| |
| |||||||
Log-Analyse und Auswertung: "nbi cleaner" ist wieder/noch daWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
10.02.2016, 17:16
| #1 |
 |  "nbi cleaner" ist wieder/noch da Hallo, ich hoffe, ich bin hier richtig. Habe mir heute erst NetBeans allein, und dann das Java jdk mit Netbeans 8.1 runtergeladen und installiert. Als ich danach die exe-Dateien löschen wollte meldete mir EmiSoft (Trial) eine Bedrohung entdeckt zu haben die sich verborgen installieren wollte; siehe Screenshot. Muß im NetBeans Installer sein, denn das Löschen des Java jdk solo brachte keine Meldung. Bei "nbi cleaner" scheint es sich um einen alten Bekannten von 2009 zu handeln, wie ich auf der Seite von NetBeans feststellte: Bug 157748 - A Trojan Found on the Installer! Unangenehm, daß man sich nicht auf Installer einer seriösen Seite verlassen kann. |
|
10.02.2016, 19:01
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | "nbi cleaner" ist wieder/noch da Hallo und
__________________ Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten! Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht! Zudem bitte auch ein Log mit Farbars Tool machen: Scan mit Farbar's Recovery Scan Tool (FRST) Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
 Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
10.02.2016, 23:47
| #3 |
| | "nbi cleaner" ist wieder/noch da (Der IE scheint nur Murks zu sein, schon wieder beim Antworten abgestürzt.)
__________________Hallo, ich habe frühere Logs, weil ich mir vor gut 2 Wochen Malware reingezogen habe, auch eine eigentlich seriöse Seite, aber dafür muß ich einen neuen Thread aufmachen. Ich habe alles durchlaufen lassen was ich hier an Programmen gefunden habe, und es wurde auch etliches gefunden und gelöscht, aber ich weiß nicht ... Zu dem was ich hinsichtlich nbi-cleaner gepostet habe folgen die beiden Scans; bei Addition.txt Seite 11, sind immer noch russische und chinesische Schriftzeichen: FRST.txt FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:27-01-2016
durchgeführt von Heinz (ACHTUNG: der Benutzer ist kein Administrator) auf PANDORA (10-02-2016 22:53:53)
Gestartet von D:\Sicherung\Downloads\Microsoft\MalwareTools\FarbarRST
Geladene Profile: Heinz (Verfügbare Profile: Rudolf & Heinz)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
konnte nicht auf den Prozess zugreifen -> smss.exe
konnte nicht auf den Prozess zugreifen -> csrss.exe
konnte nicht auf den Prozess zugreifen -> wininit.exe
konnte nicht auf den Prozess zugreifen -> csrss.exe
konnte nicht auf den Prozess zugreifen -> winlogon.exe
konnte nicht auf den Prozess zugreifen -> services.exe
konnte nicht auf den Prozess zugreifen -> lsass.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> dwm.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> a2service.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> spoolsv.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> armsvc.exe
konnte nicht auf den Prozess zugreifen -> mDNSResponder.exe
konnte nicht auf den Prozess zugreifen -> CCDMonitorService.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> Agent.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> HeciServer.exe
konnte nicht auf den Prozess zugreifen -> IpOverUsbSvc.exe
konnte nicht auf den Prozess zugreifen -> Jhi_service.exe
konnte nicht auf den Prozess zugreifen -> TodoBackupService.exe
konnte nicht auf den Prozess zugreifen -> mdm.exe
konnte nicht auf den Prozess zugreifen -> mysqld.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> sqlwriter.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> vds.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> WUDFHost.exe
konnte nicht auf den Prozess zugreifen -> dasHost.exe
konnte nicht auf den Prozess zugreifen -> RIconMan.exe
konnte nicht auf den Prozess zugreifen -> LMS.exe
konnte nicht auf den Prozess zugreifen -> NASvc.exe
konnte nicht auf den Prozess zugreifen -> SearchIndexer.exe
konnte nicht auf den Prozess zugreifen -> UNS.exe
konnte nicht auf den Prozess zugreifen -> SeaPort.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(The Eraser Project) D:\Program Files\Eraser\Eraser.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2guard.exe
() C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(CHENGDU YIWO Tech Development Co., Ltd) D:\Program Files\EaseUS\EaseUS Partition Maste10-8\bin\EpmNews.exe
(Adobe Systems Inc.) D:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
(FUJIFILM Corporation) C:\Program Files (x86)\FinePixViewer\QuickDCF2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Co.) D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
konnte nicht auf den Prozess zugreifen -> FNPLicensingService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Hewlett-Packard Co.) D:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) D:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) D:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
konnte nicht auf den Prozess zugreifen -> ePowerSvc.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-02] (Realtek Semiconductor)
HKLM\...\Run: [Eraser] => D:\Program Files\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project)
HKLM\...\Run: [Classic Start Menu] => C:\Programme\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [emsisoft anti-malware] => c:\program files\emsisoft anti-malware\a2guard.exe [9235928 2016-01-27] (Emsisoft Ltd)
HKLM-x32\...\Run: [EaseUS EPM tray] => D:\Program Files\EaseUS\EaseUS Partition Maste10-8\bin\EpmNews.exe [2089056 2015-09-16] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [EaseUs Watch] => "H:\Program Files\EaseUS\Todo Backup\bin\EuWatch.exe"
HKLM-x32\...\Run: [EaseUs Tray] => "H:\Program Files\EaseUS\Todo Backup\bin\TrayNotify.exe"
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => D:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [620152 2006-10-22] (Adobe Systems Inc.)
HKLM-x32\...\Run: [HP Software Update] => D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596016 2016-01-29] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\Run: [GoogleChromeAutoLaunch_8873E7926251A1FFF25FD5B64C244189] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [748872 2016-02-09] (Google Inc.)
HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1193176 2013-09-17] ()
HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\Run: [SpybotPostWindows10UpgradeReInstall] => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [133632 2014-10-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Programme\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Programme\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk [2016-02-09]
ShortcutTarget: Adobe Acrobat Speed Launcher.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Synchronizer.lnk [2016-02-09]
ShortcutTarget: Adobe Acrobat Synchronizer.lnk -> D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2016-02-09]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ExifLauncher2.lnk [2016-02-09]
ShortcutTarget: ExifLauncher2.lnk -> C:\Program Files (x86)\FinePixViewer\QuickDCF2.exe (FUJIFILM Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-02-09]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2016-02-09]
ShortcutTarget: Microsoft Office.lnk -> D:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2016-02-09]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{B3CAEEBF-3743-4152-A0F7-CCF641E2A859}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de/
SearchScopes: HKU\.DEFAULT -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\.DEFAULT -> {B7DE1827-F960-445E-9E13-EF6E99B49D87} URL =
SearchScopes: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004 -> {B7DE1827-F960-445E-9E13-EF6E99B49D87} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Programme\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Program Files\Java\bin\ssv.dll [2016-02-10] (Oracle Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Program Files\Java\bin\jp2ssv.dll [2016-02-10] (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Programme\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)
BHO-x32: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Programme\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems Incorporated)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Programme\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Programme\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Programme\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Toolbar: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei
DPF: HKLM-x32 {DED4D168-AEEE-4E0C-B699-36A9A320ED5E} hxxp://de.cyberlink.com/prog/win8/js/UpdateAdvisor.cab
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default
FF Homepage: hxxp://de.msn.com/
FF NetworkProxy: "backup.ftp", "127.0.0.1"
FF NetworkProxy: "backup.ftp_port", 4001
FF NetworkProxy: "backup.socks", "127.0.0.1"
FF NetworkProxy: "backup.socks_port", 4001
FF NetworkProxy: "backup.ssl", "127.0.0.1"
FF NetworkProxy: "backup.ssl_port", 4001
FF NetworkProxy: "ftp", "127.0.0.1"
FF NetworkProxy: "ftp_port", 4001
FF NetworkProxy: "http", "127.0.0.1"
FF NetworkProxy: "http_port", 4001
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "127.0.0.1"
FF NetworkProxy: "socks_port", 4001
FF NetworkProxy: "socks_remote_dns", true
FF NetworkProxy: "ssl", "127.0.0.1"
FF NetworkProxy: "ssl_port", 4001
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-09] ()
FF Plugin: @java.com/DTPlugin,version=11.74.2 -> D:\Program Files\Java\bin\dtplugin\npDeployJava1.dll [2016-02-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.74.2 -> D:\Program Files\Java\bin\plugin2\npjp2.dll [2016-02-10] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-09] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> D:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> D:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> D:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> D:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2932333098-1933949563-2559224823-1004: @phonostar.de/1&1 Internet-Radio-Player -> D:\Program Files\1&1 Internet-Radio-Player\npphonostarDetectNP.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-2932333098-1933949563-2559224823-1004: @phonostar.de/phonostar-Player -> D:\Program Files\Internet-Radio-Player\phonostar-Player\npphonostarDetectNP.dll [Keine Datei]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Extension: Proxy Selector - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\extensions\proxyselector@mozilla.org.xpi [2015-06-04]
FF Extension: Webpage Snapshot - Snapilicious.com - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\extensions\admin@snapilicious.com.xpi [2015-06-04]
FF Extension: FoxyProxy Standard - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\extensions\foxyproxy@eric.h.jung [2015-06-04]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2014-12-15] [ist nicht signiert]
FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\extensions\artur.dubovoy@gmail.com [2016-01-26]
FF Extension: Hotspot Shield Free VPN Proxy – Unblock Sites - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\Extensions\hotspot-shield@anchorfree.com.xpi [2015-11-03] [ist nicht signiert]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\Extensions\ich@maltegoetz.de.xpi [2015-08-09]
FF Extension: YouTube Unblocker - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\Extensions\youtubeunblocker__web@unblocker.yt [2015-12-04]
FF Extension: unity player - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\Extensions\{05cfb51c-ba6e-41f7-89b3-a96f5c837a87}.xpi [2015-09-22] [ist nicht signiert]
FF Extension: YouTube High Definition - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2016-02-03]
FF Extension: Download YouTube Videos as MP4 - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2016-01-08]
FF Extension: Video DownloadHelper - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-10-30]
FF Extension: mpeg4 manager free - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\Extensions\{df4bd301-ee66-4f5e-a6e0-25ddf2bf381e}.xpi [2016-01-01] [ist nicht signiert]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden
Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.de/"
CHR Profile: C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-07-29]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2016-02-02]
CHR Extension: (Google Docs) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]
CHR Extension: (Google Drive) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (YouTube) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google-Suche) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Docs Offline) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-20]
CHR Extension: (TinEye Reverse Image Search) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2014-05-23]
CHR Extension: (TV für Google Chrome™) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe [2016-01-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-29]
CHR Extension: (Google Mail) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
Opera:
=======
StartMenuInternet: (HKLM) Opera - D:\Program Files\Opera\Opera.exe
StartMenuInternet: (HKU\S-1-5-21-2932333098-1933949563-2559224823-1004) Opera - "C:\Users\Heinz\AppData\Local\Programs\Opera x64\Opera.exe"
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [10963864 2016-01-27] (Emsisoft Ltd)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-01-28] (Adobe Systems) [Datei ist nicht signiert]
R2 Bonjour Service; C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe [384512 2015-08-18] (Apple Inc.) [Datei ist nicht signiert]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [37416 2014-12-15] (CHENGDU YIWO Tech Development Co., Ltd)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [660040 2013-01-18] (Acer Incorporated)
R3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2013-12-21] (Macrovision Europe Ltd.) [Datei ist nicht signiert]
R3 hpqcxs08; D:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [254824 2011-04-29] (Hewlett-Packard Co.)
R2 hpqddsvc; D:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [138600 2011-04-29] (Hewlett-Packard Co.)
R2 HPSLPSVC; C:\Users\Rudolf\AppData\Local\Temp\7zS5C6D\hpslpsvc64.dll [1039360 2013-07-19] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [Datei ist nicht signiert]
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21744 2015-07-09] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [625640 2015-04-24] (Lenovo)
R2 lmhosts; C:\Windows\system32\svchost.exe [38792 2014-10-29] (Microsoft Corporation)
R2 lmhosts; C:\WINDOWS\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe [270336 2001-02-23] (Microsoft Corporation) [Datei ist nicht signiert]
R2 MySQL; D:\Programme\MariaDB 10.1\bin\mysqld.exe [13470536 2015-12-23] ()
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NlaSvc; C:\Windows\System32\svchost.exe [38792 2014-10-29] (Microsoft Corporation)
R2 NlaSvc; C:\WINDOWS\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [38792 2014-10-29] (Microsoft Corporation)
R2 nsi; C:\WINDOWS\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [134656 2015-07-09] (Microsoft Corporation) [Datei ist nicht signiert]
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-06] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\WINDOWS\SysWOW64\epmntdrv.sys [14944 2014-11-18] ()
R1 epp; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp.sys [124080 2016-02-09] (Emsisoft Ltd)
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48168 2014-12-14] ()
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\WINDOWS\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2015-11-15] (Riverbed Technology, Inc.)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2016-01-19] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [194976 2016-01-19] (Oracle Corporation)
R1 vmm; C:\WINDOWS\system32\Treiber\vmm.sys [294248 2016-01-29] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 cpuz137; \??\D:\Program Files\CPUID\PC Wizard 2013\pcwiz_x64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-10 15:56 - 2016-02-06 11:48 - 25839104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-02-10 15:56 - 2016-02-06 11:24 - 02887680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-02-10 15:56 - 2016-02-06 11:01 - 20366848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-02-10 15:56 - 2016-02-06 10:43 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-02-10 15:56 - 2016-02-06 10:32 - 14458368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-02-10 15:56 - 2016-02-06 10:16 - 12857856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-02-10 15:56 - 2016-02-06 10:09 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-02-10 15:56 - 2016-02-06 09:54 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-02-10 14:46 - 2016-01-22 09:01 - 22365992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-02-10 14:46 - 2016-01-22 08:11 - 19794896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-02-10 14:46 - 2016-01-22 06:25 - 14467072 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-02-10 14:46 - 2016-01-22 06:14 - 12879360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-02-10 14:46 - 2016-01-22 06:07 - 02778624 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-02-10 14:46 - 2016-01-22 05:58 - 02464256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-02-10 14:44 - 2016-01-22 07:40 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-02-10 14:44 - 2016-01-22 07:29 - 06052352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-02-10 14:44 - 2016-01-22 07:28 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-10 14:44 - 2016-01-22 07:27 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-02-10 14:44 - 2016-01-22 07:02 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-02-10 14:44 - 2016-01-22 06:55 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-02-10 14:44 - 2016-01-22 06:52 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-10 14:44 - 2016-01-22 06:51 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-02-10 14:44 - 2016-01-22 06:50 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-02-10 14:44 - 2016-01-22 06:48 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-02-10 14:44 - 2016-01-22 06:48 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-02-10 14:44 - 2016-01-22 06:47 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-02-10 14:44 - 2016-01-22 06:46 - 02123264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-02-10 14:44 - 2016-01-22 06:35 - 04611072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-02-10 14:44 - 2016-01-22 06:31 - 02597376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-02-10 14:44 - 2016-01-22 06:31 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-02-10 14:44 - 2016-01-22 06:28 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-02-10 14:44 - 2016-01-22 06:27 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-02-10 14:44 - 2016-01-22 06:25 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-02-10 14:44 - 2016-01-22 06:25 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-02-10 14:44 - 2016-01-22 06:24 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-02-10 14:44 - 2016-01-22 06:08 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-02-10 14:44 - 2016-01-22 06:07 - 02120704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-02-10 14:44 - 2016-01-22 06:02 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-02-10 14:44 - 2016-01-19 20:14 - 07453024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-02-10 14:44 - 2016-01-19 20:13 - 02175008 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-10 14:44 - 2016-01-19 20:13 - 01063464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-10 14:44 - 2016-01-19 20:12 - 01737088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-02-10 14:44 - 2016-01-19 20:12 - 01133744 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-02-10 14:44 - 2016-01-19 19:23 - 01564496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-10 14:44 - 2016-01-19 19:23 - 01501496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-02-10 14:44 - 2016-01-19 19:23 - 00548024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-10 14:44 - 2016-01-19 19:15 - 00246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-10 14:44 - 2016-01-19 18:30 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-02-10 14:44 - 2016-01-19 17:37 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-02-10 14:44 - 2016-01-06 19:25 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-10 14:43 - 2016-01-15 02:42 - 00033472 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-02-10 14:43 - 2016-01-14 21:44 - 01362944 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-02-10 14:43 - 2016-01-14 21:44 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-02-10 14:43 - 2016-01-14 21:44 - 00696320 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-02-10 14:43 - 2016-01-14 21:44 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-02-10 14:43 - 2016-01-14 21:44 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-02-10 14:43 - 2016-01-14 21:44 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-02-10 14:43 - 2016-01-10 20:37 - 00442720 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-02-10 14:43 - 2016-01-10 19:39 - 00332640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-02-10 14:43 - 2016-01-10 19:15 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-02-10 14:43 - 2016-01-10 19:15 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-02-10 14:43 - 2016-01-10 18:50 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-02-10 14:43 - 2016-01-10 18:43 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-02-10 14:43 - 2016-01-10 18:31 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-10 14:43 - 2016-01-10 18:16 - 00898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-02-10 14:43 - 2016-01-10 18:14 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-10 14:43 - 2016-01-10 18:12 - 00532480 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2016-02-10 14:43 - 2016-01-10 18:09 - 01442304 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-10 14:43 - 2016-01-10 18:09 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-02-10 14:43 - 2016-01-10 18:02 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-10 14:43 - 2016-01-10 17:58 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-10 14:43 - 2016-01-10 17:56 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2016-02-10 14:43 - 2016-01-10 17:51 - 00702976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-02-10 14:43 - 2016-01-10 17:49 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EncDec.dll
2016-02-10 14:43 - 2016-01-10 17:43 - 00801792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-10 14:43 - 2016-01-10 17:40 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-10 14:43 - 2016-01-07 19:34 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-02-10 14:43 - 2015-12-29 16:45 - 07783936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-02-10 14:43 - 2015-12-29 16:45 - 07075328 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-02-10 14:43 - 2015-12-29 16:43 - 05267968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-02-10 14:43 - 2015-12-29 16:42 - 05264384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-02-10 14:43 - 2015-12-28 22:42 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSync.dll
2016-02-10 14:43 - 2015-12-28 21:31 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSync.dll
2016-02-10 14:42 - 2016-01-10 20:37 - 00136912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-02-10 14:42 - 2016-01-10 17:51 - 03707392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-02-10 14:42 - 2016-01-10 17:39 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2016-02-10 14:42 - 2016-01-10 17:38 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2016-02-10 14:42 - 2016-01-10 17:36 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2016-02-10 14:42 - 2016-01-10 17:36 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2016-02-10 14:42 - 2016-01-10 17:35 - 02243584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2016-02-10 14:42 - 2016-01-10 17:35 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-02-10 14:42 - 2016-01-10 17:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2016-02-10 14:42 - 2016-01-10 17:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2016-02-10 14:42 - 2016-01-10 17:27 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2016-02-10 14:42 - 2016-01-10 17:26 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-02-10 14:42 - 2015-12-17 19:29 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-02-10 14:42 - 2015-12-17 17:17 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-02-10 13:08 - 2016-02-10 13:08 - 00110176 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2016-02-10 13:08 - 2016-02-10 13:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-02-09 22:43 - 2016-02-09 23:20 - 00000000 __RHD C:\ESD
2016-02-09 22:40 - 2016-02-09 22:40 - 00010214 _____ C:\TDSSKiller.3.1.0.9_09.02.2016_22.40.39_log.txt
2016-02-07 15:10 - 2016-02-09 22:40 - 00000876 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2016-02-05 18:16 - 2016-02-05 18:16 - 399414055 _____ C:\WINDOWS\MEMORY.DMP
2016-02-05 18:16 - 2016-02-05 18:16 - 00000000 ____D C:\WINDOWS\Minidump
2016-02-04 16:12 - 2016-01-19 17:40 - 00965440 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxDrv.sys
2016-02-04 16:12 - 2016-01-19 17:40 - 00138904 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxUSBMon.sys
2016-02-04 13:04 - 2016-02-04 13:04 - 00000000 ____D C:\ProgramData\Emsisoft
2016-02-04 12:50 - 2016-02-09 22:40 - 00000960 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2016-02-04 12:50 - 2016-02-04 12:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2016-02-04 12:49 - 2016-02-10 22:54 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware
2016-02-02 16:42 - 2016-02-02 16:42 - 00000000 ____D C:\Users\Rudolf\AppData\Roaming\VSRevoGroup
2016-02-02 16:36 - 2016-02-09 22:39 - 00000928 _____ C:\Users\Rudolf\Desktop\Revo Uninstaller.lnk
2016-02-02 16:36 - 2016-02-02 16:36 - 00000000 ____D C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-02-02 16:31 - 2016-02-02 16:34 - 00235990 _____ C:\TDSSKiller.3.1.0.9_02.02.2016_16.31.34_log.txt
2016-02-02 16:24 - 2016-02-02 16:24 - 00000000 ____D C:\TDSSKiller_Quarantine
2016-02-02 16:21 - 2016-02-02 16:25 - 00237812 _____ C:\TDSSKiller.3.1.0.9_02.02.2016_16.21.01_log.txt
2016-02-02 13:53 - 2016-02-02 13:58 - 00236786 _____ C:\TDSSKiller.3.1.0.9_02.02.2016_13.53.27_log.txt
2016-01-29 13:49 - 2016-02-09 22:40 - 00001635 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Virtual PC.lnk
2016-01-29 13:49 - 2016-01-29 17:29 - 00000000 ____D C:\WINDOWS\system32\Treiber
2016-01-27 18:21 - 2016-01-27 18:21 - 00000894 _____ C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\MySQL Client (MariaDB 10.1 (x64)).lnk
2016-01-27 10:41 - 2016-01-27 10:41 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-01-27 00:02 - 2016-01-27 00:02 - 00000000 ____D C:\Program Files (x86)\ESET
2016-01-26 22:00 - 2016-02-10 22:53 - 00000000 ____D C:\FRST
2016-01-26 21:05 - 2016-01-26 21:05 - 00000079 _____ C:\WINDOWS\wininit.ini
2016-01-26 17:48 - 2016-01-26 17:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Strawberry Perl (64-bit)
2016-01-26 17:38 - 2016-02-07 15:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2016-01-26 16:36 - 2016-01-26 16:36 - 00001468 _____ C:\Users\Heinz\Desktop\WinMD5.lnk
2016-01-25 18:51 - 2016-02-07 15:16 - 00000000 ____D C:\Users\Heinz\VirtualBox VMs
2016-01-25 17:38 - 2016-02-10 19:25 - 00000000 ____D C:\Users\Heinz\.VirtualBox
2016-01-25 17:27 - 2016-01-25 17:27 - 00000000 ____D C:\MATS
2016-01-19 17:40 - 2016-01-19 17:40 - 00194976 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxNetLwf.sys
2016-01-19 17:40 - 2016-01-19 17:40 - 00117768 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxNetAdp6.sys
2016-01-17 12:35 - 2016-01-18 00:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-01-14 17:48 - 2016-02-10 12:09 - 00000000 ____D C:\Users\Heinz\.oracle_jre_usage
2016-01-14 17:45 - 2016-01-14 17:45 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\HeidiSQL
2016-01-14 17:43 - 2016-02-09 22:40 - 00001170 _____ C:\Users\Public\Desktop\HeidiSQL.lnk
2016-01-14 17:43 - 2016-01-14 17:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MariaDB 10.1 (x64)
2016-01-14 16:26 - 2016-02-09 22:40 - 00000715 _____ C:\Users\Public\Desktop\Notepad++ 6.8.8.lnk
2016-01-13 22:48 - 2016-01-12 20:40 - 00001576 _____ C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Win Media Player.lnk
2016-01-12 21:26 - 2015-12-11 04:18 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-01-12 21:26 - 2015-12-07 11:56 - 01380600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 02745184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 02528784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 02450240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVENCOD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 02447136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVENCOD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 02334104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 02324744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 01877504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 01798480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 01484888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 01288128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 01210200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 01150232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 01115640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 01037680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00914672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00850680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 00735496 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 00700360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 00629600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 00557856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSDECD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00498472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 00492736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSDECD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00463776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00399776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 00299080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VIDRESZR.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00275312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MPG4DECD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00274280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP43DECD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPG4DECD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00248432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP43DECD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00246856 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00244296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 00229272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00203016 _____ (Microsoft Corporation) C:\WINDOWS\system32\COLORCNV.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00184912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COLORCNV.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00183856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VIDRESZR.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00110544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 00099136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00090904 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 00090392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfvdsp.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 00081032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 00076936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfvdsp.dll
2016-01-12 21:26 - 2015-12-04 16:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-01-12 21:26 - 2015-12-03 20:42 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-01-12 21:26 - 2015-12-03 20:42 - 00137968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll
2016-01-12 21:26 - 2015-12-03 20:42 - 00106960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-01-12 21:26 - 2015-12-03 19:52 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-01-12 21:26 - 2015-12-03 19:52 - 00120376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll
2016-01-12 21:26 - 2015-12-03 19:52 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-01-12 21:26 - 2015-12-03 19:07 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-12 21:26 - 2015-12-03 19:07 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-01-12 21:26 - 2015-12-03 19:05 - 00644608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL
2016-01-12 21:26 - 2015-12-03 19:02 - 01664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-12 21:26 - 2015-12-03 19:00 - 00451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
2016-01-12 21:26 - 2015-12-03 18:58 - 00378880 ____C (Microsoft Corporation) C:\WINDOWS\system32\SysFxUI.dll
2016-01-12 21:26 - 2015-12-03 18:36 - 01697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-12 21:26 - 2015-12-03 18:30 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFWMAAEC.DLL
