glassfish3\jdk\jre\bin\javaw.exe
FirewallRules: [UDP Query User{0C3635D3-8F3C-4600-9942-4FA24F082EB8}C:\program files\java\jre8\bin\javaw.exe] => (Allow) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [TCP Query User{369EE106-9758-4116-83E5-CA26D45C8D90}C:\program files\java\jre8\bin\javaw.exe] => (Allow) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [UDP Query User{D79D2931-E2E8-4192-8AAC-941D3860BBA4}C:\program files\java\jdk1.8.0_11\jre\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_11\jre\bin\java.exe
FirewallRules: [TCP Query User{E289DA99-DB99-41C3-81FB-095E33FF299E}C:\program files\java\jdk1.8.0_11\jre\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_11\jre\bin\java.exe
FirewallRules: [UDP Query User{65B5FD72-9C43-493D-B194-DD75E0E56F05}C:\glassfish3\jdk\bin\java.exe] => (Allow) C:\glassfish3\jdk\bin\java.exe
FirewallRules: [TCP Query User{DE530A83-2805-40E0-8BC2-D0D21269BE6B}C:\glassfish3\jdk\bin\java.exe] => (Allow) C:\glassfish3\jdk\bin\java.exe
FirewallRules: [UDP Query User{67EE48DD-6FBA-4937-8800-D3679235D451}C:\users\eichhörnchen\appdata\local\temp\java_ee_sdk-6u2-jdk-windows-x64.exe2\jdk\jre\bin\javaw.exe] => (Allow) C:\users\eichhörnchen\appdata\local\temp\java_ee_sdk-6u2-jdk-windows-x64.exe2\jdk\jre\bin\javaw.exe
FirewallRules: [TCP Query User{C7220C66-7B7F-4EFF-BA36-04A401F80D23}C:\users\eichhörnchen\appdata\local\temp\java_ee_sdk-6u2-jdk-windows-x64.exe2\jdk\jre\bin\javaw.exe] => (Allow) C:\users\eichhörnchen\appdata\local\temp\java_ee_sdk-6u2-jdk-windows-x64.exe2\jdk\jre\bin\javaw.exe
FirewallRules: [UDP Query User{87057792-8A55-4C84-A1D3-2CFF34AAE8AC}C:\program files\java\jdk1.8.0_11\bin\jmc.exe] => (Block) C:\program files\java\jdk1.8.0_11\bin\jmc.exe
FirewallRules: [TCP Query User{717473CF-D03E-4C49-9EE2-7735756AC8EE}C:\program files\java\jdk1.8.0_11\bin\jmc.exe] => (Block) C:\program files\java\jdk1.8.0_11\bin\jmc.exe
FirewallRules: [{23C0C7DC-45CE-4B71-B13F-891E7206F909}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{56FA3CC5-B7D9-4009-B2DA-1D8E2C4788CB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{6FB9F2A7-8D45-401B-886C-7DAC4102BE29}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{B3FD9C67-EF16-4571-81D7-928917C792CF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{639E3D63-53B8-4B7F-83F5-2CA569D9AFC2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{01F9714A-5E5B-4F1D-9CBA-2B4FF426DE99}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{35600F53-3790-4956-8151-31DAA0BA819D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{28104437-BCA2-4B7F-AA15-F321515022A1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{94483A2D-376E-43EC-B2FC-A8856777D2EE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{F571FC3C-37F8-4CCF-9F72-66FD676A4CCD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{74CF39A5-4A55-4143-B5BF-F4F4DF5D0DC9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{2852B6CD-47AD-4B91-BC10-5DECED983CBE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{EECD8EED-132E-4E3D-94D0-31FFC96D025E}] => (Allow) C:\Users\Eichhörnchen\AppData\Local\Temp\7zS73B4\hppiw.exe
FirewallRules: [{A4C3CCE7-3B37-4602-AC0D-8F5C2C94B11C}] => (Allow) C:\Users\Eichhörnchen\AppData\Local\Temp\7zS73B4\hppiw.exe
FirewallRules: [UDP Query User{C7B03E8B-335D-4DF6-9E0C-1E96236E5529}C:\users\eichhörnchen\documents\raspberry pi\portscan\portscan.exe] => (Allow) C:\users\eichhörnchen\documents\raspberry pi\portscan\portscan.exe
FirewallRules: [TCP Query User{50BADC7F-C221-4B93-AA61-DAD9351E4FDA}C:\users\eichhörnchen\documents\raspberry pi\portscan\portscan.exe] => (Allow) C:\users\eichhörnchen\documents\raspberry pi\portscan\portscan.exe
FirewallRules: [UDP Query User{4FE68CA3-C354-478C-85F4-B4801EBB018F}C:\users\eichhörnchen\documents\raspberry pi\portscan\portscan.exe] => (Block) C:\users\eichhörnchen\documents\raspberry pi\portscan\portscan.exe
FirewallRules: [TCP Query User{E9337CCB-AF81-4A5A-AEE0-E35BC75B50FC}C:\users\eichhörnchen\documents\raspberry pi\portscan\portscan.exe] => (Block) C:\users\eichhörnchen\documents\raspberry pi\portscan\portscan.exe
FirewallRules: [UDP Query User{1D4DBD02-9BF4-4DE7-9D0C-E77DF4C5975E}C:\users\eichhörnchen\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\eichhörnchen\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{2307E635-E1AE-4660-A46B-30B0879C0912}C:\users\eichhörnchen\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\eichhörnchen\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{61FEAB0A-10D6-416D-8188-621AEDA464C0}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{67830E2B-FBB7-4A6F-9276-054F31B176EC}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{43C55DA4-9CBF-4A39-A085-142CBB8F96C2}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{17E4DD35-74E5-4DB0-B607-FCC0410C0E85}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{4D3FB5D7-4AE1-49D6-88AB-128FC4F1F285}] => (Allow) LPort=7935
FirewallRules: [{FEBB1859-C311-47AB-8D62-3CDB60238FC3}] => (Allow) C:\Program Files\Adobe\Adobe Flash Builder 4.7 (64 Bit)\FlashBuilder.exe
FirewallRules: [{7057FD8B-9DB4-4C80-A2F0-93FDC1C2B665}] => (Allow) C:\Program Files\Adobe\Adobe Flash Builder 4.7 (64 Bit)\FlashBuilder.exe
FirewallRules: [{754FBC46-58D1-4B06-ACE2-D4697882DA77}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Edge Inspect CC\EdgeInspect.exe
FirewallRules: [{B60AAC77-43DA-4CA0-803D-5016A8F88CFC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{16C7E33C-8B36-4667-A215-10ACC24808D0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{B82AA7CE-0440-4F06-BA4F-C640877CFAFF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{463E8DCB-12D5-4647-B912-89367003D61D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{5D20A778-6FF4-4D39-A021-DEECEE6C8572}] => (Allow) C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [TCP Query User{4020244E-04BB-49EE-B20C-CCD1E275235B}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{1E9F6270-E499-4BDA-8F2B-4F7BEAE1D851}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{734278CD-C54D-42B4-9694-0AEB982B03D0}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{A74DAD7E-9F00-4A89-8189-8E0A4C27B43B}C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\anno4web.exe] => (Allow) C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\anno4web.exe
FirewallRules: [UDP Query User{96C186DD-B34F-492D-B3A6-91BCE760A68E}C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\anno4web.exe] => (Allow) C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\anno4web.exe
FirewallRules: [TCP Query User{A39D040F-89C6-42E6-BFD7-A544DCAC64D2}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [UDP Query User{32BF834B-EBA3-4C54-8967-511E3DCF758A}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [TCP Query User{ED52F1AF-A33E-4DB3-9B8C-2A94099F4F37}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [UDP Query User{11401050-CB67-4E64-B38C-33C2367181A4}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [TCP Query User{8F1B0BCD-670F-4C87-94E1-3DC2A343CA07}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [UDP Query User{F9098E93-C592-41F7-B414-F81F57F9B1BD}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [{3D2063F5-298A-4CFB-AB3E-7DF698128261}] => (Block) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [{F41EB106-ABF5-4344-B32D-55A047D14AF2}] => (Block) C:\program files\java\jre1.8.0_60\bin\javaw.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Insyde Airplane Mode HID Mini-Driver
Description: Insyde Airplane Mode HID Mini-Driver
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Insyde
Service: AirplaneModeHid
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/07/2015 04:02:40 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SearchUI.exe, Version 10.0.10240.16515 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1684
Startzeit: 01d1196ccd44aeef
Beendigungszeit: 4294967295
Anwendungspfad: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Berichts-ID: 8650d497-8560-11e5-bfa8-0090f5ef87d2
Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy
Auf das fehlerhafte Paket bezogene Anwendungs-ID: CortanaUI
Error: (11/07/2015 04:02:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Eichhoernchen)
Description: Das Paket „Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy+CortanaUI“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (11/07/2015 04:01:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Eichhoernchen)
Description: Bei der Aktivierung der App „Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/07/2015 04:01:16 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Eichhoernchen)
Description: Bei der Aktivierung der App „Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/07/2015 04:01:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_MapsBroker, Version: 10.0.10240.16384, Zeitstempel: 0x559f38cb
Name des fehlerhaften Moduls: moshost.dll, Version: 10.0.10240.16384, Zeitstempel: 0x559f3903
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000027b2
ID des fehlerhaften Prozesses: 0x1d1c
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_MapsBroker0
Pfad der fehlerhaften Anwendung: svchost.exe_MapsBroker1
Pfad des fehlerhaften Moduls: svchost.exe_MapsBroker2
Berichtskennung: svchost.exe_MapsBroker3
Vollständiger Name des fehlerhaften Pakets: svchost.exe_MapsBroker4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_MapsBroker5
Error: (11/06/2015 10:55:42 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Eichhoernchen)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/06/2015 12:11:12 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Eichhoernchen)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/04/2015 09:08:17 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Eichhoernchen)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/04/2015 08:59:18 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Eichhoernchen)
Description: Bei der Aktivierung der App „Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/03/2015 10:01:46 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Eichhoernchen)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Systemfehler:
=============
Error: (11/07/2015 04:04:25 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde nicht richtig gestartet.
Error: (11/07/2015 04:01:55 PM) (Source: DCOM) (EventID: 10000) (User: NT-AUTORITÄT)
Description: C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -Embedding193{10DA4F3C-CC99-4190-BE4D-58330754E882}
Error: (11/07/2015 04:01:55 PM) (Source: DCOM) (EventID: 10000) (User: NT-AUTORITÄT)
Description: C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -Embedding193{10DA4F3C-CC99-4190-BE4D-58330754E882}
Error: (11/07/2015 04:01:12 PM) (Source: DCOM) (EventID: 10000) (User: NT-AUTORITÄT)
Description: C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -Embedding193{10DA4F3C-CC99-4190-BE4D-58330754E882}
Error: (11/07/2015 04:01:12 PM) (Source: DCOM) (EventID: 10000) (User: NT-AUTORITÄT)
Description: C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -Embedding193{10DA4F3C-CC99-4190-BE4D-58330754E882}
Error: (11/07/2015 04:01:12 PM) (Source: DCOM) (EventID: 10000) (User: NT-AUTORITÄT)
Description: C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -Embedding193{10DA4F3C-CC99-4190-BE4D-58330754E882}
Error: (11/07/2015 04:00:47 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (11/07/2015 04:00:47 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst wuauserv erreicht.
Error: (11/07/2015 04:00:40 PM) (Source: DCOM) (EventID: 10000) (User: NT-AUTORITÄT)
Description: C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -Embedding193{10DA4F3C-CC99-4190-BE4D-58330754E882}
Error: (11/07/2015 04:00:37 PM) (Source: DCOM) (EventID: 10000) (User: NT-AUTORITÄT)
Description: C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -Embedding193{10DA4F3C-CC99-4190-BE4D-58330754E882}
CodeIntegrity:
===================================
Date: 2015-11-07 15:57:29.555
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\Tastatur.dll that did not meet the Windows signing level requirements.
Date: 2015-11-06 22:29:22.892
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\Tastatur.dll that did not meet the Windows signing level requirements.
Date: 2015-11-01 18:09:00.075
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-11-01 00:12:48.973
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-10-31 19:58:57.510
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\Tastatur.dll that did not meet the Windows signing level requirements.
Date: 2015-10-31 19:53:51.645
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\Tastatur.dll that did not meet the Windows signing level requirements.
Date: 2015-10-30 00:01:57.020
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-10-28 23:50:45.464
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\Tastatur.dll that did not meet the Windows signing level requirements.
Date: 2015-10-28 13:34:53.295
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\Tastatur.dll that did not meet the Windows signing level requirements.
Date: 2015-10-23 13:24:15.555
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4200M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 25%
Installierter physikalischer RAM: 8112.5 MB
Verfügbarer physikalischer RAM: 6050.81 MB
Summe virtueller Speicher: 9392.5 MB
Verfügbarer virtueller Speicher: 7355.57 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:900.99 GB) (Free:509.94 GB) NTFS
Drive e: () (Removable) (Total:29.72 GB) (Free:13.63 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 8E6EDAB6)
Partition: GPT.
========================================================
Disk: 1 (Size: 29.7 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
08.11.2015, 06:58
| #5 |
| /// the machine /// TB-Ausbilder | TR/Crypt.ZPACK.*, TR.Crypt.XPACK.*, nicht gefundene AdWare Unter Ubuntu kannste arbeiten und wirken, da passiert nix. Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.11.2015, 16:13
| #6 |
| | TR/Crypt.ZPACK.*, TR.Crypt.XPACK.*, nicht gefundene AdWare mbam.txt: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 08.11.2015 Suchlaufzeit: 13:25 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2015.11.08.03 Rootkit-Datenbank: v2015.11.04.02 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: Eichhörnchen Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 539707 Abgelaufene Zeit: 1 Std., 13 Min., 29 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v5.018 - Bericht erstellt am 08/11/2015 um 15:32:09
# Aktualisiert am 05/11/2015 von Xplode
# Datenbank : 2015-11-01.2 [Lokal]
# Betriebssystem : Windows 10 Pro (x64)
# Benutzername : Eichhörnchen - EICHHOERNCHEN
# Gestartet von : C:\Users\Eichhörnchen\Desktop\AdwCleaner_5.018.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\S
[-] Schlüssel Gelöscht : HKCU\Software\OCS
***** [ Internetbrowser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [901 Bytes] ##########
JRT.txt: JRT Logfile: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.2 (09.14.2015:1)
OS: Windows 10 Pro x64
Ran by Eichh”rnchen on 08.11.2015 at 15:39:26,62
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] C:\Users\Eichh”rnchen\AppData\Roaming\update~1
~~~ FireFox
Emptied folder: C:\Users\Eichh”rnchen\AppData\Roaming\mozilla\firefox\profiles\t619xc98.default\minidumps [18 files]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08.11.2015 at 15:41:12,11
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST.txt: [CODE] FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-11-2015
durchgeführt von Eichhörnchen (Administrator) auf EICHHOERNCHEN (08-11-2015 15:58:11)
Gestartet von C:\Users\Eichhörnchen\Desktop
Geladene Profile: UpdatusUser & Eichhörnchen (Verfügbare Profile: UpdatusUser & Eichhörnchen & DSA Rollenspiel)
Platform: Windows 10 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.EXE
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
() C:\Program Files (x86)\ownCloud\owncloud.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files (x86)\sciebo\sciebo.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Nikon Corporation) C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
() C:\Users\Eichhörnchen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\esc2pause.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-10] (ELAN Microelectronics Corp.)
HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5675184 2013-05-10] (VIA)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [373760 2014-03-18] (shbox.de)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [570880 2013-12-27] (Nikon Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707496 2014-08-15] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [CitrixReceiver] => "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk"
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [407904 2014-11-27] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [153952 2014-11-27] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-3033165532-1905040069-832013410-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-3033165532-1905040069-832013410-1002\...\Run: [Visual Subst] => C:\Program Files (x86)\Visual Subst\VSubst.exe [139672 2008-02-02] (NTWind Software)
HKU\S-1-5-21-3033165532-1905040069-832013410-1002\...\Run: [ownCloud] => C:\Program Files (x86)\ownCloud\owncloud.exe [1704974 2015-10-21] ()
HKU\S-1-5-21-3033165532-1905040069-832013410-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [57981568 2015-09-27] (Skype Technologies S.A.)
HKU\S-1-5-21-3033165532-1905040069-832013410-1002\...\Run: [sciebo] => C:\Program Files (x86)\sciebo\sciebo.exe [30462190 2015-11-02] ()
HKU\S-1-5-21-3033165532-1905040069-832013410-1002\...\RunOnce: [Uninstall C:\Users\Eichh�rnchen\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Eichhörnchen\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64"
HKU\S-1-5-21-3033165532-1905040069-832013410-1002\...\RunOnce: [Uninstall C:\Users\Eichh�rnchen\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Eichhörnchen\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1"
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [176904 2015-07-23] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ OCError] -> {0960F090-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCErrorShared] -> {0960F091-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCOK] -> {0960F092-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCOKShared] -> {0960F093-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCSync] -> {0960F094-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCSyncShared] -> {0960F095-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCWarning] -> {0960F096-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCWarningShared] -> {0960F097-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Eichhörnchen\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll [2015-10-07] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Eichhörnchen\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll [2015-10-07] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Eichhörnchen\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll [2015-10-07] (Microsoft Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Eichhörnchen\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll [2015-10-07] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Eichhörnchen\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll [2015-10-07] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Eichhörnchen\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll [2015-10-07] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hotkey.lnk [2013-12-04]
ShortcutTarget: Hotkey.lnk -> C:\Program Files (x86)\Hotkey\Hotkey.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-06-23]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\DSA Rollenspiel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\esc2pause.exe [2015-05-16] ()
Startup: C:\Users\Eichhörnchen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2014-12-01]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
Startup: C:\Users\Eichhörnchen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\esc2pause.exe [2015-05-16] ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{49630252-1044-4207-9304-39e014ed1c0e}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{aa36e5cf-a2ae-4e32-b4dc-4609169e0fb6}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKU\S-1-5-21-3033165532-1905040069-832013410-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com
SearchScopes: HKU\S-1-5-21-3033165532-1905040069-832013410-1002 -> DefaultScope {C18F63A7-39AF-42F1-90E5-5ED701D3B42D} URL =
SearchScopes: HKU\S-1-5-21-3033165532-1905040069-832013410-1002 -> {C18F63A7-39AF-42F1-90E5-5ED701D3B42D} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-09-29] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-10-17] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-27] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-10-17] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-10-03] (Oracle Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-10-03] (Oracle Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-3033165532-1905040069-832013410-1002 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
FireFox:
========
FF ProfilePath: C:\Users\Eichhörnchen\AppData\Roaming\Mozilla\Firefox\Profiles\t619xc98.default
FF DefaultSearchEngine: DuckDuckGo
FF SelectedSearchEngine: Ecosia
FF Session Restore: -> ist aktiviert.
FF NetworkProxy: "ftp", "192.168.11.1"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "http", "192.168.11.1"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "socks", "192.168.11.1"
FF NetworkProxy: "socks_port", 8080
FF NetworkProxy: "ssl", "192.168.11.1"
FF NetworkProxy: "ssl_port", 8080
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-17] ()
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-10-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-17] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2014-11-27] (Citrix Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.20 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-20] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-10-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-03] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-3033165532-1905040069-832013410-1002: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF SearchPlugin: C:\Users\Eichhörnchen\AppData\Roaming\Mozilla\Firefox\Profiles\t619xc98.default\searchplugins\ecosia.xml [2014-01-22]
FF Extension: Cookies Manager+ - C:\Users\Eichhörnchen\AppData\Roaming\Mozilla\Firefox\Profiles\t619xc98.default\Extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} [2015-05-29]
FF Extension: UploadProgress - C:\Users\Eichhörnchen\AppData\Roaming\Mozilla\Firefox\Profiles\t619xc98.default\Extensions\fvicente@gmail.com.xpi [2015-05-29]
FF Extension: NoScript - C:\Users\Eichhörnchen\AppData\Roaming\Mozilla\Firefox\Profiles\t619xc98.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-10-27]
FF Extension: Tamper Data - C:\Users\Eichhörnchen\AppData\Roaming\Mozilla\Firefox\Profiles\t619xc98.default\Extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}.xpi [2015-05-29]
FF Extension: Download YouTube Videos as MP4 - C:\Users\Eichhörnchen\AppData\Roaming\Mozilla\Firefox\Profiles\t619xc98.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2015-05-29]
FF Extension: Adblock Edge - C:\Users\Eichhörnchen\AppData\Roaming\Mozilla\Firefox\Profiles\t619xc98.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2015-05-29]
FF Extension: Kein Name - C:\Users\Eichhörnchen\AppData\Roaming\Mozilla\Firefox\Profiles\t619xc98.default\extensions\fvicente@gmail.com.xpi [nicht gefunden]
FF Extension: Kein Name - C:\Users\Eichhörnchen\AppData\Roaming\Mozilla\Firefox\Profiles\t619xc98.default\extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} [nicht gefunden]
FF Extension: Kein Name - C:\Users\Eichhörnchen\AppData\Roaming\Mozilla\Firefox\Profiles\t619xc98.default\extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}.xpi [nicht gefunden]
FF Extension: Kein Name - C:\Users\Eichhörnchen\AppData\Roaming\Mozilla\Firefox\Profiles\t619xc98.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [nicht gefunden]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2780856 2015-10-07] (Microsoft Corporation)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [216576 2014-11-25] () [Datei ist nicht signiert]
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-10] (ELAN Microelectronics Corp.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-07-17] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [671744 2013-02-05] () [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-20] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S2 PowerBiosServer; c:\Program Files (x86)\Hotkey\PowerBiosServer.exe [47104 2013-05-29] () [Datei ist nicht signiert]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [621336 2013-12-04] (Wacom Technology, Corp.)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AirplaneModeHid; C:\Windows\system32\DRIVERS\AirplaneModeHid.sys [33488 2015-06-25] (Insyde Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-02-26] (LogMeIn Inc.)