2016-01-12 21:26 - 2015-12-03 18:28 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-12 21:26 - 2015-12-03 18:28 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-01-12 21:26 - 2015-12-03 18:27 - 00736256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL
2016-01-12 21:26 - 2015-12-03 18:24 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-01-12 21:26 - 2015-12-03 18:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2016-01-12 21:26 - 2015-12-03 18:07 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-01-12 21:26 - 2015-12-03 18:06 - 01501184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-12 21:26 - 2015-12-03 18:01 - 00743936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFWMAAEC.DLL
2016-01-12 21:26 - 2015-12-03 17:45 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-01-12 21:26 - 2015-12-03 17:40 - 01010688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-12 21:26 - 2015-12-03 17:29 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-01-12 21:26 - 2015-12-02 16:04 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-01-12 21:26 - 2015-12-02 16:01 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-01-12 21:26 - 2015-11-17 22:07 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-01-12 21:25 - 2015-12-08 20:08 - 00685432 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-12 21:25 - 2015-12-08 20:07 - 00507176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-01-11 22:15 - 2016-01-11 22:15 - 00000000 ____D C:\Users\Rudolf\AppData\Roaming\MySQL
2016-01-11 21:58 - 2016-01-11 21:58 - 00000000 ____D C:\Users\Rudolf\AppData\Roaming\Oracle
2016-01-11 21:54 - 2016-01-11 22:31 - 00000000 ____D C:\ProgramData\MySQL
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-10 22:54 - 2013-12-26 15:30 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-02-10 22:45 - 2013-12-21 21:49 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-10 22:45 - 2013-12-21 21:49 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-10 21:31 - 2013-12-24 15:04 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\ClassicShell
2016-02-10 20:52 - 2013-12-21 21:50 - 00002238 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-10 20:16 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-10 20:16 - 2013-08-22 15:44 - 01027912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-02-10 19:32 - 2015-04-15 16:58 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-02-10 19:32 - 2013-11-14 08:13 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 19:32 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-02-10 19:32 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2016-02-10 16:06 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-02-10 16:01 - 2013-12-20 16:06 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-10 15:57 - 2013-12-20 16:06 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-10 14:39 - 2015-11-11 12:08 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-10 14:39 - 2015-11-11 12:08 - 00177496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-02-10 12:12 - 2014-03-26 18:26 - 00000000 ____D C:\Users\Rudolf\.nbi
2016-02-10 11:55 - 2015-08-30 14:14 - 00000000 ____D C:\Users\Rudolf\.oracle_jre_usage
2016-02-10 10:31 - 2014-10-31 10:35 - 00000000 ____D C:\Users\Rudolf\AppData\Roaming\ClassicShell
2016-02-10 10:31 - 2013-12-21 14:42 - 00000000 ____D C:\Users\Heinz\AppData\Local\CrashDumps
2016-02-10 10:28 - 2013-11-14 08:27 - 01886820 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-10 10:28 - 2013-11-14 08:11 - 00807630 _____ C:\WINDOWS\system32\perfh007.dat
2016-02-10 10:28 - 2013-11-14 08:11 - 00177182 _____ C:\WINDOWS\system32\perfc007.dat
2016-02-10 10:25 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-10 10:23 - 2013-12-24 17:22 - 00000000 ___DO C:\Users\Rudolf\SkyDrive
2016-02-09 23:51 - 2013-12-22 13:33 - 00000000 ____D C:\Users\Heinz
2016-02-09 23:06 - 2014-12-26 17:21 - 00000000 __SHD C:\Users\Rudolf\AppData\Local\EmieUserList
2016-02-09 23:06 - 2014-12-26 17:21 - 00000000 __SHD C:\Users\Rudolf\AppData\Local\EmieSiteList
2016-02-09 23:06 - 2014-12-26 17:21 - 00000000 __SHD C:\Users\Rudolf\AppData\Local\EmieBrowserModeList
2016-02-09 22:53 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-09 22:40 - 2015-12-26 17:55 - 00000851 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2016-02-09 22:40 - 2015-12-26 17:55 - 00000789 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2016-02-09 22:40 - 2015-11-23 13:04 - 00000777 _____ C:\Users\Public\Desktop\GIMP 2.lnk
2016-02-09 22:40 - 2015-11-23 13:04 - 00000777 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2016-02-09 22:40 - 2015-11-21 17:13 - 00001017 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2016-02-09 22:40 - 2015-10-31 11:47 - 00002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-02-09 22:40 - 2015-10-31 11:47 - 00002075 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-02-09 22:40 - 2015-09-26 14:47 - 00001556 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2015.lnk
2016-02-09 22:40 - 2015-09-26 14:35 - 00001557 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015.lnk
2016-02-09 22:40 - 2015-07-17 11:55 - 00002779 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Outlook.lnk
2016-02-09 22:40 - 2015-07-17 11:55 - 00002719 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Excel.lnk
2016-02-09 22:40 - 2015-07-17 11:55 - 00002707 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft PowerPoint.lnk
2016-02-09 22:40 - 2015-07-17 11:55 - 00002687 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Word.lnk
2016-02-09 22:40 - 2015-07-17 11:55 - 00002649 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Access.lnk
2016-02-09 22:40 - 2015-07-15 21:55 - 00002178 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2016-02-09 22:40 - 2015-05-30 10:37 - 00000741 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-02-09 22:40 - 2015-04-20 14:37 - 00000707 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2016-02-09 22:40 - 2015-02-22 19:36 - 00001096 _____ C:\Users\Public\Desktop\paint.net.lnk
2016-02-09 22:40 - 2015-02-08 17:33 - 00002597 _____ C:\Users\Public\Desktop\WorldWide Telescope.lnk
2016-02-09 22:40 - 2015-01-31 12:52 - 00000823 _____ C:\Users\Public\Desktop\Greenfish Icon Editor Pro.lnk
2016-02-09 22:40 - 2015-01-31 11:04 - 00001122 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-02-09 22:40 - 2014-12-26 22:10 - 00001142 _____ C:\Users\Public\Desktop\Free Dailymotion Download.lnk
2016-02-09 22:40 - 2014-08-13 15:59 - 00001989 _____ C:\Users\Public\Desktop\FinePixViewer.lnk
2016-02-09 22:40 - 2014-08-07 15:19 - 00001895 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
2016-02-09 22:40 - 2014-08-07 15:05 - 00001096 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2016-02-09 22:40 - 2014-08-05 08:11 - 00001109 _____ C:\Users\Public\Desktop\HP Solution Center.lnk
2016-02-09 22:40 - 2014-08-05 08:11 - 00000763 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk
2016-02-09 22:40 - 2014-05-17 16:09 - 00000842 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ImageReady 7.0.1.lnk
2016-02-09 22:40 - 2014-05-17 16:09 - 00000837 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 7.0.1.lnk
2016-02-09 22:40 - 2014-04-23 15:11 - 00000784 _____ C:\Users\Public\Desktop\Avidemux 2.6 - 64bits.lnk
2016-02-09 22:40 - 2014-01-28 16:34 - 00002089 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge.lnk
2016-02-09 22:40 - 2014-01-28 16:33 - 00001939 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2.0.lnk
2016-02-09 22:40 - 2013-12-25 18:13 - 00001177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-02-09 22:40 - 2013-12-25 18:13 - 00001171 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-02-09 22:40 - 2013-12-22 13:37 - 00001511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-02-09 22:40 - 2013-12-22 00:26 - 00001557 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eraser.lnk
2016-02-09 22:40 - 2013-12-21 22:02 - 00002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 8.lnk
2016-02-09 22:40 - 2013-12-21 22:02 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 8 Professional.lnk
2016-02-09 22:40 - 2013-12-21 22:02 - 00001885 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle Designer 8.0.lnk
2016-02-09 22:40 - 2013-12-21 15:10 - 00000837 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 5.0.lnk
2016-02-09 22:40 - 2013-12-21 15:04 - 00002107 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help Center.lnk
2016-02-09 22:40 - 2013-12-21 15:03 - 00000765 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign CS2.lnk
2016-02-09 22:40 - 2013-12-20 16:36 - 00000717 _____ C:\Users\Public\Desktop\WinRAR 3.93.lnk
2016-02-09 22:40 - 2013-12-19 17:02 - 00001227 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2016-02-09 22:40 - 2013-09-17 17:06 - 00001927 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-02-09 22:39 - 2015-12-18 16:14 - 00000760 _____ C:\Users\Rudolf\Desktop\jEdit.lnk
2016-02-09 22:39 - 2015-11-21 17:31 - 00000877 _____ C:\Users\Rudolf\Desktop\Any Video Converter.lnk
2016-02-09 22:39 - 2015-11-21 16:07 - 00000675 _____ C:\Users\Rudolf\Desktop\Nmap - Zenmap GUI.lnk
2016-02-09 22:39 - 2015-07-22 16:57 - 00001216 _____ C:\Users\Rudolf\Desktop\CrystalDiskInfo.lnk
2016-02-09 22:39 - 2014-10-31 10:42 - 00001178 _____ C:\Users\Rudolf\Desktop\Calculator.lnk
2016-02-09 22:39 - 2014-10-31 10:35 - 00002083 _____ C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\startscreen.lnk
2016-02-09 22:39 - 2014-08-07 15:19 - 00000787 _____ C:\Users\Rudolf\Desktop\DVD slideshow GUI.lnk
2016-02-09 22:39 - 2014-08-05 08:11 - 00001109 _____ C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk
2016-02-09 22:39 - 2013-12-22 13:54 - 00001468 _____ C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-02-09 22:39 - 2013-12-21 21:33 - 00001096 _____ C:\Users\Rudolf\Desktop\RegEdit.lnk
2016-02-09 22:39 - 2013-12-20 20:34 - 00000805 _____ C:\Users\Rudolf\Desktop\ACDSee Trial Version.lnk
2016-02-06 16:03 - 2013-12-21 18:01 - 00000028 _____ C:\WINDOWS\OutLog.txt
2016-02-06 16:03 - 2013-12-21 18:01 - 00000000 _____ C:\WINDOWS\BcdLog.txt
2016-02-06 13:01 - 2013-12-22 12:50 - 00318368 _____ C:\Users\Heinz\AppData\Roaming\GDIPFONTCACHEV1.DAT
2016-02-03 19:34 - 2013-12-26 15:10 - 00000000 ____D C:\Users\Heinz\dwhelper
2016-02-02 16:44 - 2015-11-21 17:13 - 00000000 ____D C:\Users\Rudolf\AppData\Roaming\Foxit Software
2016-02-02 03:37 - 2013-08-22 16:38 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-02-02 03:37 - 2013-08-22 16:38 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-31 13:02 - 2014-02-08 22:26 - 00000376 _____ C:\Users\Heinz\Desktop\Live Anmelden.url
2016-01-30 23:41 - 2013-12-22 11:17 - 00000000 ____D C:\Users\Heinz\AppData\Local\Eraser 6
2016-01-28 18:59 - 2013-12-22 13:33 - 00000000 ____D C:\Users\Rudolf
2016-01-27 18:15 - 2015-07-17 11:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2016-01-26 22:54 - 2013-12-21 15:23 - 00000000 ____D C:\TEMP
2016-01-26 21:05 - 2015-11-28 13:22 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-01-26 16:19 - 2015-09-26 14:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
2016-01-26 16:19 - 2014-01-02 16:14 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-26 16:19 - 2013-12-22 13:23 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-01-26 16:15 - 2015-09-26 15:05 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0
2016-01-26 16:14 - 2015-09-26 14:46 - 00000000 ____D C:\Program Files (x86)\Windows Phone Kits
2016-01-26 11:20 - 2015-11-21 16:07 - 00000000 ____D C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nmap
2016-01-26 11:20 - 2013-12-21 21:18 - 00000000 ____D C:\ProgramData\FLEXnet
2016-01-26 11:06 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\registration
2016-01-25 17:29 - 2014-10-30 12:03 - 00000000 ____D C:\Users\Rudolf\AppData\Local\ElevatedDiagnostics
2016-01-22 02:07 - 2015-01-31 11:04 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\vlc
2016-01-17 14:05 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2016-01-14 16:26 - 2013-12-22 00:10 - 00000000 ____D C:\Users\Rudolf\AppData\Roaming\Notepad++
2016-01-13 00:23 - 2015-03-11 23:47 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2016-01-12 20:40 - 2013-12-19 21:41 - 00001576 _____ C:\Users\Heinz\Desktop\Win Media Player.lnk
2016-01-11 23:37 - 2014-01-02 16:16 - 00000000 ____D C:\WINDOWS\SysWOW64\1031
2016-01-11 23:37 - 2014-01-02 16:16 - 00000000 ____D C:\WINDOWS\system32\1033
2016-01-11 23:37 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-01-11 23:36 - 2015-12-18 16:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jEdit 5.3.0
2016-01-11 23:36 - 2015-09-26 14:50 - 00000000 ____D C:\Program Files\IIS Express
2016-01-11 23:36 - 2015-09-26 14:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015
2016-01-11 23:36 - 2014-01-01 17:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2016-01-11 23:35 - 2015-09-26 14:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Web Tools
2016-01-11 23:35 - 2013-12-19 17:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-11 23:34 - 2015-09-26 14:50 - 00000000 ____D C:\Program Files (x86)\IIS Express
2016-01-11 23:34 - 2015-09-26 14:41 - 00000000 ____D C:\Program Files (x86)\HTML Help Workshop
2016-01-11 23:30 - 2016-01-03 13:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinImage
2016-01-11 23:01 - 2015-09-26 14:41 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 12.0
2016-01-11 22:56 - 2015-09-26 14:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 14.0
2016-01-11 22:50 - 2014-01-02 16:17 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-12-26 22:06 - 2015-07-28 21:44 - 0009216 _____ () C:\Users\Heinz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-11-27 20:52 - 2015-11-27 20:52 - 0001516 _____ () C:\Users\Heinz\AppData\Local\recently-used.xbel
2013-12-21 15:57 - 2015-01-28 12:41 - 0016515 _____ () C:\ProgramData\hpzinstall.log
Einige Dateien in TEMP:
====================
C:\Users\Heinz\AppData\Local\Temp\ICSharpCode.SharpZipLib.dll
C:\Users\Heinz\AppData\Local\Temp\npp.6.7.8.2.Installer.exe
C:\Users\Heinz\AppData\Local\Temp\npp.6.8.1.Installer.exe
C:\Users\Heinz\AppData\Local\Temp\npp.6.8.3.Installer.exe
C:\Users\Heinz\AppData\Local\Temp\npp.6.8.6.Installer.exe
C:\Users\Heinz\AppData\Local\Temp\npp.6.8.8.Installer.exe
C:\Users\Heinz\AppData\Local\Temp\TubeItUpdater.exe
C:\Users\Heinz\AppData\Local\Temp\WatermarkImageSetup.3.5.1.5.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
ACHTUNG: ==> Auf den BCD konnte nicht zugegriffen werden. der Benutzer ist kein Administrator
==================== Ende von FRST.txt ============================
Addition.txt Code:
ATTFilter Prozessor: Intel(R) Core(TM) i3-3240 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 39%
Installierter physikalischer RAM: 3976.74 MB
Verfügbarer physikalischer RAM: 2388.42 MB
Summe virtueller Speicher: 8072.74 MB
Verfügbarer virtueller Speicher: 5088.15 MB
==================== Laufwerke ================================
Drive c: (MARILYN MONROE) (Fixed) (Total:223.25 GB) (Free:138.16 GB) NTFS
Drive d: (KASSANDRA) (Fixed) (Total:224.36 GB) (Free:161.79 GB) NTFS
Drive e: (LYNKEUS) (Fixed) (Total:118.54 GB) (Free:75.97 GB) NTFS
Drive f: (CORIOLANUS) (Fixed) (Total:117.19 GB) (Free:60.49 GB) NTFS
Drive g: (VERDANDI) (Fixed) (Total:102.54 GB) (Free:74.59 GB) NTFS
Drive h: (MESSALINA) (Fixed) (Total:97.85 GB) (Free:75.45 GB) NTFS
Drive i: (PYTHIA) (Fixed) (Total:10.07 GB) (Free:3.94 GB) FAT32
Drive j: (NIFLHEIM) (Fixed) (Total:8.42 GB) (Free:3.62 GB) NTFS
Drive k: (FREYJA) (Fixed) (Total:11.12 GB) (Free:11.08 GB) NTFS
==================== MBR & Partitionstabelle ==================
==================== Ende von Addition.txt ============================
|
|
10.02.2016, 23:51
| #4 |
| | "nbi cleaner" ist wieder/noch da Das war nix. Addition.txt Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:27-01-2016
durchgeführt von Heinz (2016-02-10 22:55:29)
Gestartet von D:\Sicherung\Downloads\Microsoft\MalwareTools\FarbarRST
Windows 8.1 (X64) (2013-12-22 12:53:45)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2932333098-1933949563-2559224823-500 - Administrator - Disabled)
Gast (S-1-5-21-2932333098-1933949563-2559224823-501 - Limited - Disabled)
Heinz (S-1-5-21-2932333098-1933949563-2559224823-1004 - Limited - Enabled) => C:\Users\Heinz
Rudolf (S-1-5-21-2932333098-1933949563-2559224823-1001 - Administrator - Enabled) => C:\Users\Rudolf
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Emsisoft Anti-Malware (Enabled - Up to date) {15510D9D-6530-DA29-224F-7BA1BDD1CB58}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {AE30EC79-430A-D5A7-18FF-40D3C65681E5}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
ACDSee Trial Version (HKLM-x32\...\ACDSee Trial Version) (Version: - )
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3012 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2021 - Acer Incorporated)
aDF4de (HKLM\...\{d1e17d14-cabc-4f6f-9f46-c7ecf813645e}.sdb) (Version: - )
Adobe Acrobat 8 Professional - English, Français, Deutsch (HKLM-x32\...\Adobe Acrobat 8 Professional - English, Français, Deutsch) (Version: 8.0.0 - Adobe Systems)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe InDesign CS2 (HKLM-x32\...\Adobe InDesign CS2 - {7F4C8163-F259-49A0-A018-2857A90578BC}) (Version: 004.000.000 - Adobe Systems Incorporated)
Adobe Photoshop 7.0.1 (HKLM-x32\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Photoshop Elements 5.0 (HKLM-x32\...\Adobe Photoshop Elements 5) (Version: 5.0 - Adobe Systems, Inc.)
Adobe Premiere Pro 2.0 (HKLM-x32\...\Adobe Premiere Pro 2.0) (Version: 2.000.000 - Adobe Systems, Inc.)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Any Video Converter 5.8.6 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Application Insights Tools for Visual Studio 2015 (x32 Version: 3.3.1 - Microsoft Corporation) Hidden
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Avidemux 2.6 - 64bits (HKLM-x32\...\Avidemux 2.6 - 64bits (64-bit)) (Version: 2.6.8.9045 - )
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.51210.80 - Microsoft Corporation) Hidden
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Blend for Visual Studio Add-in for Adobe FXG Import (x32 Version: 1.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blender (HKLM\...\{87E4F4E2-99A4-44C6-9175-9FF2773E46CF}) (Version: 2.76.0 - Blender Foundation)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Build Tools for Windows 10 (x32 Version: 14.0.23309 - Microsoft Corporation) Hidden
Buildtools für Windows 10 - DEU (x32 Version: 14.0.23309 - Microsoft Corporation) Hidden
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5931 - CDBurnerXP)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
CodedUITestUAP (x32 Version: 14.0.23309 - Microsoft Corporation) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Corel Applications (HKLM-x32\...\Corel Applications) (Version: - )
CPUID CPU-Z 1.74 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CrystalDiskInfo 6.5.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.5.2 - Crystal Dew World)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Devenv-Ressourcen für Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4200_Software_Min (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Dotfuscator and Analytics Community Edition 5.18.1 (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack 5.18.1 de-DE (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
DVD slideshow GUI 0.9.5.4 (HKLM-x32\...\BE37E547-62DF-43C8-AE6A-D03E82BC67A2_is1) (Version: 0.9.5.4 - Tin2tin)
EaseUS Partition Master 10.8 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
EaseUS Todo Backup Free 8.2 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 8.2 - CHENGDU YIWO Tech Development Co., Ltd)
Emsisoft Anti-Malware (HKLM\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 11.0 - Emsisoft Ltd.)
Entity Framework 6.1.3 Tools for Visual Studio 2015 (HKLM-x32\...\{1A8A9739-BAD7-491F-B5B9-A79A2B965422}) (Version: 14.0.40302.0 - Microsoft Corporation)
Entity Framework Designer für Visual Studio 2012 - DEU (HKLM-x32\...\{B2BDC072-BE01-432D-B281-30891D597FBB}) (Version: 11.1.30729.00 - Microsoft Corporation)
Eraser 6.0.10.2620 (HKLM\...\{6E5159B4-A519-41EF-80EF-AD58371515DF}) (Version: 6.0.2620 - The Eraser Project)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{70D065C3-77E5-45E9-A75C-EEB2E84EA869}) (Version: 11.0.2100.60 - Microsoft Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
F4200 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
FastStone Capture 5.3 (HKLM-x32\...\FastStone Capture) (Version: 5.3 - FastStone Soft)
Ferramentas do Windows Phone 8.1 para Visual Studio 2015 - PTB (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
FFmpeg (Windows) for Audacity Version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
FileZilla Client 3.14.0 (HKLM-x32\...\FileZilla Client) (Version: 3.14.0 - Tim Kosse)
FinePixViewer Resource (HKLM-x32\...\{B44529FF-501E-47CD-A06D-223C161BE058}) (Version: 1.2 - FUJIFILM Corporation)
FinePixViewer Ver.5.5 (HKLM-x32\...\{24ED4D80-8294-11D5-96CD-0040266301AD}) (Version: 5.5 - FUJIFILM Corporation)
FinePixViewer YTUPL (HKLM-x32\...\{65EB09A3-993B-401E-8936-C9708CBFAB26}) (Version: 1.0 - FUJIFILM Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.2.5.930 - Foxit Software Inc.)
Free Dailymotion Download version 1.0.36.1215 (HKLM-x32\...\Free Dailymotion Download_is1) (Version: 1.0.36.1215 - DVDVideoSoft Ltd.)
Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2015 Sprachpaket (DEU) - v1.5 (x32 Version: 1.5.30619.1602 - Microsoft Corporation) Hidden
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Git version 1.9.5-preview20141217 (HKLM-x32\...\Git_is1) (Version: 1.9.5-preview20141217 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Greenfish Icon Editor Pro 3.31 (HKLM-x32\...\{27135B83-5AFF-42A3-BCEB-E689BE9E2090}_is1) (Version: - Greenfish Corporation)
GUI for dvdauthor 1.07 (HKLM-x32\...\GUI for dvdauthor) (Version: 1.07 - Boraxsoft)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
Helix YUV Codecs (remove only) (HKLM-x32\...\HelixYUVCodecs) (Version: - )
Herramientas de Windows Phone 8.1 para Visual Studio 2015 - ESN (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
Honeyview (HKLM\...\Honeyview) (Version: 5.05 - Bandisoft.com)
Hotkey Utility (HKLM-x32\...\{A6DC88AD-501A-44BC-884D-57435F972E2C}) (Version: 3.00.3004 - Acer Incorporated)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F4200 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{8C925017-72A8-4C4A-AF21-84901E26638F}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
i686-5.2.0-posix-dwarf-rt_v4-rev0 (HKLM-x32\...\i686-5.2.0-posix-dwarf-rt_v4-rev0) (Version: - MinGW-W64)
IDE Tools for Windows 10 (x32 Version: 14.0.23309 - Microsoft Corporation) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
IDE-Tools für Windows 10 - DEU (x32 Version: 14.0.23309 - Microsoft Corporation) Hidden
IIS 10.0 Express (HKLM\...\{5984D8DA-C1AF-4284-9C88-D7150425B315}) (Version: 10.0.1734 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - )
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.5.0 - LIGHTNING UK!)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3316 - Intel Corporation)
Intel(R) Programm für die Prozessorerkennung (HKLM-x32\...\{A92A4DB0-CD37-42D1-BE1D-603D53C24328}) (Version: 1.0.0.0 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intellisense Lang Pack Mobile Extension SDK 10.0.10240.0 (x32 Version: 10.0.10240.0 - Microsoft Corporation) Hidden
JAP (HKLM-x32\...\JAP) (Version: 00.19.001 - JAP-Team)
Java 8 Update 74 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418074F0}) (Version: 8.0.740.2 - Oracle Corporation)
Java SE Development Kit 8 Update 74 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180740}) (Version: 8.0.740.2 - Oracle Corporation)
jEdit 5.3.0 (HKLM\...\jEdit_is1) (Version: 5.3.0 - Contributors)
Kits Configuration Installer (x32 Version: 10.0.26624 - Microsoft) Hidden
LADSPA_plugins-win-0.4.15 (HKLM-x32\...\LADSPA_plugins-win_is1) (Version: - Audacity Team)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3008 - Acer Incorporated)
Macromedia Director 7 (HKLM-x32\...\Macromedia Director 7) (Version: - )
Macromedia HomeSite 5 (HKLM-x32\...\{74307C3F-EBD4-11D4-A4D9-0010A4C3AFF0}) (Version: - )
MariaDB 10.1 (x64) (HKLM\...\MariaDB 10.1 (x64)) (Version: 10.1.10.0 - MariaDB Corporation Ab)
MariaDB 10.1 (x64) (Version: 10.1.10.0 - MariaDB Corporation Ab) Hidden
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{98B45D1C-6EB1-460D-A87D-2B60678DC105}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft Age of Empires (HKLM-x32\...\Age of Empires) (Version: - )
Microsoft Age of Empires Expansion (HKLM-x32\...\Age of Empires Expansion 1.0) (Version: - )
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version: - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version: - )
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 Language Pack - DEU (HKLM-x32\...\Microsoft Help Viewer 2.0 Language Pack - DEU) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office XP Professional mit FrontPage (HKLM-x32\...\{90280407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2701.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\OneDriveSetup.exe) (Version: 17.3.6281.1202 - Microsoft Corporation)
Microsoft Silverlight 5 SDK - DEU (HKLM-x32\...\{F351AA2C-723C-4CFE-A7CB-8E43AB164F7F}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{EF18EF0F-96D3-4A6B-9600-2197F1720A15}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{6B7B7E62-9F56-4C87-8664-0E20F2CAB03B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{D4DA7C91-A59F-4C72-BAC4-DF7C76AB1CB8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{55FABD1D-8BE6-4A1A-958D-52B15F1DFEF0}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{13C9CD03-A5FE-4F50-AC8A-17B77C38CC52}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{28C7A4BB-3966-4373-8376-C11F38290630}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (11.1.20828.01) (HKLM-x32\...\{E511AE89-54BB-481D-BC4A-1B1F1E1B7693}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (14.0.50616.0) (HKLM-x32\...\{FA604873-01A0-4834-AF87-418534E465BB}) (Version: 14.0.50616.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (11.1.20828.01) (HKLM-x32\...\{00C84D22-DB8F-4159-BF70-682B8EA56A1E}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server*2014 Express LocalDB (HKLM\...\{CA191120-4CB1-4E3D-89B8-79FDB9017A2E}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Virtual PC 2007 SP1 (HKLM\...\{AD483998-2E9A-4405-83FF-6E503AF49CBB}) (Version: 6.0.192.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2015 SDK - ENU (HKLM-x32\...\{028a4515-c200-4460-bccf-a9b338b0c0f4}) (Version: 14.0.23107.10 - Microsoft Corporation)
Microsoft Visual Studio Code (HKLM-x32\...\{F8A2A208-72B3-4D61-95FC-8A65D340689B}_is1) (Version: 0.10.1 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 (HKLM-x32\...\{5944afa8-29ae-4a05-ab68-30c0dfab197e}) (Version: 14.0.23107.156 - Microsoft Corporation)
Microsoft Visual Studio Express 2012 für Windows Desktop - DEU (HKLM-x32\...\{69ec32be-d994-44de-9eae-6d86ced6f352}) (Version: 11.0.50727.42 - Microsoft Corporation)
Microsoft Visual Studio Tools for Apache Cordova (HKLM-x32\...\{2035a5cc-fa3e-41a8-a718-0feaa2ae94eb}) (Version: 14.0.50902.4 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{4C0B27C3-3E8F-4BD2-80FF-6E9E48EBD6D8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{64A5D39C-95CD-4B8B-B2FA-6C713133B57F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{63967E7E-5D53-42FA-A7B2-DC50FB0F976F}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{2ADB6B9D-83C6-494E-B8AE-E815956A4670}) (Version: 12.0.2402.11 - Microsoft Corporation)
Mit C# erstellte geräteübergreifende Hybrid-Apps - Vorlagen - DEU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla)
Mozilla Thunderbird 38.5.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.5.1 (x86 de)) (Version: 38.5.1 - Mozilla)
MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
Nástroje Windows Phone 8.1 pro sadu Visual Studio 2015 – CSY (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
Nmap 7.00 (HKLM-x32\...\Nmap) (Version: - )
Node.js (HKLM-x32\...\{69735668-F8BC-4E9A-839A-4006FDFDD5AC}) (Version: 0.12.2 - Joyent, Inc. and other Node contributors)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.8 - Notepad++ Team)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera 12.17 (HKLM\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Oracle VM VirtualBox 5.0.14 (HKLM\...\{82022940-639B-48A3-86D9-B139864105F7}) (Version: 5.0.14 - Oracle Corporation)
Outils Windows Phone*8.1 pour Visual Studio*2015 - FRA (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM-x32\...\{3F514FDC-F0F2-3B99-86D6-F7B3A2679B39}) (Version: 4.5.51209 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6 (Deutsch) (HKLM-x32\...\{7227EFF8-BC26-44D4-B91D-969A82DBDF4A}) (Version: 4.6.00081 - Microsoft Corporation)
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Projekt- und Elementvorlagen für Visual Studio Express 2015 für Windows 10 – DEU (x32 Version: 14.0.23309 - Microsoft Corporation) Hidden
Projekt- und Elementvorlagen für Visual Studio Professional 2015 – DEU (x32 Version: 14.0.23309 - Microsoft Corporation) Hidden
Python Tools 2.2 for Visual Studio 2015 (HKLM-x32\...\{DE3F045F-57D5-4DAF-A479-DB759047966B}) (Version: 2.2.30718.00 - Microsoft Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6680 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.2.2.0 - Lenovo Group Limited)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Strawberry Perl (64-bit) (HKLM\...\{C450F47E-72FF-1014-BC43-0A7831843670}) (Version: 5.22.1002 - strawberryperl.com project)
Strumenti di Windows Phone 8.1 per Visual Studio 2015 - ITA (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.23102 - Microsoft Corporation) Hidden
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
TextPad 7 (HKLM-x32\...\{9F53AC20-2D32-4341-9DA1-29DD40E2199E}) (Version: 7.0.9 - Helios)
Tool zum Entfernen verborgener Daten (HKLM-x32\...\{90F80407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.6361.0 - Microsoft Corporation)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TopStyle Lite (Version 3.0) (HKLM-x32\...\TopStyle Lite (Version 3.0)) (Version: 3.1.0 - Bradbury Software, LLC)
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
TypeScript Power Tool (x32 Version: 1.6.3.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.6.3.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 1.6.3.0 (HKLM-x32\...\{da31aa25-410a-4c1b-9ec0-114dd8dff786}) (Version: 1.6.23313.0 - Microsoft Corporation)
Universal CRT Extension SDK (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Redistributable (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VBA (2720) (x32 Version: 6.01.00.1234 - Microsoft Corporation) Hidden
Visual C++ für Mobile-Entwicklung (Android-Unterstützung) (HKLM-x32\...\{fd8b6372-b8b3-4a14-bb21-fbc5cb94f7ac}) (Version: 14.0.23027.0 - Microsoft Corporation)
Visual C++ für Mobile-Entwicklung (iOS-Unterstützung) (HKLM-x32\...\{8fd9a549-20ac-4daf-8da3-c54b6621ac29}) (Version: 14.0.23027.0 - Microsoft Corporation)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio 2012 Update 4 (KB2707250) (HKLM-x32\...\{312d9252-c71c-4c84-b171-f4ad46e22098}) (Version: 11.0.61030 - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WCF Data Services 5.6.4 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Phone 8.1 Emulators - ENU (HKLM-x32\...\{166a69f6-6512-47ea-a342-17d954fc059a}) (Version: 12.0.31010.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.26624 (HKLM-x32\...\{e7a0c8b6-b0e9-41e2-8a0a-a6784f88d1d4}) (Version: 10.0.26624 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
WinRT Intellisense Desktop - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense Xbox Live Extension SDK - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense Xbox Live Extension SDK - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WorldWide Telescope (HKLM-x32\...\{5AAF8C68-9265-437C-8D9A-06EF98F07C09}) (Version: 5.2.09 - WorldWide Telescope)
Xamarin (HKLM-x32\...\{9D5E4FC0-7E1B-4934-8504-C0958FA73EA5}) (Version: 3.11.837.0 - Xamarin)
???????? Windows Phone 8.1 ??? Visual Studio 2015 — RUS (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
?? Visual Studio 2015 ? Windows Phone 8.1 ?? - ???? (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
??? Visual Studio 2015 ? Windows Phone 8.1 ?? - ???? (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job =>
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job =>
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job =>
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-09-17 17:20 - 2013-02-20 21:58 - 00111176 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2015-09-16 13:12 - 2015-09-16 13:12 - 00043480 _____ () D:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2013-10-03 23:42 - 2013-10-03 23:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-09-17 17:06 - 2013-09-17 17:06 - 01193176 _____ () C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\15194178.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\15194178.sys => ""="Driver"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Da befinden sich 7866 mehr Seiten.
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\123simsen.com -> www.123simsen.com
Da befinden sich 7866 mehr Seiten.
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2016-01-26 22:49 - 2016-01-26 22:49 - 00000822 ____A C:\WINDOWS\system32\Drivers\etc\hosts
# ::1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\Eigene\BabylonHG.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\StartupFolder: => "Acer Remote.lnk"
HKLM\...\StartupApproved\Run32: => "EaseUs Tray"
HKLM\...\StartupApproved\Run32: => "EaseUs Watch"
HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\StartupApproved\Run: => "1&1 Internet-Radio-PlayerTimer"
HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_8873E7926251A1FFF25FD5B64C244189"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{28F014DE-230B-4ACF-85F4-2BBC3BF7E7EA}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{3F7AF067-AFDF-4AE0-83A3-5540E5FBF4A1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{7440F1F0-425A-436E-A13A-B542BCAAA3EE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{B40D8E5C-BCEA-4160-814C-E31E19F88B03}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{B55976E3-DF67-44B5-98ED-30A5CFDCC9A8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{FDD9CFEE-2352-40B7-9CC8-FE3191D5F135}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{09196CDB-BC40-445D-9B37-7CFAC14CD519}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{1CB97F0E-B47C-44A8-B226-D99724F87BD3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{A5E80429-ECF5-420E-B98F-B9F097C79910}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{FD179F0B-96BF-48C8-B833-7F6321BEE06C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{98553A38-2649-4D65-9A55-B900E5B5125F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{1DC0BA17-7DCB-4514-B1E0-0C37B9ACC80D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{335BCE54-520B-4275-92E9-AA75B5C7358C}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS5314\hppiw.exe
FirewallRules: [{75A13A29-16DA-4694-8AED-5B8CB60B74F8}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS5314\hppiw.exe
FirewallRules: [{1917791C-5683-4E02-B85C-4DB9D0C8B065}] => (Allow) H:\Program Files\EaseUS\Todo Backup\bin\Agent.exe
FirewallRules: [{5229141A-E99B-476C-94E5-BA50228B93F4}] => (Allow) H:\Program Files\EASEUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{22F296FD-1CCD-4ED3-917A-D3959ABF62FA}] => (Allow) H:\Program Files\EASEUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{10BC7E16-FCD6-4770-A50E-AD1BCB95A6E1}] => (Allow) H:\Program Files\EASEUS\Todo Backup\bin\TbService.exe
FirewallRules: [{AF1AD763-1419-4B2B-BD62-131CD2D601F1}] => (Allow) H:\Program Files\EASEUS\Todo Backup\bin\TbService.exe
FirewallRules: [UDP Query User{590AD1C7-4A50-4F88-B7EA-490759C38D80}C:\program files (x86)\acer remote\arcserver.exe] => (Allow) C:\program files (x86)\acer remote\arcserver.exe
FirewallRules: [TCP Query User{1C29AE09-4315-4622-919D-CD2C646D09E8}C:\program files (x86)\acer remote\arcserver.exe] => (Allow) C:\program files (x86)\acer remote\arcserver.exe
FirewallRules: [UDP Query User{35002341-40BD-453E-9FB4-8E77F2E1F501}C:\program files (x86)\acer remote\arcserver.exe] => (Block) C:\program files (x86)\acer remote\arcserver.exe
FirewallRules: [TCP Query User{03D08A97-C2F8-44C5-B5D3-2340505EE555}C:\program files (x86)\acer remote\arcserver.exe] => (Block) C:\program files (x86)\acer remote\arcserver.exe
FirewallRules: [{F8CE7F3C-77A8-4DB2-98CC-D294FEEC3990}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe
FirewallRules: [{727A3365-83ED-42AD-881E-0AB34A286E11}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe
FirewallRules: [{BD1D269F-16F8-45E8-BEC4-35FF4BBD40F1}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe
FirewallRules: [{3A5409F3-908C-4484-86D4-01F5E25697C1}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe
FirewallRules: [{030E7187-1FD8-4E1E-A675-1F4ACD2ABD87}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{6896C87F-2A4B-490C-AD89-09871003F247}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{DF823242-CC34-4F2C-A391-2AA5194142C0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{C8F450ED-851C-43FE-A134-D621CBE99EE0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{B79C3D88-B406-42D3-8E40-6316AA3BCD57}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{D2D0EE2F-64E9-4FD1-B6C6-F14A0C092B0C}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{590A0C7C-A4EE-4BA0-A313-25DD66A0A781}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\PlayMovie.exe
FirewallRules: [{6FEB933F-57CE-4214-A43C-616EDF5951C5}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{1C2B145F-C011-4CF1-B992-F78A27CE4D7E}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{B57679DE-858E-46BA-B56A-7F472BEAE711}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{13B8F977-4B7D-403F-ABB9-4AE55FC860C1}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{81C6F084-57DD-4AFF-9B20-240CAFF8E483}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{2ED67888-28D1-435C-81DF-B726086F74AE}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{7A0E4ED8-681B-43F5-978E-624CF42C4F5A}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{5BA8D653-24F3-48A0-B287-B0AA4385EA0B}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{1A18B3ED-1CBF-4FB1-BE6C-15183FDF7209}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{8FB28222-AC16-4A93-8C36-860F201EC145}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [TCP Query User{A3B7E88D-841E-4817-A1CF-6362D0CCC1B3}I:\programme\microsoft games\age of empires ii\age2_x1\age2_x1.icd] => (Allow) I:\programme\microsoft games\age of empires ii\age2_x1\age2_x1.icd
FirewallRules: [UDP Query User{B4D45677-6B67-4A53-8CDA-6B1D2E8A99A8}I:\programme\microsoft games\age of empires ii\age2_x1\age2_x1.icd] => (Allow) I:\programme\microsoft games\age of empires ii\age2_x1\age2_x1.icd
FirewallRules: [{FACE4B9F-5C89-453B-8048-F842B568F362}] => (Allow) E:\Program Files\Microsoft Visual Studio 11.0\Common7\IDE\WDExpress.exe
FirewallRules: [{831275C3-9860-4DE4-B1AD-F670462D4893}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS5C6D\hppiw.exe
FirewallRules: [{4B669EE0-A9D1-4F09-89CE-78200F9B29F4}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS5C6D\hppiw.exe
FirewallRules: [{58C7AE4B-6A3C-4BCF-BF7F-A0911F042250}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS05FD\hppiw.exe
FirewallRules: [{3BA7B709-2475-43CD-A00E-462A5A44814E}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS05FD\hppiw.exe
FirewallRules: [{5D6CB60F-618B-4F68-87C8-1BCF9DC20FAC}] => (Allow) C:\Windows\SysWOW64\dplaysvr.exe
FirewallRules: [{BC8474A6-26B9-4472-9517-94BB71305E63}] => (Allow) C:\Windows\SysWOW64\dplaysvr.exe
FirewallRules: [{A345A686-F886-495C-91B1-9C8DC6DA4153}] => (Allow) I:\Programme\Microsoft Games\Age of Empires II\AGE2_X1\age2_x1.Exe
FirewallRules: [{F41A980A-890A-422C-BC01-6A79C5D6B23D}] => (Allow) I:\Programme\Microsoft Games\Age of Empires II\AGE2_X1\age2_x1.Exe
FirewallRules: [TCP Query User{A02D4A8D-D7B3-41CB-8C0F-B74185F91758}I:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.icd] => (Allow) I:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.icd
FirewallRules: [UDP Query User{0B010CEC-220B-41D7-A227-5D983233A0B1}I:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.icd] => (Allow) I:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.icd
FirewallRules: [{0E493143-C7CA-4B97-996D-610F988623AF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{94705516-98C9-4DBF-9645-E47CFFB6AF82}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{0EC2FCD1-5F09-464A-AFF8-92DE47EAE7EB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{45E00A3B-C982-4C28-A2C2-B24090BDF4CF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{7A9790D6-4262-46FD-ADB0-A88824F89C05}] => (Allow) D:\Program Files\Internet-Radio-Player\phonostarStarter.exe
FirewallRules: [{827162A1-098F-4EE6-A015-D2A6F92E6C03}] => (Allow) D:\Program Files\Internet-Radio-Player\phonostarStarter.exe
FirewallRules: [{8587BD94-30AF-4F53-81CD-DC514FCEEF41}] => (Allow) D:\Program Files\Internet-Radio-Player\phonostarStarter.exe
FirewallRules: [{CF120258-7A1A-40C2-96CE-0B703839BA5E}] => (Allow) D:\Program Files\Internet-Radio-Player\phonostarStarter.exe
FirewallRules: [{993D3A54-D83C-4CA7-9E58-3283387A6ABC}] => (Allow) D:\Program Files\JAP\jap.exe
FirewallRules: [{0A97A4C5-0E55-4E5E-845F-487B9D1673B2}] => (Allow) D:\Program Files\JAP\jap.exe
FirewallRules: [{05D91A0A-2D07-48C1-A14C-2B9EC07B4F92}] => (Allow) D:\Program Files\JAP\jap.exe
FirewallRules: [{62414625-DC71-41AF-9521-C4D495E1B7C4}] => (Allow) D:\Program Files\JAP\jap.exe
FirewallRules: [{B24DCB97-E781-45B0-9C7E-BFDC2BB76FF6}] => (Allow) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
FirewallRules: [{343BCB0D-A115-4169-B665-81C778DE589F}] => (Allow) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
FirewallRules: [{8EC0223E-EC1E-4489-B65D-C7CB4DE256DE}] => (Allow) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
FirewallRules: [{BCF9E82D-CC24-42B2-BCB8-4802AB756295}] => (Allow) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
FirewallRules: [{7EDB3FC4-1DDD-40B2-8C21-176A4DED00E4}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe
FirewallRules: [{E97232A3-8073-43E2-9917-D49FE4E1BB01}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe
FirewallRules: [{F4C08DAB-96C0-49C2-A333-CAF8975E9FD1}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe
FirewallRules: [{797EC598-4990-43FA-87A9-C0514F5D929C}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe
FirewallRules: [{DB5AFDC2-664F-41CF-BCA1-33B2518C675F}] => (Allow) D:\Program Files\Lightworks\ntcardvt.exe
FirewallRules: [{E9FF6430-7ACA-4404-8F2D-65855E82C606}] => (Allow) D:\Program Files\Lightworks\ntcardvt.exe
FirewallRules: [{41E8953A-5C23-4B85-93BA-62C33FDC7427}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS028F\hppiw.exe
FirewallRules: [{36122F37-8231-456B-9607-B5A87FE0EEEE}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS028F\hppiw.exe
FirewallRules: [{7ADF1E6C-4B4B-4165-ACA2-968577719846}] => (Allow) D:\Program Files\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{7549F9DF-F224-4F24-B542-1B35FDA112D4}] => (Allow) D:\Program Files\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{39330B85-C760-4C1C-ACD4-F79C9550E0C7}] => (Allow) D:\Program Files\pluginwrapper\opera_plugin_wrapper_32.exe
FirewallRules: [{FDF62D83-CB6E-489C-8DF2-BC895F0C2030}] => (Allow) D:\Program Files\pluginwrapper\opera_plugin_wrapper_32.exe
FirewallRules: [{32EDB9AD-3D11-4EAC-9C67-6FCB667B5C14}] => (Allow) D:\Program Files\opera.exe
FirewallRules: [{5FA9E85D-9BFC-43E3-907F-A8757FF89D90}] => (Allow) D:\Program Files\opera.exe
FirewallRules: [{6DCDB633-5F6C-4257-90EF-DFE556C8DCA9}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS18A4\hppiw.exe
FirewallRules: [{9819ABF1-961A-4946-8854-F1BEDF9B56E5}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS18A4\hppiw.exe
FirewallRules: [{690A066B-FBC3-457E-8866-AF25A3A0589A}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS2974\hppiw.exe
FirewallRules: [{1EBC7D26-FE50-400D-B4B4-75AC6B39413A}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS2974\hppiw.exe
FirewallRules: [TCP Query User{4B86C128-5107-4363-AC19-C5FA36465EA0}I:\program files\microsoft games\age of empires ii\age2_x1\age2_x2.exe] => (Allow) I:\program files\microsoft games\age of empires ii\age2_x1\age2_x2.exe
FirewallRules: [UDP Query User{5DFE83D5-835F-4683-9A5C-E6328CD9EC3B}I:\program files\microsoft games\age of empires ii\age2_x1\age2_x2.exe] => (Allow) I:\program files\microsoft games\age of empires ii\age2_x1\age2_x2.exe
FirewallRules: [{5656CEE0-F8E9-4855-B8AF-000CF4149F70}] => (Allow) D:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [{2EBCE465-408E-4F12-845C-8628440EFBC6}] => (Allow) D:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [{7E16960D-9B9F-4A0F-A47C-3D2777B43B4D}] => (Allow) D:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{38048089-9E32-4B04-8D66-D52FB58F7574}] => (Allow) D:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{4D6F0F96-700F-4928-B84B-9D6C4B4CAD6D}] => (Allow) D:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{4F07AAD3-A3B4-4E19-9953-19A16990F0DF}] => (Allow) D:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{F96DD952-B15E-424D-A717-F50BF4DC84DF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7D0A1B7F-FE37-4B25-BD20-4FCE7DD06914}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{2C193D0E-6E3F-498B-AF16-C250C26BC7BA}D:\program files\microsoft research\microsoft worldwide telescope\wwtexplorer.exe] => (Allow) D:\program files\microsoft research\microsoft worldwide telescope\wwtexplorer.exe
FirewallRules: [UDP Query User{3D72D360-45EF-4D3A-8E09-EC6EB03BA86D}D:\program files\microsoft research\microsoft worldwide telescope\wwtexplorer.exe] => (Allow) D:\program files\microsoft research\microsoft worldwide telescope\wwtexplorer.exe
FirewallRules: [{2AD4F1D9-7E36-4193-9313-5DEA07630321}] => (Allow) C:\Users\Rudolf\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{8BD918FB-4CBA-44EC-80B9-91D86065FF09}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{94008313-981D-46F6-AC80-423F35D60837}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{7ECD8FE1-A1FD-4B57-8F46-AA17751F56D3}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{3D5D79AC-062A-489D-9913-3B678B26D972}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{EDA65F68-3A98-44CA-B9B4-F9DE43330F7C}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{AE4F2305-115F-4E44-868A-76F1D59DDA6E}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{ED027693-62EE-47F6-BBCE-A0623395610E}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{ECEB4C4A-0D28-422C-9F1B-EB1B1AA6FD63}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{E6D13397-7811-4430-A919-DF425B2B21A7}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{DE83BA7E-C1BB-4466-BCA3-8EECDAD4257E}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{6A79F00C-7D41-49F7-8009-F3E728CC1331}] => (Allow) D:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{393E28F3-9B19-4306-89AB-5C4EA09D06B1}] => (Allow) D:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{4C6DB319-5454-4DD1-BB6B-47FC7658BC96}] => (Allow) D:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper_32.exe
FirewallRules: [{825591BA-72C7-4EF5-90CA-84047CF1E966}] => (Allow) D:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper_32.exe
FirewallRules: [{4F52405F-0D82-4964-83E3-2834A50E65B4}] => (Allow) D:\Program Files\Opera\opera.exe
FirewallRules: [{A20FB031-BC47-4C1A-95AB-1F67BA7BC97C}] => (Allow) D:\Program Files\Opera\opera.exe
FirewallRules: [TCP Query User{083415FB-4C92-4C01-A9D7-555131751228}D:\program files\microsoft research\wwtexplorer.exe] => (Allow) D:\program files\microsoft research\wwtexplorer.exe
FirewallRules: [UDP Query User{2F767CBE-B792-4C81-B854-BBA72810F303}D:\program files\microsoft research\wwtexplorer.exe] => (Allow) D:\program files\microsoft research\wwtexplorer.exe
FirewallRules: [{DF33D451-0625-4FCF-97E2-072ABBB5ED5F}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{7BC0CCF5-CE4F-40D1-B639-FCED55DEE350}] => (Allow) C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{EC62D032-4D4F-4682-BCE8-60C1F2A35660}C:\program files\java\jre1.8.0_65\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_65\bin\javaw.exe
FirewallRules: [UDP Query User{BF47679A-4D0E-48DA-B09B-0D6C9777D9D8}C:\program files\java\jre1.8.0_65\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_65\bin\javaw.exe
FirewallRules: [TCP Query User{8AAC9022-3498-469D-8638-5606E8181247}D:\apache24\bin\httpd.exe] => (Allow) D:\apache24\bin\httpd.exe
FirewallRules: [UDP Query User{27ABF644-C24B-418F-A091-09D3FB56A0DD}D:\apache24\bin\httpd.exe] => (Allow) D:\apache24\bin\httpd.exe
FirewallRules: [{8F7E01E8-ED50-4C24-8A3C-D2CB7FD6136A}] => (Allow) D:\Programme\MariaDB 10.1\bin\mysqld.exe
FirewallRules: [{2E818699-90A2-44BF-9FCF-CD4A30FEB10F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
Überprüfen Sie den "winmgmt" Dienst oder reparieren Sie den WMI.
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/10/2016 10:52:49 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (02/10/2016 10:52:48 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (02/10/2016 06:22:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm IEXPLORE.EXE, Version 11.0.9600.18124 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 16f8
Startzeit: 01d16425ce8488f0
Endzeit: 11
Anwendungspfad: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Berichts-ID: e05e676b-d01a-11e5-bf04-7427ea2d679e
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (02/10/2016 05:06:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm IEXPLORE.EXE, Version 11.0.9600.18124 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 82c
Startzeit: 01d1641791937c8d
Endzeit: 46
Anwendungspfad: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Berichts-ID: 483ae346-d010-11e5-bf04-7427ea2d679e
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (02/10/2016 03:05:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Pandora)
Description: Bei der Aktivierung der App „Microsoft.MicrosoftMahjong_8wekyb3d8bbwe!MicrosoftMahjong“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (02/10/2016 01:14:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm WINWORD.EXE, Version 10.0.2627.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: c78
Startzeit: 01d163fc8a668d29
Endzeit: 15
Anwendungspfad: D:\Program Files\Microsoft Office\Office10\WINWORD.EXE
Berichts-ID: d76a1019-cfef-11e5-bf04-7427ea2d679e
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (02/10/2016 10:31:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: delegate_execute.exe, Version: 48.0.2564.103, Zeitstempel: 0x56b11bc1
Name des fehlerhaften Moduls: delegate_execute.exe, Version: 48.0.2564.103, Zeitstempel: 0x56b11bc1
Ausnahmecode: 0x80000003
Fehleroffset: 0x00007f91
ID des fehlerhaften Prozesses: 0x14d8
Startzeit der fehlerhaften Anwendung: 0xdelegate_execute.exe0
Pfad der fehlerhaften Anwendung: delegate_execute.exe1
Pfad des fehlerhaften Moduls: delegate_execute.exe2
Berichtskennung: delegate_execute.exe3
Vollständiger Name des fehlerhaften Pakets: delegate_execute.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: delegate_execute.exe5
Error: (02/09/2016 11:50:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm cdbxpp.exe, Version 4.4.2.3442 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1ba8
Startzeit: 01d16388cb261919
Endzeit: 60000
Anwendungspfad: D:\Program Files\CDBurnerXP\cdbxpp.exe
Berichts-ID: 64646d58-cf7f-11e5-bf03-7427ea2d679e
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (02/09/2016 05:13:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: opera_plugin_wrapper.exe, Version: 12.17.1863.0, Zeitstempel: 0x534cfe97
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18185, Zeitstempel: 0x5683f0c5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000003dd0e
ID des fehlerhaften Prozesses: 0x102c
Startzeit der fehlerhaften Anwendung: 0xopera_plugin_wrapper.exe0
Pfad der fehlerhaften Anwendung: opera_plugin_wrapper.exe1
Pfad des fehlerhaften Moduls: opera_plugin_wrapper.exe2
Berichtskennung: opera_plugin_wrapper.exe3
Vollständiger Name des fehlerhaften Pakets: opera_plugin_wrapper.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: opera_plugin_wrapper.exe5
Error: (02/09/2016 02:55:39 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Pandora)
Description: Bei der Aktivierung der App „Microsoft.MicrosoftMahjong_8wekyb3d8bbwe!MicrosoftMahjong“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Systemfehler:
=============
Error: (02/10/2016 09:53:11 PM) (Source: DCOM) (EventID: 10010) (User: Pandora)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (02/10/2016 09:30:43 PM) (Source: DCOM) (EventID: 10016) (User: Pandora)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}PandoraHeinzS-1-5-21-2932333098-1933949563-2559224823-1004LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (02/10/2016 09:30:11 PM) (Source: DCOM) (EventID: 10016) (User: Pandora)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}PandoraHeinzS-1-5-21-2932333098-1933949563-2559224823-1004LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (02/10/2016 09:29:58 PM) (Source: DCOM) (EventID: 10016) (User: Pandora)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}PandoraHeinzS-1-5-21-2932333098-1933949563-2559224823-1004LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (02/10/2016 09:27:13 PM) (Source: DCOM) (EventID: 10016) (User: Pandora)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}PandoraHeinzS-1-5-21-2932333098-1933949563-2559224823-1004LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (02/10/2016 09:19:13 PM) (Source: DCOM) (EventID: 10016) (User: Pandora)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}PandoraHeinzS-1-5-21-2932333098-1933949563-2559224823-1004LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (02/10/2016 09:19:13 PM) (Source: DCOM) (EventID: 10016) (User: Pandora)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}PandoraHeinzS-1-5-21-2932333098-1933949563-2559224823-1004LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (02/10/2016 08:17:09 PM) (Source: Microsoft-Windows-Eventlog) (EventID: 30) (User: NT-AUTORITÄT)
Description: Der Ereignisprotokollierungsdienst hat beim Aktivieren des Herausgebers "{0BF2FB94-7B60-4B4D-9766-E82F658DF540}" für den Kanal "Microsoft-Windows-Kernel-ShimEngine/Operational" einen Fehler (5) erkannt. Dieser Fehler hat keinen Einfluss auf den Betrieb des Kanals, beeinträchtigt jedoch die Fähigkeit des Herausgebers, Ereignisse für den Kanal auszulösen. Dieser Fehler ist oft darauf zurückzuführen, dass der Anbieter die ETW-Anbietersicherheit verwendet und der Ereignisprotokoll-Dienstidentität keine Berechtigungen zum Aktivieren gewährt hat.
Error: (02/10/2016 08:17:06 PM) (Source: Microsoft-Windows-Eventlog) (EventID: 30) (User: NT-AUTORITÄT)
Description: Der Ereignisprotokollierungsdienst hat beim Aktivieren des Herausgebers "{0BF2FB94-7B60-4B4D-9766-E82F658DF540}" für den Kanal "Microsoft-Windows-Kernel-ShimEngine/Operational" einen Fehler (5) erkannt. Dieser Fehler hat keinen Einfluss auf den Betrieb des Kanals, beeinträchtigt jedoch die Fähigkeit des Herausgebers, Ereignisse für den Kanal auszulösen. Dieser Fehler ist oft darauf zurückzuführen, dass der Anbieter die ETW-Anbietersicherheit verwendet und der Ereignisprotokoll-Dienstidentität keine Berechtigungen zum Aktivieren gewährt hat.
Error: (02/10/2016 06:06:20 PM) (Source: DCOM) (EventID: 10016) (User: Pandora)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}PandoraHeinzS-1-5-21-2932333098-1933949563-2559224823-1004LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
CodeIntegrity:
===================================
Date: 2016-01-26 15:47:40.625
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-26 15:47:40.437
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-26 15:47:40.187
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-26 15:47:40.000
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-25 00:23:33.871
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-25 00:23:33.684
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-25 00:23:33.496
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-25 00:23:32.793
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-25 00:23:32.527
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-25 00:23:32.277
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i3-3240 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 39%
Installierter physikalischer RAM: 3976.74 MB
Verfügbarer physikalischer RAM: 2388.42 MB
Summe virtueller Speicher: 8072.74 MB
Verfügbarer virtueller Speicher: 5088.15 MB
==================== Laufwerke ================================
Drive c: (MARILYN MONROE) (Fixed) (Total:223.25 GB) (Free:138.16 GB) NTFS
Drive d: (KASSANDRA) (Fixed) (Total:224.36 GB) (Free:161.79 GB) NTFS
Drive e: (LYNKEUS) (Fixed) (Total:118.54 GB) (Free:75.97 GB) NTFS
Drive f: (CORIOLANUS) (Fixed) (Total:117.19 GB) (Free:60.49 GB) NTFS
Drive g: (VERDANDI) (Fixed) (Total:102.54 GB) (Free:74.59 GB) NTFS
Drive h: (MESSALINA) (Fixed) (Total:97.85 GB) (Free:75.45 GB) NTFS
Drive i: (PYTHIA) (Fixed) (Total:10.07 GB) (Free:3.94 GB) FAT32
Drive j: (NIFLHEIM) (Fixed) (Total:8.42 GB) (Free:3.62 GB) NTFS
Drive k: (FREYJA) (Fixed) (Total:11.12 GB) (Free:11.08 GB) NTFS
==================== MBR & Partitionstabelle ==================
==================== Ende von Addition.txt ============================
|
|
11.02.2016, 08:13
| #5 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | "nbi cleaner" ist wieder/noch daZitat:
Was ist mit meiner Frage nach bisherigen Funden und wenn es welche gab, den Logs dazu?
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
11.02.2016, 10:58
| #6 |
| | "nbi cleaner" ist wieder/noch da Als Admin. FRST.txt FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:27-01-2016
durchgeführt von Rudolf (Administrator) auf PANDORA (11-02-2016 10:28:07)
Gestartet von D:\Sicherung\Downloads\Microsoft\MalwareTools\FarbarRST
Geladene Profile: Rudolf & Heinz (Verfügbare Profile: Rudolf & Heinz)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(Apple Inc.) C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
() D:\Programme\MariaDB 10.1\bin\mysqld.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(The Eraser Project) D:\Program Files\Eraser\Eraser.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2guard.exe
() C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(CHENGDU YIWO Tech Development Co., Ltd) D:\Program Files\EaseUS\EaseUS Partition Maste10-8\bin\EpmNews.exe
(FUJIFILM Corporation) C:\Program Files (x86)\FinePixViewer\QuickDCF2.exe
(Adobe Systems Inc.) D:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
(Hewlett-Packard Co.) D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Macrovision Europe Ltd.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Hewlett-Packard Co.) D:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) D:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) D:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(The Eraser Project) D:\Program Files\Eraser\Eraser.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2guard.exe
(Adobe Systems Incorporated) D:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrobat_sl.exe
(CHENGDU YIWO Tech Development Co., Ltd) D:\Program Files\EaseUS\EaseUS Partition Maste10-8\bin\EpmNews.exe
(FUJIFILM Corporation) C:\Program Files (x86)\FinePixViewer\QuickDCF2.exe
(Adobe Systems Inc.) D:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
(Hewlett-Packard Co.) D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Co.) D:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) D:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) D:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-02] (Realtek Semiconductor)
HKLM\...\Run: [Eraser] => D:\Program Files\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project)
HKLM\...\Run: [Classic Start Menu] => C:\Programme\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [emsisoft anti-malware] => c:\program files\emsisoft anti-malware\a2guard.exe [9235928 2016-01-27] (Emsisoft Ltd)
HKLM-x32\...\Run: [EaseUS EPM tray] => D:\Program Files\EaseUS\EaseUS Partition Maste10-8\bin\EpmNews.exe [2089056 2015-09-16] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [EaseUs Watch] => "H:\Program Files\EaseUS\Todo Backup\bin\EuWatch.exe"
HKLM-x32\...\Run: [EaseUs Tray] => "H:\Program Files\EaseUS\Todo Backup\bin\TrayNotify.exe"
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => D:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [620152 2006-10-22] (Adobe Systems Inc.)
HKLM-x32\...\Run: [HP Software Update] => D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596016 2016-01-29] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2932333098-1933949563-2559224823-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [132608 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\Run: [GoogleChromeAutoLaunch_8873E7926251A1FFF25FD5B64C244189] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [748872 2016-02-09] (Google Inc.)
HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1193176 2013-09-17] ()
HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\Run: [SpybotPostWindows10UpgradeReInstall] => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [133632 2014-10-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Programme\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Programme\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk [2016-02-09]
ShortcutTarget: Adobe Acrobat Speed Launcher.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Synchronizer.lnk [2016-02-09]
ShortcutTarget: Adobe Acrobat Synchronizer.lnk -> D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2016-02-09]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ExifLauncher2.lnk [2016-02-09]
ShortcutTarget: ExifLauncher2.lnk -> C:\Program Files (x86)\FinePixViewer\QuickDCF2.exe (FUJIFILM Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-02-09]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2016-02-09]
ShortcutTarget: Microsoft Office.lnk -> D:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2016-02-09]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{B3CAEEBF-3743-4152-A0F7-CCF641E2A859}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de/
SearchScopes: HKU\.DEFAULT -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\.DEFAULT -> {B7DE1827-F960-445E-9E13-EF6E99B49D87} URL =
SearchScopes: HKU\S-1-5-21-2932333098-1933949563-2559224823-1001 -> {B7DE1827-F960-445E-9E13-EF6E99B49D87} URL =
SearchScopes: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004 -> {B7DE1827-F960-445E-9E13-EF6E99B49D87} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Programme\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Program Files\Java\bin\ssv.dll [2016-02-10] (Oracle Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Program Files\Java\bin\jp2ssv.dll [2016-02-10] (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Programme\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)
BHO-x32: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Programme\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems Incorporated)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Programme\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Programme\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Programme\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Toolbar: HKU\S-1-5-21-2932333098-1933949563-2559224823-1001 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei
Toolbar: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei
DPF: HKLM-x32 {DED4D168-AEEE-4E0C-B699-36A9A320ED5E} hxxp://de.cyberlink.com/prog/win8/js/UpdateAdvisor.cab
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Rudolf\AppData\Roaming\Mozilla\Firefox\Profiles\md9tgtza.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-09] ()
FF Plugin: @java.com/DTPlugin,version=11.74.2 -> D:\Program Files\Java\bin\dtplugin\npDeployJava1.dll [2016-02-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.74.2 -> D:\Program Files\Java\bin\plugin2\npjp2.dll [2016-02-10] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-09] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> D:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> D:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> D:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> D:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2932333098-1933949563-2559224823-1004: @phonostar.de/1&1 Internet-Radio-Player -> D:\Program Files\1&1 Internet-Radio-Player\npphonostarDetectNP.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-2932333098-1933949563-2559224823-1004: @phonostar.de/phonostar-Player -> D:\Program Files\Internet-Radio-Player\phonostar-Player\npphonostarDetectNP.dll [Keine Datei]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2014-12-15] [ist nicht signiert]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden
Chrome:
=======
CHR Profile: C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-25]
CHR Extension: (Google Drive) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-25]
CHR Extension: (YouTube) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-25]
CHR Extension: (Google-Suche) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-25]
CHR Extension: (Google Wallet) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-26]
CHR Extension: (Google Mail) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-25]
Opera:
=======
StartMenuInternet: (HKLM) Opera - D:\Program Files\Opera\Opera.exe
StartMenuInternet: (HKU\S-1-5-21-2932333098-1933949563-2559224823-1004) Opera - "C:\Users\Heinz\AppData\Local\Programs\Opera x64\Opera.exe"
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [10963864 2016-01-27] (Emsisoft Ltd)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-01-28] (Adobe Systems) [Datei ist nicht signiert]
R2 Bonjour Service; C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe [384512 2015-08-18] (Apple Inc.) [Datei ist nicht signiert]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [37416 2014-12-15] (CHENGDU YIWO Tech Development Co., Ltd)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [660040 2013-01-18] (Acer Incorporated)
R3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2013-12-21] (Macrovision Europe Ltd.) [Datei ist nicht signiert]
R3 hpqcxs08; D:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [254824 2011-04-29] (Hewlett-Packard Co.)
R2 hpqddsvc; D:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [138600 2011-04-29] (Hewlett-Packard Co.)