S3 huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [245248 2013-04-10] (Huawei Technologies Co., Ltd.)
S3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [253680 2015-03-19] (Intel Corporation)
S3 libusb0; C:\Windows\system32\DRIVERS\libusb0.sys [52832 2014-05-02] (hxxp://libusb-win32.sourceforge.net)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-03-20] (Intel Corporation)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3496216 2015-07-10] (Intel Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-06-18] (Realtek )
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 vpnva; C:\Windows\System32\drivers\vpnva64-6.sys [52592 2014-08-15] (Cisco Systems, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-08 15:58 - 2015-11-08 15:58 - 00028688 _____ C:\Users\Eichhörnchen\Desktop\FRST.txt
2015-11-08 15:53 - 2015-11-08 15:53 - 00016148 _____ C:\WINDOWS\system32\EICHHOERNCHEN_Eichhörnchen_HistoryPrediction.bin
2015-11-08 15:41 - 2015-11-08 15:41 - 00000824 _____ C:\Users\Eichhörnchen\Desktop\JRT.txt
2015-11-08 15:36 - 2015-11-08 15:36 - 00000979 _____ C:\Users\Eichhörnchen\Desktop\AdwCleaner[C1].txt
2015-11-08 15:29 - 2015-11-08 15:32 - 00000000 ____D C:\AdwCleaner
2015-11-08 15:28 - 2015-11-08 15:28 - 00001211 _____ C:\Users\Eichhörnchen\Desktop\mbam.txt
2015-11-08 14:22 - 2015-11-08 14:22 - 00000000 __SHD C:\found.000
2015-11-08 13:18 - 2015-11-08 13:23 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-11-08 13:18 - 2015-11-08 13:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-11-08 13:18 - 2015-11-08 13:18 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-08 13:18 - 2015-11-08 13:18 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-11-08 13:18 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-11-08 13:18 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-11-08 13:18 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-11-08 13:11 - 2015-11-08 15:52 - 00000022 _____ C:\WINDOWS\S.dirmngr
2015-11-08 13:09 - 2015-11-08 13:09 - 01798976 _____ (Malwarebytes) C:\Users\Eichhörnchen\Desktop\JRT.exe
2015-11-08 13:08 - 2015-11-08 13:08 - 01713664 _____ C:\Users\Eichhörnchen\Desktop\AdwCleaner_5.018.exe
2015-11-08 13:05 - 2015-11-08 13:08 - 22908888 _____ (Malwarebytes ) C:\Users\Eichhörnchen\Desktop\mbam-setup-2.2.0.1024.exe
2015-11-07 16:01 - 2015-11-08 15:58 - 00000000 ____D C:\FRST
2015-11-07 15:54 - 2015-11-07 15:53 - 02198528 _____ (Farbar) C:\Users\Eichhörnchen\Desktop\FRST64.exe
2015-11-01 15:56 - 2015-11-01 15:56 - 00016148 _____ C:\WINDOWS\system32\EICHHOERNCHEN_DSA Rollenspiel_HistoryPrediction.bin
2015-10-31 18:48 - 2015-10-31 18:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft - Story Mode [GOG.com]
2015-10-31 18:39 - 2015-10-31 18:39 - 06539752 _____ (Tim Kosse) C:\Users\Eichhörnchen\Downloads\FileZilla_3.14.1_win64-setup.exe
2015-10-31 18:39 - 2015-10-31 18:39 - 06539752 _____ (Tim Kosse) C:\Users\Eichhörnchen\Downloads\FileZilla_3.14.1_win64-setup (2).exe
2015-10-31 14:52 - 2015-10-31 14:52 - 00000000 ____D C:\Program Files\GOG Games
2015-10-29 23:54 - 2015-10-28 00:38 - 21871616 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-29 23:54 - 2015-10-28 00:16 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-29 23:54 - 2015-10-21 13:00 - 24595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-29 23:54 - 2015-10-21 06:13 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-29 23:53 - 2015-10-21 13:45 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-10-29 23:53 - 2015-10-21 13:44 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-10-29 23:53 - 2015-10-21 13:43 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-29 23:53 - 2015-10-21 13:39 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-10-29 23:53 - 2015-10-21 13:00 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-29 23:53 - 2015-10-21 12:59 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-10-29 23:53 - 2015-10-21 12:57 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-29 23:53 - 2015-10-21 12:52 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-29 23:53 - 2015-10-21 12:50 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-10-29 23:53 - 2015-10-21 12:48 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-29 23:53 - 2015-10-21 12:47 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-10-29 23:53 - 2015-10-21 12:46 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-29 23:53 - 2015-10-21 12:46 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-10-29 23:53 - 2015-10-21 12:44 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-10-29 23:53 - 2015-10-21 12:44 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-29 23:53 - 2015-10-21 12:43 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-10-29 23:53 - 2015-10-21 12:42 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-29 23:53 - 2015-10-21 12:41 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-29 23:53 - 2015-10-21 12:40 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-10-29 23:53 - 2015-10-21 12:38 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-10-29 23:53 - 2015-10-21 06:53 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-29 23:53 - 2015-10-21 06:49 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-10-29 23:53 - 2015-10-21 06:11 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-29 23:53 - 2015-10-21 06:08 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-29 23:53 - 2015-10-21 06:05 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-29 23:53 - 2015-10-21 06:03 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-10-29 23:53 - 2015-10-21 06:03 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-10-29 23:53 - 2015-10-21 05:58 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-10-29 23:53 - 2015-10-21 05:58 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-29 23:53 - 2015-10-21 05:55 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-10-26 18:35 - 2015-10-26 18:42 - 74465412 _____ C:\Users\DSA Rollenspiel\Downloads\rescue-system.iso.part
2015-10-25 18:29 - 2015-10-25 18:29 - 00000000 ____D C:\Users\Eichhörnchen\Documents\Telltale Games
2015-10-25 18:29 - 2015-10-25 18:29 - 00000000 ____D C:\Users\Eichhörnchen\Documents\Minecraft - Story Mode
2015-10-25 18:27 - 2015-10-25 18:27 - 00469776 _____ (Microsoft Corporation) C:\WINDOWS\system32\coin98ip.dll
2015-10-25 18:27 - 2015-10-25 18:27 - 00466736 _____ (Microsoft Corporation) C:\WINDOWS\system32\coin98itp.dll
2015-10-21 17:00 - 2015-10-21 17:39 - 00000227 _____ C:\Users\DSA Rollenspiel\Desktop\Pizza.txt
2015-10-19 18:00 - 2015-10-26 22:22 - 00000138 _____ C:\Users\DSA Rollenspiel\Documents\JENS Lienn Kevendoch.txt
2015-10-19 14:25 - 2015-10-19 14:25 - 00079966 _____ C:\Users\Eichhörnchen\AppData\Local\recently-used.xbel
2015-10-19 12:48 - 2015-10-19 12:50 - 00365528 _____ C:\WINDOWS\Minidump\101915-56359-01.dmp
2015-10-19 12:24 - 2015-10-19 17:56 - 00000000 ____D C:\Users\DSA Rollenspiel\.oracle_jre_usage
2015-10-19 12:24 - 2015-10-19 12:24 - 00000000 ____D C:\Users\DSA Rollenspiel\AppData\Roaming\Sun
2015-10-17 14:23 - 2015-10-17 14:22 - 00110688 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-10-17 14:17 - 2015-10-17 14:17 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2015-10-15 18:57 - 2015-10-16 17:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-14 15:55 - 2015-10-10 08:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-14 15:55 - 2015-10-06 04:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-14 15:55 - 2015-10-06 03:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-14 15:55 - 2015-10-01 05:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-14 15:55 - 2015-10-01 05:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-14 15:55 - 2015-10-01 05:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-14 15:55 - 2015-10-01 05:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-14 15:55 - 2015-10-01 05:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-14 15:55 - 2015-10-01 04:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-14 15:55 - 2015-09-25 05:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-14 15:55 - 2015-09-25 05:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-14 15:55 - 2015-09-25 04:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-14 15:55 - 2015-09-25 04:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-14 15:55 - 2015-09-25 04:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-14 15:55 - 2015-09-25 04:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-14 15:55 - 2015-09-25 04:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-14 15:55 - 2015-09-25 04:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-14 15:55 - 2015-09-25 04:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-14 15:55 - 2015-09-25 04:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-14 15:55 - 2015-09-25 04:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-14 15:55 - 2015-09-25 04:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-14 15:55 - 2015-09-25 04:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-14 15:55 - 2015-09-25 04:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-14 15:55 - 2015-09-25 04:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-14 15:55 - 2015-09-25 04:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-14 15:55 - 2015-09-25 04:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-14 15:55 - 2015-09-25 04:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-14 15:55 - 2015-09-25 04:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-14 15:55 - 2015-09-25 04:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-14 15:55 - 2015-09-25 04:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-14 15:55 - 2015-09-25 04:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-14 15:55 - 2015-09-25 04:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-14 15:55 - 2015-09-25 03:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-14 15:55 - 2015-09-25 03:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-14 15:55 - 2015-09-25 03:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-14 15:55 - 2015-09-25 03:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-14 15:55 - 2015-09-25 03:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-14 15:55 - 2015-09-25 03:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-14 15:55 - 2015-09-25 03:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-14 15:55 - 2015-09-25 03:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-14 15:55 - 2015-09-25 03:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-14 15:55 - 2015-09-25 03:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-14 15:55 - 2015-09-25 03:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-14 15:55 - 2015-09-25 03:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-14 15:55 - 2015-09-25 03:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-14 15:55 - 2015-09-25 03:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-14 15:55 - 2015-09-25 03:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-14 15:55 - 2015-09-25 03:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-14 15:55 - 2015-09-25 03:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-14 15:55 - 2015-09-25 03:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-14 15:55 - 2015-09-25 03:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-14 15:55 - 2015-09-25 03:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-14 15:55 - 2015-09-25 03:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-14 15:55 - 2015-09-25 03:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-14 15:55 - 2015-09-25 03:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-14 15:55 - 2015-09-25 03:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-14 15:55 - 2015-09-25 03:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-14 15:55 - 2015-09-25 03:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-08 15:55 - 2015-04-07 11:51 - 00000000 ____D C:\Users\Eichhörnchen\AppData\Local\sciebo
2015-11-08 15:55 - 2014-10-31 17:24 - 00000000 ____D C:\Users\Eichhörnchen\AppData\Local\ownCloud
2015-11-08 15:55 - 2014-02-03 20:01 - 00000000 ____D C:\Users\Eichhörnchen\AppData\Roaming\Skype
2015-11-08 15:54 - 2015-08-10 15:16 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-11-08 15:52 - 2015-07-10 13:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-08 15:52 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-08 15:49 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-08 15:49 - 2015-07-10 10:05 - 01048576 ___SH C:\WINDOWS\system32\config\BBI
2015-11-08 15:42 - 2014-01-26 17:41 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-08 15:33 - 2015-08-10 15:10 - 00017684 _____ C:\WINDOWS\PFRO.log
2015-11-08 15:08 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-11-08 13:19 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-06 22:33 - 2015-09-12 14:49 - 00001067 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\sciebo.lnk
2015-11-06 22:32 - 2015-02-03 15:33 - 00000000 ____D C:\Users\Eichhörnchen\Sciebo
2015-11-06 00:10 - 2014-09-27 13:38 - 00000000 ____D C:\Users\Eichhörnchen\AppData\Roaming\Telegram Win (Unofficial)
2015-11-05 23:37 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-11-03 22:01 - 2015-06-04 18:12 - 00000000 ____D C:\Users\Eichhörnchen\AppData\Local\CrashDumps
2015-11-03 22:01 - 2014-01-25 00:21 - 00000000 ____D C:\Users\Eichhörnchen\AppData\Roaming\vlc
2015-11-03 20:03 - 2015-03-01 18:41 - 00000000 ____D C:\Users\Eichhörnchen\AppData\Roaming\gnupg
2015-11-02 01:27 - 2014-09-26 14:30 - 00000000 ____D C:\Users\Eichhörnchen\AppData\Roaming\TS3Client
2015-11-02 01:27 - 2014-07-17 20:47 - 00000000 ____D C:\Users\Eichhörnchen\AppData\Roaming\.minecraft
2015-10-31 23:08 - 2015-08-17 18:40 - 00002435 _____ C:\Users\DSA Rollenspiel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-10-31 23:08 - 2015-08-17 18:40 - 00000000 ___RD C:\Users\DSA Rollenspiel\OneDrive
2015-10-31 23:08 - 2014-12-15 20:30 - 00000000 ____D C:\Users\DSA Rollenspiel\AppData\Local\FreePDF_XP
2015-10-31 19:59 - 2015-08-10 15:20 - 00000000 ____D C:\Users\Eichhörnchen
2015-10-31 19:56 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-31 18:51 - 2013-12-04 00:17 - 00129262 _____ C:\WINDOWS\DirectX.log
2015-10-31 18:46 - 2014-02-28 23:30 - 00000000 ____D C:\Users\Eichhörnchen\AppData\Roaming\FileZilla
2015-10-31 18:40 - 2014-09-02 20:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-10-31 18:40 - 2014-09-02 20:20 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2015-10-30 21:28 - 2014-12-25 18:25 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-10-30 20:35 - 2014-09-26 14:28 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2015-10-30 00:00 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-28 08:33 - 2015-07-03 14:24 - 00001083 _____ C:\Users\Public\Desktop\ownCloud.lnk
2015-10-28 08:33 - 2014-10-31 17:24 - 00001095 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ownCloud.lnk
2015-10-28 08:33 - 2014-10-31 17:23 - 00000000 ____D C:\Program Files (x86)\ownCloud
2015-10-28 08:32 - 2014-10-31 17:25 - 00000000 ____D C:\Users\Eichhörnchen\ownCloud
2015-10-27 21:42 - 2014-01-21 23:39 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-10-26 11:21 - 2015-09-25 15:43 - 01790124 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-26 11:21 - 2015-07-10 17:34 - 00772342 _____ C:\WINDOWS\system32\perfh007.dat
2015-10-26 11:21 - 2015-07-10 17:34 - 00154170 _____ C:\WINDOWS\system32\perfc007.dat
2015-10-25 18:26 - 2015-07-10 13:20 - 00028159 _____ C:\WINDOWS\setupact.log
2015-10-24 22:35 - 2015-02-22 16:03 - 00000000 ____D C:\Users\Eichhörnchen\AppData\Local\Eclipse
2015-10-24 19:04 - 2014-01-21 19:07 - 00000000 ____D C:\Users\Eichhörnchen\AppData\Local\Packages
2015-10-23 14:51 - 2015-05-14 22:36 - 00003296 _____ C:\Users\Eichhörnchen\Desktop\TODO.txt
2015-10-22 21:59 - 2014-01-23 19:30 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-22 21:55 - 2014-01-23 19:30 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-21 18:40 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-10-19 17:56 - 2014-12-15 19:10 - 00000278 _____ C:\Users\DSA Rollenspiel\.dsa4.properties
2015-10-19 17:56 - 2014-12-15 19:10 - 00000000 ____D C:\Users\DSA Rollenspiel\helden
2015-10-19 14:25 - 2014-08-01 00:40 - 00000000 ____D C:\Users\Eichhörnchen\.gimp-2.8
2015-10-19 14:14 - 2014-08-01 00:45 - 00000000 ____D C:\Users\Eichhörnchen\AppData\Local\gtk-2.0
2015-10-19 12:48 - 2015-09-26 16:25 - 00000000 ____D C:\WINDOWS\Minidump
2015-10-19 12:48 - 2014-02-09 19:44 - 672120648 _____ C:\WINDOWS\MEMORY.DMP
2015-10-19 12:24 - 2015-08-10 15:20 - 00000000 ____D C:\Users\DSA Rollenspiel
2015-10-17 14:32 - 2015-10-03 20:14 - 00000000 ____D C:\Users\Eichhörnchen\.oracle_jre_usage
2015-10-17 14:23 - 2015-10-03 20:18 - 00002539 _____ C:\Users\Eichhörnchen\Desktop\JOSM.lnk
2015-10-17 14:23 - 2014-07-26 22:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-17 14:23 - 2014-07-26 22:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-10-17 14:22 - 2014-02-10 22:13 - 00000000 ____D C:\Program Files\Java
2015-10-16 17:01 - 2014-01-21 20:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-16 13:33 - 2015-08-15 02:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-10-16 13:33 - 2015-08-10 15:17 - 00000000 ____D C:\Program Files\Elantech
2015-10-16 13:29 - 2015-07-10 12:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-16 13:29 - 2015-07-10 12:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-16 13:29 - 2015-07-10 12:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-16 13:29 - 2015-07-10 12:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-16 13:29 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-16 13:29 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-16 13:29 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-16 13:29 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-10-16 04:10 - 2015-07-10 12:06 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-16 04:10 - 2015-07-10 12:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-14 15:31 - 2013-12-04 00:16 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-13 19:16 - 2014-10-10 13:43 - 00000000 ____D C:\Users\Eichhörnchen\AppData\Roaming\texstudio
2015-10-11 19:05 - 2015-05-29 21:57 - 00000000 ____D C:\tmp
2015-10-11 03:49 - 2015-02-15 23:14 - 00000000 ____D C:\Users\Eichhörnchen\AppData\Roaming\Audacity
2015-10-10 16:39 - 2015-08-10 16:17 - 00056008 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDCoInstaller01000.dll
2015-10-10 16:39 - 2013-11-07 08:56 - 00525512 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\Drivers\ETD.sys
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-01-09 22:09 - 2015-01-09 22:09 - 0000268 ___RH () C:\Users\Eichhörnchen\AppData\Roaming\Gems
2015-01-09 22:10 - 2015-01-09 22:10 - 0000268 ___RH () C:\Users\Eichhörnchen\AppData\Roaming\Generic
2015-01-09 22:09 - 2015-01-09 22:09 - 0000268 ___RH () C:\Users\Eichhörnchen\AppData\Roaming\Grand Piano
2015-06-21 04:17 - 2015-06-21 04:17 - 0003584 _____ () C:\Users\Eichhörnchen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-23 22:56 - 2014-04-26 13:47 - 0000600 _____ () C:\Users\Eichhörnchen\AppData\Local\PUTTY.RND
2015-10-19 14:25 - 2015-10-19 14:25 - 0079966 _____ () C:\Users\Eichhörnchen\AppData\Local\recently-used.xbel
2015-01-09 22:09 - 2015-01-09 22:09 - 0000268 ___RH () C:\ProgramData\Graphics
2015-01-09 22:10 - 2015-01-09 22:10 - 0000268 ___RH () C:\ProgramData\Guides
2015-01-09 22:09 - 2015-01-09 22:09 - 0000268 ___RH () C:\ProgramData\Guitar
2014-06-23 17:33 - 2014-06-23 17:42 - 0000828 _____ () C:\ProgramData\hpzinstall.log
2015-01-09 22:09 - 2015-01-09 22:09 - 0000012 ___RH () C:\ProgramData\Hybrid Basic
2015-01-09 22:10 - 2015-01-09 22:10 - 0000012 ___RH () C:\ProgramData\Hybrid Morph
2015-01-09 22:09 - 2015-01-09 22:09 - 0000012 ___RH () C:\ProgramData\Icons
2015-01-09 22:10 - 2015-01-09 22:10 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2015-01-09 22:09 - 2015-01-09 22:24 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2015-01-09 22:09 - 2015-01-09 22:09 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Eichhörnchen\Kegelkalkulator.exe
Einige Dateien in TEMP:
====================
C:\Users\Eichhörnchen\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Eichhörnchen\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-11-08 14:05
==================== Ende von FRST.txt ============================
|
|
08.11.2015, 16:14
| #7 |
| | TR/Crypt.ZPACK.*, TR.Crypt.XPACK.*, nicht gefundene AdWare Addition.txt: FRST Additions Logfile: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-11-2015
durchgeführt von Eichhörnchen (2015-11-08 15:59:36)
Gestartet von C:\Users\Eichhörnchen\Desktop
Windows 10 Pro (X64) (2015-08-10 15:08:15)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3033165532-1905040069-832013410-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3033165532-1905040069-832013410-503 - Limited - Disabled)
DSA Rollenspiel (S-1-5-21-3033165532-1905040069-832013410-1005 - Limited - Enabled) => C:\Users\DSA Rollenspiel
Eichhörnchen (S-1-5-21-3033165532-1905040069-832013410-1002 - Administrator - Enabled) => C:\Users\Eichhörnchen
Gast (S-1-5-21-3033165532-1905040069-832013410-501 - Limited - Disabled)
UpdatusUser (S-1-5-21-3033165532-1905040069-832013410-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe Edge Code CC (HKLM-x32\...\{641F742F-1497-51B4-F481-1037096A90A0}) (Version: 0.97 - Adobe Systems Incorporated)
Adobe Edge Inspect CC (HKLM-x32\...\{67D22EA0-4601-4450-9C99-042DABB0A315}) (Version: 1.0.408 - Adobe Systems Incorporated)
Adobe Edge Reflow CC Preview (HKLM\...\{4CBD2327-FA4C-4D42-8903-CE1E96FE0FBF}) (Version: 0.37.15833 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Gaming SDK 1.3 (HKLM-x32\...\{62FFC6DD-18BB-49FC-AF65-71FB1C0B08AA}) (Version: 1.3 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Adobe Scout CC (HKLM\...\{BA573BFE-83B4-11E3-93D2-D231FEB1DC81}) (Version: 1.1.3.354121 - Adobe Systems Incorporated)
Airplane Mode Hid Installer (HKLM-x32\...\InstallShield_{5E5B067F-52A4-447E-A3F1-D6DD10565E73}) (Version: 2.0.0.5 - )
Airplane Mode Hid Installer (x32 Version: 2.0.0.5 - ) Hidden
Algodoo v2.1.0 (HKLM-x32\...\Algodoo_is1) (Version: - Algoryx)
ANNO 1404 - Königsedition (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 3.10.0000 - Ubisoft)
Apache Tomcat 5.5 (remove only) (HKLM\...\Apache Tomcat 5.5) (Version: - )
Apache Tomcat 8.0.15 (HKLM\...\nbi-tomcat-8.0.15.0.0) (Version: - )
Arduino (HKLM-x32\...\Arduino) (Version: 1.6.5-r2 - Arduino LLC)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
B209a-m (x32 Version: 140.0.851.000 - Hewlett-Packard) Hidden
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Blender (HKLM\...\{EA3C8A99-1565-44FF-89FC-926CEEB623B5}) (Version: 2.75.1 - Blender Foundation)
Blender (HKLM\...\Blender) (Version: 2.71 - Blender Foundation)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Calques 3D (HKLM-x32\...\{1B5E9727-A251-4804-9DBD-FE8E3B6AC770}) (Version: 2.5.0 - Nicolas Van Labeke)
Canon MG6100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6100_series) (Version: - )
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.05182 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.05182 - Cisco Systems, Inc.) Hidden
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.2.0.10 - Citrix Systems, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Deutsch - Custom (HKLM\...\{10A21C21-3501-4B8D-9FBA-7DC1A003FAA7}) (Version: 1.0.3.40 - Company)
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-3033165532-1905040069-832013410-1002\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
dvdisaster-0.79.1 (HKLM-x32\...\dvdisaster_is1) (Version: - dvdisaster project)
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
EPSON XP-600 Series Printer Uninstall (HKLM\...\EPSON XP-600 Series) (Version: - SEIKO EPSON Corporation)
FileZilla Client 3.14.1 (HKLM-x32\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version: - )
Galería de fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GeoGebra 4.4 (HKLM-x32\...\GeoGebra 4.4) (Version: 4.4.12.0 - International GeoGebra Institute)
GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.63.0 - International GeoGebra Institute)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Git version 1.9.5-preview20141217 (HKLM-x32\...\Git_is1) (Version: 1.9.5-preview20141217 - The Git Development Community)
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Gpg4win (2.2.3) (HKLM-x32\...\GPG4Win) (Version: 2.2.3 - The Gpg4win Project)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.10) (Version: 9.10 - Artifex Software Inc.)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.12) (Version: 9.12 - Artifex Software Inc.)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.14) (Version: 9.14 - Artifex Software Inc.)