R2 HPSLPSVC; C:\Users\Rudolf\AppData\Local\Temp\7zS5C6D\hpslpsvc64.dll [1039360 2013-07-19] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [Datei ist nicht signiert]
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21744 2015-07-09] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [625640 2015-04-24] (Lenovo)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe [270336 2001-02-23] (Microsoft Corporation) [Datei ist nicht signiert]
R2 MySQL; D:\Programme\MariaDB 10.1\bin\mysqld.exe [13470536 2015-12-23] ()
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [134656 2015-07-09] (Microsoft Corporation) [Datei ist nicht signiert]
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-06] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\WINDOWS\SysWOW64\epmntdrv.sys [14944 2014-11-18] ()
R1 epp; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp.sys [124080 2016-02-09] (Emsisoft Ltd)
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48168 2014-12-14] ()
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\WINDOWS\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2015-11-15] (Riverbed Technology, Inc.)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2016-01-19] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [194976 2016-01-19] (Oracle Corporation)
R1 vmm; C:\WINDOWS\system32\Treiber\vmm.sys [294248 2016-01-29] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 cpuz137; \??\D:\Program Files\CPUID\PC Wizard 2013\pcwiz_x64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-10 15:56 - 2016-02-06 11:48 - 25839104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-02-10 15:56 - 2016-02-06 11:24 - 02887680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-02-10 15:56 - 2016-02-06 11:01 - 20366848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-02-10 15:56 - 2016-02-06 10:43 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-02-10 15:56 - 2016-02-06 10:32 - 14458368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-02-10 15:56 - 2016-02-06 10:16 - 12857856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-02-10 15:56 - 2016-02-06 10:09 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-02-10 15:56 - 2016-02-06 09:54 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-02-10 14:46 - 2016-01-22 09:01 - 22365992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-02-10 14:46 - 2016-01-22 08:11 - 19794896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-02-10 14:46 - 2016-01-22 06:25 - 14467072 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-02-10 14:46 - 2016-01-22 06:14 - 12879360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-02-10 14:46 - 2016-01-22 06:07 - 02778624 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-02-10 14:46 - 2016-01-22 05:58 - 02464256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-02-10 14:44 - 2016-01-22 07:40 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-02-10 14:44 - 2016-01-22 07:29 - 06052352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-02-10 14:44 - 2016-01-22 07:28 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-10 14:44 - 2016-01-22 07:27 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-02-10 14:44 - 2016-01-22 07:02 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-02-10 14:44 - 2016-01-22 06:55 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-02-10 14:44 - 2016-01-22 06:52 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-10 14:44 - 2016-01-22 06:51 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-02-10 14:44 - 2016-01-22 06:50 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-02-10 14:44 - 2016-01-22 06:48 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-02-10 14:44 - 2016-01-22 06:48 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-02-10 14:44 - 2016-01-22 06:47 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-02-10 14:44 - 2016-01-22 06:46 - 02123264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-02-10 14:44 - 2016-01-22 06:35 - 04611072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-02-10 14:44 - 2016-01-22 06:31 - 02597376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-02-10 14:44 - 2016-01-22 06:31 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-02-10 14:44 - 2016-01-22 06:28 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-02-10 14:44 - 2016-01-22 06:27 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-02-10 14:44 - 2016-01-22 06:25 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-02-10 14:44 - 2016-01-22 06:25 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-02-10 14:44 - 2016-01-22 06:24 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-02-10 14:44 - 2016-01-22 06:08 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-02-10 14:44 - 2016-01-22 06:07 - 02120704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-02-10 14:44 - 2016-01-22 06:02 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-02-10 14:44 - 2016-01-19 20:14 - 07453024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-02-10 14:44 - 2016-01-19 20:13 - 02175008 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-10 14:44 - 2016-01-19 20:13 - 01063464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-10 14:44 - 2016-01-19 20:12 - 01737088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-02-10 14:44 - 2016-01-19 20:12 - 01133744 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-02-10 14:44 - 2016-01-19 19:23 - 01564496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-10 14:44 - 2016-01-19 19:23 - 01501496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-02-10 14:44 - 2016-01-19 19:23 - 00548024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-10 14:44 - 2016-01-19 19:15 - 00246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-10 14:44 - 2016-01-19 18:30 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-02-10 14:44 - 2016-01-19 17:37 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-02-10 14:44 - 2016-01-06 19:25 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-10 14:43 - 2016-01-15 02:42 - 00033472 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-02-10 14:43 - 2016-01-14 21:44 - 01362944 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-02-10 14:43 - 2016-01-14 21:44 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-02-10 14:43 - 2016-01-14 21:44 - 00696320 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-02-10 14:43 - 2016-01-14 21:44 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-02-10 14:43 - 2016-01-14 21:44 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-02-10 14:43 - 2016-01-14 21:44 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-02-10 14:43 - 2016-01-10 20:37 - 00442720 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-02-10 14:43 - 2016-01-10 19:39 - 00332640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-02-10 14:43 - 2016-01-10 19:15 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-02-10 14:43 - 2016-01-10 19:15 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-02-10 14:43 - 2016-01-10 18:50 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-02-10 14:43 - 2016-01-10 18:43 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-02-10 14:43 - 2016-01-10 18:31 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-10 14:43 - 2016-01-10 18:16 - 00898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-02-10 14:43 - 2016-01-10 18:14 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-10 14:43 - 2016-01-10 18:12 - 00532480 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2016-02-10 14:43 - 2016-01-10 18:09 - 01442304 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-10 14:43 - 2016-01-10 18:09 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-02-10 14:43 - 2016-01-10 18:02 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-10 14:43 - 2016-01-10 17:58 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-10 14:43 - 2016-01-10 17:56 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2016-02-10 14:43 - 2016-01-10 17:51 - 00702976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-02-10 14:43 - 2016-01-10 17:49 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EncDec.dll
2016-02-10 14:43 - 2016-01-10 17:43 - 00801792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-10 14:43 - 2016-01-10 17:40 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-10 14:43 - 2016-01-07 19:34 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-02-10 14:43 - 2015-12-29 16:45 - 07783936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-02-10 14:43 - 2015-12-29 16:45 - 07075328 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-02-10 14:43 - 2015-12-29 16:43 - 05267968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-02-10 14:43 - 2015-12-29 16:42 - 05264384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-02-10 14:43 - 2015-12-28 22:42 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSync.dll
2016-02-10 14:43 - 2015-12-28 21:31 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSync.dll
2016-02-10 14:42 - 2016-01-10 20:37 - 00136912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-02-10 14:42 - 2016-01-10 17:51 - 03707392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-02-10 14:42 - 2016-01-10 17:39 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2016-02-10 14:42 - 2016-01-10 17:38 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2016-02-10 14:42 - 2016-01-10 17:36 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2016-02-10 14:42 - 2016-01-10 17:36 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2016-02-10 14:42 - 2016-01-10 17:35 - 02243584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2016-02-10 14:42 - 2016-01-10 17:35 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-02-10 14:42 - 2016-01-10 17:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2016-02-10 14:42 - 2016-01-10 17:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2016-02-10 14:42 - 2016-01-10 17:27 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2016-02-10 14:42 - 2016-01-10 17:26 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-02-10 14:42 - 2015-12-17 19:29 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-02-10 14:42 - 2015-12-17 17:17 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-02-10 13:08 - 2016-02-10 13:08 - 00110176 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2016-02-10 13:08 - 2016-02-10 13:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-02-09 22:43 - 2016-02-09 23:20 - 00000000 __RHD C:\ESD
2016-02-09 22:40 - 2016-02-09 22:40 - 00010214 _____ C:\TDSSKiller.3.1.0.9_09.02.2016_22.40.39_log.txt
2016-02-07 15:10 - 2016-02-09 22:40 - 00000876 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2016-02-05 18:16 - 2016-02-05 18:16 - 399414055 _____ C:\WINDOWS\MEMORY.DMP
2016-02-05 18:16 - 2016-02-05 18:16 - 00286232 _____ C:\WINDOWS\Minidump\020516-36828-01.dmp
2016-02-05 18:16 - 2016-02-05 18:16 - 00000000 ____D C:\WINDOWS\Minidump
2016-02-04 16:12 - 2016-01-19 17:40 - 00965440 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxDrv.sys
2016-02-04 16:12 - 2016-01-19 17:40 - 00138904 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxUSBMon.sys
2016-02-04 13:04 - 2016-02-04 13:04 - 00000000 ____D C:\ProgramData\Emsisoft
2016-02-04 12:50 - 2016-02-09 22:40 - 00000960 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2016-02-04 12:50 - 2016-02-04 12:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2016-02-04 12:49 - 2016-02-11 10:27 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware
2016-02-02 16:42 - 2016-02-02 16:42 - 00000000 ____D C:\Users\Rudolf\AppData\Roaming\VSRevoGroup
2016-02-02 16:36 - 2016-02-09 22:39 - 00000928 _____ C:\Users\Rudolf\Desktop\Revo Uninstaller.lnk
2016-02-02 16:36 - 2016-02-02 16:36 - 00000000 ____D C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-02-02 16:31 - 2016-02-02 16:34 - 00235990 _____ C:\TDSSKiller.3.1.0.9_02.02.2016_16.31.34_log.txt
2016-02-02 16:24 - 2016-02-02 16:24 - 00000000 ____D C:\TDSSKiller_Quarantine
2016-02-02 16:21 - 2016-02-02 16:25 - 00237812 _____ C:\TDSSKiller.3.1.0.9_02.02.2016_16.21.01_log.txt
2016-02-02 13:53 - 2016-02-02 13:58 - 00236786 _____ C:\TDSSKiller.3.1.0.9_02.02.2016_13.53.27_log.txt
2016-01-29 13:49 - 2016-02-09 22:40 - 00001635 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Virtual PC.lnk
2016-01-29 13:49 - 2016-01-29 17:29 - 00000000 ____D C:\WINDOWS\system32\Treiber
2016-01-27 18:21 - 2016-01-27 18:21 - 00000894 _____ C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\MySQL Client (MariaDB 10.1 (x64)).lnk
2016-01-27 10:41 - 2016-01-27 10:41 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-01-27 00:02 - 2016-01-27 00:02 - 00000000 ____D C:\Program Files (x86)\ESET
2016-01-26 22:00 - 2016-02-11 10:28 - 00000000 ____D C:\FRST
2016-01-26 21:05 - 2016-01-26 21:05 - 00000079 _____ C:\WINDOWS\wininit.ini
2016-01-26 17:48 - 2016-01-26 17:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Strawberry Perl (64-bit)
2016-01-26 17:38 - 2016-02-07 15:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2016-01-26 16:36 - 2016-01-26 16:36 - 00001468 _____ C:\Users\Heinz\Desktop\WinMD5.lnk
2016-01-25 18:51 - 2016-02-07 15:16 - 00000000 ____D C:\Users\Heinz\VirtualBox VMs
2016-01-25 17:38 - 2016-02-10 19:25 - 00000000 ____D C:\Users\Heinz\.VirtualBox
2016-01-25 17:27 - 2016-01-25 17:27 - 00000000 ____D C:\MATS
2016-01-19 17:40 - 2016-01-19 17:40 - 00194976 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxNetLwf.sys
2016-01-19 17:40 - 2016-01-19 17:40 - 00117768 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxNetAdp6.sys
2016-01-17 12:35 - 2016-01-18 00:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-01-14 17:48 - 2016-02-10 12:09 - 00000000 ____D C:\Users\Heinz\.oracle_jre_usage
2016-01-14 17:45 - 2016-01-14 17:45 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\HeidiSQL
2016-01-14 17:43 - 2016-02-09 22:40 - 00001170 _____ C:\Users\Public\Desktop\HeidiSQL.lnk
2016-01-14 17:43 - 2016-01-14 17:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MariaDB 10.1 (x64)
2016-01-14 16:26 - 2016-02-09 22:40 - 00000715 _____ C:\Users\Public\Desktop\Notepad++ 6.8.8.lnk
2016-01-13 22:48 - 2016-01-12 20:40 - 00001576 _____ C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Win Media Player.lnk
2016-01-12 21:26 - 2015-12-11 04:18 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-01-12 21:26 - 2015-12-07 11:56 - 01380600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 02745184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 02528784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 02450240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVENCOD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 02447136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVENCOD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 02334104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 02324744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 01877504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 01798480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 01484888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 01288128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 01210200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 01150232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 01115640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 01037680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00914672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00850680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 00735496 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 00700360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 00629600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 00557856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSDECD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00498472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 00492736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSDECD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00463776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00399776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 00299080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VIDRESZR.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00275312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MPG4DECD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00274280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP43DECD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPG4DECD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00248432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP43DECD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00246856 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00244296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 00229272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00203016 _____ (Microsoft Corporation) C:\WINDOWS\system32\COLORCNV.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00184912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COLORCNV.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00183856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VIDRESZR.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00110544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 00099136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00090904 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 00090392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfvdsp.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 00081032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 00076936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfvdsp.dll
2016-01-12 21:26 - 2015-12-04 16:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-01-12 21:26 - 2015-12-03 20:42 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-01-12 21:26 - 2015-12-03 20:42 - 00137968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll
2016-01-12 21:26 - 2015-12-03 20:42 - 00106960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-01-12 21:26 - 2015-12-03 19:52 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-01-12 21:26 - 2015-12-03 19:52 - 00120376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll
2016-01-12 21:26 - 2015-12-03 19:52 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-01-12 21:26 - 2015-12-03 19:07 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-12 21:26 - 2015-12-03 19:07 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-01-12 21:26 - 2015-12-03 19:05 - 00644608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL
2016-01-12 21:26 - 2015-12-03 19:02 - 01664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-12 21:26 - 2015-12-03 19:00 - 00451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
2016-01-12 21:26 - 2015-12-03 18:58 - 00378880 ____C (Microsoft Corporation) C:\WINDOWS\system32\SysFxUI.dll
2016-01-12 21:26 - 2015-12-03 18:36 - 01697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-12 21:26 - 2015-12-03 18:30 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFWMAAEC.DLL
2016-01-12 21:26 - 2015-12-03 18:28 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-12 21:26 - 2015-12-03 18:28 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-01-12 21:26 - 2015-12-03 18:27 - 00736256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL
2016-01-12 21:26 - 2015-12-03 18:24 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-01-12 21:26 - 2015-12-03 18:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2016-01-12 21:26 - 2015-12-03 18:07 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-01-12 21:26 - 2015-12-03 18:06 - 01501184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-12 21:26 - 2015-12-03 18:01 - 00743936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFWMAAEC.DLL
2016-01-12 21:26 - 2015-12-03 17:45 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-01-12 21:26 - 2015-12-03 17:40 - 01010688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-12 21:26 - 2015-12-03 17:29 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-01-12 21:26 - 2015-12-02 16:04 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-01-12 21:26 - 2015-12-02 16:01 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-01-12 21:26 - 2015-11-17 22:07 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-01-12 21:25 - 2015-12-08 20:08 - 00685432 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-12 21:25 - 2015-12-08 20:07 - 00507176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-11 10:27 - 2013-12-24 17:22 - 00000000 ___DO C:\Users\Rudolf\SkyDrive
2016-02-11 10:27 - 2013-12-21 21:49 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-11 10:26 - 2013-12-24 15:04 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\ClassicShell
2016-02-11 10:19 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2016-02-10 23:54 - 2013-12-26 15:30 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-02-10 23:45 - 2013-12-21 21:49 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-10 21:52 - 2013-12-19 16:04 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2932333098-1933949563-2559224823-1004
2016-02-10 20:52 - 2013-12-21 21:50 - 00002238 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-10 20:16 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-10 20:16 - 2013-08-22 15:44 - 01027912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-02-10 19:34 - 2013-08-22 14:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-02-10 19:32 - 2015-04-15 16:58 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-02-10 19:32 - 2013-11-14 08:13 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 19:32 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-02-10 19:32 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2016-02-10 16:06 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-02-10 16:01 - 2013-12-20 16:06 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-10 15:57 - 2013-12-20 16:06 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-10 14:39 - 2015-11-11 12:08 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-10 14:39 - 2015-11-11 12:08 - 00177496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-02-10 12:12 - 2014-03-26 18:26 - 00000000 ____D C:\Users\Rudolf\.nbi
2016-02-10 11:55 - 2015-08-30 14:14 - 00000000 ____D C:\Users\Rudolf\.oracle_jre_usage
2016-02-10 10:31 - 2014-10-31 10:35 - 00000000 ____D C:\Users\Rudolf\AppData\Roaming\ClassicShell
2016-02-10 10:31 - 2013-12-21 14:42 - 00000000 ____D C:\Users\Heinz\AppData\Local\CrashDumps
2016-02-10 10:28 - 2013-12-19 13:37 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2932333098-1933949563-2559224823-1001
2016-02-10 10:28 - 2013-11-14 08:27 - 01886820 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-10 10:28 - 2013-11-14 08:11 - 00807630 _____ C:\WINDOWS\system32\perfh007.dat
2016-02-10 10:28 - 2013-11-14 08:11 - 00177182 _____ C:\WINDOWS\system32\perfc007.dat
2016-02-10 10:25 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-09 23:51 - 2013-12-22 13:33 - 00000000 ____D C:\Users\Heinz
2016-02-09 23:06 - 2014-12-26 17:21 - 00000000 __SHD C:\Users\Rudolf\AppData\Local\EmieUserList
2016-02-09 23:06 - 2014-12-26 17:21 - 00000000 __SHD C:\Users\Rudolf\AppData\Local\EmieSiteList
2016-02-09 23:06 - 2014-12-26 17:21 - 00000000 __SHD C:\Users\Rudolf\AppData\Local\EmieBrowserModeList
2016-02-09 22:53 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-09 22:40 - 2015-12-26 17:55 - 00000851 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2016-02-09 22:40 - 2015-12-26 17:55 - 00000789 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2016-02-09 22:40 - 2015-11-23 13:04 - 00000777 _____ C:\Users\Public\Desktop\GIMP 2.lnk
2016-02-09 22:40 - 2015-11-23 13:04 - 00000777 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2016-02-09 22:40 - 2015-11-21 17:13 - 00001017 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2016-02-09 22:40 - 2015-10-31 11:47 - 00002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-02-09 22:40 - 2015-10-31 11:47 - 00002075 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-02-09 22:40 - 2015-09-26 14:47 - 00001556 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2015.lnk
2016-02-09 22:40 - 2015-09-26 14:35 - 00001557 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015.lnk
2016-02-09 22:40 - 2015-07-17 11:55 - 00002779 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Outlook.lnk
2016-02-09 22:40 - 2015-07-17 11:55 - 00002719 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Excel.lnk
2016-02-09 22:40 - 2015-07-17 11:55 - 00002707 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft PowerPoint.lnk
2016-02-09 22:40 - 2015-07-17 11:55 - 00002687 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Word.lnk
2016-02-09 22:40 - 2015-07-17 11:55 - 00002649 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Access.lnk
2016-02-09 22:40 - 2015-07-15 21:55 - 00002178 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2016-02-09 22:40 - 2015-05-30 10:37 - 00000741 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-02-09 22:40 - 2015-04-20 14:37 - 00000707 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2016-02-09 22:40 - 2015-02-22 19:36 - 00001096 _____ C:\Users\Public\Desktop\paint.net.lnk
2016-02-09 22:40 - 2015-02-08 17:33 - 00002597 _____ C:\Users\Public\Desktop\WorldWide Telescope.lnk
2016-02-09 22:40 - 2015-01-31 12:52 - 00000823 _____ C:\Users\Public\Desktop\Greenfish Icon Editor Pro.lnk
2016-02-09 22:40 - 2015-01-31 11:04 - 00001122 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-02-09 22:40 - 2014-12-26 22:10 - 00001142 _____ C:\Users\Public\Desktop\Free Dailymotion Download.lnk
2016-02-09 22:40 - 2014-08-13 15:59 - 00001989 _____ C:\Users\Public\Desktop\FinePixViewer.lnk
2016-02-09 22:40 - 2014-08-07 15:19 - 00001895 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
2016-02-09 22:40 - 2014-08-07 15:05 - 00001096 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2016-02-09 22:40 - 2014-08-05 08:11 - 00001109 _____ C:\Users\Public\Desktop\HP Solution Center.lnk
2016-02-09 22:40 - 2014-08-05 08:11 - 00000763 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk
2016-02-09 22:40 - 2014-05-17 16:09 - 00000842 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ImageReady 7.0.1.lnk
2016-02-09 22:40 - 2014-05-17 16:09 - 00000837 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 7.0.1.lnk
2016-02-09 22:40 - 2014-04-23 15:11 - 00000784 _____ C:\Users\Public\Desktop\Avidemux 2.6 - 64bits.lnk
2016-02-09 22:40 - 2014-01-28 16:34 - 00002089 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge.lnk
2016-02-09 22:40 - 2014-01-28 16:33 - 00001939 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2.0.lnk
2016-02-09 22:40 - 2013-12-25 18:13 - 00001177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-02-09 22:40 - 2013-12-25 18:13 - 00001171 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-02-09 22:40 - 2013-12-22 13:37 - 00001511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-02-09 22:40 - 2013-12-22 00:26 - 00001557 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eraser.lnk
2016-02-09 22:40 - 2013-12-21 22:02 - 00002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 8.lnk
2016-02-09 22:40 - 2013-12-21 22:02 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 8 Professional.lnk
2016-02-09 22:40 - 2013-12-21 22:02 - 00001885 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle Designer 8.0.lnk
2016-02-09 22:40 - 2013-12-21 15:10 - 00000837 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 5.0.lnk
2016-02-09 22:40 - 2013-12-21 15:04 - 00002107 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help Center.lnk
2016-02-09 22:40 - 2013-12-21 15:03 - 00000765 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign CS2.lnk
2016-02-09 22:40 - 2013-12-20 16:36 - 00000717 _____ C:\Users\Public\Desktop\WinRAR 3.93.lnk
2016-02-09 22:40 - 2013-12-19 17:02 - 00001227 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2016-02-09 22:40 - 2013-09-17 17:06 - 00001927 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-02-09 22:39 - 2015-12-18 16:14 - 00000760 _____ C:\Users\Rudolf\Desktop\jEdit.lnk
2016-02-09 22:39 - 2015-11-21 17:31 - 00000877 _____ C:\Users\Rudolf\Desktop\Any Video Converter.lnk
2016-02-09 22:39 - 2015-11-21 16:07 - 00000675 _____ C:\Users\Rudolf\Desktop\Nmap - Zenmap GUI.lnk
2016-02-09 22:39 - 2015-07-22 16:57 - 00001216 _____ C:\Users\Rudolf\Desktop\CrystalDiskInfo.lnk
2016-02-09 22:39 - 2014-10-31 10:42 - 00001178 _____ C:\Users\Rudolf\Desktop\Calculator.lnk
2016-02-09 22:39 - 2014-10-31 10:35 - 00002083 _____ C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\startscreen.lnk
2016-02-09 22:39 - 2014-08-07 15:19 - 00000787 _____ C:\Users\Rudolf\Desktop\DVD slideshow GUI.lnk
2016-02-09 22:39 - 2014-08-05 08:11 - 00001109 _____ C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk
2016-02-09 22:39 - 2013-12-22 13:54 - 00001468 _____ C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-02-09 22:39 - 2013-12-21 21:33 - 00001096 _____ C:\Users\Rudolf\Desktop\RegEdit.lnk
2016-02-09 22:39 - 2013-12-20 20:34 - 00000805 _____ C:\Users\Rudolf\Desktop\ACDSee Trial Version.lnk
2016-02-09 18:54 - 2013-12-26 15:30 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-02-06 16:03 - 2013-12-21 18:01 - 00000028 _____ C:\WINDOWS\OutLog.txt
2016-02-06 16:03 - 2013-12-21 18:01 - 00000000 _____ C:\WINDOWS\BcdLog.txt
2016-02-06 13:01 - 2013-12-22 12:50 - 00318368 _____ C:\Users\Heinz\AppData\Roaming\GDIPFONTCACHEV1.DAT
2016-02-03 19:34 - 2013-12-26 15:10 - 00000000 ____D C:\Users\Heinz\dwhelper
2016-02-02 16:44 - 2015-11-21 17:13 - 00000000 ____D C:\Users\Rudolf\AppData\Roaming\Foxit Software
2016-02-02 03:37 - 2013-08-22 16:38 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-02-02 03:37 - 2013-08-22 16:38 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-01 22:40 - 2013-12-21 21:49 - 00004106 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-01 22:40 - 2013-12-21 21:49 - 00003870 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-01-31 13:02 - 2014-02-08 22:26 - 00000376 _____ C:\Users\Heinz\Desktop\Live Anmelden.url
2016-01-30 23:41 - 2013-12-22 11:17 - 00000000 ____D C:\Users\Heinz\AppData\Local\Eraser 6
2016-01-28 18:59 - 2013-12-22 13:33 - 00000000 ____D C:\Users\Rudolf
2016-01-27 18:15 - 2015-07-17 11:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2016-01-26 22:54 - 2013-12-21 15:23 - 00000000 ____D C:\TEMP
2016-01-26 21:05 - 2015-11-28 13:22 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-01-26 16:19 - 2015-09-26 14:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
2016-01-26 16:19 - 2014-01-02 16:14 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-26 16:19 - 2013-12-22 13:23 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-01-26 16:15 - 2015-09-26 15:05 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0
2016-01-26 16:14 - 2015-09-26 14:46 - 00000000 ____D C:\Program Files (x86)\Windows Phone Kits
2016-01-26 11:20 - 2015-11-21 16:07 - 00000000 ____D C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nmap
2016-01-26 11:20 - 2013-12-21 21:18 - 00000000 ____D C:\ProgramData\FLEXnet
2016-01-26 11:06 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\registration
2016-01-25 17:29 - 2014-10-30 12:03 - 00000000 ____D C:\Users\Rudolf\AppData\Local\ElevatedDiagnostics
2016-01-22 02:07 - 2015-01-31 11:04 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\vlc
2016-01-15 11:55 - 2014-12-25 13:19 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-01-14 16:26 - 2013-12-22 00:10 - 00000000 ____D C:\Users\Rudolf\AppData\Roaming\Notepad++
2016-01-13 00:23 - 2015-03-11 23:47 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2016-01-12 20:40 - 2013-12-19 21:41 - 00001576 _____ C:\Users\Heinz\Desktop\Win Media Player.lnk
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-08-07 15:18 - 2014-08-07 15:18 - 5082084 _____ (The Public) C:\Users\Rudolf\AppData\Roaming\Avisynth.exe
2014-08-07 15:18 - 2014-08-07 15:18 - 5243208 _____ ( ) C:\Users\Rudolf\AppData\Roaming\AvsP.exe
2014-08-07 15:18 - 2014-08-07 15:18 - 5514668 _____ (LIGHTNING UK!) C:\Users\Rudolf\AppData\Roaming\Imgburn.exe
2014-08-07 15:18 - 2014-08-07 15:18 - 1357348 _____ () C:\Users\Rudolf\AppData\Roaming\MatroskaSplitter.exe
2014-08-07 15:18 - 2014-08-07 15:18 - 7760687 _____ (Boraxsoft) C:\Users\Rudolf\AppData\Roaming\SetupGFD.exe
2014-08-07 15:18 - 2014-08-07 15:18 - 0117723 _____ () C:\Users\Rudolf\AppData\Roaming\yuvcodecs-1.3.exe
2013-12-21 15:57 - 2015-01-28 12:41 - 0016515 _____ () C:\ProgramData\hpzinstall.log
Einige Dateien in TEMP:
====================
C:\Users\Heinz\AppData\Local\Temp\ICSharpCode.SharpZipLib.dll
C:\Users\Heinz\AppData\Local\Temp\npp.6.7.8.2.Installer.exe
C:\Users\Heinz\AppData\Local\Temp\npp.6.8.1.Installer.exe
C:\Users\Heinz\AppData\Local\Temp\npp.6.8.3.Installer.exe
C:\Users\Heinz\AppData\Local\Temp\npp.6.8.6.Installer.exe
C:\Users\Heinz\AppData\Local\Temp\npp.6.8.8.Installer.exe
C:\Users\Heinz\AppData\Local\Temp\TubeItUpdater.exe
C:\Users\Heinz\AppData\Local\Temp\WatermarkImageSetup.3.5.1.5.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-01-29 12:19
==================== Ende von FRST.txt ============================
[/CODE] |
|
11.02.2016, 11:00
| #7 |
| | "nbi cleaner" ist wieder/noch da Addition.txt FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:27-01-2016
durchgeführt von Rudolf (Administrator) auf PANDORA (11-02-2016 10:28:07)
Gestartet von D:\Sicherung\Downloads\Microsoft\MalwareTools\FarbarRST
Geladene Profile: Rudolf & Heinz (Verfügbare Profile: Rudolf & Heinz)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(Apple Inc.) C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
() D:\Programme\MariaDB 10.1\bin\mysqld.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(The Eraser Project) D:\Program Files\Eraser\Eraser.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2guard.exe
() C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(CHENGDU YIWO Tech Development Co., Ltd) D:\Program Files\EaseUS\EaseUS Partition Maste10-8\bin\EpmNews.exe
(FUJIFILM Corporation) C:\Program Files (x86)\FinePixViewer\QuickDCF2.exe
(Adobe Systems Inc.) D:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
(Hewlett-Packard Co.) D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Macrovision Europe Ltd.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Hewlett-Packard Co.) D:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) D:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) D:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(The Eraser Project) D:\Program Files\Eraser\Eraser.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2guard.exe
(Adobe Systems Incorporated) D:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrobat_sl.exe
(CHENGDU YIWO Tech Development Co., Ltd) D:\Program Files\EaseUS\EaseUS Partition Maste10-8\bin\EpmNews.exe
(FUJIFILM Corporation) C:\Program Files (x86)\FinePixViewer\QuickDCF2.exe
(Adobe Systems Inc.) D:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
(Hewlett-Packard Co.) D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Co.) D:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) D:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) D:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-02] (Realtek Semiconductor)
HKLM\...\Run: [Eraser] => D:\Program Files\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project)
HKLM\...\Run: [Classic Start Menu] => C:\Programme\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [emsisoft anti-malware] => c:\program files\emsisoft anti-malware\a2guard.exe [9235928 2016-01-27] (Emsisoft Ltd)
HKLM-x32\...\Run: [EaseUS EPM tray] => D:\Program Files\EaseUS\EaseUS Partition Maste10-8\bin\EpmNews.exe [2089056 2015-09-16] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [EaseUs Watch] => "H:\Program Files\EaseUS\Todo Backup\bin\EuWatch.exe"
HKLM-x32\...\Run: [EaseUs Tray] => "H:\Program Files\EaseUS\Todo Backup\bin\TrayNotify.exe"
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => D:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [620152 2006-10-22] (Adobe Systems Inc.)
HKLM-x32\...\Run: [HP Software Update] => D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596016 2016-01-29] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2932333098-1933949563-2559224823-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [132608 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\Run: [GoogleChromeAutoLaunch_8873E7926251A1FFF25FD5B64C244189] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [748872 2016-02-09] (Google Inc.)
HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1193176 2013-09-17] ()
HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\Run: [SpybotPostWindows10UpgradeReInstall] => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [133632 2014-10-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Programme\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Programme\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk [2016-02-09]
ShortcutTarget: Adobe Acrobat Speed Launcher.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Synchronizer.lnk [2016-02-09]
ShortcutTarget: Adobe Acrobat Synchronizer.lnk -> D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2016-02-09]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ExifLauncher2.lnk [2016-02-09]
ShortcutTarget: ExifLauncher2.lnk -> C:\Program Files (x86)\FinePixViewer\QuickDCF2.exe (FUJIFILM Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-02-09]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2016-02-09]
ShortcutTarget: Microsoft Office.lnk -> D:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2016-02-09]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{B3CAEEBF-3743-4152-A0F7-CCF641E2A859}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de/
SearchScopes: HKU\.DEFAULT -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\.DEFAULT -> {B7DE1827-F960-445E-9E13-EF6E99B49D87} URL =
SearchScopes: HKU\S-1-5-21-2932333098-1933949563-2559224823-1001 -> {B7DE1827-F960-445E-9E13-EF6E99B49D87} URL =
SearchScopes: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004 -> {B7DE1827-F960-445E-9E13-EF6E99B49D87} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Programme\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Program Files\Java\bin\ssv.dll [2016-02-10] (Oracle Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Program Files\Java\bin\jp2ssv.dll [2016-02-10] (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Programme\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)
BHO-x32: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Programme\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems Incorporated)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Programme\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Programme\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Programme\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Toolbar: HKU\S-1-5-21-2932333098-1933949563-2559224823-1001 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei
Toolbar: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei
DPF: HKLM-x32 {DED4D168-AEEE-4E0C-B699-36A9A320ED5E} hxxp://de.cyberlink.com/prog/win8/js/UpdateAdvisor.cab
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Rudolf\AppData\Roaming\Mozilla\Firefox\Profiles\md9tgtza.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-09] ()
FF Plugin: @java.com/DTPlugin,version=11.74.2 -> D:\Program Files\Java\bin\dtplugin\npDeployJava1.dll [2016-02-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.74.2 -> D:\Program Files\Java\bin\plugin2\npjp2.dll [2016-02-10] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-09] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> D:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> D:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> D:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> D:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2932333098-1933949563-2559224823-1004: @phonostar.de/1&1 Internet-Radio-Player -> D:\Program Files\1&1 Internet-Radio-Player\npphonostarDetectNP.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-2932333098-1933949563-2559224823-1004: @phonostar.de/phonostar-Player -> D:\Program Files\Internet-Radio-Player\phonostar-Player\npphonostarDetectNP.dll [Keine Datei]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2014-12-15] [ist nicht signiert]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden
Chrome:
=======
CHR Profile: C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-25]
CHR Extension: (Google Drive) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-25]
CHR Extension: (YouTube) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-25]
CHR Extension: (Google-Suche) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-25]
CHR Extension: (Google Wallet) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-26]
CHR Extension: (Google Mail) - C:\Users\Rudolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-25]
Opera:
=======
StartMenuInternet: (HKLM) Opera - D:\Program Files\Opera\Opera.exe
StartMenuInternet: (HKU\S-1-5-21-2932333098-1933949563-2559224823-1004) Opera - "C:\Users\Heinz\AppData\Local\Programs\Opera x64\Opera.exe"
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [10963864 2016-01-27] (Emsisoft Ltd)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-01-28] (Adobe Systems) [Datei ist nicht signiert]
R2 Bonjour Service; C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe [384512 2015-08-18] (Apple Inc.) [Datei ist nicht signiert]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [37416 2014-12-15] (CHENGDU YIWO Tech Development Co., Ltd)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [660040 2013-01-18] (Acer Incorporated)
R3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2013-12-21] (Macrovision Europe Ltd.) [Datei ist nicht signiert]
R3 hpqcxs08; D:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [254824 2011-04-29] (Hewlett-Packard Co.)
R2 hpqddsvc; D:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [138600 2011-04-29] (Hewlett-Packard Co.)
R2 HPSLPSVC; C:\Users\Rudolf\AppData\Local\Temp\7zS5C6D\hpslpsvc64.dll [1039360 2013-07-19] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [Datei ist nicht signiert]
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21744 2015-07-09] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [625640 2015-04-24] (Lenovo)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe [270336 2001-02-23] (Microsoft Corporation) [Datei ist nicht signiert]
R2 MySQL; D:\Programme\MariaDB 10.1\bin\mysqld.exe [13470536 2015-12-23] ()
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [134656 2015-07-09] (Microsoft Corporation) [Datei ist nicht signiert]
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-06] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\WINDOWS\SysWOW64\epmntdrv.sys [14944 2014-11-18] ()
R1 epp; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp.sys [124080 2016-02-09] (Emsisoft Ltd)
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48168 2014-12-14] ()
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\WINDOWS\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2015-11-15] (Riverbed Technology, Inc.)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2016-01-19] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [194976 2016-01-19] (Oracle Corporation)
R1 vmm; C:\WINDOWS\system32\Treiber\vmm.sys [294248 2016-01-29] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 cpuz137; \??\D:\Program Files\CPUID\PC Wizard 2013\pcwiz_x64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-10 15:56 - 2016-02-06 11:48 - 25839104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-02-10 15:56 - 2016-02-06 11:24 - 02887680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-02-10 15:56 - 2016-02-06 11:01 - 20366848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-02-10 15:56 - 2016-02-06 10:43 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-02-10 15:56 - 2016-02-06 10:32 - 14458368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-02-10 15:56 - 2016-02-06 10:16 - 12857856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-02-10 15:56 - 2016-02-06 10:09 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-02-10 15:56 - 2016-02-06 09:54 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-02-10 14:46 - 2016-01-22 09:01 - 22365992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-02-10 14:46 - 2016-01-22 08:11 - 19794896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-02-10 14:46 - 2016-01-22 06:25 - 14467072 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-02-10 14:46 - 2016-01-22 06:14 - 12879360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-02-10 14:46 - 2016-01-22 06:07 - 02778624 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-02-10 14:46 - 2016-01-22 05:58 - 02464256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-02-10 14:44 - 2016-01-22 07:40 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-02-10 14:44 - 2016-01-22 07:29 - 06052352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-02-10 14:44 - 2016-01-22 07:28 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-10 14:44 - 2016-01-22 07:27 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-02-10 14:44 - 2016-01-22 07:02 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-02-10 14:44 - 2016-01-22 06:55 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-02-10 14:44 - 2016-01-22 06:52 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-10 14:44 - 2016-01-22 06:51 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-02-10 14:44 - 2016-01-22 06:50 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-02-10 14:44 - 2016-01-22 06:48 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-02-10 14:44 - 2016-01-22 06:48 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-02-10 14:44 - 2016-01-22 06:47 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-02-10 14:44 - 2016-01-22 06:46 - 02123264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-02-10 14:44 - 2016-01-22 06:35 - 04611072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-02-10 14:44 - 2016-01-22 06:31 - 02597376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-02-10 14:44 - 2016-01-22 06:31 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-02-10 14:44 - 2016-01-22 06:28 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-02-10 14:44 - 2016-01-22 06:27 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-02-10 14:44 - 2016-01-22 06:25 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-02-10 14:44 - 2016-01-22 06:25 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-02-10 14:44 - 2016-01-22 06:24 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-02-10 14:44 - 2016-01-22 06:08 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-02-10 14:44 - 2016-01-22 06:07 - 02120704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-02-10 14:44 - 2016-01-22 06:02 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-02-10 14:44 - 2016-01-19 20:14 - 07453024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-02-10 14:44 - 2016-01-19 20:13 - 02175008 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-10 14:44 - 2016-01-19 20:13 - 01063464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-10 14:44 - 2016-01-19 20:12 - 01737088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-02-10 14:44 - 2016-01-19 20:12 - 01133744 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-02-10 14:44 - 2016-01-19 19:23 - 01564496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-10 14:44 - 2016-01-19 19:23 - 01501496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-02-10 14:44 - 2016-01-19 19:23 - 00548024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-10 14:44 - 2016-01-19 19:15 - 00246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-10 14:44 - 2016-01-19 18:30 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-02-10 14:44 - 2016-01-19 17:37 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-02-10 14:44 - 2016-01-06 19:25 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-10 14:43 - 2016-01-15 02:42 - 00033472 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-02-10 14:43 - 2016-01-14 21:44 - 01362944 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-02-10 14:43 - 2016-01-14 21:44 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-02-10 14:43 - 2016-01-14 21:44 - 00696320 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-02-10 14:43 - 2016-01-14 21:44 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-02-10 14:43 - 2016-01-14 21:44 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-02-10 14:43 - 2016-01-14 21:44 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-02-10 14:43 - 2016-01-10 20:37 - 00442720 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-02-10 14:43 - 2016-01-10 19:39 - 00332640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-02-10 14:43 - 2016-01-10 19:15 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-02-10 14:43 - 2016-01-10 19:15 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-02-10 14:43 - 2016-01-10 18:50 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-02-10 14:43 - 2016-01-10 18:43 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-02-10 14:43 - 2016-01-10 18:31 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-10 14:43 - 2016-01-10 18:16 - 00898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-02-10 14:43 - 2016-01-10 18:14 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-10 14:43 - 2016-01-10 18:12 - 00532480 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2016-02-10 14:43 - 2016-01-10 18:09 - 01442304 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-10 14:43 - 2016-01-10 18:09 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-02-10 14:43 - 2016-01-10 18:02 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-10 14:43 - 2016-01-10 17:58 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-10 14:43 - 2016-01-10 17:56 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2016-02-10 14:43 - 2016-01-10 17:51 - 00702976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-02-10 14:43 - 2016-01-10 17:49 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EncDec.dll
2016-02-10 14:43 - 2016-01-10 17:43 - 00801792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-10 14:43 - 2016-01-10 17:40 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-10 14:43 - 2016-01-07 19:34 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-02-10 14:43 - 2015-12-29 16:45 - 07783936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-02-10 14:43 - 2015-12-29 16:45 - 07075328 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-02-10 14:43 - 2015-12-29 16:43 - 05267968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-02-10 14:43 - 2015-12-29 16:42 - 05264384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-02-10 14:43 - 2015-12-28 22:42 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSync.dll
2016-02-10 14:43 - 2015-12-28 21:31 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSync.dll
2016-02-10 14:42 - 2016-01-10 20:37 - 00136912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-02-10 14:42 - 2016-01-10 17:51 - 03707392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-02-10 14:42 - 2016-01-10 17:39 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2016-02-10 14:42 - 2016-01-10 17:38 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2016-02-10 14:42 - 2016-01-10 17:36 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2016-02-10 14:42 - 2016-01-10 17:36 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2016-02-10 14:42 - 2016-01-10 17:35 - 02243584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2016-02-10 14:42 - 2016-01-10 17:35 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-02-10 14:42 - 2016-01-10 17:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2016-02-10 14:42 - 2016-01-10 17:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2016-02-10 14:42 - 2016-01-10 17:27 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2016-02-10 14:42 - 2016-01-10 17:26 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-02-10 14:42 - 2015-12-17 19:29 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-02-10 14:42 - 2015-12-17 17:17 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-02-10 13:08 - 2016-02-10 13:08 - 00110176 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2016-02-10 13:08 - 2016-02-10 13:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-02-09 22:43 - 2016-02-09 23:20 - 00000000 __RHD C:\ESD
2016-02-09 22:40 - 2016-02-09 22:40 - 00010214 _____ C:\TDSSKiller.3.1.0.9_09.02.2016_22.40.39_log.txt
2016-02-07 15:10 - 2016-02-09 22:40 - 00000876 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2016-02-05 18:16 - 2016-02-05 18:16 - 399414055 _____ C:\WINDOWS\MEMORY.DMP
2016-02-05 18:16 - 2016-02-05 18:16 - 00286232 _____ C:\WINDOWS\Minidump\020516-36828-01.dmp
2016-02-05 18:16 - 2016-02-05 18:16 - 00000000 ____D C:\WINDOWS\Minidump
2016-02-04 16:12 - 2016-01-19 17:40 - 00965440 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxDrv.sys
2016-02-04 16:12 - 2016-01-19 17:40 - 00138904 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxUSBMon.sys
2016-02-04 13:04 - 2016-02-04 13:04 - 00000000 ____D C:\ProgramData\Emsisoft
2016-02-04 12:50 - 2016-02-09 22:40 - 00000960 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2016-02-04 12:50 - 2016-02-04 12:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2016-02-04 12:49 - 2016-02-11 10:27 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware
2016-02-02 16:42 - 2016-02-02 16:42 - 00000000 ____D C:\Users\Rudolf\AppData\Roaming\VSRevoGroup
2016-02-02 16:36 - 2016-02-09 22:39 - 00000928 _____ C:\Users\Rudolf\Desktop\Revo Uninstaller.lnk
2016-02-02 16:36 - 2016-02-02 16:36 - 00000000 ____D C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-02-02 16:31 - 2016-02-02 16:34 - 00235990 _____ C:\TDSSKiller.3.1.0.9_02.02.2016_16.31.34_log.txt
2016-02-02 16:24 - 2016-02-02 16:24 - 00000000 ____D C:\TDSSKiller_Quarantine
2016-02-02 16:21 - 2016-02-02 16:25 - 00237812 _____ C:\TDSSKiller.3.1.0.9_02.02.2016_16.21.01_log.txt
2016-02-02 13:53 - 2016-02-02 13:58 - 00236786 _____ C:\TDSSKiller.3.1.0.9_02.02.2016_13.53.27_log.txt
2016-01-29 13:49 - 2016-02-09 22:40 - 00001635 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Virtual PC.lnk
2016-01-29 13:49 - 2016-01-29 17:29 - 00000000 ____D C:\WINDOWS\system32\Treiber
2016-01-27 18:21 - 2016-01-27 18:21 - 00000894 _____ C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\MySQL Client (MariaDB 10.1 (x64)).lnk
2016-01-27 10:41 - 2016-01-27 10:41 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-01-27 00:02 - 2016-01-27 00:02 - 00000000 ____D C:\Program Files (x86)\ESET
2016-01-26 22:00 - 2016-02-11 10:28 - 00000000 ____D C:\FRST
2016-01-26 21:05 - 2016-01-26 21:05 - 00000079 _____ C:\WINDOWS\wininit.ini
2016-01-26 17:48 - 2016-01-26 17:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Strawberry Perl (64-bit)
2016-01-26 17:38 - 2016-02-07 15:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2016-01-26 16:36 - 2016-01-26 16:36 - 00001468 _____ C:\Users\Heinz\Desktop\WinMD5.lnk
2016-01-25 18:51 - 2016-02-07 15:16 - 00000000 ____D C:\Users\Heinz\VirtualBox VMs
2016-01-25 17:38 - 2016-02-10 19:25 - 00000000 ____D C:\Users\Heinz\.VirtualBox
2016-01-25 17:27 - 2016-01-25 17:27 - 00000000 ____D C:\MATS
2016-01-19 17:40 - 2016-01-19 17:40 - 00194976 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxNetLwf.sys
2016-01-19 17:40 - 2016-01-19 17:40 - 00117768 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxNetAdp6.sys
2016-01-17 12:35 - 2016-01-18 00:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-01-14 17:48 - 2016-02-10 12:09 - 00000000 ____D C:\Users\Heinz\.oracle_jre_usage
2016-01-14 17:45 - 2016-01-14 17:45 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\HeidiSQL
2016-01-14 17:43 - 2016-02-09 22:40 - 00001170 _____ C:\Users\Public\Desktop\HeidiSQL.lnk
2016-01-14 17:43 - 2016-01-14 17:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MariaDB 10.1 (x64)
2016-01-14 16:26 - 2016-02-09 22:40 - 00000715 _____ C:\Users\Public\Desktop\Notepad++ 6.8.8.lnk
2016-01-13 22:48 - 2016-01-12 20:40 - 00001576 _____ C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Win Media Player.lnk
2016-01-12 21:26 - 2015-12-11 04:18 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-01-12 21:26 - 2015-12-07 11:56 - 01380600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 02745184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 02528784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 02450240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVENCOD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 02447136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVENCOD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 02334104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 02324744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 01877504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 01798480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 01484888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 01288128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 01210200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 01150232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 01115640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 01037680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00914672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00850680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 00735496 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 00700360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 00629600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 00557856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSDECD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00498472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 00492736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSDECD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00463776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00399776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 00299080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VIDRESZR.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00275312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MPG4DECD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00274280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP43DECD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPG4DECD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00248432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP43DECD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00246856 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00244296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 00229272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00203016 _____ (Microsoft Corporation) C:\WINDOWS\system32\COLORCNV.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00184912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COLORCNV.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00183856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VIDRESZR.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00110544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 00099136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-01-12 21:26 - 2015-12-05 06:58 - 00090904 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 00090392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfvdsp.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 00081032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2016-01-12 21:26 - 2015-12-05 06:58 - 00076936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfvdsp.dll
2016-01-12 21:26 - 2015-12-04 16:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-01-12 21:26 - 2015-12-03 20:42 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-01-12 21:26 - 2015-12-03 20:42 - 00137968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll
2016-01-12 21:26 - 2015-12-03 20:42 - 00106960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-01-12 21:26 - 2015-12-03 19:52 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-01-12 21:26 - 2015-12-03 19:52 - 00120376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll
2016-01-12 21:26 - 2015-12-03 19:52 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-01-12 21:26 - 2015-12-03 19:07 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-12 21:26 - 2015-12-03 19:07 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-01-12 21:26 - 2015-12-03 19:05 - 00644608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL
2016-01-12 21:26 - 2015-12-03 19:02 - 01664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-12 21:26 - 2015-12-03 19:00 - 00451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
2016-01-12 21:26 - 2015-12-03 18:58 - 00378880 ____C (Microsoft Corporation) C:\WINDOWS\system32\SysFxUI.dll
2016-01-12 21:26 - 2015-12-03 18:36 - 01697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-12 21:26 - 2015-12-03 18:30 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFWMAAEC.DLL
2016-01-12 21:26 - 2015-12-03 18:28 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-12 21:26 - 2015-12-03 18:28 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-01-12 21:26 - 2015-12-03 18:27 - 00736256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL
2016-01-12 21:26 - 2015-12-03 18:24 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-01-12 21:26 - 2015-12-03 18:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2016-01-12 21:26 - 2015-12-03 18:07 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-01-12 21:26 - 2015-12-03 18:06 - 01501184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-12 21:26 - 2015-12-03 18:01 - 00743936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFWMAAEC.DLL
2016-01-12 21:26 - 2015-12-03 17:45 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-01-12 21:26 - 2015-12-03 17:40 - 01010688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-12 21:26 - 2015-12-03 17:29 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-01-12 21:26 - 2015-12-02 16:04 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-01-12 21:26 - 2015-12-02 16:01 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-01-12 21:26 - 2015-11-17 22:07 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-01-12 21:25 - 2015-12-08 20:08 - 00685432 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-12 21:25 - 2015-12-08 20:07 - 00507176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-11 10:27 - 2013-12-24 17:22 - 00000000 ___DO C:\Users\Rudolf\SkyDrive
2016-02-11 10:27 - 2013-12-21 21:49 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-11 10:26 - 2013-12-24 15:04 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\ClassicShell
2016-02-11 10:19 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2016-02-10 23:54 - 2013-12-26 15:30 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-02-10 23:45 - 2013-12-21 21:49 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-10 21:52 - 2013-12-19 16:04 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2932333098-1933949563-2559224823-1004
2016-02-10 20:52 - 2013-12-21 21:50 - 00002238 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-10 20:16 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-10 20:16 - 2013-08-22 15:44 - 01027912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-02-10 19:34 - 2013-08-22 14:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-02-10 19:32 - 2015-04-15 16:58 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-02-10 19:32 - 2013-11-14 08:13 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 19:32 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-02-10 19:32 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2016-02-10 16:06 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-02-10 16:01 - 2013-12-20 16:06 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-10 15:57 - 2013-12-20 16:06 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-10 14:39 - 2015-11-11 12:08 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-10 14:39 - 2015-11-11 12:08 - 00177496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-02-10 12:12 - 2014-03-26 18:26 - 00000000 ____D C:\Users\Rudolf\.nbi
2016-02-10 11:55 - 2015-08-30 14:14 - 00000000 ____D C:\Users\Rudolf\.oracle_jre_usage
2016-02-10 10:31 - 2014-10-31 10:35 - 00000000 ____D C:\Users\Rudolf\AppData\Roaming\ClassicShell
2016-02-10 10:31 - 2013-12-21 14:42 - 00000000 ____D C:\Users\Heinz\AppData\Local\CrashDumps
2016-02-10 10:28 - 2013-12-19 13:37 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2932333098-1933949563-2559224823-1001
2016-02-10 10:28 - 2013-11-14 08:27 - 01886820 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-10 10:28 - 2013-11-14 08:11 - 00807630 _____ C:\WINDOWS\system32\perfh007.dat
2016-02-10 10:28 - 2013-11-14 08:11 - 00177182 _____ C:\WINDOWS\system32\perfc007.dat
2016-02-10 10:25 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-09 23:51 - 2013-12-22 13:33 - 00000000 ____D C:\Users\Heinz
2016-02-09 23:06 - 2014-12-26 17:21 - 00000000 __SHD C:\Users\Rudolf\AppData\Local\EmieUserList
2016-02-09 23:06 - 2014-12-26 17:21 - 00000000 __SHD C:\Users\Rudolf\AppData\Local\EmieSiteList
2016-02-09 23:06 - 2014-12-26 17:21 - 00000000 __SHD C:\Users\Rudolf\AppData\Local\EmieBrowserModeList
2016-02-09 22:53 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-09 22:40 - 2015-12-26 17:55 - 00000851 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2016-02-09 22:40 - 2015-12-26 17:55 - 00000789 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2016-02-09 22:40 - 2015-11-23 13:04 - 00000777 _____ C:\Users\Public\Desktop\GIMP 2.lnk
2016-02-09 22:40 - 2015-11-23 13:04 - 00000777 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2016-02-09 22:40 - 2015-11-21 17:13 - 00001017 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2016-02-09 22:40 - 2015-10-31 11:47 - 00002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-02-09 22:40 - 2015-10-31 11:47 - 00002075 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-02-09 22:40 - 2015-09-26 14:47 - 00001556 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2015.lnk
2016-02-09 22:40 - 2015-09-26 14:35 - 00001557 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015.lnk
2016-02-09 22:40 - 2015-07-17 11:55 - 00002779 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Outlook.lnk
2016-02-09 22:40 - 2015-07-17 11:55 - 00002719 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Excel.lnk
2016-02-09 22:40 - 2015-07-17 11:55 - 00002707 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft PowerPoint.lnk
2016-02-09 22:40 - 2015-07-17 11:55 - 00002687 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Word.lnk
2016-02-09 22:40 - 2015-07-17 11:55 - 00002649 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Access.lnk
2016-02-09 22:40 - 2015-07-15 21:55 - 00002178 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2016-02-09 22:40 - 2015-05-30 10:37 - 00000741 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-02-09 22:40 - 2015-04-20 14:37 - 00000707 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2016-02-09 22:40 - 2015-02-22 19:36 - 00001096 _____ C:\Users\Public\Desktop\paint.net.lnk
2016-02-09 22:40 - 2015-02-08 17:33 - 00002597 _____ C:\Users\Public\Desktop\WorldWide Telescope.lnk
2016-02-09 22:40 - 2015-01-31 12:52 - 00000823 _____ C:\Users\Public\Desktop\Greenfish Icon Editor Pro.lnk
2016-02-09 22:40 - 2015-01-31 11:04 - 00001122 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-02-09 22:40 - 2014-12-26 22:10 - 00001142 _____ C:\Users\Public\Desktop\Free Dailymotion Download.lnk
2016-02-09 22:40 - 2014-08-13 15:59 - 00001989 _____ C:\Users\Public\Desktop\FinePixViewer.lnk
2016-02-09 22:40 - 2014-08-07 15:19 - 00001895 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
2016-02-09 22:40 - 2014-08-07 15:05 - 00001096 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2016-02-09 22:40 - 2014-08-05 08:11 - 00001109 _____ C:\Users\Public\Desktop\HP Solution Center.lnk
2016-02-09 22:40 - 2014-08-05 08:11 - 00000763 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk
2016-02-09 22:40 - 2014-05-17 16:09 - 00000842 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ImageReady 7.0.1.lnk
2016-02-09 22:40 - 2014-05-17 16:09 - 00000837 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 7.0.1.lnk
2016-02-09 22:40 - 2014-04-23 15:11 - 00000784 _____ C:\Users\Public\Desktop\Avidemux 2.6 - 64bits.lnk
2016-02-09 22:40 - 2014-01-28 16:34 - 00002089 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge.lnk
2016-02-09 22:40 - 2014-01-28 16:33 - 00001939 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2.0.lnk
2016-02-09 22:40 - 2013-12-25 18:13 - 00001177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-02-09 22:40 - 2013-12-25 18:13 - 00001171 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-02-09 22:40 - 2013-12-22 13:37 - 00001511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-02-09 22:40 - 2013-12-22 00:26 - 00001557 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eraser.lnk
2016-02-09 22:40 - 2013-12-21 22:02 - 00002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 8.lnk
2016-02-09 22:40 - 2013-12-21 22:02 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 8 Professional.lnk
2016-02-09 22:40 - 2013-12-21 22:02 - 00001885 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle Designer 8.0.lnk
2016-02-09 22:40 - 2013-12-21 15:10 - 00000837 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 5.0.lnk
2016-02-09 22:40 - 2013-12-21 15:04 - 00002107 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help Center.lnk
2016-02-09 22:40 - 2013-12-21 15:03 - 00000765 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign CS2.lnk
2016-02-09 22:40 - 2013-12-20 16:36 - 00000717 _____ C:\Users\Public\Desktop\WinRAR 3.93.lnk
2016-02-09 22:40 - 2013-12-19 17:02 - 00001227 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2016-02-09 22:40 - 2013-09-17 17:06 - 00001927 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-02-09 22:39 - 2015-12-18 16:14 - 00000760 _____ C:\Users\Rudolf\Desktop\jEdit.lnk
2016-02-09 22:39 - 2015-11-21 17:31 - 00000877 _____ C:\Users\Rudolf\Desktop\Any Video Converter.lnk
2016-02-09 22:39 - 2015-11-21 16:07 - 00000675 _____ C:\Users\Rudolf\Desktop\Nmap - Zenmap GUI.lnk
2016-02-09 22:39 - 2015-07-22 16:57 - 00001216 _____ C:\Users\Rudolf\Desktop\CrystalDiskInfo.lnk
2016-02-09 22:39 - 2014-10-31 10:42 - 00001178 _____ C:\Users\Rudolf\Desktop\Calculator.lnk
2016-02-09 22:39 - 2014-10-31 10:35 - 00002083 _____ C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\startscreen.lnk
2016-02-09 22:39 - 2014-08-07 15:19 - 00000787 _____ C:\Users\Rudolf\Desktop\DVD slideshow GUI.lnk
2016-02-09 22:39 - 2014-08-05 08:11 - 00001109 _____ C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk
2016-02-09 22:39 - 2013-12-22 13:54 - 00001468 _____ C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-02-09 22:39 - 2013-12-21 21:33 - 00001096 _____ C:\Users\Rudolf\Desktop\RegEdit.lnk
2016-02-09 22:39 - 2013-12-20 20:34 - 00000805 _____ C:\Users\Rudolf\Desktop\ACDSee Trial Version.lnk
2016-02-09 18:54 - 2013-12-26 15:30 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-02-06 16:03 - 2013-12-21 18:01 - 00000028 _____ C:\WINDOWS\OutLog.txt
2016-02-06 16:03 - 2013-12-21 18:01 - 00000000 _____ C:\WINDOWS\BcdLog.txt
2016-02-06 13:01 - 2013-12-22 12:50 - 00318368 _____ C:\Users\Heinz\AppData\Roaming\GDIPFONTCACHEV1.DAT
2016-02-03 19:34 - 2013-12-26 15:10 - 00000000 ____D C:\Users\Heinz\dwhelper
2016-02-02 16:44 - 2015-11-21 17:13 - 00000000 ____D C:\Users\Rudolf\AppData\Roaming\Foxit Software
2016-02-02 03:37 - 2013-08-22 16:38 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-02-02 03:37 - 2013-08-22 16:38 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-01 22:40 - 2013-12-21 21:49 - 00004106 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-01 22:40 - 2013-12-21 21:49 - 00003870 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-01-31 13:02 - 2014-02-08 22:26 - 00000376 _____ C:\Users\Heinz\Desktop\Live Anmelden.url
2016-01-30 23:41 - 2013-12-22 11:17 - 00000000 ____D C:\Users\Heinz\AppData\Local\Eraser 6
2016-01-28 18:59 - 2013-12-22 13:33 - 00000000 ____D C:\Users\Rudolf
2016-01-27 18:15 - 2015-07-17 11:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2016-01-26 22:54 - 2013-12-21 15:23 - 00000000 ____D C:\TEMP
2016-01-26 21:05 - 2015-11-28 13:22 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-01-26 16:19 - 2015-09-26 14:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
2016-01-26 16:19 - 2014-01-02 16:14 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-26 16:19 - 2013-12-22 13:23 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-01-26 16:15 - 2015-09-26 15:05 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0
2016-01-26 16:14 - 2015-09-26 14:46 - 00000000 ____D C:\Program Files (x86)\Windows Phone Kits
2016-01-26 11:20 - 2015-11-21 16:07 - 00000000 ____D C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nmap
2016-01-26 11:20 - 2013-12-21 21:18 - 00000000 ____D C:\ProgramData\FLEXnet
2016-01-26 11:06 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\registration
2016-01-25 17:29 - 2014-10-30 12:03 - 00000000 ____D C:\Users\Rudolf\AppData\Local\ElevatedDiagnostics
2016-01-22 02:07 - 2015-01-31 11:04 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\vlc
2016-01-15 11:55 - 2014-12-25 13:19 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-01-14 16:26 - 2013-12-22 00:10 - 00000000 ____D C:\Users\Rudolf\AppData\Roaming\Notepad++
2016-01-13 00:23 - 2015-03-11 23:47 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2016-01-12 20:40 - 2013-12-19 21:41 - 00001576 _____ C:\Users\Heinz\Desktop\Win Media Player.lnk
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-08-07 15:18 - 2014-08-07 15:18 - 5082084 _____ (The Public) C:\Users\Rudolf\AppData\Roaming\Avisynth.exe
2014-08-07 15:18 - 2014-08-07 15:18 - 5243208 _____ ( ) C:\Users\Rudolf\AppData\Roaming\AvsP.exe
2014-08-07 15:18 - 2014-08-07 15:18 - 5514668 _____ (LIGHTNING UK!) C:\Users\Rudolf\AppData\Roaming\Imgburn.exe
2014-08-07 15:18 - 2014-08-07 15:18 - 1357348 _____ () C:\Users\Rudolf\AppData\Roaming\MatroskaSplitter.exe
2014-08-07 15:18 - 2014-08-07 15:18 - 7760687 _____ (Boraxsoft) C:\Users\Rudolf\AppData\Roaming\SetupGFD.exe
2014-08-07 15:18 - 2014-08-07 15:18 - 0117723 _____ () C:\Users\Rudolf\AppData\Roaming\yuvcodecs-1.3.exe
2013-12-21 15:57 - 2015-01-28 12:41 - 0016515 _____ () C:\ProgramData\hpzinstall.log
Einige Dateien in TEMP:
====================
C:\Users\Heinz\AppData\Local\Temp\ICSharpCode.SharpZipLib.dll
C:\Users\Heinz\AppData\Local\Temp\npp.6.7.8.2.Installer.exe
C:\Users\Heinz\AppData\Local\Temp\npp.6.8.1.Installer.exe
C:\Users\Heinz\AppData\Local\Temp\npp.6.8.3.Installer.exe
C:\Users\Heinz\AppData\Local\Temp\npp.6.8.6.Installer.exe
C:\Users\Heinz\AppData\Local\Temp\npp.6.8.8.Installer.exe
C:\Users\Heinz\AppData\Local\Temp\TubeItUpdater.exe
C:\Users\Heinz\AppData\Local\Temp\WatermarkImageSetup.3.5.1.5.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-01-29 12:19
==================== Ende von FRST.txt ============================
[/CODE] |
|
11.02.2016, 11:15
| #8 |
| | "nbi cleaner" ist wieder/noch da Zu den bisherigen Funden, ich habe jeweils 3 Logs seit 27. 1. 2016, aber leider nicht als Admin. Dann Malwarebytes vom 27.1, 28.1 und vom 2.2, und zweimal Logs von TDSSKiller vom 2.2. Soll ich die alle posten? Die Infektion sah so aus - Anhang. Kann ich mir eigentlich nur auf der Orginalseite von Oracle, Download VirtualBox, eingefangen haben. |
|
11.02.2016, 11:27
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | "nbi cleaner" ist wieder/noch da Ja alle Logs posten
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.02.2016, 22:08
| #10 |
| | "nbi cleaner" ist wieder/noch da Na denn ... schon mal Danke für Deine Mühe! Addition1 Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:25-01-2016
durchgeführt von Heinz (2016-01-27 12:09:27)
Gestartet von D:\Sicherung\Downloads\Microsoft\Tools\MalwareErkennung\FarbarRST
Windows 8.1 (X64) (2013-12-22 12:53:45)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2932333098-1933949563-2559224823-500 - Administrator - Disabled)
Gast (S-1-5-21-2932333098-1933949563-2559224823-501 - Limited - Disabled)
Heinz (S-1-5-21-2932333098-1933949563-2559224823-1004 - Limited - Enabled) => C:\Users\Heinz
Rudolf (S-1-5-21-2932333098-1933949563-2559224823-1001 - Administrator - Enabled) => C:\Users\Rudolf
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
ACDSee Trial Version (HKLM-x32\...\ACDSee Trial Version) (Version: - )
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3012 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2021 - Acer Incorporated)
aDF4de (HKLM\...\{d1e17d14-cabc-4f6f-9f46-c7ecf813645e}.sdb) (Version: - )
Adobe Acrobat 8 Professional - English, Français, Deutsch (HKLM-x32\...\Adobe Acrobat 8 Professional - English, Français, Deutsch) (Version: 8.0.0 - Adobe Systems)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe InDesign CS2 (HKLM-x32\...\Adobe InDesign CS2 - {7F4C8163-F259-49A0-A018-2857A90578BC}) (Version: 004.000.000 - Adobe Systems Incorporated)
Adobe Photoshop 7.0.1 (HKLM-x32\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Photoshop Elements 5.0 (HKLM-x32\...\Adobe Photoshop Elements 5) (Version: 5.0 - Adobe Systems, Inc.)