Hotkey 8.0122 (HKLM-x32\...\InstallShield_{164714B6-46BC-4649-9A30-A6ED32F03B5A}) (Version: 8.0122 - NoteBook)
Hotkey 8.0122 (x32 Version: 8.0122 - NoteBook) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart Plus B209a-m All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{E5BC8CEA-6C57-491E-83C0-4D0FA958C7F3}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
ImageMagick 6.9.1-10 Q16 (64-bit) (2015-07-25) (HKLM\...\ImageMagick 6.9.1 Q16 (64-bit)_is1) (Version: 6.9.1 - ImageMagick Studio LLC)
Inkscape 0.48.4 (HKLM-x32\...\Inkscape) (Version: 0.48.4 - )
Insyde Airplane Mode HID Mini-Driver (HKLM\...\AirplaneModeHid) (Version: 1.4.0.2 - Insyde Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.0.1428 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4170 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Internet Manager (HKLM-x32\...\Internet Manager) (Version: 22.001.18.76.55 - Huawei Technologies Co.,Ltd)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java SE Development Kit 7 Update 79 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle)
Java SE Development Kit 8 Update 11 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180110}) (Version: 8.0.110 - Oracle Corporation)
Java SE Development Kit 8 Update 60 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation)
Krita Desktop (x64) 2.9.4.2 (HKLM\...\{5054B603-CDEA-4454-B845-9807FA078141}) (Version: 2.9.4.2 - Krita Foundation)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft Flight Simulator X (HKLM-x32\...\InstallShield_{F535B2CF-C9BB-4162-B03A-02D6971F32CC}) (Version: 10.0.60905 - Microsoft Game Studios)
Microsoft Keyboard Layout Creator 1.4 (HKLM-x32\...\{99E66BC9-E4B6-485F-ABFC-31EFCE36DFDF}) (Version: 1.4.6000 - Microsoft Corp.)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4763.1003 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x64) ENU (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Midori 0.5.8 (HKLM-x32\...\Midori) (Version: 0.5.8 - Christian Dywan)
Minecraft - Story Mode (HKLM-x32\...\1444400283_is1) (Version: 2.1.0.2 - GOG.com)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 41.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla)
Mozilla Thunderbird 38.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.2.0 (x86 de)) (Version: 38.2.0 - Mozilla)
Mozilla Thunderbird 38.3.0 (x86 de) (HKU\S-1-5-21-3033165532-1905040069-832013410-1002\...\Mozilla Thunderbird 38.3.0 (x86 de)) (Version: 38.3.0 - Mozilla)
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Mumble 1.2.10 (HKLM-x32\...\{2A8C1469-B7F5-4EE2-95E1-316895A211A7}) (Version: 1.2.10 - Thorvald Natvig)
Natron (HKLM\...\{412CD274-92AE-44AF-BA76-A6AA2B824A1B}) (Version: 0.9.4 - Inria)
NEF Codec (HKLM-x32\...\{D6506521-0959-4FA3-875F-E2E28830B0D2}) (Version: 1.00.0000 - Nikon)
NetBeans IDE 8.0.2 (HKLM\...\nbi-nb-base-8.0.2.0.201411181905) (Version: 8.0.2 - NetBeans.org)
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.1 - Nikon)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.9.2 - Nikon)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.8 - Notepad++ Team)
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
OBS Multiplatform (HKLM-x32\...\OBS Multiplatform) (Version: 0.11.1 - OBS Project)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Online Plug-in (x32 Version: 14.2.0.10 - Citrix Systems, Inc.) Hidden
ownCloud (HKLM-x32\...\ownCloud) (Version: 2.0.2.5569 - ownCloud)
paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Picture Control Utility 2 (HKLM\...\{D4893C47-704F-4B84-8486-9DE4974ACA6F}) (Version: 2.0.1 - Nikon)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
PS_AIO_06_B209a-m_SW_Min (x32 Version: 140.0.863.000 - Hewlett-Packard) Hidden
PuTTY version 0.63 (HKLM-x32\...\PuTTY_is1) (Version: 0.63 - Simon Tatham)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Racket v6.1.1 (x86_64) (HKLM-x32\...\Racket-x86_64-6.1.1) (Version: 6.1.1 - PLT Design Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{0D61A55C-3ADC-409F-BF5B-A1766D1F5944}) (Version: 6.2.9200.27035 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: 1.90 - Ghostgum Software Pty Ltd)
ROBOPro (fischertechnik) Programm (HKU\S-1-5-21-3033165532-1905040069-832013410-1002\...\ROBOProFischertechnik) (Version: - )
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
sciebo (HKLM-x32\...\sciebo) (Version: 2.0.2.265 - Sync and Share NRW )
Scribus 1.4.3 (64bit) (HKLM\...\Scribus 1.4.3) (Version: 1.4.3 - The Scribus Team)
Self-Service Plug-in (x32 Version: 4.2.0.2495 - Citrix Systems, Inc.) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Telegram Desktop version 0.9.10 (HKU\S-1-5-21-3033165532-1905040069-832013410-1002\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.9.10 - Telegram Messenger LLP)
TeX Live 2014 (HKU\S-1-5-21-3033165532-1905040069-832013410-1002\...\TeXLive2014) (Version: 2014 - )
TeXstudio 2.10.0 (HKLM-x32\...\TeXstudio_is1) (Version: 2.10.0 - Benito van der Zander)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.10.1 - Nikon)
Visual Subst (HKLM-x32\...\Visual Subst) (Version: 1.0.6 - NTWind Software)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.7-6 - Wacom Technology Corp.)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows-Treiberpaket - Insyde (AirplaneModeHid) HIDClass (07/01/2013 1.3.0.0) (HKLM\...\E38E8D276444640BFCE21B5A73FD63C479B76259) (Version: 07/01/2013 1.3.0.0 - Insyde)
Xming 6.9.0.31 (HKLM-x32\...\Xming_is1) (Version: 6.9.0.31 - Colin Harrison)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3033165532-1905040069-832013410-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3033165532-1905040069-832013410-1002_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
CustomCLSID: HKU\S-1-5-21-3033165532-1905040069-832013410-1002_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()
CustomCLSID: HKU\S-1-5-21-3033165532-1905040069-832013410-1002_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-3033165532-1905040069-832013410-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3033165532-1905040069-832013410-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3033165532-1905040069-832013410-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3033165532-1905040069-832013410-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3033165532-1905040069-832013410-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3033165532-1905040069-832013410-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3033165532-1905040069-832013410-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3033165532-1905040069-832013410-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3033165532-1905040069-832013410-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Wiederherstellungspunkte =========================
22-10-2015 21:54:28 Windows Update
28-10-2015 08:32:22 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
31-10-2015 18:48:59 DirectX wurde installiert
08-11-2015 15:00:13 Geplanter Prüfpunkt
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2015-03-01 21:51 - 00000827 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {041FEB66-23C8-46B2-A3B1-CA748311C967} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {05315C38-A3EF-4EC1-AD64-2B7721745829} - System32\Tasks\{E09E268C-ABE8-45EE-9588-301E8413AECE} => pcalua.exe -a "C:\Users\DSA Rollenspiel\Desktop\Flatout 2\FlatOut2.exe" -d "C:\Users\DSA Rollenspiel\Desktop\Flatout 2"
Task: {142C74D0-EF57-4949-9A28-B027C695856B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {199EFBD7-107A-4C55-919E-AC30243003BA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {19D06EA9-DADE-42CA-998D-7ACF1F15F8F0} - System32\Tasks\{B50F2412-D2FC-4762-B334-6D95AB1984AD} => Firefox.exe hxxp://ui.skype.com/ui/0/7.0.59.100/de/abandoninstall?page=tsMain
Task: {1CB71D3D-3E5A-48BB-BBD1-B8FB42FCD97B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {4592BE2E-E8E3-4CBE-9F6D-1C2F9BF29039} - System32\Tasks\{B84161E0-06AA-4353-894C-391DF4F37CB2} => pcalua.exe -a E:\setup.exe -d E:\ -c AUTORUN=1
Task: {4F60EF7D-7931-42CC-80E3-1FAE76ED9025} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {862CECEB-E7A5-4543-81FE-2878399F066A} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {88C19A6B-727F-4BC2-B454-2FF1E3062D8C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {9091BB70-DA58-4F3A-BAD5-8BD2845684EC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {9E47AA67-5892-4CB3-80C0-9D4B37B1BFB7} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {B0F38A4A-7B21-4541-9043-9CA55AF1DAD9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {BE13B41C-6BC3-4D59-84A0-6A6360229FFB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {D0FED816-40EB-410D-B8C3-6AAB13CA28DC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-22] (Microsoft Corporation)
Task: {E5BA3608-67C3-4A84-8DA5-3C379357BA3E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17] (Adobe Systems Incorporated)
Task: {EDA865A8-8817-48AC-949F-6FCED7D428B5} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {EEC88225-0EFD-400A-8FC7-C0255FA6276A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {F7C8C9C4-5ECC-41BF-A948-3AD8476C8526} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-08-10 16:03 - 2015-08-10 16:03 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-10 15:17 - 2015-07-23 02:10 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-02-06 21:46 - 2012-06-21 07:25 - 00113152 _____ () C:\WINDOWS\System32\redmon64.dll
2015-08-19 15:07 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2014-11-25 20:25 - 2014-11-25 20:25 - 00216576 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
2011-03-14 16:27 - 2011-03-14 16:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2014-03-24 16:49 - 2015-10-07 19:28 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-05-30 16:43 - 2013-02-05 08:24 - 00671744 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
2015-10-01 14:49 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2014-01-21 19:56 - 2013-12-04 17:35 - 01185048 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2015-10-01 14:49 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-06-19 02:31 - 2015-06-19 02:31 - 00059392 _____ () C:\Program Files (x86)\ownCloud\shellext\OCUtil_x64.dll
2015-10-01 14:49 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-01 14:50 - 2015-09-17 06:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-01 14:49 - 2015-09-17 06:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-01 14:49 - 2015-09-17 06:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 14:49 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 00396688 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-10-21 09:36 - 2015-10-21 09:36 - 01704974 _____ () C:\Program Files (x86)\ownCloud\owncloud.exe
2015-11-02 10:47 - 2015-11-02 10:47 - 30462190 _____ () C:\Program Files (x86)\sciebo\sciebo.exe
2015-05-20 22:42 - 2015-05-16 00:32 - 00975872 _____ () C:\Users\Eichhörnchen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\esc2pause.exe
2014-08-15 14:25 - 2014-08-15 14:25 - 00063400 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-11-25 19:57 - 2014-11-25 19:57 - 00050176 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll
2014-11-25 20:10 - 2014-11-25 20:10 - 00070144 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll
2014-11-25 20:11 - 2014-11-25 20:11 - 00221184 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll
2014-11-25 20:13 - 2014-11-25 20:13 - 00742912 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-20.dll
2014-11-25 20:05 - 2014-11-25 20:05 - 00038400 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll
2014-05-30 16:43 - 2009-01-10 11:32 - 00011362 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\mingwm10.dll
2014-05-30 16:43 - 2009-06-22 19:42 - 00043008 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\libgcc_s_dw2-1.dll
2014-05-30 16:43 - 2012-10-31 10:14 - 01148416 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtNetwork4.dll
2014-05-30 16:43 - 2012-10-31 10:11 - 02417152 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtCore4.dll
2015-10-21 09:36 - 2015-10-21 09:36 - 00670222 _____ () C:\Program Files (x86)\ownCloud\libocsync.dll
2015-10-21 09:36 - 2015-10-21 09:36 - 00977422 _____ () C:\Program Files (x86)\ownCloud\libowncloudsync.dll
2015-08-06 16:48 - 2015-08-06 16:48 - 00051095 _____ () C:\Program Files (x86)\ownCloud\libqt5keychain.dll
2015-08-06 08:59 - 2015-08-06 08:59 - 00097326 _____ () C:\Program Files (x86)\ownCloud\libgcc_s_sjlj-1.dll
2015-08-06 08:59 - 2015-08-06 08:59 - 00922727 _____ () C:\Program Files (x86)\ownCloud\libstdc++-6.dll
2015-08-06 08:10 - 2015-08-06 08:10 - 00085548 _____ () C:\Program Files (x86)\ownCloud\zlib1.dll
2015-08-06 08:16 - 2015-08-06 08:16 - 01366986 _____ () C:\Program Files (x86)\ownCloud\libGLESv2.dll
2015-08-06 08:14 - 2015-08-06 08:14 - 00209711 _____ () C:\Program Files (x86)\ownCloud\libpng16-16.dll
2015-08-06 08:21 - 2015-08-06 08:21 - 02197765 _____ () C:\Program Files (x86)\ownCloud\icui18n53.dll
2015-08-06 08:21 - 2015-08-06 08:21 - 01308778 _____ () C:\Program Files (x86)\ownCloud\icuuc53.dll
2015-08-06 08:11 - 2015-08-06 08:11 - 00148117 _____ () C:\Program Files (x86)\ownCloud\libpcre16-0.dll
2015-08-06 08:21 - 2015-08-06 08:21 - 21539975 _____ () C:\Program Files (x86)\ownCloud\icudata53.dll
2015-08-06 08:16 - 2015-08-06 08:16 - 00154982 _____ () C:\Program Files (x86)\ownCloud\libEGL.dll
2015-08-06 08:14 - 2015-08-06 08:14 - 00350662 _____ () C:\Program Files (x86)\ownCloud\libjpeg-8.dll
2015-08-06 08:17 - 2015-08-06 08:17 - 00689339 _____ () C:\Program Files (x86)\ownCloud\libsqlite3-0.dll
2015-08-06 10:35 - 2015-08-06 10:35 - 00247540 _____ () C:\Program Files (x86)\ownCloud\libwebp-4.dll
2015-08-06 08:26 - 2015-08-06 08:26 - 01169416 _____ () C:\Program Files (x86)\ownCloud\libxml2-2.dll
2015-08-06 10:38 - 2015-08-06 10:38 - 00231727 _____ () C:\Program Files (x86)\ownCloud\libxslt-1.dll
2015-11-02 10:46 - 2015-11-02 10:46 - 03055762 _____ () C:\Program Files (x86)\sciebo\libocsync.dll
2015-11-02 10:47 - 2015-11-02 10:47 - 17335365 _____ () C:\Program Files (x86)\sciebo\libsciebosync.dll
2015-08-06 16:48 - 2015-08-06 16:48 - 00051095 _____ () C:\Program Files (x86)\sciebo\libqt5keychain.dll
2015-08-06 08:59 - 2015-08-06 08:59 - 00097326 _____ () C:\Program Files (x86)\sciebo\libgcc_s_sjlj-1.dll
2015-08-06 08:59 - 2015-08-06 08:59 - 00922727 _____ () C:\Program Files (x86)\sciebo\libstdc++-6.dll
2015-08-06 08:21 - 2015-08-06 08:21 - 02197765 _____ () C:\Program Files (x86)\sciebo\icui18n53.dll
2015-08-06 08:21 - 2015-08-06 08:21 - 01308778 _____ () C:\Program Files (x86)\sciebo\icuuc53.dll
2015-08-06 08:11 - 2015-08-06 08:11 - 00148117 _____ () C:\Program Files (x86)\sciebo\libpcre16-0.dll
2015-08-06 08:10 - 2015-08-06 08:10 - 00085548 _____ () C:\Program Files (x86)\sciebo\zlib1.dll
2015-08-06 08:16 - 2015-08-06 08:16 - 01366986 _____ () C:\Program Files (x86)\sciebo\libGLESv2.dll
2015-08-06 08:14 - 2015-08-06 08:14 - 00209711 _____ () C:\Program Files (x86)\sciebo\libpng16-16.dll
2015-08-06 08:21 - 2015-08-06 08:21 - 21539975 _____ () C:\Program Files (x86)\sciebo\icudata53.dll
2015-08-06 08:16 - 2015-08-06 08:16 - 00154982 _____ () C:\Program Files (x86)\sciebo\libEGL.dll
2015-08-06 08:14 - 2015-08-06 08:14 - 00350662 _____ () C:\Program Files (x86)\sciebo\libjpeg-8.dll
2015-08-06 08:17 - 2015-08-06 08:17 - 00689339 _____ () C:\Program Files (x86)\sciebo\libsqlite3-0.dll
2015-08-06 10:35 - 2015-08-06 10:35 - 00247540 _____ () C:\Program Files (x86)\sciebo\libwebp-4.dll
2015-08-06 08:26 - 2015-08-06 08:26 - 01169416 _____ () C:\Program Files (x86)\sciebo\libxml2-2.dll
2015-08-06 10:38 - 2015-08-06 10:38 - 00231727 _____ () C:\Program Files (x86)\sciebo\libxslt-1.dll
2014-09-23 07:38 - 2014-11-18 06:21 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2013-12-04 00:06 - 2013-03-20 08:47 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3033165532-1905040069-832013410-1001\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-3033165532-1905040069-832013410-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Eichhörnchen\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{215BEAF7-DE91-4DC9-8EC1-6035F88BECA8}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Block) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [TCP Query User{FF88B00E-8B5C-4ABA-BB8F-3B67E618216E}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Block) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{7470CD58-F42E-4831-BE66-E8BAA1D029C0}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [TCP Query User{DB6A7FCA-7E73-4163-B8AA-BC5175366221}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{570701A0-75A4-40BB-9AD2-1ED767AB75D0}C:\users\eichhörnchen\documents\portabel\arduino-1.6.5-r2\java\bin\java.exe] => (Allow) C:\users\eichhörnchen\documents\portabel\arduino-1.6.5-r2\java\bin\java.exe
FirewallRules: [TCP Query User{04622380-F0AA-4A50-A32F-90D125C6FFD1}C:\users\eichhörnchen\documents\portabel\arduino-1.6.5-r2\java\bin\java.exe] => (Allow) C:\users\eichhörnchen\documents\portabel\arduino-1.6.5-r2\java\bin\java.exe
FirewallRules: [UDP Query User{0E41B197-14ED-43E8-8037-99E10D376EC9}C:\users\eichhörnchen\documents\portabel\arduino-1.6.5-r2\java\bin\javaw.exe] => (Allow) C:\users\eichhörnchen\documents\portabel\arduino-1.6.5-r2\java\bin\javaw.exe
FirewallRules: [TCP Query User{4A7BE881-D7DB-490E-B1F7-2B6FEE41910C}C:\users\eichhörnchen\documents\portabel\arduino-1.6.5-r2\java\bin\javaw.exe] => (Allow) C:\users\eichhörnchen\documents\portabel\arduino-1.6.5-r2\java\bin\javaw.exe
FirewallRules: [UDP Query User{3668F001-4AC3-41A9-8023-A19B45104556}C:\users\eichhörnchen\documents\portabel\teamspeak3-server_win64\ts3server_win64.exe] => (Allow) C:\users\eichhörnchen\documents\portabel\teamspeak3-server_win64\ts3server_win64.exe
FirewallRules: [TCP Query User{44401706-0B44-4870-A149-60BB480B2878}C:\users\eichhörnchen\documents\portabel\teamspeak3-server_win64\ts3server_win64.exe] => (Allow) C:\users\eichhörnchen\documents\portabel\teamspeak3-server_win64\ts3server_win64.exe
FirewallRules: [{6C143F01-608F-42DF-9187-96B530969B42}] => (Allow) LPort=3306
FirewallRules: [{9E85A080-197B-472B-A365-30CB4478E0B0}] => (Allow) LPort=1900
FirewallRules: [{33D74253-797E-4EE8-82F2-E00C74DD81F7}] => (Allow) LPort=2869
FirewallRules: [{0B211F41-9E8E-49C9-A94A-B460601537B2}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [UDP Query User{B6E7F9CF-14C9-4CFD-A57F-28CB459606CF}C:\windows\system32\javaw.exe] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [TCP Query User{8F8D1AB9-8BBF-4E68-B931-EF527C805B26}C:\windows\system32\javaw.exe] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [UDP Query User{6DA1B702-320F-400F-86DC-DE6D686472F3}C:\users\dsa rollenspiel\desktop\flatout 2\flatout2.exe] => (Allow) C:\users\dsa rollenspiel\desktop\flatout 2\flatout2.exe
FirewallRules: [TCP Query User{EB060086-6E71-4082-B188-BE672B2AE011}C:\users\dsa rollenspiel\desktop\flatout 2\flatout2.exe] => (Allow) C:\users\dsa rollenspiel\desktop\flatout 2\flatout2.exe
FirewallRules: [UDP Query User{70813AA6-CFFA-471C-AD43-14CCA214517D}C:\windows\system32\javaw.exe] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [TCP Query User{E1B3B1C8-BF8C-4D33-BC2E-76490A272FB8}C:\windows\system32\javaw.exe] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [UDP Query User{D142BE1E-33A4-406A-873F-5800C11E672E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{A5707FDB-7D34-45D0-B2E8-26CA041D65FE}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{80ABDB1C-40DF-426D-BB14-1D6E7668F5D5}C:\windows\system32\java.exe] => (Block) C:\windows\system32\java.exe
FirewallRules: [TCP Query User{6FE0751A-2FDA-4398-B49F-07E747230B60}C:\windows\system32\java.exe] => (Block) C:\windows\system32\java.exe
FirewallRules: [UDP Query User{DC4F9D37-DD2D-4BA4-99E0-AECAAB5A8818}C:\windows\system32\java.exe] => (Block) C:\windows\system32\java.exe
FirewallRules: [TCP Query User{7B45CA17-6B79-462A-A680-EC992B03B53B}C:\windows\system32\java.exe] => (Block) C:\windows\system32\java.exe
FirewallRules: [{C0B51B40-8B60-426C-8788-7DAA3FA6C39D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{63698EF6-146C-498C-A2AB-A92BBDDF7BD5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C5D96C47-C521-4655-8D0E-86C95FC952B7}] => (Allow) C:\glassfish3\jdk\bin\java.exe
FirewallRules: [{93FC04FA-D114-47B8-8F90-B25ABA760101}] => (Allow) C:\glassfish3\jdk\bin\java.exe
FirewallRules: [{02724BD2-4920-4B9C-852E-A116BDB9BAB8}] => (Allow) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [{941DA149-8CBF-4D5C-8321-8BC23ACE99F6}] => (Allow) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [{0BFDE3B1-C0BA-4DF6-8EBD-316E20BC64C3}] => (Allow) C:\Users\Eichhörnchen\Documents\Minecraft\Server\minecraft_server.1.8.1.exe
FirewallRules: [{797018D7-61BF-4D10-B755-B3AA6886821D}] => (Allow) C:\Users\Eichhörnchen\Documents\Minecraft\Server\minecraft_server.1.8.1.exe
FirewallRules: [{C8BD2052-D9BE-4824-ADE2-45D1523160EE}] => (Allow) C:\Users\Eichhörnchen\Documents\Minecraft\Server\minecraft_server.1.8.1.exe
FirewallRules: [{C6AB8EE2-CD16-4E65-B868-E13A96539049}] => (Allow) C:\Users\Eichhörnchen\Documents\Minecraft\Server\minecraft_server.1.8.1.exe
FirewallRules: [{97B3D015-233F-417E-B495-F3DFED468522}] => (Allow) LPort=3306
FirewallRules: [{266389FD-1C97-44EC-B7B8-DBA230D1F218}] => (Allow) LPort=9999
FirewallRules: [UDP Query User{77FA2EEE-A6FC-45E0-9693-2DDCA1F9A943}C:\users\eichhörnchen\documents\portabel\mysql-5.6.21-winx64\bin\mysqld.exe] => (Allow) C:\users\eichhörnchen\documents\portabel\mysql-5.6.21-winx64\bin\mysqld.exe
FirewallRules: [TCP Query User{52343ED0-86C1-46B2-B8FD-0A181A7D2021}C:\users\eichhörnchen\documents\portabel\mysql-5.6.21-winx64\bin\mysqld.exe] => (Allow) C:\users\eichhörnchen\documents\portabel\mysql-5.6.21-winx64\bin\mysqld.exe
FirewallRules: [{A5413FF0-609C-4A39-8AB3-C8E1CD26C903}] => (Allow) LPort=3306
FirewallRules: [UDP Query User{13476C96-E488-45CA-A6E0-8DA49D9173BC}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{BAC14DBF-85CB-4023-A0C7-D6CD0ED7597F}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{2C6F8A2A-B4C1-4072-8736-FD06EAFB1706}C:\glassfish3\jdk\bin\java.exe] => (Allow) C:\glassfish3\jdk\bin\java.exe
FirewallRules: [TCP Query User{AC654CFD-AF66-4DF3-B6FB-EFBC1658A3CF}C:\glassfish3\jdk\bin\java.exe] => (Allow) C:\glassfish3\jdk\bin\java.exe
FirewallRules: [{D0564F39-E479-4FC9-88BB-85F68DE22C26}] => (Allow) LPort=3306
FirewallRules: [{47A9A48D-ACCB-4C0C-A8EB-50525617E53C}] => (Allow) LPort=3306
FirewallRules: [{37C4F6A3-7F30-4540-A8D2-F5890828D0D6}] => (Allow) LPort=3306
FirewallRules: [{C8AB631E-23EC-4F6A-86A1-D02F6BC6AFF5}] => (Allow) LPort=3306
FirewallRules: [{0A77E1F4-AE3C-4130-956D-224E321849C3}] => (Allow) LPort=3306
FirewallRules: [{A31CBA45-8B58-4D69-8C31-B2C508BA45C0}] => (Allow) C:\Users\Eichhörnchen\Documents\Portabel\dhcpsrv2.4\dhcpsrv.exe
FirewallRules: [{024527DB-23E1-4526-B8BC-5DE07D07BEB6}] => (Allow) C:\Users\Eichhörnchen\Documents\Portabel\dhcpsrv2.4\dhcpsrv.exe
FirewallRules: [{E8CEA51F-803A-44C0-87BB-EB199F15A888}] => (Allow) C:\Users\Eichhörnchen\Desktop\Minecraft.exe
FirewallRules: [{BBBF37D1-0009-446F-8264-493E9B5CA952}] => (Allow) C:\Users\Eichhörnchen\Desktop\Minecraft.exe
FirewallRules: [{52C3D2B5-64AC-43D0-A8DA-10B035E6DDA9}] => (Allow) C:\Users\Eichhörnchen\Desktop\Minecraft.exe
FirewallRules: [{28D70172-3A36-482E-8049-EF9BF39C71BD}] => (Allow) C:\Users\Eichhörnchen\Desktop\Minecraft.exe
FirewallRules: [{2C0BF499-5870-465B-B6CA-12144A3B178A}] => (Allow) C:\Program Files\Adobe\Adobe Bridge CC (64 Bit)\Bridge.exe
FirewallRules: [{6F90533C-191F-42D6-873B-BB3A8AE0883D}] => (Allow) C:\Program Files\Adobe\Adobe Bridge CC (64 Bit)\Bridge.exe
FirewallRules: [{59C5AAA7-E3B1-438D-98DA-55DD49D47436}] => (Allow) C:\Program Files\Adobe\Adobe Bridge CC (64 Bit)\Bridge.exe
FirewallRules: [{69B20C95-516D-426B-B2A6-5BD2C016699F}] => (Allow) C:\Program Files\Adobe\Adobe Bridge CC (64 Bit)\Bridge.exe
FirewallRules: [{29F9E817-C31C-485F-85A0-274558B60D96}] => (Allow) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [{AA96E43F-A217-4362-97B2-4BD48A26C39D}] => (Allow) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [UDP Query User{4C847604-FB8E-4759-AC9D-37F79B8C9B4E}C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\addon.exe] => (Allow) C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\addon.exe
FirewallRules: [TCP Query User{81B37CB0-A24E-4DBA-9FEC-37E98496B617}C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\addon.exe] => (Allow) C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\addon.exe
FirewallRules: [UDP Query User{1E078935-19D5-4036-BD60-892763DCD892}C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\addonweb.exe] => (Allow) C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\addonweb.exe
FirewallRules: [TCP Query User{EF60BAD5-6195-44C8-93B8-C2BA04A3C893}C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\addonweb.exe] => (Allow) C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\addonweb.exe
FirewallRules: [{15EB3127-DD61-4A63-B788-05713054537B}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\Benchmark.exe
FirewallRules: [{C049BDE1-B651-4B87-BF98-CA5D24AF51E0}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\Benchmark.exe
FirewallRules: [{3F671649-F21F-4F91-BD77-D9B145A6541D}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\AddonWeb.exe
FirewallRules: [{9882C7C7-A419-4A2A-A641-1B4187E0E1B5}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\AddonWeb.exe
FirewallRules: [{98CAD265-4432-47D8-8A8F-6E1614A88DE1}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\Anno4Web.exe
FirewallRules: [{8D1F6EB1-5E62-492F-BEB7-DF802F7DF290}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\Anno4Web.exe
FirewallRules: [{7EE02E84-0342-44B7-A319-71D410C6A5F0}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\Addon.exe
FirewallRules: [{D7AD86ED-B3B4-4103-860C-0A581AEACC21}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\Addon.exe
FirewallRules: [{B00FC84C-D01C-4E43-AE12-B85DD5EF4735}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\Anno4.exe
FirewallRules: [{7FA775C2-9821-403A-A881-3BD1BDDCFEAA}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\Anno4.exe
FirewallRules: [UDP Query User{F564E44D-6133-43B4-96DF-6533EB33F8B8}C:\program files\java\jre8\bin\javaw.exe] => (Allow) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [TCP Query User{CD348A4A-DE05-4D4B-BE7B-B4A0EDB884CA}C:\program files\java\jre8\bin\javaw.exe] => (Allow) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [{BEAE9603-B4C3-4BFA-8E35-378473D46084}] => (Allow) C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D1EA28CB-5C8F-4E93-A7E4-35A9C3025F27}] => (Allow) C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{8B519504-F653-4AD0-B905-FE81304FD013}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [{9BB68EDD-E363-407A-98F9-EF46BE6A7BD0}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [{C698E75C-202A-4415-A60E-3AB8D40788CE}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [{1D45B635-6299-43E2-B63E-28C2E55AF32E}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [UDP Query User{AFCC9C08-F6EB-465E-8CF8-E6E5A4E3BF9F}C:\users\eichhörnchen\appdata\local\temp\java_ee_sdk-6u2-jdk-windows-x64.exe4\jdk\jre\bin\javaw.exe] => (Allow) C:\users\eichhörnchen\appdata\local\temp\java_ee_sdk-6u2-jdk-windows-x64.exe4\jdk\jre\bin\javaw.exe
FirewallRules: [TCP Query User{CF2D36BF-0A29-43F0-9278-1A9CDA9EBCF3}C:\users\eichhörnchen\appdata\local\temp\java_ee_sdk-6u2-jdk-windows-x64.exe4\jdk\jre\bin\javaw.exe] => (Allow) C:\users\eichhörnchen\appdata\local\temp\java_ee_sdk-6u2-jdk-windows-x64.exe4\jdk\jre\bin\javaw.exe
FirewallRules: [UDP Query User{8CC09DF1-33B2-4603-8789-DED25CB0182D}C:\program files\java\jdk1.8.0_11\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_11\bin\java.exe
FirewallRules: [TCP Query User{9E5FC2A3-1FF5-4C9B-98F9-ECA870C8C7F6}C:\program files\java\jdk1.8.0_11\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_11\bin\java.exe
FirewallRules: [UDP Query User{AD82DDEF-9101-445C-ACEB-5CC609F3478B}C:\program files\netbeans 8.0\bin\netbeans64.exe] => (Block) C:\program files\netbeans 8.0\bin\netbeans64.exe
FirewallRules: [TCP Query User{5D3048E3-8338-4975-A7A9-DA99969C65D6}C:\program files\netbeans 8.0\bin\netbeans64.exe] => (Block) C:\program files\netbeans 8.0\bin\netbeans64.exe
FirewallRules: [UDP Query User{FD3F89E1-0AA8-4FE7-88B9-E2268FE6C394}C:\users\eichhörnchen\appdata\local\temp\java_ee_sdk-6u2-jdk-windows-x64.exe3\jdk\jre\bin\javaw.exe] => (Allow) C:\users\eichhörnchen\appdata\local\temp\java_ee_sdk-6u2-jdk-windows-x64.exe3\jdk\jre\bin\javaw.exe
FirewallRules: [TCP Query User{535D8C2E-9ACC-40C3-B2B2-EAA05E321EB0}C:\users\eichhörnchen\appdata\local\temp\java_ee_sdk-6u2-jdk-windows-x64.exe3\jdk\jre\bin\javaw.exe] => (Allow) C:\users\eichhörnchen\appdata\local\temp\java_ee_sdk-6u2-jdk-windows-x64.exe3\jdk\jre\bin\javaw.exe
FirewallRules: [UDP Query User{A1033595-EEF3-4ED3-AA5C-7E53370A31AA}C:\glassfish3\jdk\jre\bin\javaw.exe] => (Allow) C:\glassfish3\jdk\jre\bin\javaw.exe
FirewallRules: [TCP Query User{2D3EE85F-CDDB-4226-8555-DDED2A0DB7F8}C:\glassfish3\jdk\jre\bin\javaw.exe] => (Allow) C:\glassfish3\jdk\jre\bin\javaw.exe
FirewallRules: [UDP Query User{0C3635D3-8F3C-4600-9942-4FA24F082EB8}C:\program files\java\jre8\bin\javaw.exe] => (Allow) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [TCP Query User{369EE106-9758-4116-83E5-CA26D45C8D90}C:\program files\java\jre8\bin\javaw.exe] => (Allow) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [UDP Query User{D79D2931-E2E8-4192-8AAC-941D3860BBA4}C:\program files\java\jdk1.8.0_11\jre\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_11\jre\bin\java.exe
FirewallRules: [TCP Query User{E289DA99-DB99-41C3-81FB-095E33FF299E}C:\program files\java\jdk1.8.0_11\jre\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_11\jre\bin\java.exe
FirewallRules: [UDP Query User{65B5FD72-9C43-493D-B194-DD75E0E56F05}C:\glassfish3\jdk\bin\java.exe] => (Allow) C:\glassfish3\jdk\bin\java.exe
FirewallRules: [TCP Query User{DE530A83-2805-40E0-8BC2-D0D21269BE6B}C:\glassfish3\jdk\bin\java.exe] => (Allow) C:\glassfish3\jdk\bin\java.exe
FirewallRules: [UDP Query User{67EE48DD-6FBA-4937-8800-D3679235D451}C:\users\eichhörnchen\appdata\local\temp\java_ee_sdk-6u2-jdk-windows-x64.exe2\jdk\jre\bin\javaw.exe] => (Allow) C:\users\eichhörnchen\appdata\local\temp\java_ee_sdk-6u2-jdk-windows-x64.exe2\jdk\jre\bin\javaw.exe
FirewallRules: [TCP Query User{C7220C66-7B7F-4EFF-BA36-04A401F80D23}C:\users\eichhörnchen\appdata\local\temp\java_ee_sdk-6u2-jdk-windows-x64.exe2\jdk\jre\bin\javaw.exe] => (Allow) C:\users\eichhörnchen\appdata\local\temp\java_ee_sdk-6u2-jdk-windows-x64.exe2\jdk\jre\bin\javaw.exe
FirewallRules: [UDP Query User{87057792-8A55-4C84-A1D3-2CFF34AAE8AC}C:\program files\java\jdk1.8.0_11\bin\jmc.exe] => (Block) C:\program files\java\jdk1.8.0_11\bin\jmc.exe
FirewallRules: [TCP Query User{717473CF-D03E-4C49-9EE2-7735756AC8EE}C:\program files\java\jdk1.8.0_11\bin\jmc.exe] => (Block) C:\program files\java\jdk1.8.0_11\bin\jmc.exe
FirewallRules: [{23C0C7DC-45CE-4B71-B13F-891E7206F909}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{56FA3CC5-B7D9-4009-B2DA-1D8E2C4788CB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{6FB9F2A7-8D45-401B-886C-7DAC4102BE29}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{B3FD9C67-EF16-4571-81D7-928917C792CF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{639E3D63-53B8-4B7F-83F5-2CA569D9AFC2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{01F9714A-5E5B-4F1D-9CBA-2B4FF426DE99}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{35600F53-3790-4956-8151-31DAA0BA819D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{28104437-BCA2-4B7F-AA15-F321515022A1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{94483A2D-376E-43EC-B2FC-A8856777D2EE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{F571FC3C-37F8-4CCF-9F72-66FD676A4CCD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{74CF39A5-4A55-4143-B5BF-F4F4DF5D0DC9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{2852B6CD-47AD-4B91-BC10-5DECED983CBE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{EECD8EED-132E-4E3D-94D0-31FFC96D025E}] => (Allow) C:\Users\Eichhörnchen\AppData\Local\Temp\7zS73B4\hppiw.exe
FirewallRules: [{A4C3CCE7-3B37-4602-AC0D-8F5C2C94B11C}] => (Allow) C:\Users\Eichhörnchen\AppData\Local\Temp\7zS73B4\hppiw.exe
FirewallRules: [UDP Query User{C7B03E8B-335D-4DF6-9E0C-1E96236E5529}C:\users\eichhörnchen\documents\raspberry pi\portscan\portscan.exe] => (Allow) C:\users\eichhörnchen\documents\raspberry pi\portscan\portscan.exe
FirewallRules: [TCP Query User{50BADC7F-C221-4B93-AA61-DAD9351E4FDA}C:\users\eichhörnchen\documents\raspberry pi\portscan\portscan.exe] => (Allow) C:\users\eichhörnchen\documents\raspberry pi\portscan\portscan.exe
FirewallRules: [UDP Query User{4FE68CA3-C354-478C-85F4-B4801EBB018F}C:\users\eichhörnchen\documents\raspberry pi\portscan\portscan.exe] => (Block) C:\users\eichhörnchen\documents\raspberry pi\portscan\portscan.exe
FirewallRules: [TCP Query User{E9337CCB-AF81-4A5A-AEE0-E35BC75B50FC}C:\users\eichhörnchen\documents\raspberry pi\portscan\portscan.exe] => (Block) C:\users\eichhörnchen\documents\raspberry pi\portscan\portscan.exe
FirewallRules: [UDP Query User{1D4DBD02-9BF4-4DE7-9D0C-E77DF4C5975E}C:\users\eichhörnchen\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\eichhörnchen\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{2307E635-E1AE-4660-A46B-30B0879C0912}C:\users\eichhörnchen\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\eichhörnchen\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{61FEAB0A-10D6-416D-8188-621AEDA464C0}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{67830E2B-FBB7-4A6F-9276-054F31B176EC}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{43C55DA4-9CBF-4A39-A085-142CBB8F96C2}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{17E4DD35-74E5-4DB0-B607-FCC0410C0E85}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{4D3FB5D7-4AE1-49D6-88AB-128FC4F1F285}] => (Allow) LPort=7935
FirewallRules: [{FEBB1859-C311-47AB-8D62-3CDB60238FC3}] => (Allow) C:\Program Files\Adobe\Adobe Flash Builder 4.7 (64 Bit)\FlashBuilder.exe
FirewallRules: [{7057FD8B-9DB4-4C80-A2F0-93FDC1C2B665}] => (Allow) C:\Program Files\Adobe\Adobe Flash Builder 4.7 (64 Bit)\FlashBuilder.exe
FirewallRules: [{754FBC46-58D1-4B06-ACE2-D4697882DA77}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Edge Inspect CC\EdgeInspect.exe
FirewallRules: [{B60AAC77-43DA-4CA0-803D-5016A8F88CFC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{16C7E33C-8B36-4667-A215-10ACC24808D0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{B82AA7CE-0440-4F06-BA4F-C640877CFAFF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{463E8DCB-12D5-4647-B912-89367003D61D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{5D20A778-6FF4-4D39-A021-DEECEE6C8572}] => (Allow) C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [TCP Query User{4020244E-04BB-49EE-B20C-CCD1E275235B}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{1E9F6270-E499-4BDA-8F2B-4F7BEAE1D851}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{734278CD-C54D-42B4-9694-0AEB982B03D0}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{A74DAD7E-9F00-4A89-8189-8E0A4C27B43B}C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\anno4web.exe] => (Allow) C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\anno4web.exe
FirewallRules: [UDP Query User{96C186DD-B34F-492D-B3A6-91BCE760A68E}C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\anno4web.exe] => (Allow) C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\anno4web.exe
FirewallRules: [TCP Query User{A39D040F-89C6-42E6-BFD7-A544DCAC64D2}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [UDP Query User{32BF834B-EBA3-4C54-8967-511E3DCF758A}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [TCP Query User{ED52F1AF-A33E-4DB3-9B8C-2A94099F4F37}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [UDP Query User{11401050-CB67-4E64-B38C-33C2367181A4}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [TCP Query User{8F1B0BCD-670F-4C87-94E1-3DC2A343CA07}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [UDP Query User{F9098E93-C592-41F7-B414-F81F57F9B1BD}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [{3D2063F5-298A-4CFB-AB3E-7DF698128261}] => (Block) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [{F41EB106-ABF5-4344-B32D-55A047D14AF2}] => (Block) C:\program files\java\jre1.8.0_60\bin\javaw.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Insyde Airplane Mode HID Mini-Driver
Description: Insyde Airplane Mode HID Mini-Driver
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Insyde
Service: AirplaneModeHid
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Unbekanntes USB-Gerät (Fehler beim Anfordern einer Gerätebeschreibung.)