Adobe Premiere Pro 2.0 (HKLM-x32\...\Adobe Premiere Pro 2.0) (Version: 2.000.000 - Adobe Systems, Inc.)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Any Video Converter 5.8.6 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Application Insights Tools for Visual Studio 2015 (x32 Version: 3.3.1 - Microsoft Corporation) Hidden
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Avidemux 2.6 - 64bits (HKLM-x32\...\Avidemux 2.6 - 64bits (64-bit)) (Version: 2.6.8.9045 - )
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.51210.80 - Microsoft Corporation) Hidden
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Blend for Visual Studio Add-in for Adobe FXG Import (x32 Version: 1.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blender (HKLM\...\{87E4F4E2-99A4-44C6-9175-9FF2773E46CF}) (Version: 2.76.0 - Blender Foundation)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Build Tools for Windows 10 (x32 Version: 14.0.23309 - Microsoft Corporation) Hidden
Buildtools für Windows 10 - DEU (x32 Version: 14.0.23309 - Microsoft Corporation) Hidden
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5931 - CDBurnerXP)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
CodedUITestUAP (x32 Version: 14.0.23309 - Microsoft Corporation) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Corel Applications (HKLM-x32\...\Corel Applications) (Version: - )
CPUID CPU-Z 1.74 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CrystalDiskInfo 6.5.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.5.2 - Crystal Dew World)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Devenv-Ressourcen für Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4200_Software_Min (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Dotfuscator and Analytics Community Edition 5.18.1 (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack 5.18.1 de-DE (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
DVD slideshow GUI 0.9.5.4 (HKLM-x32\...\BE37E547-62DF-43C8-AE6A-D03E82BC67A2_is1) (Version: 0.9.5.4 - Tin2tin)
EaseUS Partition Master 10.8 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
EaseUS Todo Backup Free 8.2 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 8.2 - CHENGDU YIWO Tech Development Co., Ltd)
Entity Framework 6.1.3 Tools for Visual Studio 2015 (HKLM-x32\...\{1A8A9739-BAD7-491F-B5B9-A79A2B965422}) (Version: 14.0.40302.0 - Microsoft Corporation)
Entity Framework Designer für Visual Studio 2012 - DEU (HKLM-x32\...\{B2BDC072-BE01-432D-B281-30891D597FBB}) (Version: 11.1.30729.00 - Microsoft Corporation)
Eraser 6.0.10.2620 (HKLM\...\{6E5159B4-A519-41EF-80EF-AD58371515DF}) (Version: 6.0.2620 - The Eraser Project)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{70D065C3-77E5-45E9-A75C-EEB2E84EA869}) (Version: 11.0.2100.60 - Microsoft Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
F4200 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
FastStone Capture 5.3 (HKLM-x32\...\FastStone Capture) (Version: 5.3 - FastStone Soft)
Ferramentas do Windows Phone 8.1 para Visual Studio 2015 - PTB (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
FFmpeg (Windows) for Audacity Version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
FileZilla Client 3.14.0 (HKLM-x32\...\FileZilla Client) (Version: 3.14.0 - Tim Kosse)
FinePixViewer Resource (HKLM-x32\...\{B44529FF-501E-47CD-A06D-223C161BE058}) (Version: 1.2 - FUJIFILM Corporation)
FinePixViewer Ver.5.5 (HKLM-x32\...\{24ED4D80-8294-11D5-96CD-0040266301AD}) (Version: 5.5 - FUJIFILM Corporation)
FinePixViewer YTUPL (HKLM-x32\...\{65EB09A3-993B-401E-8936-C9708CBFAB26}) (Version: 1.0 - FUJIFILM Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.2.5.930 - Foxit Software Inc.)
Free Dailymotion Download version 1.0.36.1215 (HKLM-x32\...\Free Dailymotion Download_is1) (Version: 1.0.36.1215 - DVDVideoSoft Ltd.)
Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2015 Sprachpaket (DEU) - v1.5 (x32 Version: 1.5.30619.1602 - Microsoft Corporation) Hidden
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Git version 1.9.5-preview20141217 (HKLM-x32\...\Git_is1) (Version: 1.9.5-preview20141217 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Greenfish Icon Editor Pro 3.31 (HKLM-x32\...\{27135B83-5AFF-42A3-BCEB-E689BE9E2090}_is1) (Version: - Greenfish Corporation)
GUI for dvdauthor 1.07 (HKLM-x32\...\GUI for dvdauthor) (Version: 1.07 - Boraxsoft)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
Helix YUV Codecs (remove only) (HKLM-x32\...\HelixYUVCodecs) (Version: - )
Herramientas de Windows Phone 8.1 para Visual Studio 2015 - ESN (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
Honeyview (HKLM\...\Honeyview) (Version: 5.05 - Bandisoft.com)
Hotkey Utility (HKLM-x32\...\{A6DC88AD-501A-44BC-884D-57435F972E2C}) (Version: 3.00.3004 - Acer Incorporated)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F4200 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{8C925017-72A8-4C4A-AF21-84901E26638F}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
i686-5.2.0-posix-dwarf-rt_v4-rev0 (HKLM-x32\...\i686-5.2.0-posix-dwarf-rt_v4-rev0) (Version: - MinGW-W64)
IDE Tools for Windows 10 (x32 Version: 14.0.23309 - Microsoft Corporation) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
IDE-Tools für Windows 10 - DEU (x32 Version: 14.0.23309 - Microsoft Corporation) Hidden
IIS 10.0 Express (HKLM\...\{5984D8DA-C1AF-4284-9C88-D7150425B315}) (Version: 10.0.1734 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - )
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.5.0 - LIGHTNING UK!)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3316 - Intel Corporation)
Intel(R) Programm für die Prozessorerkennung (HKLM-x32\...\{A92A4DB0-CD37-42D1-BE1D-603D53C24328}) (Version: 1.0.0.0 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intellisense Lang Pack Mobile Extension SDK 10.0.10240.0 (x32 Version: 10.0.10240.0 - Microsoft Corporation) Hidden
J2SE Runtime Environment 5.0 Update 17 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0150170}) (Version: 1.5.0.170 - Sun Microsystems, Inc.)
JAP (HKLM-x32\...\JAP) (Version: 00.19.001 - JAP-Team)
Java 8 Update 72 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418072F0}) (Version: 8.0.720.15 - Oracle Corporation)
Java SE Development Kit 8 Update 72 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180720}) (Version: 8.0.720.15 - Oracle Corporation)
jEdit 5.3.0 (HKLM\...\jEdit_is1) (Version: 5.3.0 - Contributors)
Kits Configuration Installer (x32 Version: 10.0.26624 - Microsoft) Hidden
LADSPA_plugins-win-0.4.15 (HKLM-x32\...\LADSPA_plugins-win_is1) (Version: - Audacity Team)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3008 - Acer Incorporated)
Macromedia Director 7 (HKLM-x32\...\Macromedia Director 7) (Version: - )
Macromedia HomeSite 5 (HKLM-x32\...\{74307C3F-EBD4-11D4-A4D9-0010A4C3AFF0}) (Version: - )
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MariaDB 10.1 (x64) (HKLM\...\MariaDB 10.1 (x64)) (Version: 10.1.10.0 - MariaDB Corporation Ab)
MariaDB 10.1 (x64) (Version: 10.1.10.0 - MariaDB Corporation Ab) Hidden
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{98B45D1C-6EB1-460D-A87D-2B60678DC105}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft Age of Empires (HKLM-x32\...\Age of Empires) (Version: - )
Microsoft Age of Empires Expansion (HKLM-x32\...\Age of Empires Expansion 1.0) (Version: - )
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version: - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version: - )
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 Language Pack - DEU (HKLM-x32\...\Microsoft Help Viewer 2.0 Language Pack - DEU) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office XP Professional mit FrontPage (HKLM-x32\...\{90280407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2701.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\OneDriveSetup.exe) (Version: 17.3.6281.1202 - Microsoft Corporation)
Microsoft Silverlight 5 SDK - DEU (HKLM-x32\...\{F351AA2C-723C-4CFE-A7CB-8E43AB164F7F}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{EF18EF0F-96D3-4A6B-9600-2197F1720A15}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{6B7B7E62-9F56-4C87-8664-0E20F2CAB03B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{D4DA7C91-A59F-4C72-BAC4-DF7C76AB1CB8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{55FABD1D-8BE6-4A1A-958D-52B15F1DFEF0}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{13C9CD03-A5FE-4F50-AC8A-17B77C38CC52}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{28C7A4BB-3966-4373-8376-C11F38290630}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (11.1.20828.01) (HKLM-x32\...\{E511AE89-54BB-481D-BC4A-1B1F1E1B7693}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (14.0.50616.0) (HKLM-x32\...\{FA604873-01A0-4834-AF87-418534E465BB}) (Version: 14.0.50616.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (11.1.20828.01) (HKLM-x32\...\{00C84D22-DB8F-4159-BF70-682B8EA56A1E}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server*2014 Express LocalDB (HKLM\...\{CA191120-4CB1-4E3D-89B8-79FDB9017A2E}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2015 SDK - ENU (HKLM-x32\...\{028a4515-c200-4460-bccf-a9b338b0c0f4}) (Version: 14.0.23107.10 - Microsoft Corporation)
Microsoft Visual Studio Code (HKLM-x32\...\{F8A2A208-72B3-4D61-95FC-8A65D340689B}_is1) (Version: 0.10.1 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 (HKLM-x32\...\{5944afa8-29ae-4a05-ab68-30c0dfab197e}) (Version: 14.0.23107.156 - Microsoft Corporation)
Microsoft Visual Studio Express 2012 für Windows Desktop - DEU (HKLM-x32\...\{69ec32be-d994-44de-9eae-6d86ced6f352}) (Version: 11.0.50727.42 - Microsoft Corporation)
Microsoft Visual Studio Tools for Apache Cordova (HKLM-x32\...\{2035a5cc-fa3e-41a8-a718-0feaa2ae94eb}) (Version: 14.0.50902.4 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{4C0B27C3-3E8F-4BD2-80FF-6E9E48EBD6D8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{64A5D39C-95CD-4B8B-B2FA-6C713133B57F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{63967E7E-5D53-42FA-A7B2-DC50FB0F976F}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{2ADB6B9D-83C6-494E-B8AE-E815956A4670}) (Version: 12.0.2402.11 - Microsoft Corporation)
Mit C# erstellte geräteübergreifende Hybrid-Apps - Vorlagen - DEU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla)
Mozilla Thunderbird 38.5.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.5.1 (x86 de)) (Version: 38.5.1 - Mozilla)
MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
Nástroje Windows Phone 8.1 pro sadu Visual Studio 2015 – CSY (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
Nmap 7.00 (HKLM-x32\...\Nmap) (Version: - )
Node.js (HKLM-x32\...\{69735668-F8BC-4E9A-839A-4006FDFDD5AC}) (Version: 0.12.2 - Joyent, Inc. and other Node contributors)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.8 - Notepad++ Team)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera 12.17 (HKLM\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Outils Windows Phone*8.1 pour Visual Studio*2015 - FRA (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM-x32\...\{3F514FDC-F0F2-3B99-86D6-F7B3A2679B39}) (Version: 4.5.51209 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6 (Deutsch) (HKLM-x32\...\{7227EFF8-BC26-44D4-B91D-969A82DBDF4A}) (Version: 4.6.00081 - Microsoft Corporation)
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Projekt- und Elementvorlagen für Visual Studio Express 2015 für Windows 10 – DEU (x32 Version: 14.0.23309 - Microsoft Corporation) Hidden
Projekt- und Elementvorlagen für Visual Studio Professional 2015 – DEU (x32 Version: 14.0.23309 - Microsoft Corporation) Hidden
Python Tools 2.2 for Visual Studio 2015 (HKLM-x32\...\{DE3F045F-57D5-4DAF-A479-DB759047966B}) (Version: 2.2.30718.00 - Microsoft Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6680 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.2.2.0 - Lenovo Group Limited)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Strawberry Perl (64-bit) (HKLM\...\{C450F47E-72FF-1014-BC43-0A7831843670}) (Version: 5.22.1002 - strawberryperl.com project)
Strumenti di Windows Phone 8.1 per Visual Studio 2015 - ITA (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.23102 - Microsoft Corporation) Hidden
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
TextPad 7 (HKLM-x32\...\{9F53AC20-2D32-4341-9DA1-29DD40E2199E}) (Version: 7.0.9 - Helios)
Tool zum Entfernen verborgener Daten (HKLM-x32\...\{90F80407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.6361.0 - Microsoft Corporation)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TopStyle Lite (Version 3.0) (HKLM-x32\...\TopStyle Lite (Version 3.0)) (Version: 3.1.0 - Bradbury Software, LLC)
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
TypeScript Power Tool (x32 Version: 1.6.3.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.6.3.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 1.6.3.0 (HKLM-x32\...\{da31aa25-410a-4c1b-9ec0-114dd8dff786}) (Version: 1.6.23313.0 - Microsoft Corporation)
Universal CRT Extension SDK (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Redistributable (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VBA (2720) (x32 Version: 6.01.00.1234 - Microsoft Corporation) Hidden
Visual C++ für Mobile-Entwicklung (Android-Unterstützung) (HKLM-x32\...\{fd8b6372-b8b3-4a14-bb21-fbc5cb94f7ac}) (Version: 14.0.23027.0 - Microsoft Corporation)
Visual C++ für Mobile-Entwicklung (iOS-Unterstützung) (HKLM-x32\...\{8fd9a549-20ac-4daf-8da3-c54b6621ac29}) (Version: 14.0.23027.0 - Microsoft Corporation)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio 2012 Update 4 (KB2707250) (HKLM-x32\...\{312d9252-c71c-4c84-b171-f4ad46e22098}) (Version: 11.0.61030 - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WCF Data Services 5.6.4 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
WinAppDeploy (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Windows Phone 8.1 Emulators - ENU (HKLM-x32\...\{166a69f6-6512-47ea-a342-17d954fc059a}) (Version: 12.0.31010.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.26624 (HKLM-x32\...\{e7a0c8b6-b0e9-41e2-8a0a-a6784f88d1d4}) (Version: 10.0.26624 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
WinRT Intellisense Desktop - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense Xbox Live Extension SDK - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense Xbox Live Extension SDK - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WorldWide Telescope (HKLM-x32\...\{5AAF8C68-9265-437C-8D9A-06EF98F07C09}) (Version: 5.2.09 - WorldWide Telescope)
Xamarin (HKLM-x32\...\{9D5E4FC0-7E1B-4934-8504-C0958FA73EA5}) (Version: 3.11.837.0 - Xamarin)
???????? Windows Phone 8.1 ??? Visual Studio 2015 — RUS (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
?? Visual Studio 2015 ? Windows Phone 8.1 ?? - ???? (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
??? Visual Studio 2015 ? Windows Phone 8.1 ?? - ???? (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job =>
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job =>
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job =>
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-09-17 17:20 - 2013-02-20 21:58 - 00111176 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2015-09-16 13:12 - 2015-09-16 13:12 - 00043480 _____ () D:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2013-10-03 23:42 - 2013-10-03 23:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-09-17 17:06 - 2013-09-17 17:06 - 01193176 _____ () C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Da befinden sich 7866 mehr Seiten.
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\123simsen.com -> www.123simsen.com
Da befinden sich 7866 mehr Seiten.
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2016-01-26 22:49 - 2016-01-26 22:49 - 00000822 ____A C:\WINDOWS\system32\Drivers\etc\hosts
# ::1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\Eigene\BabylonHG.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\StartupFolder: => "Acer Remote.lnk"
HKLM\...\StartupApproved\Run32: => "EaseUs Tray"
HKLM\...\StartupApproved\Run32: => "EaseUs Watch"
HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\StartupApproved\Run: => "1&1 Internet-Radio-PlayerTimer"
HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_8873E7926251A1FFF25FD5B64C244189"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{28F014DE-230B-4ACF-85F4-2BBC3BF7E7EA}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{3F7AF067-AFDF-4AE0-83A3-5540E5FBF4A1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{7440F1F0-425A-436E-A13A-B542BCAAA3EE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{B40D8E5C-BCEA-4160-814C-E31E19F88B03}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{B55976E3-DF67-44B5-98ED-30A5CFDCC9A8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{FDD9CFEE-2352-40B7-9CC8-FE3191D5F135}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{09196CDB-BC40-445D-9B37-7CFAC14CD519}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{1CB97F0E-B47C-44A8-B226-D99724F87BD3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{A5E80429-ECF5-420E-B98F-B9F097C79910}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{FD179F0B-96BF-48C8-B833-7F6321BEE06C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{98553A38-2649-4D65-9A55-B900E5B5125F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{1DC0BA17-7DCB-4514-B1E0-0C37B9ACC80D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{335BCE54-520B-4275-92E9-AA75B5C7358C}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS5314\hppiw.exe
FirewallRules: [{75A13A29-16DA-4694-8AED-5B8CB60B74F8}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS5314\hppiw.exe
FirewallRules: [{1917791C-5683-4E02-B85C-4DB9D0C8B065}] => (Allow) H:\Program Files\EaseUS\Todo Backup\bin\Agent.exe
FirewallRules: [{5229141A-E99B-476C-94E5-BA50228B93F4}] => (Allow) H:\Program Files\EASEUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{22F296FD-1CCD-4ED3-917A-D3959ABF62FA}] => (Allow) H:\Program Files\EASEUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{10BC7E16-FCD6-4770-A50E-AD1BCB95A6E1}] => (Allow) H:\Program Files\EASEUS\Todo Backup\bin\TbService.exe
FirewallRules: [{AF1AD763-1419-4B2B-BD62-131CD2D601F1}] => (Allow) H:\Program Files\EASEUS\Todo Backup\bin\TbService.exe
FirewallRules: [UDP Query User{590AD1C7-4A50-4F88-B7EA-490759C38D80}C:\program files (x86)\acer remote\arcserver.exe] => (Allow) C:\program files (x86)\acer remote\arcserver.exe
FirewallRules: [TCP Query User{1C29AE09-4315-4622-919D-CD2C646D09E8}C:\program files (x86)\acer remote\arcserver.exe] => (Allow) C:\program files (x86)\acer remote\arcserver.exe
FirewallRules: [UDP Query User{35002341-40BD-453E-9FB4-8E77F2E1F501}C:\program files (x86)\acer remote\arcserver.exe] => (Block) C:\program files (x86)\acer remote\arcserver.exe
FirewallRules: [TCP Query User{03D08A97-C2F8-44C5-B5D3-2340505EE555}C:\program files (x86)\acer remote\arcserver.exe] => (Block) C:\program files (x86)\acer remote\arcserver.exe
FirewallRules: [{F8CE7F3C-77A8-4DB2-98CC-D294FEEC3990}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe
FirewallRules: [{727A3365-83ED-42AD-881E-0AB34A286E11}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe
FirewallRules: [{BD1D269F-16F8-45E8-BEC4-35FF4BBD40F1}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe
FirewallRules: [{3A5409F3-908C-4484-86D4-01F5E25697C1}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe
FirewallRules: [{030E7187-1FD8-4E1E-A675-1F4ACD2ABD87}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{6896C87F-2A4B-490C-AD89-09871003F247}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{DF823242-CC34-4F2C-A391-2AA5194142C0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{C8F450ED-851C-43FE-A134-D621CBE99EE0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{B79C3D88-B406-42D3-8E40-6316AA3BCD57}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{D2D0EE2F-64E9-4FD1-B6C6-F14A0C092B0C}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{590A0C7C-A4EE-4BA0-A313-25DD66A0A781}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\PlayMovie.exe
FirewallRules: [{6FEB933F-57CE-4214-A43C-616EDF5951C5}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{1C2B145F-C011-4CF1-B992-F78A27CE4D7E}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{B57679DE-858E-46BA-B56A-7F472BEAE711}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{13B8F977-4B7D-403F-ABB9-4AE55FC860C1}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{81C6F084-57DD-4AFF-9B20-240CAFF8E483}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{2ED67888-28D1-435C-81DF-B726086F74AE}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{7A0E4ED8-681B-43F5-978E-624CF42C4F5A}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{5BA8D653-24F3-48A0-B287-B0AA4385EA0B}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{1A18B3ED-1CBF-4FB1-BE6C-15183FDF7209}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{8FB28222-AC16-4A93-8C36-860F201EC145}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [TCP Query User{A3B7E88D-841E-4817-A1CF-6362D0CCC1B3}I:\programme\microsoft games\age of empires ii\age2_x1\age2_x1.icd] => (Allow) I:\programme\microsoft games\age of empires ii\age2_x1\age2_x1.icd
FirewallRules: [UDP Query User{B4D45677-6B67-4A53-8CDA-6B1D2E8A99A8}I:\programme\microsoft games\age of empires ii\age2_x1\age2_x1.icd] => (Allow) I:\programme\microsoft games\age of empires ii\age2_x1\age2_x1.icd
FirewallRules: [{FACE4B9F-5C89-453B-8048-F842B568F362}] => (Allow) E:\Program Files\Microsoft Visual Studio 11.0\Common7\IDE\WDExpress.exe
FirewallRules: [{831275C3-9860-4DE4-B1AD-F670462D4893}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS5C6D\hppiw.exe
FirewallRules: [{4B669EE0-A9D1-4F09-89CE-78200F9B29F4}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS5C6D\hppiw.exe
FirewallRules: [{58C7AE4B-6A3C-4BCF-BF7F-A0911F042250}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS05FD\hppiw.exe
FirewallRules: [{3BA7B709-2475-43CD-A00E-462A5A44814E}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS05FD\hppiw.exe
FirewallRules: [{5D6CB60F-618B-4F68-87C8-1BCF9DC20FAC}] => (Allow) C:\Windows\SysWOW64\dplaysvr.exe
FirewallRules: [{BC8474A6-26B9-4472-9517-94BB71305E63}] => (Allow) C:\Windows\SysWOW64\dplaysvr.exe
FirewallRules: [{A345A686-F886-495C-91B1-9C8DC6DA4153}] => (Allow) I:\Programme\Microsoft Games\Age of Empires II\AGE2_X1\age2_x1.Exe
FirewallRules: [{F41A980A-890A-422C-BC01-6A79C5D6B23D}] => (Allow) I:\Programme\Microsoft Games\Age of Empires II\AGE2_X1\age2_x1.Exe
FirewallRules: [TCP Query User{A02D4A8D-D7B3-41CB-8C0F-B74185F91758}I:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.icd] => (Allow) I:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.icd
FirewallRules: [UDP Query User{0B010CEC-220B-41D7-A227-5D983233A0B1}I:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.icd] => (Allow) I:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.icd
FirewallRules: [{0E493143-C7CA-4B97-996D-610F988623AF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{94705516-98C9-4DBF-9645-E47CFFB6AF82}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{0EC2FCD1-5F09-464A-AFF8-92DE47EAE7EB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{45E00A3B-C982-4C28-A2C2-B24090BDF4CF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{7A9790D6-4262-46FD-ADB0-A88824F89C05}] => (Allow) D:\Program Files\Internet-Radio-Player\phonostarStarter.exe
FirewallRules: [{827162A1-098F-4EE6-A015-D2A6F92E6C03}] => (Allow) D:\Program Files\Internet-Radio-Player\phonostarStarter.exe
FirewallRules: [{8587BD94-30AF-4F53-81CD-DC514FCEEF41}] => (Allow) D:\Program Files\Internet-Radio-Player\phonostarStarter.exe
FirewallRules: [{CF120258-7A1A-40C2-96CE-0B703839BA5E}] => (Allow) D:\Program Files\Internet-Radio-Player\phonostarStarter.exe
FirewallRules: [{993D3A54-D83C-4CA7-9E58-3283387A6ABC}] => (Allow) D:\Program Files\JAP\jap.exe
FirewallRules: [{0A97A4C5-0E55-4E5E-845F-487B9D1673B2}] => (Allow) D:\Program Files\JAP\jap.exe
FirewallRules: [{05D91A0A-2D07-48C1-A14C-2B9EC07B4F92}] => (Allow) D:\Program Files\JAP\jap.exe
FirewallRules: [{62414625-DC71-41AF-9521-C4D495E1B7C4}] => (Allow) D:\Program Files\JAP\jap.exe
FirewallRules: [{B24DCB97-E781-45B0-9C7E-BFDC2BB76FF6}] => (Allow) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
FirewallRules: [{343BCB0D-A115-4169-B665-81C778DE589F}] => (Allow) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
FirewallRules: [{8EC0223E-EC1E-4489-B65D-C7CB4DE256DE}] => (Allow) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
FirewallRules: [{BCF9E82D-CC24-42B2-BCB8-4802AB756295}] => (Allow) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
FirewallRules: [{7EDB3FC4-1DDD-40B2-8C21-176A4DED00E4}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe
FirewallRules: [{E97232A3-8073-43E2-9917-D49FE4E1BB01}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe
FirewallRules: [{F4C08DAB-96C0-49C2-A333-CAF8975E9FD1}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe
FirewallRules: [{797EC598-4990-43FA-87A9-C0514F5D929C}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe
FirewallRules: [{DB5AFDC2-664F-41CF-BCA1-33B2518C675F}] => (Allow) D:\Program Files\Lightworks\ntcardvt.exe
FirewallRules: [{E9FF6430-7ACA-4404-8F2D-65855E82C606}] => (Allow) D:\Program Files\Lightworks\ntcardvt.exe
FirewallRules: [{41E8953A-5C23-4B85-93BA-62C33FDC7427}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS028F\hppiw.exe
FirewallRules: [{36122F37-8231-456B-9607-B5A87FE0EEEE}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS028F\hppiw.exe
FirewallRules: [{7ADF1E6C-4B4B-4165-ACA2-968577719846}] => (Allow) D:\Program Files\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{7549F9DF-F224-4F24-B542-1B35FDA112D4}] => (Allow) D:\Program Files\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{39330B85-C760-4C1C-ACD4-F79C9550E0C7}] => (Allow) D:\Program Files\pluginwrapper\opera_plugin_wrapper_32.exe
FirewallRules: [{FDF62D83-CB6E-489C-8DF2-BC895F0C2030}] => (Allow) D:\Program Files\pluginwrapper\opera_plugin_wrapper_32.exe
FirewallRules: [{32EDB9AD-3D11-4EAC-9C67-6FCB667B5C14}] => (Allow) D:\Program Files\opera.exe
FirewallRules: [{5FA9E85D-9BFC-43E3-907F-A8757FF89D90}] => (Allow) D:\Program Files\opera.exe
FirewallRules: [{6DCDB633-5F6C-4257-90EF-DFE556C8DCA9}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS18A4\hppiw.exe
FirewallRules: [{9819ABF1-961A-4946-8854-F1BEDF9B56E5}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS18A4\hppiw.exe
FirewallRules: [{690A066B-FBC3-457E-8866-AF25A3A0589A}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS2974\hppiw.exe
FirewallRules: [{1EBC7D26-FE50-400D-B4B4-75AC6B39413A}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS2974\hppiw.exe
FirewallRules: [TCP Query User{4B86C128-5107-4363-AC19-C5FA36465EA0}I:\program files\microsoft games\age of empires ii\age2_x1\age2_x2.exe] => (Allow) I:\program files\microsoft games\age of empires ii\age2_x1\age2_x2.exe
FirewallRules: [UDP Query User{5DFE83D5-835F-4683-9A5C-E6328CD9EC3B}I:\program files\microsoft games\age of empires ii\age2_x1\age2_x2.exe] => (Allow) I:\program files\microsoft games\age of empires ii\age2_x1\age2_x2.exe
FirewallRules: [{5656CEE0-F8E9-4855-B8AF-000CF4149F70}] => (Allow) D:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [{2EBCE465-408E-4F12-845C-8628440EFBC6}] => (Allow) D:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [{7E16960D-9B9F-4A0F-A47C-3D2777B43B4D}] => (Allow) D:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{38048089-9E32-4B04-8D66-D52FB58F7574}] => (Allow) D:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{4D6F0F96-700F-4928-B84B-9D6C4B4CAD6D}] => (Allow) D:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{4F07AAD3-A3B4-4E19-9953-19A16990F0DF}] => (Allow) D:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{F96DD952-B15E-424D-A717-F50BF4DC84DF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7D0A1B7F-FE37-4B25-BD20-4FCE7DD06914}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{2C193D0E-6E3F-498B-AF16-C250C26BC7BA}D:\program files\microsoft research\microsoft worldwide telescope\wwtexplorer.exe] => (Allow) D:\program files\microsoft research\microsoft worldwide telescope\wwtexplorer.exe
FirewallRules: [UDP Query User{3D72D360-45EF-4D3A-8E09-EC6EB03BA86D}D:\program files\microsoft research\microsoft worldwide telescope\wwtexplorer.exe] => (Allow) D:\program files\microsoft research\microsoft worldwide telescope\wwtexplorer.exe
FirewallRules: [{2AD4F1D9-7E36-4193-9313-5DEA07630321}] => (Allow) C:\Users\Rudolf\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{8BD918FB-4CBA-44EC-80B9-91D86065FF09}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{94008313-981D-46F6-AC80-423F35D60837}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{7ECD8FE1-A1FD-4B57-8F46-AA17751F56D3}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{3D5D79AC-062A-489D-9913-3B678B26D972}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{EDA65F68-3A98-44CA-B9B4-F9DE43330F7C}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{AE4F2305-115F-4E44-868A-76F1D59DDA6E}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{ED027693-62EE-47F6-BBCE-A0623395610E}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{ECEB4C4A-0D28-422C-9F1B-EB1B1AA6FD63}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{E6D13397-7811-4430-A919-DF425B2B21A7}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{DE83BA7E-C1BB-4466-BCA3-8EECDAD4257E}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{6A79F00C-7D41-49F7-8009-F3E728CC1331}] => (Allow) D:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{393E28F3-9B19-4306-89AB-5C4EA09D06B1}] => (Allow) D:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{4C6DB319-5454-4DD1-BB6B-47FC7658BC96}] => (Allow) D:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper_32.exe
FirewallRules: [{825591BA-72C7-4EF5-90CA-84047CF1E966}] => (Allow) D:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper_32.exe
FirewallRules: [{4F52405F-0D82-4964-83E3-2834A50E65B4}] => (Allow) D:\Program Files\Opera\opera.exe
FirewallRules: [{A20FB031-BC47-4C1A-95AB-1F67BA7BC97C}] => (Allow) D:\Program Files\Opera\opera.exe
FirewallRules: [TCP Query User{083415FB-4C92-4C01-A9D7-555131751228}D:\program files\microsoft research\wwtexplorer.exe] => (Allow) D:\program files\microsoft research\wwtexplorer.exe
FirewallRules: [UDP Query User{2F767CBE-B792-4C81-B854-BBA72810F303}D:\program files\microsoft research\wwtexplorer.exe] => (Allow) D:\program files\microsoft research\wwtexplorer.exe
FirewallRules: [{DF33D451-0625-4FCF-97E2-072ABBB5ED5F}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{7BC0CCF5-CE4F-40D1-B639-FCED55DEE350}] => (Allow) C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{EC62D032-4D4F-4682-BCE8-60C1F2A35660}C:\program files\java\jre1.8.0_65\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_65\bin\javaw.exe
FirewallRules: [UDP Query User{BF47679A-4D0E-48DA-B09B-0D6C9777D9D8}C:\program files\java\jre1.8.0_65\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_65\bin\javaw.exe
FirewallRules: [TCP Query User{8AAC9022-3498-469D-8638-5606E8181247}D:\apache24\bin\httpd.exe] => (Allow) D:\apache24\bin\httpd.exe
FirewallRules: [UDP Query User{27ABF644-C24B-418F-A091-09D3FB56A0DD}D:\apache24\bin\httpd.exe] => (Allow) D:\apache24\bin\httpd.exe
FirewallRules: [{8F7E01E8-ED50-4C24-8A3C-D2CB7FD6136A}] => (Allow) D:\Programme\MariaDB 10.1\bin\mysqld.exe
FirewallRules: [{5EC7F2B6-6655-43EE-9BC7-5D55DCAF2BE7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
Überprüfen Sie den "winmgmt" Dienst oder reparieren Sie den WMI.