Description: Unbekanntes USB-Gerät (Fehler beim Anfordern einer Gerätebeschreibung.)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/08/2015 03:59:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: jucheck.exe, Version: 2.8.60.27, Zeitstempel: 0x55c116b1
Name des fehlerhaften Moduls: jucheck.exe, Version: 2.8.60.27, Zeitstempel: 0x55c116b1
Ausnahmecode: 0x40000015
Fehleroffset: 0x00052d24
ID des fehlerhaften Prozesses: 0x1ba4
Startzeit der fehlerhaften Anwendung: 0xjucheck.exe0
Pfad der fehlerhaften Anwendung: jucheck.exe1
Pfad des fehlerhaften Moduls: jucheck.exe2
Berichtskennung: jucheck.exe3
Vollständiger Name des fehlerhaften Pakets: jucheck.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: jucheck.exe5
Error: (11/08/2015 03:38:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SearchUI.exe, Version 10.0.10240.16515 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 15d8
Startzeit: 01d11a32ab40c071
Beendigungszeit: 4294967295
Anwendungspfad: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Berichts-ID: 4e4bd019-8626-11e5-bfab-0090f5ef87d2
Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy
Auf das fehlerhafte Paket bezogene Anwendungs-ID: CortanaUI
Error: (11/08/2015 03:37:57 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Eichhoernchen)
Description: Das Paket „Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy+CortanaUI“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (11/08/2015 03:00:26 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (11/08/2015 01:25:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Eichhoernchen)
Description: Bei der Aktivierung der App „Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/08/2015 01:21:28 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Eichhoernchen)
Description: Bei der Aktivierung der App „Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/08/2015 01:19:11 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Eichhoernchen)
Description: Bei der Aktivierung der App „Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/08/2015 01:16:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SearchUI.exe, Version 10.0.10240.16515 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 12dc
Startzeit: 01d11a1eba9ad9b0
Beendigungszeit: 4294967295
Anwendungspfad: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Berichts-ID: 7b36ef6a-8612-11e5-bfaa-0090f5ef87d2
Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy
Auf das fehlerhafte Paket bezogene Anwendungs-ID: CortanaUI
Error: (11/08/2015 01:16:03 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Eichhoernchen)
Description: Das Paket „Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy+CortanaUI“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (11/08/2015 01:14:44 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Eichhoernchen)
Description: Bei der Aktivierung der App „Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Systemfehler:
=============
Error: (11/08/2015 03:57:22 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (11/08/2015 03:53:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (11/08/2015 03:53:56 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Presentation Foundation-Schriftartcache 3.0.0.0 erreicht.
Error: (11/08/2015 03:53:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "PowerBiosServer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (11/08/2015 03:53:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst PowerBiosServer erreicht.
Error: (11/08/2015 03:53:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Internet Manager. OUC" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (11/08/2015 03:53:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Internet Manager. OUC erreicht.
Error: (11/08/2015 03:53:15 PM) (Source: DCOM) (EventID: 10000) (User: NT-AUTORITÄT)
Description: C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -Embedding193{10DA4F3C-CC99-4190-BE4D-58330754E882}
Error: (11/08/2015 03:53:15 PM) (Source: DCOM) (EventID: 10000) (User: NT-AUTORITÄT)
Description: C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -Embedding193{10DA4F3C-CC99-4190-BE4D-58330754E882}
Error: (11/08/2015 03:53:13 PM) (Source: DCOM) (EventID: 10000) (User: NT-AUTORITÄT)
Description: C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -Embedding193{10DA4F3C-CC99-4190-BE4D-58330754E882}
CodeIntegrity:
===================================
Date: 2015-11-08 15:52:51.284
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\Tastatur.dll that did not meet the Windows signing level requirements.
Date: 2015-11-08 15:34:11.432
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\Tastatur.dll that did not meet the Windows signing level requirements.
Date: 2015-11-08 14:09:12.192
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-11-08 13:11:27.216
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\Tastatur.dll that did not meet the Windows signing level requirements.
Date: 2015-11-08 12:52:54.046
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\Tastatur.dll that did not meet the Windows signing level requirements.
Date: 2015-11-07 15:57:29.555
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\Tastatur.dll that did not meet the Windows signing level requirements.
Date: 2015-11-06 22:29:22.892
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\Tastatur.dll that did not meet the Windows signing level requirements.
Date: 2015-11-01 18:09:00.075
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-11-01 00:12:48.973
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-10-31 19:58:57.510
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\Tastatur.dll that did not meet the Windows signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4200M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 25%
Installierter physikalischer RAM: 8112.5 MB
Verfügbarer physikalischer RAM: 6073.59 MB
Summe virtueller Speicher: 9392.5 MB
Verfügbarer virtueller Speicher: 7340.83 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:900.99 GB) (Free:509.95 GB) NTFS
Drive e: () (Removable) (Total:29.72 GB) (Free:13.63 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 8E6EDAB6)
Partition: GPT.
========================================================
Disk: 1 (Size: 29.7 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
08.11.2015, 20:39
| #8 |
| /// the machine /// TB-Ausbilder | TR/Crypt.ZPACK.*, TR.Crypt.XPACK.*, nicht gefundene AdWareESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
12.11.2015, 00:15
| #9 |
| | TR/Crypt.ZPACK.*, TR.Crypt.XPACK.*, nicht gefundene AdWare Zu deiner Frage: Ob noch Probleme auftreten, kann ich nicht sagen, weil ich in den letzten Tagen auf Ubuntu arbeite. ESET Log: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=42e73188c8713841b9d9c27466f72ce6
# end=init
# utc_time=2015-11-10 09:09:33
# local_time=2015-11-10 10:09:33 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 26662
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=42e73188c8713841b9d9c27466f72ce6
# end=updated
# utc_time=2015-11-10 09:26:35
# local_time=2015-11-10 10:26:35 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=42e73188c8713841b9d9c27466f72ce6
# engine=26662
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-11-11 01:56:31
# local_time=2015-11-11 02:56:31 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 216171 10681003 0 0
# scanned=730817
# found=0
# cleaned=0
# scan_time=16195
Code:
ATTFilter Results of screen317's Security Check version 1.009
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Defender
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Java 8 Update 60
Adobe Flash Player 19.0.0.245
Adobe Reader XI
Mozilla Firefox (41.0.2)
Mozilla Thunderbird (38.2.0)
````````Process Check: objlist.exe by Laurent````````
Windows Defender MSMpEng.exe
Windows Defender MpCmdRun.exe
Internet Manager OnlineUpdate ouc.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-11-2015
durchgeführt von Eichhörnchen (Administrator) auf EICHHOERNCHEN (11-11-2015 23:52:49)
Gestartet von C:\Users\Eichhörnchen\Desktop
Geladene Profile: UpdatusUser & Eichhörnchen (Verfügbare Profile: UpdatusUser & Eichhörnchen & DSA Rollenspiel)
Platform: Windows 10 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
() C:\Program Files (x86)\ownCloud\owncloud.exe
() C:\Program Files (x86)\sciebo\sciebo.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Users\Eichhörnchen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\esc2pause.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.15081.0_x64__8wekyb3d8bbwe\Video.UI.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6310.42251.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6310.42251.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
() C:\Users\Eichhörnchen\Desktop\antivir\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-10] (ELAN Microelectronics Corp.)
HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5675184 2013-05-10] (VIA)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [373760 2014-03-18] (shbox.de)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [570880 2013-12-27] (Nikon Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707496 2014-08-15] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [CitrixReceiver] => "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk"
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [407904 2014-11-27] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [153952 2014-11-27] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-3033165532-1905040069-832013410-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-3033165532-1905040069-832013410-1002\...\Run: [Visual Subst] => C:\Program Files (x86)\Visual Subst\VSubst.exe [139672 2008-02-02] (NTWind Software)
HKU\S-1-5-21-3033165532-1905040069-832013410-1002\...\Run: [ownCloud] => C:\Program Files (x86)\ownCloud\owncloud.exe [1704974 2015-10-21] ()
HKU\S-1-5-21-3033165532-1905040069-832013410-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [57981568 2015-09-27] (Skype Technologies S.A.)
HKU\S-1-5-21-3033165532-1905040069-832013410-1002\...\Run: [sciebo] => C:\Program Files (x86)\sciebo\sciebo.exe [30462190 2015-11-02] ()
HKU\S-1-5-21-3033165532-1905040069-832013410-1002\...\RunOnce: [Uninstall C:\Users\Eichh�rnchen\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Eichhörnchen\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64"
HKU\S-1-5-21-3033165532-1905040069-832013410-1002\...\RunOnce: [Uninstall C:\Users\Eichh�rnchen\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Eichhörnchen\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1"
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [176904 2015-07-23] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ OCError] -> {0960F090-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCErrorShared] -> {0960F091-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCOK] -> {0960F092-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCOKShared] -> {0960F093-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCSync] -> {0960F094-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCSyncShared] -> {0960F095-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCWarning] -> {0960F096-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCWarningShared] -> {0960F097-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2015-06-19] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Eichhörnchen\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll [2015-10-07] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Eichhörnchen\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll [2015-10-07] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Eichhörnchen\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll [2015-10-07] (Microsoft Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Eichhörnchen\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll [2015-10-07] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Eichhörnchen\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll [2015-10-07] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Eichhörnchen\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll [2015-10-07] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hotkey.lnk [2013-12-04]
ShortcutTarget: Hotkey.lnk -> C:\Program Files (x86)\Hotkey\Hotkey.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-06-23]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\DSA Rollenspiel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\esc2pause.exe [2015-05-16] ()
Startup: C:\Users\Eichhörnchen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2014-12-01]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
Startup: C:\Users\Eichhörnchen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\esc2pause.exe [2015-05-16] ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{49630252-1044-4207-9304-39e014ed1c0e}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{aa36e5cf-a2ae-4e32-b4dc-4609169e0fb6}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKU\S-1-5-21-3033165532-1905040069-832013410-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com
SearchScopes: HKU\S-1-5-21-3033165532-1905040069-832013410-1002 -> DefaultScope {C18F63A7-39AF-42F1-90E5-5ED701D3B42D} URL =
SearchScopes: HKU\S-1-5-21-3033165532-1905040069-832013410-1002 -> {C18F63A7-39AF-42F1-90E5-5ED701D3B42D} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-09-29] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-10-17] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-27] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-10-17] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-10-03] (Oracle Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-10-03] (Oracle Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-3033165532-1905040069-832013410-1002 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
FireFox:
========
FF ProfilePath: C:\Users\Eichhörnchen\AppData\Roaming\Mozilla\Firefox\Profiles\t619xc98.default
FF DefaultSearchEngine: DuckDuckGo
FF SelectedSearchEngine: Ecosia
FF Session Restore: -> ist aktiviert.
FF NetworkProxy: "ftp", "192.168.11.1"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "http", "192.168.11.1"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "socks", "192.168.11.1"
FF NetworkProxy: "socks_port", 8080
FF NetworkProxy: "ssl", "192.168.11.1"
FF NetworkProxy: "ssl_port", 8080
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-10] ()
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-10-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-17] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-10] ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2014-11-27] (Citrix Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.20 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-20] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-10-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-03] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-3033165532-1905040069-832013410-1002: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF SearchPlugin: C:\Users\Eichhörnchen\AppData\Roaming\Mozilla\Firefox\Profiles\t619xc98.default\searchplugins\ecosia.xml [2014-01-22]
FF Extension: Cookies Manager+ - C:\Users\Eichhörnchen\AppData\Roaming\Mozilla\Firefox\Profiles\t619xc98.default\Extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} [2015-05-29]
FF Extension: UploadProgress - C:\Users\Eichhörnchen\AppData\Roaming\Mozilla\Firefox\Profiles\t619xc98.default\Extensions\fvicente@gmail.com.xpi [2015-05-29]
FF Extension: NoScript - C:\Users\Eichhörnchen\AppData\Roaming\Mozilla\Firefox\Profiles\t619xc98.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-10-27]
FF Extension: Tamper Data - C:\Users\Eichhörnchen\AppData\Roaming\Mozilla\Firefox\Profiles\t619xc98.default\Extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}.xpi [2015-05-29]
FF Extension: Download YouTube Videos as MP4 - C:\Users\Eichhörnchen\AppData\Roaming\Mozilla\Firefox\Profiles\t619xc98.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2015-05-29]
FF Extension: Adblock Edge - C:\Users\Eichhörnchen\AppData\Roaming\Mozilla\Firefox\Profiles\t619xc98.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2015-05-29]
FF Extension: Kein Name - C:\Users\Eichhörnchen\AppData\Roaming\Mozilla\Firefox\Profiles\t619xc98.default\extensions\fvicente@gmail.com.xpi [nicht gefunden]
FF Extension: Kein Name - C:\Users\Eichhörnchen\AppData\Roaming\Mozilla\Firefox\Profiles\t619xc98.default\extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} [nicht gefunden]
FF Extension: Kein Name - C:\Users\Eichhörnchen\AppData\Roaming\Mozilla\Firefox\Profiles\t619xc98.default\extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}.xpi [nicht gefunden]
FF Extension: Kein Name - C:\Users\Eichhörnchen\AppData\Roaming\Mozilla\Firefox\Profiles\t619xc98.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [nicht gefunden]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2780856 2015-10-07] (Microsoft Corporation)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [216576 2014-11-25] () [Datei ist nicht signiert]
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-10] (ELAN Microelectronics Corp.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-07-17] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [671744 2013-02-05] () [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-20] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S2 PowerBiosServer; c:\Program Files (x86)\Hotkey\PowerBiosServer.exe [47104 2013-05-29] () [Datei ist nicht signiert]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [621336 2013-12-04] (Wacom Technology, Corp.)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AirplaneModeHid; C:\Windows\system32\DRIVERS\AirplaneModeHid.sys [33488 2015-06-25] (Insyde Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-02-26] (LogMeIn Inc.)
S3 huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [245248 2013-04-10] (Huawei Technologies Co., Ltd.)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [253680 2015-03-19] (Intel Corporation)
S3 libusb0; C:\Windows\system32\DRIVERS\libusb0.sys [52832 2014-05-02] (hxxp://libusb-win32.sourceforge.net)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-03-20] (Intel Corporation)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3496216 2015-07-10] (Intel Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-06-18] (Realtek )
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 vpnva; C:\Windows\System32\drivers\vpnva64-6.sys [52592 2014-08-15] (Cisco Systems, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-11 23:52 - 2015-11-11 23:53 - 00029071 _____ C:\Users\Eichhörnchen\Desktop\FRST.txt
2015-11-11 23:48 - 2015-11-11 23:48 - 00016148 _____ C:\WINDOWS\system32\EICHHOERNCHEN_Eichhörnchen_HistoryPrediction.bin
2015-11-10 22:08 - 2015-11-10 22:08 - 00000000 ____D C:\Program Files (x86)\ESET
2015-11-10 22:04 - 2015-11-10 22:04 - 00000022 _____ C:\WINDOWS\S.dirmngr
2015-11-10 21:58 - 2015-11-11 23:51 - 00000000 ____D C:\Users\Eichhörnchen\Desktop\antivir
2015-11-08 15:41 - 2015-11-08 15:41 - 00000824 _____ C:\Users\Eichhörnchen\Desktop\JRT.txt
2015-11-08 15:36 - 2015-11-08 15:36 - 00000979 _____ C:\Users\Eichhörnchen\Desktop\AdwCleaner[C1].txt
2015-11-08 15:29 - 2015-11-08 15:32 - 00000000 ____D C:\AdwCleaner
2015-11-08 15:28 - 2015-11-08 15:28 - 00001211 _____ C:\Users\Eichhörnchen\Desktop\mbam.txt
2015-11-08 14:22 - 2015-11-08 14:22 - 00000000 __SHD C:\found.000
2015-11-08 13:18 - 2015-11-08 13:23 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-11-08 13:18 - 2015-11-08 13:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-11-08 13:18 - 2015-11-08 13:18 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-08 13:18 - 2015-11-08 13:18 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-11-08 13:18 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-11-08 13:18 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-11-08 13:18 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-11-08 13:09 - 2015-11-08 13:09 - 01798976 _____ (Malwarebytes) C:\Users\Eichhörnchen\Desktop\JRT.exe
2015-11-08 13:08 - 2015-11-08 13:08 - 01713664 _____ C:\Users\Eichhörnchen\Desktop\AdwCleaner_5.018.exe
2015-11-08 13:05 - 2015-11-08 13:08 - 22908888 _____ (Malwarebytes ) C:\Users\Eichhörnchen\Desktop\mbam-setup-2.2.0.1024.exe
2015-11-07 16:01 - 2015-11-11 23:53 - 00000000 ____D C:\FRST
2015-11-07 15:54 - 2015-11-07 15:53 - 02198528 _____ (Farbar) C:\Users\Eichhörnchen\Desktop\FRST64.exe
2015-11-01 15:56 - 2015-11-01 15:56 - 00016148 _____ C:\WINDOWS\system32\EICHHOERNCHEN_DSA Rollenspiel_HistoryPrediction.bin
2015-10-31 18:48 - 2015-10-31 18:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft - Story Mode [GOG.com]
2015-10-31 18:39 - 2015-10-31 18:39 - 06539752 _____ (Tim Kosse) C:\Users\Eichhörnchen\Downloads\FileZilla_3.14.1_win64-setup.exe
2015-10-31 18:39 - 2015-10-31 18:39 - 06539752 _____ (Tim Kosse) C:\Users\Eichhörnchen\Downloads\FileZilla_3.14.1_win64-setup (2).exe
2015-10-31 14:52 - 2015-10-31 14:52 - 00000000 ____D C:\Program Files\GOG Games
2015-10-29 23:54 - 2015-10-28 00:38 - 21871616 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-29 23:54 - 2015-10-28 00:16 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-29 23:54 - 2015-10-21 13:00 - 24595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-29 23:54 - 2015-10-21 06:13 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-29 23:53 - 2015-10-21 13:45 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-10-29 23:53 - 2015-10-21 13:44 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-10-29 23:53 - 2015-10-21 13:43 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-29 23:53 - 2015-10-21 13:39 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-10-29 23:53 - 2015-10-21 13:00 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-29 23:53 - 2015-10-21 12:59 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-10-29 23:53 - 2015-10-21 12:57 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-29 23:53 - 2015-10-21 12:52 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-29 23:53 - 2015-10-21 12:50 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-10-29 23:53 - 2015-10-21 12:48 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-29 23:53 - 2015-10-21 12:47 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-10-29 23:53 - 2015-10-21 12:46 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-29 23:53 - 2015-10-21 12:46 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-10-29 23:53 - 2015-10-21 12:44 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-10-29 23:53 - 2015-10-21 12:44 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-29 23:53 - 2015-10-21 12:43 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-10-29 23:53 - 2015-10-21 12:42 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-29 23:53 - 2015-10-21 12:41 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-29 23:53 - 2015-10-21 12:40 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-10-29 23:53 - 2015-10-21 12:38 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-10-29 23:53 - 2015-10-21 06:53 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-29 23:53 - 2015-10-21 06:49 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-10-29 23:53 - 2015-10-21 06:11 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-29 23:53 - 2015-10-21 06:08 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-29 23:53 - 2015-10-21 06:05 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-29 23:53 - 2015-10-21 06:03 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-10-29 23:53 - 2015-10-21 06:03 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-10-29 23:53 - 2015-10-21 05:58 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-10-29 23:53 - 2015-10-21 05:58 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-29 23:53 - 2015-10-21 05:55 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-10-26 18:35 - 2015-10-26 18:42 - 74465412 _____ C:\Users\DSA Rollenspiel\Downloads\rescue-system.iso.part
2015-10-25 18:29 - 2015-10-25 18:29 - 00000000 ____D C:\Users\Eichhörnchen\Documents\Telltale Games
2015-10-25 18:29 - 2015-10-25 18:29 - 00000000 ____D C:\Users\Eichhörnchen\Documents\Minecraft - Story Mode
2015-10-25 18:27 - 2015-10-25 18:27 - 00469776 _____ (Microsoft Corporation) C:\WINDOWS\system32\coin98ip.dll
2015-10-25 18:27 - 2015-10-25 18:27 - 00466736 _____ (Microsoft Corporation) C:\WINDOWS\system32\coin98itp.dll
2015-10-21 17:00 - 2015-10-21 17:39 - 00000227 _____ C:\Users\DSA Rollenspiel\Desktop\Pizza.txt
2015-10-19 18:00 - 2015-10-26 22:22 - 00000138 _____ C:\Users\DSA Rollenspiel\Documents\JENS Lienn Kevendoch.txt
2015-10-19 14:25 - 2015-10-19 14:25 - 00079966 _____ C:\Users\Eichhörnchen\AppData\Local\recently-used.xbel
2015-10-19 12:48 - 2015-10-19 12:50 - 00365528 _____ C:\WINDOWS\Minidump\101915-56359-01.dmp
2015-10-19 12:24 - 2015-10-19 17:56 - 00000000 ____D C:\Users\DSA Rollenspiel\.oracle_jre_usage
2015-10-19 12:24 - 2015-10-19 12:24 - 00000000 ____D C:\Users\DSA Rollenspiel\AppData\Roaming\Sun
2015-10-17 14:23 - 2015-10-17 14:22 - 00110688 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-10-17 14:17 - 2015-10-17 14:17 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2015-10-15 18:57 - 2015-10-16 17:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-14 15:55 - 2015-10-10 08:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-14 15:55 - 2015-10-06 04:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-14 15:55 - 2015-10-06 03:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-14 15:55 - 2015-10-01 05:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-14 15:55 - 2015-10-01 05:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-14 15:55 - 2015-10-01 05:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-14 15:55 - 2015-10-01 05:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-14 15:55 - 2015-10-01 05:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-14 15:55 - 2015-10-01 04:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-14 15:55 - 2015-09-25 05:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-14 15:55 - 2015-09-25 05:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-14 15:55 - 2015-09-25 04:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-14 15:55 - 2015-09-25 04:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-14 15:55 - 2015-09-25 04:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-14 15:55 - 2015-09-25 04:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-14 15:55 - 2015-09-25 04:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-14 15:55 - 2015-09-25 04:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-14 15:55 - 2015-09-25 04:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-14 15:55 - 2015-09-25 04:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-14 15:55 - 2015-09-25 04:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-14 15:55 - 2015-09-25 04:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-14 15:55 - 2015-09-25 04:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-14 15:55 - 2015-09-25 04:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-14 15:55 - 2015-09-25 04:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-14 15:55 - 2015-09-25 04:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-14 15:55 - 2015-09-25 04:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-14 15:55 - 2015-09-25 04:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-14 15:55 - 2015-09-25 04:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-14 15:55 - 2015-09-25 04:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-14 15:55 - 2015-09-25 04:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-14 15:55 - 2015-09-25 04:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-14 15:55 - 2015-09-25 04:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-14 15:55 - 2015-09-25 03:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-14 15:55 - 2015-09-25 03:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-14 15:55 - 2015-09-25 03:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-14 15:55 - 2015-09-25 03:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-14 15:55 - 2015-09-25 03:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-14 15:55 - 2015-09-25 03:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-14 15:55 - 2015-09-25 03:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-14 15:55 - 2015-09-25 03:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-14 15:55 - 2015-09-25 03:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-14 15:55 - 2015-09-25 03:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-14 15:55 - 2015-09-25 03:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-14 15:55 - 2015-09-25 03:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-14 15:55 - 2015-09-25 03:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-14 15:55 - 2015-09-25 03:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-14 15:55 - 2015-09-25 03:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-14 15:55 - 2015-09-25 03:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-14 15:55 - 2015-09-25 03:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-14 15:55 - 2015-09-25 03:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-14 15:55 - 2015-09-25 03:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-14 15:55 - 2015-09-25 03:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-14 15:55 - 2015-09-25 03:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-14 15:55 - 2015-09-25 03:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-14 15:55 - 2015-09-25 03:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-14 15:55 - 2015-09-25 03:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-14 15:55 - 2015-09-25 03:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-14 15:55 - 2015-09-25 03:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-11 23:45 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-11 23:42 - 2014-01-26 17:41 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-11 23:39 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-11 02:58 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-10 22:42 - 2014-01-26 17:41 - 00003870 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-11-10 22:33 - 2014-02-03 20:01 - 00000000 ____D C:\Users\Eichhörnchen\AppData\Roaming\Skype
2015-11-10 22:07 - 2015-04-07 11:51 - 00000000 ____D C:\Users\Eichhörnchen\AppData\Local\sciebo
2015-11-10 22:07 - 2014-10-31 17:24 - 00000000 ____D C:\Users\Eichhörnchen\AppData\Local\ownCloud
2015-11-10 22:06 - 2015-08-10 15:16 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-11-10 22:04 - 2015-07-10 13:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-10 22:04 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-09 00:39 - 2015-07-10 10:05 - 01048576 ___SH C:\WINDOWS\system32\config\BBI
2015-11-08 16:00 - 2015-06-04 18:12 - 00000000 ____D C:\Users\Eichhörnchen\AppData\Local\CrashDumps
2015-11-08 15:33 - 2015-08-10 15:10 - 00017684 _____ C:\WINDOWS\PFRO.log
2015-11-08 15:08 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-11-06 22:33 - 2015-09-12 14:49 - 00001067 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\sciebo.lnk
2015-11-06 22:32 - 2015-02-03 15:33 - 00000000 ____D C:\Users\Eichhörnchen\Sciebo
2015-11-06 00:10 - 2014-09-27 13:38 - 00000000 ____D C:\Users\Eichhörnchen\AppData\Roaming\Telegram Win (Unofficial)
2015-11-05 23:37 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-11-03 22:01 - 2014-01-25 00:21 - 00000000 ____D C:\Users\Eichhörnchen\AppData\Roaming\vlc
2015-11-03 20:03 - 2015-03-01 18:41 - 00000000 ____D C:\Users\Eichhörnchen\AppData\Roaming\gnupg
2015-11-03 19:20 - 2015-07-10 12:06 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-11-03 19:20 - 2015-07-10 12:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-02 01:27 - 2014-09-26 14:30 - 00000000 ____D C:\Users\Eichhörnchen\AppData\Roaming\TS3Client
2015-11-02 01:27 - 2014-07-17 20:47 - 00000000 ____D C:\Users\Eichhörnchen\AppData\Roaming\.minecraft
2015-10-31 23:08 - 2015-08-17 18:40 - 00002435 _____ C:\Users\DSA Rollenspiel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-10-31 23:08 - 2015-08-17 18:40 - 00000000 ___RD C:\Users\DSA Rollenspiel\OneDrive
2015-10-31 23:08 - 2014-12-15 20:30 - 00000000 ____D C:\Users\DSA Rollenspiel\AppData\Local\FreePDF_XP
2015-10-31 19:59 - 2015-08-10 15:20 - 00000000 ____D C:\Users\Eichhörnchen
2015-10-31 19:56 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-31 18:51 - 2013-12-04 00:17 - 00129262 _____ C:\WINDOWS\DirectX.log
2015-10-31 18:46 - 2014-02-28 23:30 - 00000000 ____D C:\Users\Eichhörnchen\AppData\Roaming\FileZilla
2015-10-31 18:40 - 2014-09-02 20:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-10-31 18:40 - 2014-09-02 20:20 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2015-10-30 21:28 - 2014-12-25 18:25 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-10-30 20:35 - 2014-09-26 14:28 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2015-10-28 08:33 - 2015-07-03 14:24 - 00001083 _____ C:\Users\Public\Desktop\ownCloud.lnk
2015-10-28 08:33 - 2014-10-31 17:24 - 00001095 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ownCloud.lnk
2015-10-28 08:33 - 2014-10-31 17:23 - 00000000 ____D C:\Program Files (x86)\ownCloud
2015-10-28 08:32 - 2014-10-31 17:25 - 00000000 ____D C:\Users\Eichhörnchen\ownCloud
2015-10-27 21:42 - 2014-01-21 23:39 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-10-26 11:21 - 2015-09-25 15:43 - 01790124 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-26 11:21 - 2015-07-10 17:34 - 00772342 _____ C:\WINDOWS\system32\perfh007.dat
2015-10-26 11:21 - 2015-07-10 17:34 - 00154170 _____ C:\WINDOWS\system32\perfc007.dat
2015-10-25 18:26 - 2015-07-10 13:20 - 00028159 _____ C:\WINDOWS\setupact.log
2015-10-24 22:35 - 2015-02-22 16:03 - 00000000 ____D C:\Users\Eichhörnchen\AppData\Local\Eclipse
2015-10-24 19:04 - 2014-01-21 19:07 - 00000000 ____D C:\Users\Eichhörnchen\AppData\Local\Packages
2015-10-23 14:51 - 2015-05-14 22:36 - 00003296 _____ C:\Users\Eichhörnchen\Desktop\TODO.txt
2015-10-22 21:59 - 2014-01-23 19:30 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-22 21:55 - 2014-01-23 19:30 - 143481208 ____N (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-21 18:40 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-10-19 17:56 - 2014-12-15 19:10 - 00000278 _____ C:\Users\DSA Rollenspiel\.dsa4.properties
2015-10-19 17:56 - 2014-12-15 19:10 - 00000000 ____D C:\Users\DSA Rollenspiel\helden
2015-10-19 14:25 - 2014-08-01 00:40 - 00000000 ____D C:\Users\Eichhörnchen\.gimp-2.8
2015-10-19 14:14 - 2014-08-01 00:45 - 00000000 ____D C:\Users\Eichhörnchen\AppData\Local\gtk-2.0
2015-10-19 12:48 - 2015-09-26 16:25 - 00000000 ____D C:\WINDOWS\Minidump
2015-10-19 12:48 - 2014-02-09 19:44 - 672120648 _____ C:\WINDOWS\MEMORY.DMP
2015-10-19 12:24 - 2015-08-10 15:20 - 00000000 ____D C:\Users\DSA Rollenspiel
2015-10-17 14:32 - 2015-10-03 20:14 - 00000000 ____D C:\Users\Eichhörnchen\.oracle_jre_usage
2015-10-17 14:23 - 2015-10-03 20:18 - 00002539 _____ C:\Users\Eichhörnchen\Desktop\JOSM.lnk
2015-10-17 14:23 - 2014-07-26 22:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-17 14:23 - 2014-07-26 22:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-10-17 14:22 - 2014-02-10 22:13 - 00000000 ____D C:\Program Files\Java
2015-10-16 17:01 - 2014-01-21 20:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-16 13:33 - 2015-08-15 02:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-10-16 13:33 - 2015-08-10 15:17 - 00000000 ____D C:\Program Files\Elantech
2015-10-16 13:29 - 2015-07-10 12:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-16 13:29 - 2015-07-10 12:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-16 13:29 - 2015-07-10 12:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-16 13:29 - 2015-07-10 12:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-16 13:29 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-16 13:29 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-16 13:29 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-16 13:29 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-10-14 15:31 - 2013-12-04 00:16 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-13 19:16 - 2014-10-10 13:43 - 00000000 ____D C:\Users\Eichhörnchen\AppData\Roaming\texstudio
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-01-09 22:09 - 2015-01-09 22:09 - 0000268 ___RH () C:\Users\Eichhörnchen\AppData\Roaming\Gems
2015-01-09 22:10 - 2015-01-09 22:10 - 0000268 ___RH () C:\Users\Eichhörnchen\AppData\Roaming\Generic
2015-01-09 22:09 - 2015-01-09 22:09 - 0000268 ___RH () C:\Users\Eichhörnchen\AppData\Roaming\Grand Piano
2015-06-21 04:17 - 2015-06-21 04:17 - 0003584 _____ () C:\Users\Eichhörnchen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-23 22:56 - 2014-04-26 13:47 - 0000600 _____ () C:\Users\Eichhörnchen\AppData\Local\PUTTY.RND
2015-10-19 14:25 - 2015-10-19 14:25 - 0079966 _____ () C:\Users\Eichhörnchen\AppData\Local\recently-used.xbel
2015-01-09 22:09 - 2015-01-09 22:09 - 0000268 ___RH () C:\ProgramData\Graphics
2015-01-09 22:10 - 2015-01-09 22:10 - 0000268 ___RH () C:\ProgramData\Guides
2015-01-09 22:09 - 2015-01-09 22:09 - 0000268 ___RH () C:\ProgramData\Guitar
2014-06-23 17:33 - 2014-06-23 17:42 - 0000828 _____ () C:\ProgramData\hpzinstall.log
2015-01-09 22:09 - 2015-01-09 22:09 - 0000012 ___RH () C:\ProgramData\Hybrid Basic
2015-01-09 22:10 - 2015-01-09 22:10 - 0000012 ___RH () C:\ProgramData\Hybrid Morph
2015-01-09 22:09 - 2015-01-09 22:09 - 0000012 ___RH () C:\ProgramData\Icons
2015-01-09 22:10 - 2015-01-09 22:10 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2015-01-09 22:09 - 2015-01-09 22:24 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2015-01-09 22:09 - 2015-01-09 22:09 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Eichhörnchen\Kegelkalkulator.exe
Einige Dateien in TEMP:
====================
C:\Users\Eichhörnchen\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Eichhörnchen\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-11-08 14:05
==================== Ende von FRST.txt ============================
--- --- --- |
|
12.11.2015, 00:16
| #10 |
| | TR/Crypt.ZPACK.*, TR.Crypt.XPACK.*, nicht gefundene AdWare Addition.txt: [CODE] FRST Additions Logfile: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-11-2015
durchgeführt von Eichhörnchen (2015-11-11 23:54:53)
Gestartet von C:\Users\Eichhörnchen\Desktop
Windows 10 Pro (X64) (2015-08-10 15:08:15)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3033165532-1905040069-832013410-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3033165532-1905040069-832013410-503 - Limited - Disabled)
DSA Rollenspiel (S-1-5-21-3033165532-1905040069-832013410-1005 - Limited - Enabled) => C:\Users\DSA Rollenspiel
Eichhörnchen (S-1-5-21-3033165532-1905040069-832013410-1002 - Administrator - Enabled) => C:\Users\Eichhörnchen
Gast (S-1-5-21-3033165532-1905040069-832013410-501 - Limited - Disabled)
UpdatusUser (S-1-5-21-3033165532-1905040069-832013410-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe Edge Code CC (HKLM-x32\...\{641F742F-1497-51B4-F481-1037096A90A0}) (Version: 0.97 - Adobe Systems Incorporated)
Adobe Edge Inspect CC (HKLM-x32\...\{67D22EA0-4601-4450-9C99-042DABB0A315}) (Version: 1.0.408 - Adobe Systems Incorporated)
Adobe Edge Reflow CC Preview (HKLM\...\{4CBD2327-FA4C-4D42-8903-CE1E96FE0FBF}) (Version: 0.37.15833 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Gaming SDK 1.3 (HKLM-x32\...\{62FFC6DD-18BB-49FC-AF65-71FB1C0B08AA}) (Version: 1.3 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Adobe Scout CC (HKLM\...\{BA573BFE-83B4-11E3-93D2-D231FEB1DC81}) (Version: 1.1.3.354121 - Adobe Systems Incorporated)
Airplane Mode Hid Installer (HKLM-x32\...\InstallShield_{5E5B067F-52A4-447E-A3F1-D6DD10565E73}) (Version: 2.0.0.5 - )
Airplane Mode Hid Installer (x32 Version: 2.0.0.5 - ) Hidden
Algodoo v2.1.0 (HKLM-x32\...\Algodoo_is1) (Version: - Algoryx)
ANNO 1404 - Königsedition (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 3.10.0000 - Ubisoft)
Apache Tomcat 5.5 (remove only) (HKLM\...\Apache Tomcat 5.5) (Version: - )
Apache Tomcat 8.0.15 (HKLM\...\nbi-tomcat-8.0.15.0.0) (Version: - )
Arduino (HKLM-x32\...\Arduino) (Version: 1.6.5-r2 - Arduino LLC)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
B209a-m (x32 Version: 140.0.851.000 - Hewlett-Packard) Hidden
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Blender (HKLM\...\{EA3C8A99-1565-44FF-89FC-926CEEB623B5}) (Version: 2.75.1 - Blender Foundation)
Blender (HKLM\...\Blender) (Version: 2.71 - Blender Foundation)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Calques 3D (HKLM-x32\...\{1B5E9727-A251-4804-9DBD-FE8E3B6AC770}) (Version: 2.5.0 - Nicolas Van Labeke)
Canon MG6100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6100_series) (Version: - )
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.05182 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.05182 - Cisco Systems, Inc.) Hidden
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.2.0.10 - Citrix Systems, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Deutsch - Custom (HKLM\...\{10A21C21-3501-4B8D-9FBA-7DC1A003FAA7}) (Version: 1.0.3.40 - Company)
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-3033165532-1905040069-832013410-1002\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
dvdisaster-0.79.1 (HKLM-x32\...\dvdisaster_is1) (Version: - dvdisaster project)
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
EPSON XP-600 Series Printer Uninstall (HKLM\...\EPSON XP-600 Series) (Version: - SEIKO EPSON Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
FileZilla Client 3.14.1 (HKLM-x32\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version: - )
Galería de fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GeoGebra 4.4 (HKLM-x32\...\GeoGebra 4.4) (Version: 4.4.12.0 - International GeoGebra Institute)
GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.63.0 - International GeoGebra Institute)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Git version 1.9.5-preview20141217 (HKLM-x32\...\Git_is1) (Version: 1.9.5-preview20141217 - The Git Development Community)
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Gpg4win (2.2.3) (HKLM-x32\...\GPG4Win) (Version: 2.2.3 - The Gpg4win Project)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.10) (Version: 9.10 - Artifex Software Inc.)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.12) (Version: 9.12 - Artifex Software Inc.)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.14) (Version: 9.14 - Artifex Software Inc.)