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (01/27/2016 12:04:33 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (01/27/2016 12:04:33 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (01/27/2016 10:33:33 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (01/27/2016 10:33:22 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (01/27/2016 10:33:04 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (01/27/2016 10:33:03 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (01/27/2016 12:13:01 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15172
Error: (01/27/2016 12:13:01 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15172
Error: (01/27/2016 12:13:01 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/27/2016 12:02:33 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Systemfehler:
=============
Error: (01/27/2016 12:02:46 PM) (Source: DCOM) (EventID: 10016) (User: Pandora)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}PandoraHeinzS-1-5-21-2932333098-1933949563-2559224823-1004LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (01/27/2016 12:02:32 PM) (Source: DCOM) (EventID: 10016) (User: Pandora)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}PandoraHeinzS-1-5-21-2932333098-1933949563-2559224823-1004LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (01/27/2016 11:58:31 AM) (Source: DCOM) (EventID: 10016) (User: Pandora)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}PandoraHeinzS-1-5-21-2932333098-1933949563-2559224823-1004LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (01/27/2016 11:48:04 AM) (Source: DCOM) (EventID: 10016) (User: Pandora)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}PandoraHeinzS-1-5-21-2932333098-1933949563-2559224823-1004LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (01/27/2016 11:47:49 AM) (Source: DCOM) (EventID: 10016) (User: Pandora)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}PandoraHeinzS-1-5-21-2932333098-1933949563-2559224823-1004LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (01/27/2016 11:47:43 AM) (Source: DCOM) (EventID: 10016) (User: Pandora)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}PandoraHeinzS-1-5-21-2932333098-1933949563-2559224823-1004LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (01/27/2016 11:45:51 AM) (Source: DCOM) (EventID: 10016) (User: Pandora)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}PandoraHeinzS-1-5-21-2932333098-1933949563-2559224823-1004LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (01/27/2016 11:45:45 AM) (Source: DCOM) (EventID: 10016) (User: Pandora)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}PandoraHeinzS-1-5-21-2932333098-1933949563-2559224823-1004LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (01/27/2016 11:45:40 AM) (Source: DCOM) (EventID: 10016) (User: Pandora)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}PandoraHeinzS-1-5-21-2932333098-1933949563-2559224823-1004LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (01/27/2016 10:42:16 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: Pandora)
Description: 0x8000002a117\??\C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \S-1-5-21-2932333098-1933949563-2559224823-1004-0-ntuser.dat
CodeIntegrity:
===================================
Date: 2016-01-26 15:47:40.625
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-26 15:47:40.437
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-26 15:47:40.187
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-26 15:47:40.000
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-25 00:23:33.871
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-25 00:23:33.684
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-25 00:23:33.496
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-25 00:23:32.793
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-25 00:23:32.527
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-25 00:23:32.277
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i3-3240 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 53%
Installierter physikalischer RAM: 3976.74 MB
Verfügbarer physikalischer RAM: 1836.35 MB
Summe virtueller Speicher: 4744.74 MB
Verfügbarer virtueller Speicher: 1651.23 MB
==================== Laufwerke ================================
Drive c: (MARILYN MONROE) (Fixed) (Total:223.25 GB) (Free:141.6 GB) NTFS
Drive d: (KASSANDRA) (Fixed) (Total:224.36 GB) (Free:163.95 GB) NTFS
Drive e: (LYNKEUS) (Fixed) (Total:118.54 GB) (Free:75.97 GB) NTFS
Drive f: (CORIOLANUS) (Fixed) (Total:117.19 GB) (Free:60.49 GB) NTFS
Drive g: (VERDANDI) (Fixed) (Total:102.54 GB) (Free:74.59 GB) NTFS
Drive h: (MESSALINA) (Fixed) (Total:97.85 GB) (Free:75.68 GB) NTFS
Drive i: (PYTHIA) (Fixed) (Total:10.07 GB) (Free:5.88 GB) FAT32
Drive j: (NIFLHEIM) (Fixed) (Total:8.42 GB) (Free:8.35 GB) NTFS
Drive l: (WAGNOFF) (Fixed) (Total:1.98 GB) (Free:1.98 GB) FAT32
Drive m: (ANUBIS) (Fixed) (Total:2.05 GB) (Free:2.05 GB) FAT32
==================== MBR & Partitionstabelle ==================
==================== Ende von Addition.txt ============================
|
|
11.02.2016, 22:10
| #11 |
| | "nbi cleaner" ist wieder/noch da Addition2.txt Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:25-01-2016
durchgeführt von Heinz (2016-01-27 12:09:27)
Gestartet von D:\Sicherung\Downloads\Microsoft\Tools\MalwareErkennung\FarbarRST
Windows 8.1 (X64) (2013-12-22 12:53:45)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2932333098-1933949563-2559224823-500 - Administrator - Disabled)
Gast (S-1-5-21-2932333098-1933949563-2559224823-501 - Limited - Disabled)
Heinz (S-1-5-21-2932333098-1933949563-2559224823-1004 - Limited - Enabled) => C:\Users\Heinz
RudolfAlexander (S-1-5-21-2932333098-1933949563-2559224823-1001 - Administrator - Enabled) => C:\Users\RudolfAlexander
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
ACDSee Trial Version (HKLM-x32\...\ACDSee Trial Version) (Version: - )
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3012 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2021 - Acer Incorporated)
aDF4de (HKLM\...\{d1e17d14-cabc-4f6f-9f46-c7ecf813645e}.sdb) (Version: - )
Adobe Acrobat 8 Professional - English, Français, Deutsch (HKLM-x32\...\Adobe Acrobat 8 Professional - English, Français, Deutsch) (Version: 8.0.0 - Adobe Systems)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe InDesign CS2 (HKLM-x32\...\Adobe InDesign CS2 - {7F4C8163-F259-49A0-A018-2857A90578BC}) (Version: 004.000.000 - Adobe Systems Incorporated)
Adobe Photoshop 7.0.1 (HKLM-x32\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Photoshop Elements 5.0 (HKLM-x32\...\Adobe Photoshop Elements 5) (Version: 5.0 - Adobe Systems, Inc.)
Adobe Premiere Pro 2.0 (HKLM-x32\...\Adobe Premiere Pro 2.0) (Version: 2.000.000 - Adobe Systems, Inc.)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Any Video Converter 5.8.6 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Application Insights Tools for Visual Studio 2015 (x32 Version: 3.3.1 - Microsoft Corporation) Hidden
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Avidemux 2.6 - 64bits (HKLM-x32\...\Avidemux 2.6 - 64bits (64-bit)) (Version: 2.6.8.9045 - )
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.51210.80 - Microsoft Corporation) Hidden
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Blend for Visual Studio Add-in for Adobe FXG Import (x32 Version: 1.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blender (HKLM\...\{87E4F4E2-99A4-44C6-9175-9FF2773E46CF}) (Version: 2.76.0 - Blender Foundation)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Build Tools for Windows 10 (x32 Version: 14.0.23309 - Microsoft Corporation) Hidden
Buildtools für Windows 10 - DEU (x32 Version: 14.0.23309 - Microsoft Corporation) Hidden
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5931 - CDBurnerXP)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
CodedUITestUAP (x32 Version: 14.0.23309 - Microsoft Corporation) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Corel Applications (HKLM-x32\...\Corel Applications) (Version: - )
CPUID CPU-Z 1.74 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CrystalDiskInfo 6.5.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.5.2 - Crystal Dew World)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Devenv-Ressourcen für Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4200_Software_Min (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Dotfuscator and Analytics Community Edition 5.18.1 (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack 5.18.1 de-DE (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
DVD slideshow GUI 0.9.5.4 (HKLM-x32\...\BE37E547-62DF-43C8-AE6A-D03E82BC67A2_is1) (Version: 0.9.5.4 - Tin2tin)
EaseUS Partition Master 10.8 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
EaseUS Todo Backup Free 8.2 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 8.2 - CHENGDU YIWO Tech Development Co., Ltd)
Entity Framework 6.1.3 Tools for Visual Studio 2015 (HKLM-x32\...\{1A8A9739-BAD7-491F-B5B9-A79A2B965422}) (Version: 14.0.40302.0 - Microsoft Corporation)
Entity Framework Designer für Visual Studio 2012 - DEU (HKLM-x32\...\{B2BDC072-BE01-432D-B281-30891D597FBB}) (Version: 11.1.30729.00 - Microsoft Corporation)
Eraser 6.0.10.2620 (HKLM\...\{6E5159B4-A519-41EF-80EF-AD58371515DF}) (Version: 6.0.2620 - The Eraser Project)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{70D065C3-77E5-45E9-A75C-EEB2E84EA869}) (Version: 11.0.2100.60 - Microsoft Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
F4200 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
FastStone Capture 5.3 (HKLM-x32\...\FastStone Capture) (Version: 5.3 - FastStone Soft)
Ferramentas do Windows Phone 8.1 para Visual Studio 2015 - PTB (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
FFmpeg (Windows) for Audacity Version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
FileZilla Client 3.14.0 (HKLM-x32\...\FileZilla Client) (Version: 3.14.0 - Tim Kosse)
FinePixViewer Resource (HKLM-x32\...\{B44529FF-501E-47CD-A06D-223C161BE058}) (Version: 1.2 - FUJIFILM Corporation)
FinePixViewer Ver.5.5 (HKLM-x32\...\{24ED4D80-8294-11D5-96CD-0040266301AD}) (Version: 5.5 - FUJIFILM Corporation)
FinePixViewer YTUPL (HKLM-x32\...\{65EB09A3-993B-401E-8936-C9708CBFAB26}) (Version: 1.0 - FUJIFILM Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.2.5.930 - Foxit Software Inc.)
Free Dailymotion Download version 1.0.36.1215 (HKLM-x32\...\Free Dailymotion Download_is1) (Version: 1.0.36.1215 - DVDVideoSoft Ltd.)
Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2015 Sprachpaket (DEU) - v1.5 (x32 Version: 1.5.30619.1602 - Microsoft Corporation) Hidden
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Git version 1.9.5-preview20141217 (HKLM-x32\...\Git_is1) (Version: 1.9.5-preview20141217 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Greenfish Icon Editor Pro 3.31 (HKLM-x32\...\{27135B83-5AFF-42A3-BCEB-E689BE9E2090}_is1) (Version: - Greenfish Corporation)
GUI for dvdauthor 1.07 (HKLM-x32\...\GUI for dvdauthor) (Version: 1.07 - Boraxsoft)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
Helix YUV Codecs (remove only) (HKLM-x32\...\HelixYUVCodecs) (Version: - )
Herramientas de Windows Phone 8.1 para Visual Studio 2015 - ESN (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
Honeyview (HKLM\...\Honeyview) (Version: 5.05 - Bandisoft.com)
Hotkey Utility (HKLM-x32\...\{A6DC88AD-501A-44BC-884D-57435F972E2C}) (Version: 3.00.3004 - Acer Incorporated)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F4200 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{8C925017-72A8-4C4A-AF21-84901E26638F}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
i686-5.2.0-posix-dwarf-rt_v4-rev0 (HKLM-x32\...\i686-5.2.0-posix-dwarf-rt_v4-rev0) (Version: - MinGW-W64)
IDE Tools for Windows 10 (x32 Version: 14.0.23309 - Microsoft Corporation) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
IDE-Tools für Windows 10 - DEU (x32 Version: 14.0.23309 - Microsoft Corporation) Hidden
IIS 10.0 Express (HKLM\...\{5984D8DA-C1AF-4284-9C88-D7150425B315}) (Version: 10.0.1734 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - )
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.5.0 - LIGHTNING UK!)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3316 - Intel Corporation)
Intel(R) Programm für die Prozessorerkennung (HKLM-x32\...\{A92A4DB0-CD37-42D1-BE1D-603D53C24328}) (Version: 1.0.0.0 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intellisense Lang Pack Mobile Extension SDK 10.0.10240.0 (x32 Version: 10.0.10240.0 - Microsoft Corporation) Hidden
J2SE Runtime Environment 5.0 Update 17 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0150170}) (Version: 1.5.0.170 - Sun Microsystems, Inc.)
JAP (HKLM-x32\...\JAP) (Version: 00.19.001 - JAP-Team)
Java 8 Update 72 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418072F0}) (Version: 8.0.720.15 - Oracle Corporation)
Java SE Development Kit 8 Update 72 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180720}) (Version: 8.0.720.15 - Oracle Corporation)
jEdit 5.3.0 (HKLM\...\jEdit_is1) (Version: 5.3.0 - Contributors)
Kits Configuration Installer (x32 Version: 10.0.26624 - Microsoft) Hidden
LADSPA_plugins-win-0.4.15 (HKLM-x32\...\LADSPA_plugins-win_is1) (Version: - Audacity Team)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3008 - Acer Incorporated)
Macromedia Director 7 (HKLM-x32\...\Macromedia Director 7) (Version: - )
Macromedia HomeSite 5 (HKLM-x32\...\{74307C3F-EBD4-11D4-A4D9-0010A4C3AFF0}) (Version: - )
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MariaDB 10.1 (x64) (HKLM\...\MariaDB 10.1 (x64)) (Version: 10.1.10.0 - MariaDB Corporation Ab)
MariaDB 10.1 (x64) (Version: 10.1.10.0 - MariaDB Corporation Ab) Hidden
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{98B45D1C-6EB1-460D-A87D-2B60678DC105}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft Age of Empires (HKLM-x32\...\Age of Empires) (Version: - )
Microsoft Age of Empires Expansion (HKLM-x32\...\Age of Empires Expansion 1.0) (Version: - )
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version: - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version: - )
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 Language Pack - DEU (HKLM-x32\...\Microsoft Help Viewer 2.0 Language Pack - DEU) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office XP Professional mit FrontPage (HKLM-x32\...\{90280407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2701.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\OneDriveSetup.exe) (Version: 17.3.6281.1202 - Microsoft Corporation)
Microsoft Silverlight 5 SDK - DEU (HKLM-x32\...\{F351AA2C-723C-4CFE-A7CB-8E43AB164F7F}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{EF18EF0F-96D3-4A6B-9600-2197F1720A15}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{6B7B7E62-9F56-4C87-8664-0E20F2CAB03B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{D4DA7C91-A59F-4C72-BAC4-DF7C76AB1CB8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{55FABD1D-8BE6-4A1A-958D-52B15F1DFEF0}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{13C9CD03-A5FE-4F50-AC8A-17B77C38CC52}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{28C7A4BB-3966-4373-8376-C11F38290630}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (11.1.20828.01) (HKLM-x32\...\{E511AE89-54BB-481D-BC4A-1B1F1E1B7693}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (14.0.50616.0) (HKLM-x32\...\{FA604873-01A0-4834-AF87-418534E465BB}) (Version: 14.0.50616.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (11.1.20828.01) (HKLM-x32\...\{00C84D22-DB8F-4159-BF70-682B8EA56A1E}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server*2014 Express LocalDB (HKLM\...\{CA191120-4CB1-4E3D-89B8-79FDB9017A2E}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2015 SDK - ENU (HKLM-x32\...\{028a4515-c200-4460-bccf-a9b338b0c0f4}) (Version: 14.0.23107.10 - Microsoft Corporation)
Microsoft Visual Studio Code (HKLM-x32\...\{F8A2A208-72B3-4D61-95FC-8A65D340689B}_is1) (Version: 0.10.1 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 (HKLM-x32\...\{5944afa8-29ae-4a05-ab68-30c0dfab197e}) (Version: 14.0.23107.156 - Microsoft Corporation)
Microsoft Visual Studio Express 2012 für Windows Desktop - DEU (HKLM-x32\...\{69ec32be-d994-44de-9eae-6d86ced6f352}) (Version: 11.0.50727.42 - Microsoft Corporation)
Microsoft Visual Studio Tools for Apache Cordova (HKLM-x32\...\{2035a5cc-fa3e-41a8-a718-0feaa2ae94eb}) (Version: 14.0.50902.4 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{4C0B27C3-3E8F-4BD2-80FF-6E9E48EBD6D8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{64A5D39C-95CD-4B8B-B2FA-6C713133B57F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{63967E7E-5D53-42FA-A7B2-DC50FB0F976F}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{2ADB6B9D-83C6-494E-B8AE-E815956A4670}) (Version: 12.0.2402.11 - Microsoft Corporation)
Mit C# erstellte geräteübergreifende Hybrid-Apps - Vorlagen - DEU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla)
Mozilla Thunderbird 38.5.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.5.1 (x86 de)) (Version: 38.5.1 - Mozilla)
MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
Nástroje Windows Phone 8.1 pro sadu Visual Studio 2015 – CSY (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
Nmap 7.00 (HKLM-x32\...\Nmap) (Version: - )
Node.js (HKLM-x32\...\{69735668-F8BC-4E9A-839A-4006FDFDD5AC}) (Version: 0.12.2 - Joyent, Inc. and other Node contributors)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.8 - Notepad++ Team)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera 12.17 (HKLM\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Outils Windows Phone*8.1 pour Visual Studio*2015 - FRA (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM-x32\...\{3F514FDC-F0F2-3B99-86D6-F7B3A2679B39}) (Version: 4.5.51209 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6 (Deutsch) (HKLM-x32\...\{7227EFF8-BC26-44D4-B91D-969A82DBDF4A}) (Version: 4.6.00081 - Microsoft Corporation)
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Projekt- und Elementvorlagen für Visual Studio Express 2015 für Windows 10 – DEU (x32 Version: 14.0.23309 - Microsoft Corporation) Hidden
Projekt- und Elementvorlagen für Visual Studio Professional 2015 – DEU (x32 Version: 14.0.23309 - Microsoft Corporation) Hidden
Python Tools 2.2 for Visual Studio 2015 (HKLM-x32\...\{DE3F045F-57D5-4DAF-A479-DB759047966B}) (Version: 2.2.30718.00 - Microsoft Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6680 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.2.2.0 - Lenovo Group Limited)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Strawberry Perl (64-bit) (HKLM\...\{C450F47E-72FF-1014-BC43-0A7831843670}) (Version: 5.22.1002 - strawberryperl.com project)
Strumenti di Windows Phone 8.1 per Visual Studio 2015 - ITA (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.23102 - Microsoft Corporation) Hidden
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
TextPad 7 (HKLM-x32\...\{9F53AC20-2D32-4341-9DA1-29DD40E2199E}) (Version: 7.0.9 - Helios)
Tool zum Entfernen verborgener Daten (HKLM-x32\...\{90F80407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.6361.0 - Microsoft Corporation)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TopStyle Lite (Version 3.0) (HKLM-x32\...\TopStyle Lite (Version 3.0)) (Version: 3.1.0 - Bradbury Software, LLC)
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
TypeScript Power Tool (x32 Version: 1.6.3.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.6.3.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 1.6.3.0 (HKLM-x32\...\{da31aa25-410a-4c1b-9ec0-114dd8dff786}) (Version: 1.6.23313.0 - Microsoft Corporation)
Universal CRT Extension SDK (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Redistributable (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VBA (2720) (x32 Version: 6.01.00.1234 - Microsoft Corporation) Hidden
Visual C++ für Mobile-Entwicklung (Android-Unterstützung) (HKLM-x32\...\{fd8b6372-b8b3-4a14-bb21-fbc5cb94f7ac}) (Version: 14.0.23027.0 - Microsoft Corporation)
Visual C++ für Mobile-Entwicklung (iOS-Unterstützung) (HKLM-x32\...\{8fd9a549-20ac-4daf-8da3-c54b6621ac29}) (Version: 14.0.23027.0 - Microsoft Corporation)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio 2012 Update 4 (KB2707250) (HKLM-x32\...\{312d9252-c71c-4c84-b171-f4ad46e22098}) (Version: 11.0.61030 - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WCF Data Services 5.6.4 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
WinAppDeploy (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Windows Phone 8.1 Emulators - ENU (HKLM-x32\...\{166a69f6-6512-47ea-a342-17d954fc059a}) (Version: 12.0.31010.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.26624 (HKLM-x32\...\{e7a0c8b6-b0e9-41e2-8a0a-a6784f88d1d4}) (Version: 10.0.26624 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
WinRT Intellisense Desktop - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense Xbox Live Extension SDK - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense Xbox Live Extension SDK - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WorldWide Telescope (HKLM-x32\...\{5AAF8C68-9265-437C-8D9A-06EF98F07C09}) (Version: 5.2.09 - WorldWide Telescope)
Xamarin (HKLM-x32\...\{9D5E4FC0-7E1B-4934-8504-C0958FA73EA5}) (Version: 3.11.837.0 - Xamarin)
Средства Windows Phone 8.1 для Visual Studio 2015 — RUS (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
用于 Visual Studio 2015 的 Windows Phone 8.1 工具 - 简体中文 (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
適用於 Visual Studio 2015 的 Windows Phone 8.1 工具 - 繁體中文 (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job =>
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job =>
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job =>
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-09-17 17:20 - 2013-02-20 21:58 - 00111176 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2015-09-16 13:12 - 2015-09-16 13:12 - 00043480 _____ () D:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2013-10-03 23:42 - 2013-10-03 23:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-09-17 17:06 - 2013-09-17 17:06 - 01193176 _____ () C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Da befinden sich 7866 mehr Seiten.
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\123simsen.com -> www.123simsen.com
Da befinden sich 7866 mehr Seiten.