Hotkey 8.0122 (HKLM-x32\...\InstallShield_{164714B6-46BC-4649-9A30-A6ED32F03B5A}) (Version: 8.0122 - NoteBook)
Hotkey 8.0122 (x32 Version: 8.0122 - NoteBook) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart Plus B209a-m All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{E5BC8CEA-6C57-491E-83C0-4D0FA958C7F3}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
ImageMagick 6.9.1-10 Q16 (64-bit) (2015-07-25) (HKLM\...\ImageMagick 6.9.1 Q16 (64-bit)_is1) (Version: 6.9.1 - ImageMagick Studio LLC)
Inkscape 0.48.4 (HKLM-x32\...\Inkscape) (Version: 0.48.4 - )
Insyde Airplane Mode HID Mini-Driver (HKLM\...\AirplaneModeHid) (Version: 1.4.0.2 - Insyde Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.0.1428 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4170 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Internet Manager (HKLM-x32\...\Internet Manager) (Version: 22.001.18.76.55 - Huawei Technologies Co.,Ltd)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java SE Development Kit 7 Update 79 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle)
Java SE Development Kit 8 Update 11 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180110}) (Version: 8.0.110 - Oracle Corporation)
Java SE Development Kit 8 Update 60 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation)
Krita Desktop (x64) 2.9.4.2 (HKLM\...\{5054B603-CDEA-4454-B845-9807FA078141}) (Version: 2.9.4.2 - Krita Foundation)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft Flight Simulator X (HKLM-x32\...\InstallShield_{F535B2CF-C9BB-4162-B03A-02D6971F32CC}) (Version: 10.0.60905 - Microsoft Game Studios)
Microsoft Keyboard Layout Creator 1.4 (HKLM-x32\...\{99E66BC9-E4B6-485F-ABFC-31EFCE36DFDF}) (Version: 1.4.6000 - Microsoft Corp.)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4763.1003 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x64) ENU (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Midori 0.5.8 (HKLM-x32\...\Midori) (Version: 0.5.8 - Christian Dywan)
Minecraft - Story Mode (HKLM-x32\...\1444400283_is1) (Version: 2.1.0.2 - GOG.com)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 41.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla)
Mozilla Thunderbird 38.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.2.0 (x86 de)) (Version: 38.2.0 - Mozilla)
Mozilla Thunderbird 38.3.0 (x86 de) (HKU\S-1-5-21-3033165532-1905040069-832013410-1002\...\Mozilla Thunderbird 38.3.0 (x86 de)) (Version: 38.3.0 - Mozilla)
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Mumble 1.2.10 (HKLM-x32\...\{2A8C1469-B7F5-4EE2-95E1-316895A211A7}) (Version: 1.2.10 - Thorvald Natvig)
Natron (HKLM\...\{412CD274-92AE-44AF-BA76-A6AA2B824A1B}) (Version: 0.9.4 - Inria)
NEF Codec (HKLM-x32\...\{D6506521-0959-4FA3-875F-E2E28830B0D2}) (Version: 1.00.0000 - Nikon)
NetBeans IDE 8.0.2 (HKLM\...\nbi-nb-base-8.0.2.0.201411181905) (Version: 8.0.2 - NetBeans.org)
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.1 - Nikon)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.9.2 - Nikon)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.8 - Notepad++ Team)
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
OBS Multiplatform (HKLM-x32\...\OBS Multiplatform) (Version: 0.11.1 - OBS Project)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Online Plug-in (x32 Version: 14.2.0.10 - Citrix Systems, Inc.) Hidden
ownCloud (HKLM-x32\...\ownCloud) (Version: 2.0.2.5569 - ownCloud)
paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Picture Control Utility 2 (HKLM\...\{D4893C47-704F-4B84-8486-9DE4974ACA6F}) (Version: 2.0.1 - Nikon)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
PS_AIO_06_B209a-m_SW_Min (x32 Version: 140.0.863.000 - Hewlett-Packard) Hidden
PuTTY version 0.63 (HKLM-x32\...\PuTTY_is1) (Version: 0.63 - Simon Tatham)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Racket v6.1.1 (x86_64) (HKLM-x32\...\Racket-x86_64-6.1.1) (Version: 6.1.1 - PLT Design Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{0D61A55C-3ADC-409F-BF5B-A1766D1F5944}) (Version: 6.2.9200.27035 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: 1.90 - Ghostgum Software Pty Ltd)
ROBOPro (fischertechnik) Programm (HKU\S-1-5-21-3033165532-1905040069-832013410-1002\...\ROBOProFischertechnik) (Version: - )
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
sciebo (HKLM-x32\...\sciebo) (Version: 2.0.2.265 - Sync and Share NRW )
Scribus 1.4.3 (64bit) (HKLM\...\Scribus 1.4.3) (Version: 1.4.3 - The Scribus Team)
Self-Service Plug-in (x32 Version: 4.2.0.2495 - Citrix Systems, Inc.) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Telegram Desktop version 0.9.10 (HKU\S-1-5-21-3033165532-1905040069-832013410-1002\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.9.10 - Telegram Messenger LLP)
TeX Live 2014 (HKU\S-1-5-21-3033165532-1905040069-832013410-1002\...\TeXLive2014) (Version: 2014 - )
TeXstudio 2.10.0 (HKLM-x32\...\TeXstudio_is1) (Version: 2.10.0 - Benito van der Zander)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.10.1 - Nikon)
Visual Subst (HKLM-x32\...\Visual Subst) (Version: 1.0.6 - NTWind Software)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.7-6 - Wacom Technology Corp.)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows-Treiberpaket - Insyde (AirplaneModeHid) HIDClass (07/01/2013 1.3.0.0) (HKLM\...\E38E8D276444640BFCE21B5A73FD63C479B76259) (Version: 07/01/2013 1.3.0.0 - Insyde)
Xming 6.9.0.31 (HKLM-x32\...\Xming_is1) (Version: 6.9.0.31 - Colin Harrison)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3033165532-1905040069-832013410-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3033165532-1905040069-832013410-1002_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
CustomCLSID: HKU\S-1-5-21-3033165532-1905040069-832013410-1002_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()
CustomCLSID: HKU\S-1-5-21-3033165532-1905040069-832013410-1002_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-3033165532-1905040069-832013410-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3033165532-1905040069-832013410-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3033165532-1905040069-832013410-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3033165532-1905040069-832013410-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3033165532-1905040069-832013410-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3033165532-1905040069-832013410-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3033165532-1905040069-832013410-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3033165532-1905040069-832013410-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3033165532-1905040069-832013410-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Wiederherstellungspunkte =========================
22-10-2015 21:54:28 Windows Update
28-10-2015 08:32:22 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
31-10-2015 18:48:59 DirectX wurde installiert
08-11-2015 15:00:13 Geplanter Prüfpunkt
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2015-03-01 21:51 - 00000827 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {041FEB66-23C8-46B2-A3B1-CA748311C967} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {05315C38-A3EF-4EC1-AD64-2B7721745829} - System32\Tasks\{E09E268C-ABE8-45EE-9588-301E8413AECE} => pcalua.exe -a "C:\Users\DSA Rollenspiel\Desktop\Flatout 2\FlatOut2.exe" -d "C:\Users\DSA Rollenspiel\Desktop\Flatout 2"
Task: {126ECF0B-F7DD-4939-B55E-59756494CE57} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-22] (Microsoft Corporation)
Task: {142C74D0-EF57-4949-9A28-B027C695856B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {199EFBD7-107A-4C55-919E-AC30243003BA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {19D06EA9-DADE-42CA-998D-7ACF1F15F8F0} - System32\Tasks\{B50F2412-D2FC-4762-B334-6D95AB1984AD} => Firefox.exe hxxp://ui.skype.com/ui/0/7.0.59.100/de/abandoninstall?page=tsMain
Task: {1CB71D3D-3E5A-48BB-BBD1-B8FB42FCD97B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {4592BE2E-E8E3-4CBE-9F6D-1C2F9BF29039} - System32\Tasks\{B84161E0-06AA-4353-894C-391DF4F37CB2} => pcalua.exe -a E:\setup.exe -d E:\ -c AUTORUN=1
Task: {4F60EF7D-7931-42CC-80E3-1FAE76ED9025} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {862CECEB-E7A5-4543-81FE-2878399F066A} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {88C19A6B-727F-4BC2-B454-2FF1E3062D8C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {9091BB70-DA58-4F3A-BAD5-8BD2845684EC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {9E47AA67-5892-4CB3-80C0-9D4B37B1BFB7} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {B0F38A4A-7B21-4541-9043-9CA55AF1DAD9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {BE13B41C-6BC3-4D59-84A0-6A6360229FFB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {E5BA3608-67C3-4A84-8DA5-3C379357BA3E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-10] (Adobe Systems Incorporated)
Task: {EDA865A8-8817-48AC-949F-6FCED7D428B5} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {EEC88225-0EFD-400A-8FC7-C0255FA6276A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {F7C8C9C4-5ECC-41BF-A948-3AD8476C8526} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-08-10 16:03 - 2015-08-10 16:03 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-10 15:17 - 2015-07-23 02:10 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-02-06 21:46 - 2012-06-21 07:25 - 00113152 _____ () C:\WINDOWS\System32\redmon64.dll
2015-08-19 15:07 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2014-11-25 20:25 - 2014-11-25 20:25 - 00216576 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
2014-03-24 16:49 - 2015-10-07 19:28 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2011-03-14 16:27 - 2011-03-14 16:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2014-05-30 16:43 - 2013-02-05 08:24 - 00671744 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
2015-10-01 14:49 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 14:49 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-06-19 02:31 - 2015-06-19 02:31 - 00059392 _____ () C:\Program Files (x86)\ownCloud\shellext\OCUtil_x64.dll
2015-02-20 21:31 - 2014-12-17 21:23 - 00736962 _____ () C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll
2014-01-21 19:56 - 2013-12-04 17:35 - 01185048 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2015-10-01 14:49 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 00396688 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-10-21 09:36 - 2015-10-21 09:36 - 01704974 _____ () C:\Program Files (x86)\ownCloud\owncloud.exe
2015-11-02 10:47 - 2015-11-02 10:47 - 30462190 _____ () C:\Program Files (x86)\sciebo\sciebo.exe
2015-05-20 22:42 - 2015-05-16 00:32 - 00975872 _____ () C:\Users\Eichhörnchen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\esc2pause.exe
2015-10-01 14:50 - 2015-09-17 06:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-01 14:49 - 2015-09-17 06:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-01 14:49 - 2015-09-17 06:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 14:49 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-10-27 20:51 - 2015-10-27 20:53 - 00012800 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2015-10-27 20:51 - 2015-10-27 20:53 - 10958848 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2015-10-26 23:44 - 2015-10-26 23:45 - 00245760 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2015-11-10 21:59 - 2015-11-10 22:00 - 00852720 _____ () C:\Users\Eichhörnchen\Desktop\antivir\SecurityCheck.exe
2014-08-15 14:25 - 2014-08-15 14:25 - 00063400 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-11-25 20:11 - 2014-11-25 20:11 - 00221184 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll
2014-11-25 20:10 - 2014-11-25 20:10 - 00070144 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll
2014-11-25 20:13 - 2014-11-25 20:13 - 00742912 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-20.dll
2014-11-25 20:05 - 2014-11-25 20:05 - 00038400 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll
2014-11-25 19:57 - 2014-11-25 19:57 - 00050176 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll
2014-05-30 16:43 - 2009-01-10 11:32 - 00011362 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\mingwm10.dll
2014-05-30 16:43 - 2009-06-22 19:42 - 00043008 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\libgcc_s_dw2-1.dll
2014-05-30 16:43 - 2012-10-31 10:11 - 02417152 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtCore4.dll
2014-05-30 16:43 - 2012-10-31 10:14 - 01148416 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtNetwork4.dll
2015-10-21 09:36 - 2015-10-21 09:36 - 00977422 _____ () C:\Program Files (x86)\ownCloud\libowncloudsync.dll
2015-10-21 09:36 - 2015-10-21 09:36 - 00670222 _____ () C:\Program Files (x86)\ownCloud\libocsync.dll
2015-08-06 16:48 - 2015-08-06 16:48 - 00051095 _____ () C:\Program Files (x86)\ownCloud\libqt5keychain.dll
2015-08-06 08:59 - 2015-08-06 08:59 - 00097326 _____ () C:\Program Files (x86)\ownCloud\libgcc_s_sjlj-1.dll
2015-08-06 08:59 - 2015-08-06 08:59 - 00922727 _____ () C:\Program Files (x86)\ownCloud\libstdc++-6.dll
2015-08-06 08:10 - 2015-08-06 08:10 - 00085548 _____ () C:\Program Files (x86)\ownCloud\zlib1.dll
2015-08-06 08:21 - 2015-08-06 08:21 - 02197765 _____ () C:\Program Files (x86)\ownCloud\icui18n53.dll
2015-08-06 08:21 - 2015-08-06 08:21 - 01308778 _____ () C:\Program Files (x86)\ownCloud\icuuc53.dll
2015-08-06 08:11 - 2015-08-06 08:11 - 00148117 _____ () C:\Program Files (x86)\ownCloud\libpcre16-0.dll
2015-08-06 08:16 - 2015-08-06 08:16 - 01366986 _____ () C:\Program Files (x86)\ownCloud\libGLESv2.dll
2015-08-06 08:14 - 2015-08-06 08:14 - 00209711 _____ () C:\Program Files (x86)\ownCloud\libpng16-16.dll
2015-08-06 08:21 - 2015-08-06 08:21 - 21539975 _____ () C:\Program Files (x86)\ownCloud\icudata53.dll
2015-08-06 08:16 - 2015-08-06 08:16 - 00154982 _____ () C:\Program Files (x86)\ownCloud\libEGL.dll
2015-08-06 08:14 - 2015-08-06 08:14 - 00350662 _____ () C:\Program Files (x86)\ownCloud\libjpeg-8.dll
2015-08-06 08:17 - 2015-08-06 08:17 - 00689339 _____ () C:\Program Files (x86)\ownCloud\libsqlite3-0.dll
2015-08-06 10:35 - 2015-08-06 10:35 - 00247540 _____ () C:\Program Files (x86)\ownCloud\libwebp-4.dll
2015-08-06 08:26 - 2015-08-06 08:26 - 01169416 _____ () C:\Program Files (x86)\ownCloud\libxml2-2.dll
2015-08-06 10:38 - 2015-08-06 10:38 - 00231727 _____ () C:\Program Files (x86)\ownCloud\libxslt-1.dll
2015-11-02 10:46 - 2015-11-02 10:46 - 03055762 _____ () C:\Program Files (x86)\sciebo\libocsync.dll
2015-11-02 10:47 - 2015-11-02 10:47 - 17335365 _____ () C:\Program Files (x86)\sciebo\libsciebosync.dll
2015-08-06 16:48 - 2015-08-06 16:48 - 00051095 _____ () C:\Program Files (x86)\sciebo\libqt5keychain.dll
2015-08-06 08:59 - 2015-08-06 08:59 - 00097326 _____ () C:\Program Files (x86)\sciebo\libgcc_s_sjlj-1.dll
2015-08-06 08:59 - 2015-08-06 08:59 - 00922727 _____ () C:\Program Files (x86)\sciebo\libstdc++-6.dll
2015-08-06 08:10 - 2015-08-06 08:10 - 00085548 _____ () C:\Program Files (x86)\sciebo\zlib1.dll
2015-08-06 08:21 - 2015-08-06 08:21 - 02197765 _____ () C:\Program Files (x86)\sciebo\icui18n53.dll
2015-08-06 08:21 - 2015-08-06 08:21 - 01308778 _____ () C:\Program Files (x86)\sciebo\icuuc53.dll
2015-08-06 08:11 - 2015-08-06 08:11 - 00148117 _____ () C:\Program Files (x86)\sciebo\libpcre16-0.dll
2015-08-06 08:16 - 2015-08-06 08:16 - 01366986 _____ () C:\Program Files (x86)\sciebo\libGLESv2.dll
2015-08-06 08:14 - 2015-08-06 08:14 - 00209711 _____ () C:\Program Files (x86)\sciebo\libpng16-16.dll
2015-08-06 08:21 - 2015-08-06 08:21 - 21539975 _____ () C:\Program Files (x86)\sciebo\icudata53.dll
2015-08-06 08:16 - 2015-08-06 08:16 - 00154982 _____ () C:\Program Files (x86)\sciebo\libEGL.dll
2015-08-06 08:14 - 2015-08-06 08:14 - 00350662 _____ () C:\Program Files (x86)\sciebo\libjpeg-8.dll
2015-08-06 08:17 - 2015-08-06 08:17 - 00689339 _____ () C:\Program Files (x86)\sciebo\libsqlite3-0.dll
2015-08-06 10:35 - 2015-08-06 10:35 - 00247540 _____ () C:\Program Files (x86)\sciebo\libwebp-4.dll
2015-08-06 08:26 - 2015-08-06 08:26 - 01169416 _____ () C:\Program Files (x86)\sciebo\libxml2-2.dll
2015-08-06 10:38 - 2015-08-06 10:38 - 00231727 _____ () C:\Program Files (x86)\sciebo\libxslt-1.dll
2014-09-23 07:38 - 2014-11-18 06:21 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2013-12-04 00:06 - 2013-03-20 08:47 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-10-16 11:02 - 2015-10-16 11:02 - 00039384 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3033165532-1905040069-832013410-1001\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-3033165532-1905040069-832013410-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Eichhörnchen\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{215BEAF7-DE91-4DC9-8EC1-6035F88BECA8}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Block) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [TCP Query User{FF88B00E-8B5C-4ABA-BB8F-3B67E618216E}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Block) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{7470CD58-F42E-4831-BE66-E8BAA1D029C0}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [TCP Query User{DB6A7FCA-7E73-4163-B8AA-BC5175366221}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{570701A0-75A4-40BB-9AD2-1ED767AB75D0}C:\users\eichhörnchen\documents\portabel\arduino-1.6.5-r2\java\bin\java.exe] => (Allow) C:\users\eichhörnchen\documents\portabel\arduino-1.6.5-r2\java\bin\java.exe
FirewallRules: [TCP Query User{04622380-F0AA-4A50-A32F-90D125C6FFD1}C:\users\eichhörnchen\documents\portabel\arduino-1.6.5-r2\java\bin\java.exe] => (Allow) C:\users\eichhörnchen\documents\portabel\arduino-1.6.5-r2\java\bin\java.exe
FirewallRules: [UDP Query User{0E41B197-14ED-43E8-8037-99E10D376EC9}C:\users\eichhörnchen\documents\portabel\arduino-1.6.5-r2\java\bin\javaw.exe] => (Allow) C:\users\eichhörnchen\documents\portabel\arduino-1.6.5-r2\java\bin\javaw.exe
FirewallRules: [TCP Query User{4A7BE881-D7DB-490E-B1F7-2B6FEE41910C}C:\users\eichhörnchen\documents\portabel\arduino-1.6.5-r2\java\bin\javaw.exe] => (Allow) C:\users\eichhörnchen\documents\portabel\arduino-1.6.5-r2\java\bin\javaw.exe
FirewallRules: [UDP Query User{3668F001-4AC3-41A9-8023-A19B45104556}C:\users\eichhörnchen\documents\portabel\teamspeak3-server_win64\ts3server_win64.exe] => (Allow) C:\users\eichhörnchen\documents\portabel\teamspeak3-server_win64\ts3server_win64.exe
FirewallRules: [TCP Query User{44401706-0B44-4870-A149-60BB480B2878}C:\users\eichhörnchen\documents\portabel\teamspeak3-server_win64\ts3server_win64.exe] => (Allow) C:\users\eichhörnchen\documents\portabel\teamspeak3-server_win64\ts3server_win64.exe
FirewallRules: [{6C143F01-608F-42DF-9187-96B530969B42}] => (Allow) LPort=3306
FirewallRules: [{9E85A080-197B-472B-A365-30CB4478E0B0}] => (Allow) LPort=1900
FirewallRules: [{33D74253-797E-4EE8-82F2-E00C74DD81F7}] => (Allow) LPort=2869
FirewallRules: [{0B211F41-9E8E-49C9-A94A-B460601537B2}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [UDP Query User{B6E7F9CF-14C9-4CFD-A57F-28CB459606CF}C:\windows\system32\javaw.exe] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [TCP Query User{8F8D1AB9-8BBF-4E68-B931-EF527C805B26}C:\windows\system32\javaw.exe] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [UDP Query User{6DA1B702-320F-400F-86DC-DE6D686472F3}C:\users\dsa rollenspiel\desktop\flatout 2\flatout2.exe] => (Allow) C:\users\dsa rollenspiel\desktop\flatout 2\flatout2.exe
FirewallRules: [TCP Query User{EB060086-6E71-4082-B188-BE672B2AE011}C:\users\dsa rollenspiel\desktop\flatout 2\flatout2.exe] => (Allow) C:\users\dsa rollenspiel\desktop\flatout 2\flatout2.exe
FirewallRules: [UDP Query User{70813AA6-CFFA-471C-AD43-14CCA214517D}C:\windows\system32\javaw.exe] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [TCP Query User{E1B3B1C8-BF8C-4D33-BC2E-76490A272FB8}C:\windows\system32\javaw.exe] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [UDP Query User{D142BE1E-33A4-406A-873F-5800C11E672E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{A5707FDB-7D34-45D0-B2E8-26CA041D65FE}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{80ABDB1C-40DF-426D-BB14-1D6E7668F5D5}C:\windows\system32\java.exe] => (Block) C:\windows\system32\java.exe
FirewallRules: [TCP Query User{6FE0751A-2FDA-4398-B49F-07E747230B60}C:\windows\system32\java.exe] => (Block) C:\windows\system32\java.exe
FirewallRules: [UDP Query User{DC4F9D37-DD2D-4BA4-99E0-AECAAB5A8818}C:\windows\system32\java.exe] => (Block) C:\windows\system32\java.exe
FirewallRules: [TCP Query User{7B45CA17-6B79-462A-A680-EC992B03B53B}C:\windows\system32\java.exe] => (Block) C:\windows\system32\java.exe
FirewallRules: [{C0B51B40-8B60-426C-8788-7DAA3FA6C39D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{63698EF6-146C-498C-A2AB-A92BBDDF7BD5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C5D96C47-C521-4655-8D0E-86C95FC952B7}] => (Allow) C:\glassfish3\jdk\bin\java.exe
FirewallRules: [{93FC04FA-D114-47B8-8F90-B25ABA760101}] => (Allow) C:\glassfish3\jdk\bin\java.exe
FirewallRules: [{02724BD2-4920-4B9C-852E-A116BDB9BAB8}] => (Allow) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [{941DA149-8CBF-4D5C-8321-8BC23ACE99F6}] => (Allow) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [{0BFDE3B1-C0BA-4DF6-8EBD-316E20BC64C3}] => (Allow) C:\Users\Eichhörnchen\Documents\Minecraft\Server\minecraft_server.1.8.1.exe
FirewallRules: [{797018D7-61BF-4D10-B755-B3AA6886821D}] => (Allow) C:\Users\Eichhörnchen\Documents\Minecraft\Server\minecraft_server.1.8.1.exe
FirewallRules: [{C8BD2052-D9BE-4824-ADE2-45D1523160EE}] => (Allow) C:\Users\Eichhörnchen\Documents\Minecraft\Server\minecraft_server.1.8.1.exe
FirewallRules: [{C6AB8EE2-CD16-4E65-B868-E13A96539049}] => (Allow) C:\Users\Eichhörnchen\Documents\Minecraft\Server\minecraft_server.1.8.1.exe
FirewallRules: [{97B3D015-233F-417E-B495-F3DFED468522}] => (Allow) LPort=3306
FirewallRules: [{266389FD-1C97-44EC-B7B8-DBA230D1F218}] => (Allow) LPort=9999
FirewallRules: [UDP Query User{77FA2EEE-A6FC-45E0-9693-2DDCA1F9A943}C:\users\eichhörnchen\documents\portabel\mysql-5.6.21-winx64\bin\mysqld.exe] => (Allow) C:\users\eichhörnchen\documents\portabel\mysql-5.6.21-winx64\bin\mysqld.exe
FirewallRules: [TCP Query User{52343ED0-86C1-46B2-B8FD-0A181A7D2021}C:\users\eichhörnchen\documents\portabel\mysql-5.6.21-winx64\bin\mysqld.exe] => (Allow) C:\users\eichhörnchen\documents\portabel\mysql-5.6.21-winx64\bin\mysqld.exe
FirewallRules: [{A5413FF0-609C-4A39-8AB3-C8E1CD26C903}] => (Allow) LPort=3306
FirewallRules: [UDP Query User{13476C96-E488-45CA-A6E0-8DA49D9173BC}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{BAC14DBF-85CB-4023-A0C7-D6CD0ED7597F}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{2C6F8A2A-B4C1-4072-8736-FD06EAFB1706}C:\glassfish3\jdk\bin\java.exe] => (Allow) C:\glassfish3\jdk\bin\java.exe
FirewallRules: [TCP Query User{AC654CFD-AF66-4DF3-B6FB-EFBC1658A3CF}C:\glassfish3\jdk\bin\java.exe] => (Allow) C:\glassfish3\jdk\bin\java.exe
FirewallRules: [{D0564F39-E479-4FC9-88BB-85F68DE22C26}] => (Allow) LPort=3306
FirewallRules: [{47A9A48D-ACCB-4C0C-A8EB-50525617E53C}] => (Allow) LPort=3306
FirewallRules: [{37C4F6A3-7F30-4540-A8D2-F5890828D0D6}] => (Allow) LPort=3306
FirewallRules: [{C8AB631E-23EC-4F6A-86A1-D02F6BC6AFF5}] => (Allow) LPort=3306
FirewallRules: [{0A77E1F4-AE3C-4130-956D-224E321849C3}] => (Allow) LPort=3306
FirewallRules: [{A31CBA45-8B58-4D69-8C31-B2C508BA45C0}] => (Allow) C:\Users\Eichhörnchen\Documents\Portabel\dhcpsrv2.4\dhcpsrv.exe
FirewallRules: [{024527DB-23E1-4526-B8BC-5DE07D07BEB6}] => (Allow) C:\Users\Eichhörnchen\Documents\Portabel\dhcpsrv2.4\dhcpsrv.exe
FirewallRules: [{E8CEA51F-803A-44C0-87BB-EB199F15A888}] => (Allow) C:\Users\Eichhörnchen\Desktop\Minecraft.exe
FirewallRules: [{BBBF37D1-0009-446F-8264-493E9B5CA952}] => (Allow) C:\Users\Eichhörnchen\Desktop\Minecraft.exe
FirewallRules: [{52C3D2B5-64AC-43D0-A8DA-10B035E6DDA9}] => (Allow) C:\Users\Eichhörnchen\Desktop\Minecraft.exe
FirewallRules: [{28D70172-3A36-482E-8049-EF9BF39C71BD}] => (Allow) C:\Users\Eichhörnchen\Desktop\Minecraft.exe
FirewallRules: [{2C0BF499-5870-465B-B6CA-12144A3B178A}] => (Allow) C:\Program Files\Adobe\Adobe Bridge CC (64 Bit)\Bridge.exe
FirewallRules: [{6F90533C-191F-42D6-873B-BB3A8AE0883D}] => (Allow) C:\Program Files\Adobe\Adobe Bridge CC (64 Bit)\Bridge.exe
FirewallRules: [{59C5AAA7-E3B1-438D-98DA-55DD49D47436}] => (Allow) C:\Program Files\Adobe\Adobe Bridge CC (64 Bit)\Bridge.exe
FirewallRules: [{69B20C95-516D-426B-B2A6-5BD2C016699F}] => (Allow) C:\Program Files\Adobe\Adobe Bridge CC (64 Bit)\Bridge.exe
FirewallRules: [{29F9E817-C31C-485F-85A0-274558B60D96}] => (Allow) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [{AA96E43F-A217-4362-97B2-4BD48A26C39D}] => (Allow) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [UDP Query User{4C847604-FB8E-4759-AC9D-37F79B8C9B4E}C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\addon.exe] => (Allow) C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\addon.exe
FirewallRules: [TCP Query User{81B37CB0-A24E-4DBA-9FEC-37E98496B617}C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\addon.exe] => (Allow) C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\addon.exe
FirewallRules: [UDP Query User{1E078935-19D5-4036-BD60-892763DCD892}C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\addonweb.exe] => (Allow) C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\addonweb.exe
FirewallRules: [TCP Query User{EF60BAD5-6195-44C8-93B8-C2BA04A3C893}C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\addonweb.exe] => (Allow) C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\addonweb.exe
FirewallRules: [{15EB3127-DD61-4A63-B788-05713054537B}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\Benchmark.exe
FirewallRules: [{C049BDE1-B651-4B87-BF98-CA5D24AF51E0}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\Benchmark.exe
FirewallRules: [{3F671649-F21F-4F91-BD77-D9B145A6541D}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\AddonWeb.exe
FirewallRules: [{9882C7C7-A419-4A2A-A641-1B4187E0E1B5}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\AddonWeb.exe
FirewallRules: [{98CAD265-4432-47D8-8A8F-6E1614A88DE1}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\Anno4Web.exe
FirewallRules: [{8D1F6EB1-5E62-492F-BEB7-DF802F7DF290}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\Anno4Web.exe
FirewallRules: [{7EE02E84-0342-44B7-A319-71D410C6A5F0}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\Addon.exe
FirewallRules: [{D7AD86ED-B3B4-4103-860C-0A581AEACC21}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\Addon.exe
FirewallRules: [{B00FC84C-D01C-4E43-AE12-B85DD5EF4735}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\Anno4.exe
FirewallRules: [{7FA775C2-9821-403A-A881-3BD1BDDCFEAA}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\Anno4.exe
FirewallRules: [UDP Query User{F564E44D-6133-43B4-96DF-6533EB33F8B8}C:\program files\java\jre8\bin\javaw.exe] => (Allow) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [TCP Query User{CD348A4A-DE05-4D4B-BE7B-B4A0EDB884CA}C:\program files\java\jre8\bin\javaw.exe] => (Allow) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [{BEAE9603-B4C3-4BFA-8E35-378473D46084}] => (Allow) C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D1EA28CB-5C8F-4E93-A7E4-35A9C3025F27}] => (Allow) C:\Users\Eichhörnchen\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{8B519504-F653-4AD0-B905-FE81304FD013}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [{9BB68EDD-E363-407A-98F9-EF46BE6A7BD0}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [{C698E75C-202A-4415-A60E-3AB8D40788CE}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [{1D45B635-6299-43E2-B63E-28C2E55AF32E}] => (Allow) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [UDP Query User{AFCC9C08-F6EB-465E-8CF8-E6E5A4E3BF9F}C:\users\eichhörnchen\appdata\local\temp\java_ee_sdk-6u2-jdk-windows-x64.exe4\jdk\jre\bin\javaw.exe] => (Allow) C:\users\eichhörnchen\appdata\local\temp\java_ee_sdk-6u2-jdk-windows-x64.exe4\jdk\jre\bin\javaw.exe
FirewallRules: [TCP Query User{CF2D36BF-0A29-43F0-9278-1A9CDA9EBCF3}C:\users\eichhörnchen\appdata\local\temp\java_ee_sdk-6u2-jdk-windows-x64.exe4\jdk\jre\bin\javaw.exe] => (Allow) C:\users\eichhörnchen\appdata\local\temp\java_ee_sdk-6u2-jdk-windows-x64.exe4\jdk\jre\bin\javaw.exe
FirewallRules: [UDP Query User{8CC09DF1-33B2-4603-8789-DED25CB0182D}C:\program files\java\jdk1.8.0_11\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_11\bin\java.exe
FirewallRules: [TCP Query User{9E5FC2A3-1FF5-4C9B-98F9-ECA870C8C7F6}C:\program files\java\jdk1.8.0_11\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_11\bin\java.exe
FirewallRules: [UDP Query User{AD82DDEF-9101-445C-ACEB-5CC609F3478B}C:\program files\netbeans 8.0\bin\netbeans64.exe] => (Block) C:\program files\netbeans 8.0\bin\netbeans64.exe
FirewallRules: [TCP Query User{5D3048E3-8338-4975-A7A9-DA99969C65D6}C:\program files\netbeans 8.0\bin\netbeans64.exe] => (Block) C:\program files\netbeans 8.0\bin\netbeans64.exe
FirewallRules: [UDP Query User{FD3F89E1-0AA8-4FE7-88B9-E2268FE6C394}C:\users\eichhörnchen\appdata\local\temp\java_ee_sdk-6u2-jdk-windows-x64.exe3\jdk\jre\bin\javaw.exe] => (Allow) C:\users\eichhörnchen\appdata\local\temp\java_ee_sdk-6u2-jdk-windows-x64.exe3\jdk\jre\bin\javaw.exe
FirewallRules: [TCP Query User{535D8C2E-9ACC-40C3-B2B2-EAA05E321EB0}C:\users\eichhörnchen\appdata\local\temp\java_ee_sdk-6u2-jdk-windows-x64.exe3\jdk\jre\bin\javaw.exe] => (Allow) C:\users\eichhörnchen\appdata\local\temp\java_ee_sdk-6u2-jdk-windows-x64.exe3\jdk\jre\bin\javaw.exe
FirewallRules: [UDP Query User{A1033595-EEF3-4ED3-AA5C-7E53370A31AA}C:\glassfish3\jdk\jre\bin\javaw.exe] => (Allow) C:\glassfish3\jdk\jre\bin\javaw.exe
FirewallRules: [TCP Query User{2D3EE85F-CDDB-4226-8555-DDED2A0DB7F8}C:\glassfish3\jdk\jre\bin\javaw.exe] => (Allow) C:\glassfish3\jdk\jre\bin\javaw.exe
FirewallRules: [UDP Query User{0C3635D3-8F3C-4600-9942-4FA24F082EB8}C:\program files\java\jre8\bin\javaw.exe] => (Allow) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [TCP Query User{369EE106-9758-4116-83E5-CA26D45C8D90}C:\program files\java\jre8\bin\javaw.exe] => (Allow) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [UDP Query User{D79D2931-E2E8-4192-8AAC-941D3860BBA4}C:\program files\java\jdk1.8.0_11\jre\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_11\jre\bin\java.exe
FirewallRules: [TCP Query User{E289DA99-DB99-41C3-81FB-095E33FF299E}C:\program files\java\jdk1.8.0_11\jre\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_11\jre\bin\java.exe
FirewallRules: [UDP Query User{65B5FD72-9C43-493D-B194-DD75E0E56F05}C:\glassfish3\jdk\bin\java.exe] => (Allow) C:\glassfish3\jdk\bin\java.exe
FirewallRules: [TCP Query User{DE530A83-2805-40E0-8BC2-D0D21269BE6B}C:\glassfish3\jdk\bin\java.exe] => (Allow) C:\glassfish3\jdk\bin\java.exe
FirewallRules: [UDP Query User{67EE48DD-6FBA-4937-8800-D3679235D451}C:\users\eichhörnchen\appdata\local\temp\java_ee_sdk-6u2-jdk-windows-x64.exe2\jdk\jre\bin\javaw.exe] => (Allow) C:\users\eichhörnchen\appdata\local\temp\java_ee_sdk-6u2-jdk-windows-x64.exe2\jdk\jre\bin\javaw.exe
FirewallRules: [TCP Query User{C7220C66-7B7F-4EFF-BA36-04A401F80D23}C:\users\eichhörnchen\appdata\local\temp\java_ee_sdk-6u2-jdk-windows-x64.exe2\jdk\jre\bin\javaw.exe] => (Allow) C:\users\eichhörnchen\appdata\local\temp\java_ee_sdk-6u2-jdk-windows-x64.exe2\jdk\jre\bin\javaw.exe
FirewallRules: [UDP Query User{87057792-8A55-4C84-A1D3-2CFF34AAE8AC}C:\program files\java\jdk1.8.0_11\bin\jmc.exe] => (Block) C:\program files\java\jdk1.8.0_11\bin\jmc.exe
FirewallRules: [TCP Query User{717473CF-D03E-4C49-9EE2-7735756AC8EE}C:\program files\java\jdk1.8.0_11\bin\jmc.exe] => (Block) C:\program files\java\jdk1.8.0_11\bin\jmc.exe
FirewallRules: [{23C0C7DC-45CE-4B71-B13F-891E7206F909}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{56FA3CC5-B7D9-4009-B2DA-1D8E2C4788CB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{6FB9F2A7-8D45-401B-886C-7DAC4102BE29}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{B3FD9C67-EF16-4571-81D7-928917C792CF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{639E3D63-53B8-4B7F-83F5-2CA569D9AFC2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{01F9714A-5E5B-4F1D-9CBA-2B4FF426DE99}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{35600F53-3790-4956-8151-31DAA0BA819D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{28104437-BCA2-4B7F-AA15-F321515022A1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{94483A2D-376E-43EC-B2FC-A8856777D2EE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{F571FC3C-37F8-4CCF-9F72-66FD676A4CCD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{74CF39A5-4A55-4143-B5BF-F4F4DF5D0DC9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{2852B6CD-47AD-4B91-BC10-5DECED983CBE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{EECD8EED-132E-4E3D-94D0-31FFC96D025E}] => (Allow) C:\Users\Eichhörnchen\AppData\Local\Temp\7zS73B4\hppiw.exe
FirewallRules: [{A4C3CCE7-3B37-4602-AC0D-8F5C2C94B11C}] => (Allow) C:\Users\Eichhörnchen\AppData\Local\Temp\7zS73B4\hppiw.exe
FirewallRules: [UDP Query User{C7B03E8B-335D-4DF6-9E0C-1E96236E5529}C:\users\eichhörnchen\documents\raspberry pi\portscan\portscan.exe] => (Allow) C:\users\eichhörnchen\documents\raspberry pi\portscan\portscan.exe
FirewallRules: [TCP Query User{50BADC7F-C221-4B93-AA61-DAD9351E4FDA}C:\users\eichhörnchen\documents\raspberry pi\portscan\portscan.exe] => (Allow) C:\users\eichhörnchen\documents\raspberry pi\portscan\portscan.exe
FirewallRules: [UDP Query User{4FE68CA3-C354-478C-85F4-B4801EBB018F}C:\users\eichhörnchen\documents\raspberry pi\portscan\portscan.exe] => (Block) C:\users\eichhörnchen\documents\raspberry pi\portscan\portscan.exe
FirewallRules: [TCP Query User{E9337CCB-AF81-4A5A-AEE0-E35BC75B50FC}C:\users\eichhörnchen\documents\raspberry pi\portscan\portscan.exe] => (Block) C:\users\eichhörnchen\documents\raspberry pi\portscan\portscan.exe
FirewallRules: [UDP Query User{1D4DBD02-9BF4-4DE7-9D0C-E77DF4C5975E}C:\users\eichhörnchen\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\eichhörnchen\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{2307E635-E1AE-4660-A46B-30B0879C0912}C:\users\eichhörnchen\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\eichhörnchen\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{61FEAB0A-10D6-416D-8188-621AEDA464C0}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{67830E2B-FBB7-4A6F-9276-054F31B176EC}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{43C55DA4-9CBF-4A39-A085-142CBB8F96C2}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{17E4DD35-74E5-4DB0-B607-FCC0410C0E85}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{4D3FB5D7-4AE1-49D6-88AB-128FC4F1F285}] => (Allow) LPort=7935
FirewallRules: [{FEBB1859-C311-47AB-8D62-3CDB60238FC3}] => (Allow) C:\Program Files\Adobe\Adobe Flash Builder 4.7 (64 Bit)\FlashBuilder.exe
FirewallRules: [{7057FD8B-9DB4-4C80-A2F0-93FDC1C2B665}] => (Allow) C:\Program Files\Adobe\Adobe Flash Builder 4.7 (64 Bit)\FlashBuilder.exe
FirewallRules: [{754FBC46-58D1-4B06-ACE2-D4697882DA77}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Edge Inspect CC\EdgeInspect.exe
FirewallRules: [{B60AAC77-43DA-4CA0-803D-5016A8F88CFC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{16C7E33C-8B36-4667-A215-10ACC24808D0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{B82AA7CE-0440-4F06-BA4F-C640877CFAFF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{463E8DCB-12D5-4647-B912-89367003D61D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{5D20A778-6FF4-4D39-A021-DEECEE6C8572}] => (Allow) C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [TCP Query User{4020244E-04BB-49EE-B20C-CCD1E275235B}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{1E9F6270-E499-4BDA-8F2B-4F7BEAE1D851}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{734278CD-C54D-42B4-9694-0AEB982B03D0}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{A74DAD7E-9F00-4A89-8189-8E0A4C27B43B}C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\anno4web.exe] => (Allow) C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\anno4web.exe
FirewallRules: [UDP Query User{96C186DD-B34F-492D-B3A6-91BCE760A68E}C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\anno4web.exe] => (Allow) C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\anno4web.exe
FirewallRules: [TCP Query User{A39D040F-89C6-42E6-BFD7-A544DCAC64D2}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [UDP Query User{32BF834B-EBA3-4C54-8967-511E3DCF758A}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [TCP Query User{ED52F1AF-A33E-4DB3-9B8C-2A94099F4F37}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [UDP Query User{11401050-CB67-4E64-B38C-33C2367181A4}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [TCP Query User{8F1B0BCD-670F-4C87-94E1-3DC2A343CA07}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [UDP Query User{F9098E93-C592-41F7-B414-F81F57F9B1BD}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [{3D2063F5-298A-4CFB-AB3E-7DF698128261}] => (Block) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [{F41EB106-ABF5-4344-B32D-55A047D14AF2}] => (Block) C:\program files\java\jre1.8.0_60\bin\javaw.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Insyde Airplane Mode HID Mini-Driver
Description: Insyde Airplane Mode HID Mini-Driver
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Insyde
Service: AirplaneModeHid
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/11/2015 11:38:43 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Eichhoernchen)
Description: Bei der Aktivierung der App „Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/11/2015 06:57:13 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Eichhoernchen)
Description: Bei der Aktivierung der App „Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/11/2015 03:54:41 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Eichhoernchen)
Description: Bei der Aktivierung der App „Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/11/2015 03:49:41 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Eichhoernchen)
Description: Bei der Aktivierung der App „Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/11/2015 03:44:40 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Eichhoernchen)
Description: Bei der Aktivierung der App „Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/11/2015 03:39:37 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Eichhoernchen)
Description: Bei der Aktivierung der App „Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/11/2015 03:34:38 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Eichhoernchen)
Description: Bei der Aktivierung der App „Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/11/2015 03:29:31 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Eichhoernchen)
Description: Bei der Aktivierung der App „Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/11/2015 03:02:29 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.
Error: (11/11/2015 02:52:17 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Eichhoernchen)
Description: Bei der Aktivierung der App „Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Systemfehler:
=============
Error: (11/11/2015 11:39:04 PM) (Source: DCOM) (EventID: 10016) (User: Eichhoernchen)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}EichhoernchenEichhörnchenS-1-5-21-3033165532-1905040069-832013410-1002LocalHost (unter Verwendung von LRPC)Microsoft.WindowsStore_2015.21.12.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157
Error: (11/11/2015 11:38:40 PM) (Source: DCOM) (EventID: 10000) (User: NT-AUTORITÄT)
Description: C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -Embedding193{10DA4F3C-CC99-4190-BE4D-58330754E882}
Error: (11/11/2015 11:38:39 PM) (Source: DCOM) (EventID: 10000) (User: NT-AUTORITÄT)
Description: C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -Embedding193{10DA4F3C-CC99-4190-BE4D-58330754E882}
Error: (11/11/2015 11:38:33 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Anmelde-Assistent für Microsoft-Konten" wurde mit folgendem Fehler beendet:
%%193
Error: (11/11/2015 06:57:12 AM) (Source: DCOM) (EventID: 10000) (User: NT-AUTORITÄT)
Description: C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -Embedding193{10DA4F3C-CC99-4190-BE4D-58330754E882}
Error: (11/11/2015 06:57:10 AM) (Source: DCOM) (EventID: 10000) (User: NT-AUTORITÄT)
Description: C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -Embedding193{10DA4F3C-CC99-4190-BE4D-58330754E882}
Error: (11/11/2015 03:54:41 AM) (Source: DCOM) (EventID: 10000) (User: NT-AUTORITÄT)
Description: C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -Embedding193{10DA4F3C-CC99-4190-BE4D-58330754E882}
Error: (11/11/2015 03:54:39 AM) (Source: DCOM) (EventID: 10000) (User: NT-AUTORITÄT)
Description: C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -Embedding193{10DA4F3C-CC99-4190-BE4D-58330754E882}
Error: (11/11/2015 03:49:40 AM) (Source: DCOM) (EventID: 10000) (User: NT-AUTORITÄT)
Description: C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -Embedding193{10DA4F3C-CC99-4190-BE4D-58330754E882}
Error: (11/11/2015 03:49:38 AM) (Source: DCOM) (EventID: 10000) (User: NT-AUTORITÄT)
Description: C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -Embedding193{10DA4F3C-CC99-4190-BE4D-58330754E882}
CodeIntegrity:
===================================
Date: 2015-11-10 22:18:36.793
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-11-10 22:04:23.423
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\Tastatur.dll that did not meet the Windows signing level requirements.
Date: 2015-11-09 00:36:59.593
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\Tastatur.dll that did not meet the Windows signing level requirements.
Date: 2015-11-08 15:52:51.284
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\Tastatur.dll that did not meet the Windows signing level requirements.
Date: 2015-11-08 15:34:11.432
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\Tastatur.dll that did not meet the Windows signing level requirements.
Date: 2015-11-08 14:09:12.192
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-11-08 13:11:27.216
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\Tastatur.dll that did not meet the Windows signing level requirements.
Date: 2015-11-08 12:52:54.046
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\Tastatur.dll that did not meet the Windows signing level requirements.
Date: 2015-11-07 15:57:29.555
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\Tastatur.dll that did not meet the Windows signing level requirements.
Date: 2015-11-06 22:29:22.892
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\Tastatur.dll that did not meet the Windows signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4200M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 29%
Installierter physikalischer RAM: 8112.5 MB
Verfügbarer physikalischer RAM: 5758.83 MB
Summe virtueller Speicher: 9392.5 MB
Verfügbarer virtueller Speicher: 6906.98 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:900.99 GB) (Free:508.74 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 8E6EDAB6)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
12.11.2015, 17:13
| #11 |
| /// the machine /// TB-Ausbilder | TR/Crypt.ZPACK.*, TR.Crypt.XPACK.*, nicht gefundene AdWare Dann teste mal das Windows.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu TR/Crypt.ZPACK.*, TR.Crypt.XPACK.*, nicht gefundene AdWare |
| .com, adware, avira, dateien, deutsch, falsche, firefox, folge, forum, gelöscht, home, infiziert, laptop, löschen, neu, nicht mehr, not, programme, rechner, scan, starten, warum, weitergeleitet, werbung, windows, öffnen |
Linear-Darstellung