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2016-01-26 22:49 - 2016-01-26 22:49 - 00000822 ____A C:\WINDOWS\system32\Drivers\etc\hosts
# ::1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\Eigene\BabylonHG.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\StartupFolder: => "Acer Remote.lnk"
HKLM\...\StartupApproved\Run32: => "EaseUs Tray"
HKLM\...\StartupApproved\Run32: => "EaseUs Watch"
HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\StartupApproved\Run: => "1&1 Internet-Radio-PlayerTimer"
HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_8873E7926251A1FFF25FD5B64C244189"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{28F014DE-230B-4ACF-85F4-2BBC3BF7E7EA}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{3F7AF067-AFDF-4AE0-83A3-5540E5FBF4A1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{7440F1F0-425A-436E-A13A-B542BCAAA3EE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{B40D8E5C-BCEA-4160-814C-E31E19F88B03}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{B55976E3-DF67-44B5-98ED-30A5CFDCC9A8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{FDD9CFEE-2352-40B7-9CC8-FE3191D5F135}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{09196CDB-BC40-445D-9B37-7CFAC14CD519}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{1CB97F0E-B47C-44A8-B226-D99724F87BD3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{A5E80429-ECF5-420E-B98F-B9F097C79910}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{FD179F0B-96BF-48C8-B833-7F6321BEE06C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{98553A38-2649-4D65-9A55-B900E5B5125F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{1DC0BA17-7DCB-4514-B1E0-0C37B9ACC80D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{335BCE54-520B-4275-92E9-AA75B5C7358C}] => (Allow) C:\Users\RudolfAlexander\AppData\Local\Temp\7zS5314\hppiw.exe
FirewallRules: [{75A13A29-16DA-4694-8AED-5B8CB60B74F8}] => (Allow) C:\Users\RudolfAlexander\AppData\Local\Temp\7zS5314\hppiw.exe
FirewallRules: [{1917791C-5683-4E02-B85C-4DB9D0C8B065}] => (Allow) H:\Program Files\EaseUS\Todo Backup\bin\Agent.exe
FirewallRules: [{5229141A-E99B-476C-94E5-BA50228B93F4}] => (Allow) H:\Program Files\EASEUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{22F296FD-1CCD-4ED3-917A-D3959ABF62FA}] => (Allow) H:\Program Files\EASEUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{10BC7E16-FCD6-4770-A50E-AD1BCB95A6E1}] => (Allow) H:\Program Files\EASEUS\Todo Backup\bin\TbService.exe
FirewallRules: [{AF1AD763-1419-4B2B-BD62-131CD2D601F1}] => (Allow) H:\Program Files\EASEUS\Todo Backup\bin\TbService.exe
FirewallRules: [UDP Query User{590AD1C7-4A50-4F88-B7EA-490759C38D80}C:\program files (x86)\acer remote\arcserver.exe] => (Allow) C:\program files (x86)\acer remote\arcserver.exe
FirewallRules: [TCP Query User{1C29AE09-4315-4622-919D-CD2C646D09E8}C:\program files (x86)\acer remote\arcserver.exe] => (Allow) C:\program files (x86)\acer remote\arcserver.exe
FirewallRules: [UDP Query User{35002341-40BD-453E-9FB4-8E77F2E1F501}C:\program files (x86)\acer remote\arcserver.exe] => (Block) C:\program files (x86)\acer remote\arcserver.exe
FirewallRules: [TCP Query User{03D08A97-C2F8-44C5-B5D3-2340505EE555}C:\program files (x86)\acer remote\arcserver.exe] => (Block) C:\program files (x86)\acer remote\arcserver.exe
FirewallRules: [{F8CE7F3C-77A8-4DB2-98CC-D294FEEC3990}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe
FirewallRules: [{727A3365-83ED-42AD-881E-0AB34A286E11}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe
FirewallRules: [{BD1D269F-16F8-45E8-BEC4-35FF4BBD40F1}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe
FirewallRules: [{3A5409F3-908C-4484-86D4-01F5E25697C1}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe
FirewallRules: [{030E7187-1FD8-4E1E-A675-1F4ACD2ABD87}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{6896C87F-2A4B-490C-AD89-09871003F247}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{DF823242-CC34-4F2C-A391-2AA5194142C0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{C8F450ED-851C-43FE-A134-D621CBE99EE0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{B79C3D88-B406-42D3-8E40-6316AA3BCD57}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{D2D0EE2F-64E9-4FD1-B6C6-F14A0C092B0C}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{590A0C7C-A4EE-4BA0-A313-25DD66A0A781}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\PlayMovie.exe
FirewallRules: [{6FEB933F-57CE-4214-A43C-616EDF5951C5}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{1C2B145F-C011-4CF1-B992-F78A27CE4D7E}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{B57679DE-858E-46BA-B56A-7F472BEAE711}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{13B8F977-4B7D-403F-ABB9-4AE55FC860C1}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{81C6F084-57DD-4AFF-9B20-240CAFF8E483}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{2ED67888-28D1-435C-81DF-B726086F74AE}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{7A0E4ED8-681B-43F5-978E-624CF42C4F5A}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{5BA8D653-24F3-48A0-B287-B0AA4385EA0B}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{1A18B3ED-1CBF-4FB1-BE6C-15183FDF7209}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{8FB28222-AC16-4A93-8C36-860F201EC145}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [TCP Query User{A3B7E88D-841E-4817-A1CF-6362D0CCC1B3}I:\programme\microsoft games\age of empires ii\age2_x1\age2_x1.icd] => (Allow) I:\programme\microsoft games\age of empires ii\age2_x1\age2_x1.icd
FirewallRules: [UDP Query User{B4D45677-6B67-4A53-8CDA-6B1D2E8A99A8}I:\programme\microsoft games\age of empires ii\age2_x1\age2_x1.icd] => (Allow) I:\programme\microsoft games\age of empires ii\age2_x1\age2_x1.icd
FirewallRules: [{FACE4B9F-5C89-453B-8048-F842B568F362}] => (Allow) E:\Program Files\Microsoft Visual Studio 11.0\Common7\IDE\WDExpress.exe
FirewallRules: [{831275C3-9860-4DE4-B1AD-F670462D4893}] => (Allow) C:\Users\RudolfAlexander\AppData\Local\Temp\7zS5C6D\hppiw.exe
FirewallRules: [{4B669EE0-A9D1-4F09-89CE-78200F9B29F4}] => (Allow) C:\Users\RudolfAlexander\AppData\Local\Temp\7zS5C6D\hppiw.exe
FirewallRules: [{58C7AE4B-6A3C-4BCF-BF7F-A0911F042250}] => (Allow) C:\Users\RudolfAlexander\AppData\Local\Temp\7zS05FD\hppiw.exe
FirewallRules: [{3BA7B709-2475-43CD-A00E-462A5A44814E}] => (Allow) C:\Users\RudolfAlexander\AppData\Local\Temp\7zS05FD\hppiw.exe
FirewallRules: [{5D6CB60F-618B-4F68-87C8-1BCF9DC20FAC}] => (Allow) C:\Windows\SysWOW64\dplaysvr.exe
FirewallRules: [{BC8474A6-26B9-4472-9517-94BB71305E63}] => (Allow) C:\Windows\SysWOW64\dplaysvr.exe
FirewallRules: [{A345A686-F886-495C-91B1-9C8DC6DA4153}] => (Allow) I:\Programme\Microsoft Games\Age of Empires II\AGE2_X1\age2_x1.Exe
FirewallRules: [{F41A980A-890A-422C-BC01-6A79C5D6B23D}] => (Allow) I:\Programme\Microsoft Games\Age of Empires II\AGE2_X1\age2_x1.Exe
FirewallRules: [TCP Query User{A02D4A8D-D7B3-41CB-8C0F-B74185F91758}I:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.icd] => (Allow) I:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.icd
FirewallRules: [UDP Query User{0B010CEC-220B-41D7-A227-5D983233A0B1}I:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.icd] => (Allow) I:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.icd
FirewallRules: [{0E493143-C7CA-4B97-996D-610F988623AF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{94705516-98C9-4DBF-9645-E47CFFB6AF82}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{0EC2FCD1-5F09-464A-AFF8-92DE47EAE7EB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{45E00A3B-C982-4C28-A2C2-B24090BDF4CF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{7A9790D6-4262-46FD-ADB0-A88824F89C05}] => (Allow) D:\Program Files\Internet-Radio-Player\phonostarStarter.exe
FirewallRules: [{827162A1-098F-4EE6-A015-D2A6F92E6C03}] => (Allow) D:\Program Files\Internet-Radio-Player\phonostarStarter.exe
FirewallRules: [{8587BD94-30AF-4F53-81CD-DC514FCEEF41}] => (Allow) D:\Program Files\Internet-Radio-Player\phonostarStarter.exe
FirewallRules: [{CF120258-7A1A-40C2-96CE-0B703839BA5E}] => (Allow) D:\Program Files\Internet-Radio-Player\phonostarStarter.exe
FirewallRules: [{993D3A54-D83C-4CA7-9E58-3283387A6ABC}] => (Allow) D:\Program Files\JAP\jap.exe
FirewallRules: [{0A97A4C5-0E55-4E5E-845F-487B9D1673B2}] => (Allow) D:\Program Files\JAP\jap.exe
FirewallRules: [{05D91A0A-2D07-48C1-A14C-2B9EC07B4F92}] => (Allow) D:\Program Files\JAP\jap.exe
FirewallRules: [{62414625-DC71-41AF-9521-C4D495E1B7C4}] => (Allow) D:\Program Files\JAP\jap.exe
FirewallRules: [{B24DCB97-E781-45B0-9C7E-BFDC2BB76FF6}] => (Allow) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
FirewallRules: [{343BCB0D-A115-4169-B665-81C778DE589F}] => (Allow) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
FirewallRules: [{8EC0223E-EC1E-4489-B65D-C7CB4DE256DE}] => (Allow) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
FirewallRules: [{BCF9E82D-CC24-42B2-BCB8-4802AB756295}] => (Allow) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
FirewallRules: [{7EDB3FC4-1DDD-40B2-8C21-176A4DED00E4}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe
FirewallRules: [{E97232A3-8073-43E2-9917-D49FE4E1BB01}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe
FirewallRules: [{F4C08DAB-96C0-49C2-A333-CAF8975E9FD1}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe
FirewallRules: [{797EC598-4990-43FA-87A9-C0514F5D929C}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe
FirewallRules: [{DB5AFDC2-664F-41CF-BCA1-33B2518C675F}] => (Allow) D:\Program Files\Lightworks\ntcardvt.exe
FirewallRules: [{E9FF6430-7ACA-4404-8F2D-65855E82C606}] => (Allow) D:\Program Files\Lightworks\ntcardvt.exe
FirewallRules: [{41E8953A-5C23-4B85-93BA-62C33FDC7427}] => (Allow) C:\Users\RudolfAlexander\AppData\Local\Temp\7zS028F\hppiw.exe
FirewallRules: [{36122F37-8231-456B-9607-B5A87FE0EEEE}] => (Allow) C:\Users\RudolfAlexander\AppData\Local\Temp\7zS028F\hppiw.exe
FirewallRules: [{7ADF1E6C-4B4B-4165-ACA2-968577719846}] => (Allow) D:\Program Files\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{7549F9DF-F224-4F24-B542-1B35FDA112D4}] => (Allow) D:\Program Files\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{39330B85-C760-4C1C-ACD4-F79C9550E0C7}] => (Allow) D:\Program Files\pluginwrapper\opera_plugin_wrapper_32.exe
FirewallRules: [{FDF62D83-CB6E-489C-8DF2-BC895F0C2030}] => (Allow) D:\Program Files\pluginwrapper\opera_plugin_wrapper_32.exe
FirewallRules: [{32EDB9AD-3D11-4EAC-9C67-6FCB667B5C14}] => (Allow) D:\Program Files\opera.exe
FirewallRules: [{5FA9E85D-9BFC-43E3-907F-A8757FF89D90}] => (Allow) D:\Program Files\opera.exe
FirewallRules: [{6DCDB633-5F6C-4257-90EF-DFE556C8DCA9}] => (Allow) C:\Users\RudolfAlexander\AppData\Local\Temp\7zS18A4\hppiw.exe
FirewallRules: [{9819ABF1-961A-4946-8854-F1BEDF9B56E5}] => (Allow) C:\Users\RudolfAlexander\AppData\Local\Temp\7zS18A4\hppiw.exe
FirewallRules: [{690A066B-FBC3-457E-8866-AF25A3A0589A}] => (Allow) C:\Users\RudolfAlexander\AppData\Local\Temp\7zS2974\hppiw.exe
FirewallRules: [{1EBC7D26-FE50-400D-B4B4-75AC6B39413A}] => (Allow) C:\Users\RudolfAlexander\AppData\Local\Temp\7zS2974\hppiw.exe
FirewallRules: [TCP Query User{4B86C128-5107-4363-AC19-C5FA36465EA0}I:\program files\microsoft games\age of empires ii\age2_x1\age2_x2.exe] => (Allow) I:\program files\microsoft games\age of empires ii\age2_x1\age2_x2.exe
FirewallRules: [UDP Query User{5DFE83D5-835F-4683-9A5C-E6328CD9EC3B}I:\program files\microsoft games\age of empires ii\age2_x1\age2_x2.exe] => (Allow) I:\program files\microsoft games\age of empires ii\age2_x1\age2_x2.exe
FirewallRules: [{5656CEE0-F8E9-4855-B8AF-000CF4149F70}] => (Allow) D:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [{2EBCE465-408E-4F12-845C-8628440EFBC6}] => (Allow) D:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [{7E16960D-9B9F-4A0F-A47C-3D2777B43B4D}] => (Allow) D:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{38048089-9E32-4B04-8D66-D52FB58F7574}] => (Allow) D:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{4D6F0F96-700F-4928-B84B-9D6C4B4CAD6D}] => (Allow) D:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{4F07AAD3-A3B4-4E19-9953-19A16990F0DF}] => (Allow) D:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{F96DD952-B15E-424D-A717-F50BF4DC84DF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7D0A1B7F-FE37-4B25-BD20-4FCE7DD06914}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{2C193D0E-6E3F-498B-AF16-C250C26BC7BA}D:\program files\microsoft research\microsoft worldwide telescope\wwtexplorer.exe] => (Allow) D:\program files\microsoft research\microsoft worldwide telescope\wwtexplorer.exe
FirewallRules: [UDP Query User{3D72D360-45EF-4D3A-8E09-EC6EB03BA86D}D:\program files\microsoft research\microsoft worldwide telescope\wwtexplorer.exe] => (Allow) D:\program files\microsoft research\microsoft worldwide telescope\wwtexplorer.exe
FirewallRules: [{2AD4F1D9-7E36-4193-9313-5DEA07630321}] => (Allow) C:\Users\RudolfAlexander\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{8BD918FB-4CBA-44EC-80B9-91D86065FF09}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{94008313-981D-46F6-AC80-423F35D60837}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{7ECD8FE1-A1FD-4B57-8F46-AA17751F56D3}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{3D5D79AC-062A-489D-9913-3B678B26D972}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{EDA65F68-3A98-44CA-B9B4-F9DE43330F7C}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{AE4F2305-115F-4E44-868A-76F1D59DDA6E}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{ED027693-62EE-47F6-BBCE-A0623395610E}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{ECEB4C4A-0D28-422C-9F1B-EB1B1AA6FD63}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{E6D13397-7811-4430-A919-DF425B2B21A7}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{DE83BA7E-C1BB-4466-BCA3-8EECDAD4257E}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{6A79F00C-7D41-49F7-8009-F3E728CC1331}] => (Allow) D:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{393E28F3-9B19-4306-89AB-5C4EA09D06B1}] => (Allow) D:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{4C6DB319-5454-4DD1-BB6B-47FC7658BC96}] => (Allow) D:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper_32.exe
FirewallRules: [{825591BA-72C7-4EF5-90CA-84047CF1E966}] => (Allow) D:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper_32.exe
FirewallRules: [{4F52405F-0D82-4964-83E3-2834A50E65B4}] => (Allow) D:\Program Files\Opera\opera.exe
FirewallRules: [{A20FB031-BC47-4C1A-95AB-1F67BA7BC97C}] => (Allow) D:\Program Files\Opera\opera.exe
FirewallRules: [TCP Query User{083415FB-4C92-4C01-A9D7-555131751228}D:\program files\microsoft research\wwtexplorer.exe] => (Allow) D:\program files\microsoft research\wwtexplorer.exe
FirewallRules: [UDP Query User{2F767CBE-B792-4C81-B854-BBA72810F303}D:\program files\microsoft research\wwtexplorer.exe] => (Allow) D:\program files\microsoft research\wwtexplorer.exe
FirewallRules: [{DF33D451-0625-4FCF-97E2-072ABBB5ED5F}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{7BC0CCF5-CE4F-40D1-B639-FCED55DEE350}] => (Allow) C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{EC62D032-4D4F-4682-BCE8-60C1F2A35660}C:\program files\java\jre1.8.0_65\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_65\bin\javaw.exe
FirewallRules: [UDP Query User{BF47679A-4D0E-48DA-B09B-0D6C9777D9D8}C:\program files\java\jre1.8.0_65\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_65\bin\javaw.exe
FirewallRules: [TCP Query User{8AAC9022-3498-469D-8638-5606E8181247}D:\apache24\bin\httpd.exe] => (Allow) D:\apache24\bin\httpd.exe
FirewallRules: [UDP Query User{27ABF644-C24B-418F-A091-09D3FB56A0DD}D:\apache24\bin\httpd.exe] => (Allow) D:\apache24\bin\httpd.exe
FirewallRules: [{8F7E01E8-ED50-4C24-8A3C-D2CB7FD6136A}] => (Allow) D:\Programme\MariaDB 10.1\bin\mysqld.exe
FirewallRules: [{5EC7F2B6-6655-43EE-9BC7-5D55DCAF2BE7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
Überprüfen Sie den "winmgmt" Dienst oder reparieren Sie den WMI.
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (01/27/2016 12:04:33 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (01/27/2016 12:04:33 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (01/27/2016 10:33:33 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (01/27/2016 10:33:22 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (01/27/2016 10:33:04 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (01/27/2016 10:33:03 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (01/27/2016 12:13:01 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15172
Error: (01/27/2016 12:13:01 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15172
Error: (01/27/2016 12:13:01 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/27/2016 12:02:33 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Systemfehler:
=============
Error: (01/27/2016 12:02:46 PM) (Source: DCOM) (EventID: 10016) (User: Pandora)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}PandoraHeinzS-1-5-21-2932333098-1933949563-2559224823-1004LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (01/27/2016 12:02:32 PM) (Source: DCOM) (EventID: 10016) (User: Pandora)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}PandoraHeinzS-1-5-21-2932333098-1933949563-2559224823-1004LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (01/27/2016 11:58:31 AM) (Source: DCOM) (EventID: 10016) (User: Pandora)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}PandoraHeinzS-1-5-21-2932333098-1933949563-2559224823-1004LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (01/27/2016 11:48:04 AM) (Source: DCOM) (EventID: 10016) (User: Pandora)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}PandoraHeinzS-1-5-21-2932333098-1933949563-2559224823-1004LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (01/27/2016 11:47:49 AM) (Source: DCOM) (EventID: 10016) (User: Pandora)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}PandoraHeinzS-1-5-21-2932333098-1933949563-2559224823-1004LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (01/27/2016 11:47:43 AM) (Source: DCOM) (EventID: 10016) (User: Pandora)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}PandoraHeinzS-1-5-21-2932333098-1933949563-2559224823-1004LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (01/27/2016 11:45:51 AM) (Source: DCOM) (EventID: 10016) (User: Pandora)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}PandoraHeinzS-1-5-21-2932333098-1933949563-2559224823-1004LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (01/27/2016 11:45:45 AM) (Source: DCOM) (EventID: 10016) (User: Pandora)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}PandoraHeinzS-1-5-21-2932333098-1933949563-2559224823-1004LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (01/27/2016 11:45:40 AM) (Source: DCOM) (EventID: 10016) (User: Pandora)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}PandoraHeinzS-1-5-21-2932333098-1933949563-2559224823-1004LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (01/27/2016 10:42:16 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: Pandora)
Description: 0x8000002a117\??\C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \S-1-5-21-2932333098-1933949563-2559224823-1004-0-ntuser.dat
CodeIntegrity:
===================================
Date: 2016-01-26 15:47:40.625
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-26 15:47:40.437
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-26 15:47:40.187
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-26 15:47:40.000
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-25 00:23:33.871
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-25 00:23:33.684
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-25 00:23:33.496
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-25 00:23:32.793
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-25 00:23:32.527
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-25 00:23:32.277
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i3-3240 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 53%
Installierter physikalischer RAM: 3976.74 MB
Verfügbarer physikalischer RAM: 1836.35 MB
Summe virtueller Speicher: 4744.74 MB
Verfügbarer virtueller Speicher: 1651.23 MB
==================== Laufwerke ================================
Drive c: (MARILYN MONROE) (Fixed) (Total:223.25 GB) (Free:141.6 GB) NTFS
Drive d: (KASSANDRA) (Fixed) (Total:224.36 GB) (Free:163.95 GB) NTFS
Drive e: (LYNKEUS) (Fixed) (Total:118.54 GB) (Free:75.97 GB) NTFS
Drive f: (CORIOLANUS) (Fixed) (Total:117.19 GB) (Free:60.49 GB) NTFS
Drive g: (VERDANDI) (Fixed) (Total:102.54 GB) (Free:74.59 GB) NTFS
Drive h: (MESSALINA) (Fixed) (Total:97.85 GB) (Free:75.68 GB) NTFS
Drive i: (PYTHIA) (Fixed) (Total:10.07 GB) (Free:5.88 GB) FAT32
Drive j: (NIFLHEIM) (Fixed) (Total:8.42 GB) (Free:8.35 GB) NTFS
Drive l: (WAGNOFF) (Fixed) (Total:1.98 GB) (Free:1.98 GB) FAT32
Drive m: (ANUBIS) (Fixed) (Total:2.05 GB) (Free:2.05 GB) FAT32
==================== MBR & Partitionstabelle ==================
==================== Ende von Addition.txt ============================
|
|
11.02.2016, 22:11
| #12 |
| | "nbi cleaner" ist wieder/noch da Addition3.txt Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:27-01-2016
durchgeführt von Heinz (2016-02-02 13:47:04)
Gestartet von D:\Sicherung\Downloads\Microsoft\MalwareTools\FarbarRST
Windows 8.1 (X64) (2013-12-22 12:53:45)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2932333098-1933949563-2559224823-500 - Administrator - Disabled)
Gast (S-1-5-21-2932333098-1933949563-2559224823-501 - Limited - Disabled)
Heinz (S-1-5-21-2932333098-1933949563-2559224823-1004 - Limited - Enabled) => C:\Users\Heinz
RudolfAlexander (S-1-5-21-2932333098-1933949563-2559224823-1001 - Administrator - Enabled) => C:\Users\RudolfAlexander
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
ACDSee Trial Version (HKLM-x32\...\ACDSee Trial Version) (Version: - )
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3012 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2021 - Acer Incorporated)
aDF4de (HKLM\...\{d1e17d14-cabc-4f6f-9f46-c7ecf813645e}.sdb) (Version: - )
Adobe Acrobat 8 Professional - English, Français, Deutsch (HKLM-x32\...\Adobe Acrobat 8 Professional - English, Français, Deutsch) (Version: 8.0.0 - Adobe Systems)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe InDesign CS2 (HKLM-x32\...\Adobe InDesign CS2 - {7F4C8163-F259-49A0-A018-2857A90578BC}) (Version: 004.000.000 - Adobe Systems Incorporated)
Adobe Photoshop 7.0.1 (HKLM-x32\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Photoshop Elements 5.0 (HKLM-x32\...\Adobe Photoshop Elements 5) (Version: 5.0 - Adobe Systems, Inc.)
Adobe Premiere Pro 2.0 (HKLM-x32\...\Adobe Premiere Pro 2.0) (Version: 2.000.000 - Adobe Systems, Inc.)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Any Video Converter 5.8.6 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Application Insights Tools for Visual Studio 2015 (x32 Version: 3.3.1 - Microsoft Corporation) Hidden
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Avidemux 2.6 - 64bits (HKLM-x32\...\Avidemux 2.6 - 64bits (64-bit)) (Version: 2.6.8.9045 - )
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.51210.80 - Microsoft Corporation) Hidden
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Blend for Visual Studio Add-in for Adobe FXG Import (x32 Version: 1.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blender (HKLM\...\{87E4F4E2-99A4-44C6-9175-9FF2773E46CF}) (Version: 2.76.0 - Blender Foundation)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Build Tools for Windows 10 (x32 Version: 14.0.23309 - Microsoft Corporation) Hidden
Buildtools für Windows 10 - DEU (x32 Version: 14.0.23309 - Microsoft Corporation) Hidden
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5931 - CDBurnerXP)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
CodedUITestUAP (x32 Version: 14.0.23309 - Microsoft Corporation) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Corel Applications (HKLM-x32\...\Corel Applications) (Version: - )
CPUID CPU-Z 1.74 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CrystalDiskInfo 6.5.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.5.2 - Crystal Dew World)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Devenv-Ressourcen für Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4200_Software_Min (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Dotfuscator and Analytics Community Edition 5.18.1 (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack 5.18.1 de-DE (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
DVD slideshow GUI 0.9.5.4 (HKLM-x32\...\BE37E547-62DF-43C8-AE6A-D03E82BC67A2_is1) (Version: 0.9.5.4 - Tin2tin)
EaseUS Partition Master 10.8 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
EaseUS Todo Backup Free 8.2 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 8.2 - CHENGDU YIWO Tech Development Co., Ltd)
Entity Framework 6.1.3 Tools for Visual Studio 2015 (HKLM-x32\...\{1A8A9739-BAD7-491F-B5B9-A79A2B965422}) (Version: 14.0.40302.0 - Microsoft Corporation)
Entity Framework Designer für Visual Studio 2012 - DEU (HKLM-x32\...\{B2BDC072-BE01-432D-B281-30891D597FBB}) (Version: 11.1.30729.00 - Microsoft Corporation)
Eraser 6.0.10.2620 (HKLM\...\{6E5159B4-A519-41EF-80EF-AD58371515DF}) (Version: 6.0.2620 - The Eraser Project)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{70D065C3-77E5-45E9-A75C-EEB2E84EA869}) (Version: 11.0.2100.60 - Microsoft Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
F4200 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
FastStone Capture 5.3 (HKLM-x32\...\FastStone Capture) (Version: 5.3 - FastStone Soft)
Ferramentas do Windows Phone 8.1 para Visual Studio 2015 - PTB (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
FFmpeg (Windows) for Audacity Version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
FileZilla Client 3.14.0 (HKLM-x32\...\FileZilla Client) (Version: 3.14.0 - Tim Kosse)
FinePixViewer Resource (HKLM-x32\...\{B44529FF-501E-47CD-A06D-223C161BE058}) (Version: 1.2 - FUJIFILM Corporation)
FinePixViewer Ver.5.5 (HKLM-x32\...\{24ED4D80-8294-11D5-96CD-0040266301AD}) (Version: 5.5 - FUJIFILM Corporation)
FinePixViewer YTUPL (HKLM-x32\...\{65EB09A3-993B-401E-8936-C9708CBFAB26}) (Version: 1.0 - FUJIFILM Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.2.5.930 - Foxit Software Inc.)
Free Dailymotion Download version 1.0.36.1215 (HKLM-x32\...\Free Dailymotion Download_is1) (Version: 1.0.36.1215 - DVDVideoSoft Ltd.)
Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2015 Sprachpaket (DEU) - v1.5 (x32 Version: 1.5.30619.1602 - Microsoft Corporation) Hidden
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Git version 1.9.5-preview20141217 (HKLM-x32\...\Git_is1) (Version: 1.9.5-preview20141217 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.97 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Greenfish Icon Editor Pro 3.31 (HKLM-x32\...\{27135B83-5AFF-42A3-BCEB-E689BE9E2090}_is1) (Version: - Greenfish Corporation)
GUI for dvdauthor 1.07 (HKLM-x32\...\GUI for dvdauthor) (Version: 1.07 - Boraxsoft)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
Helix YUV Codecs (remove only) (HKLM-x32\...\HelixYUVCodecs) (Version: - )
Herramientas de Windows Phone 8.1 para Visual Studio 2015 - ESN (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
Honeyview (HKLM\...\Honeyview) (Version: 5.05 - Bandisoft.com)
Hotkey Utility (HKLM-x32\...\{A6DC88AD-501A-44BC-884D-57435F972E2C}) (Version: 3.00.3004 - Acer Incorporated)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F4200 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{8C925017-72A8-4C4A-AF21-84901E26638F}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
i686-5.2.0-posix-dwarf-rt_v4-rev0 (HKLM-x32\...\i686-5.2.0-posix-dwarf-rt_v4-rev0) (Version: - MinGW-W64)
IDE Tools for Windows 10 (x32 Version: 14.0.23309 - Microsoft Corporation) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
IDE-Tools für Windows 10 - DEU (x32 Version: 14.0.23309 - Microsoft Corporation) Hidden
IIS 10.0 Express (HKLM\...\{5984D8DA-C1AF-4284-9C88-D7150425B315}) (Version: 10.0.1734 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - )
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.5.0 - LIGHTNING UK!)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3316 - Intel Corporation)
Intel(R) Programm für die Prozessorerkennung (HKLM-x32\...\{A92A4DB0-CD37-42D1-BE1D-603D53C24328}) (Version: 1.0.0.0 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intellisense Lang Pack Mobile Extension SDK 10.0.10240.0 (x32 Version: 10.0.10240.0 - Microsoft Corporation) Hidden
J2SE Runtime Environment 5.0 Update 17 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0150170}) (Version: 1.5.0.170 - Sun Microsystems, Inc.)
JAP (HKLM-x32\...\JAP) (Version: 00.19.001 - JAP-Team)
Java 8 Update 72 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418072F0}) (Version: 8.0.720.15 - Oracle Corporation)
Java SE Development Kit 8 Update 72 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180720}) (Version: 8.0.720.15 - Oracle Corporation)
jEdit 5.3.0 (HKLM\...\jEdit_is1) (Version: 5.3.0 - Contributors)
Kits Configuration Installer (x32 Version: 10.0.26624 - Microsoft) Hidden
LADSPA_plugins-win-0.4.15 (HKLM-x32\...\LADSPA_plugins-win_is1) (Version: - Audacity Team)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3008 - Acer Incorporated)
Macromedia Director 7 (HKLM-x32\...\Macromedia Director 7) (Version: - )
Macromedia HomeSite 5 (HKLM-x32\...\{74307C3F-EBD4-11D4-A4D9-0010A4C3AFF0}) (Version: - )
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MariaDB 10.1 (x64) (HKLM\...\MariaDB 10.1 (x64)) (Version: 10.1.10.0 - MariaDB Corporation Ab)
MariaDB 10.1 (x64) (Version: 10.1.10.0 - MariaDB Corporation Ab) Hidden
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{98B45D1C-6EB1-460D-A87D-2B60678DC105}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft Age of Empires (HKLM-x32\...\Age of Empires) (Version: - )
Microsoft Age of Empires Expansion (HKLM-x32\...\Age of Empires Expansion 1.0) (Version: - )
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version: - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version: - )
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 Language Pack - DEU (HKLM-x32\...\Microsoft Help Viewer 2.0 Language Pack - DEU) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office XP Professional mit FrontPage (HKLM-x32\...\{90280407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2701.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\OneDriveSetup.exe) (Version: 17.3.6281.1202 - Microsoft Corporation)
Microsoft Silverlight 5 SDK - DEU (HKLM-x32\...\{F351AA2C-723C-4CFE-A7CB-8E43AB164F7F}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{EF18EF0F-96D3-4A6B-9600-2197F1720A15}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{6B7B7E62-9F56-4C87-8664-0E20F2CAB03B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{D4DA7C91-A59F-4C72-BAC4-DF7C76AB1CB8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{55FABD1D-8BE6-4A1A-958D-52B15F1DFEF0}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{13C9CD03-A5FE-4F50-AC8A-17B77C38CC52}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{28C7A4BB-3966-4373-8376-C11F38290630}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (11.1.20828.01) (HKLM-x32\...\{E511AE89-54BB-481D-BC4A-1B1F1E1B7693}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (14.0.50616.0) (HKLM-x32\...\{FA604873-01A0-4834-AF87-418534E465BB}) (Version: 14.0.50616.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (11.1.20828.01) (HKLM-x32\...\{00C84D22-DB8F-4159-BF70-682B8EA56A1E}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server*2014 Express LocalDB (HKLM\...\{CA191120-4CB1-4E3D-89B8-79FDB9017A2E}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Virtual PC 2007 SP1 (HKLM\...\{AD483998-2E9A-4405-83FF-6E503AF49CBB}) (Version: 6.0.192.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2015 SDK - ENU (HKLM-x32\...\{028a4515-c200-4460-bccf-a9b338b0c0f4}) (Version: 14.0.23107.10 - Microsoft Corporation)
Microsoft Visual Studio Code (HKLM-x32\...\{F8A2A208-72B3-4D61-95FC-8A65D340689B}_is1) (Version: 0.10.1 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 (HKLM-x32\...\{5944afa8-29ae-4a05-ab68-30c0dfab197e}) (Version: 14.0.23107.156 - Microsoft Corporation)
Microsoft Visual Studio Express 2012 für Windows Desktop - DEU (HKLM-x32\...\{69ec32be-d994-44de-9eae-6d86ced6f352}) (Version: 11.0.50727.42 - Microsoft Corporation)
Microsoft Visual Studio Tools for Apache Cordova (HKLM-x32\...\{2035a5cc-fa3e-41a8-a718-0feaa2ae94eb}) (Version: 14.0.50902.4 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{4C0B27C3-3E8F-4BD2-80FF-6E9E48EBD6D8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{64A5D39C-95CD-4B8B-B2FA-6C713133B57F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{63967E7E-5D53-42FA-A7B2-DC50FB0F976F}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{2ADB6B9D-83C6-494E-B8AE-E815956A4670}) (Version: 12.0.2402.11 - Microsoft Corporation)
Mit C# erstellte geräteübergreifende Hybrid-Apps - Vorlagen - DEU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla)
Mozilla Thunderbird 38.5.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.5.1 (x86 de)) (Version: 38.5.1 - Mozilla)
MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
Nástroje Windows Phone 8.1 pro sadu Visual Studio 2015 – CSY (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
Nmap 7.00 (HKLM-x32\...\Nmap) (Version: - )
Node.js (HKLM-x32\...\{69735668-F8BC-4E9A-839A-4006FDFDD5AC}) (Version: 0.12.2 - Joyent, Inc. and other Node contributors)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.8 - Notepad++ Team)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera 12.17 (HKLM\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Outils Windows Phone*8.1 pour Visual Studio*2015 - FRA (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM-x32\...\{3F514FDC-F0F2-3B99-86D6-F7B3A2679B39}) (Version: 4.5.51209 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6 (Deutsch) (HKLM-x32\...\{7227EFF8-BC26-44D4-B91D-969A82DBDF4A}) (Version: 4.6.00081 - Microsoft Corporation)
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Projekt- und Elementvorlagen für Visual Studio Express 2015 für Windows 10 – DEU (x32 Version: 14.0.23309 - Microsoft Corporation) Hidden
Projekt- und Elementvorlagen für Visual Studio Professional 2015 – DEU (x32 Version: 14.0.23309 - Microsoft Corporation) Hidden
Python Tools 2.2 for Visual Studio 2015 (HKLM-x32\...\{DE3F045F-57D5-4DAF-A479-DB759047966B}) (Version: 2.2.30718.00 - Microsoft Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6680 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.2.2.0 - Lenovo Group Limited)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Strawberry Perl (64-bit) (HKLM\...\{C450F47E-72FF-1014-BC43-0A7831843670}) (Version: 5.22.1002 - strawberryperl.com project)
Strumenti di Windows Phone 8.1 per Visual Studio 2015 - ITA (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.23102 - Microsoft Corporation) Hidden
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
TextPad 7 (HKLM-x32\...\{9F53AC20-2D32-4341-9DA1-29DD40E2199E}) (Version: 7.0.9 - Helios)
Tool zum Entfernen verborgener Daten (HKLM-x32\...\{90F80407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.6361.0 - Microsoft Corporation)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TopStyle Lite (Version 3.0) (HKLM-x32\...\TopStyle Lite (Version 3.0)) (Version: 3.1.0 - Bradbury Software, LLC)
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
TypeScript Power Tool (x32 Version: 1.6.3.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.6.3.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 1.6.3.0 (HKLM-x32\...\{da31aa25-410a-4c1b-9ec0-114dd8dff786}) (Version: 1.6.23313.0 - Microsoft Corporation)
Universal CRT Extension SDK (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Redistributable (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VBA (2720) (x32 Version: 6.01.00.1234 - Microsoft Corporation) Hidden
Visual C++ für Mobile-Entwicklung (Android-Unterstützung) (HKLM-x32\...\{fd8b6372-b8b3-4a14-bb21-fbc5cb94f7ac}) (Version: 14.0.23027.0 - Microsoft Corporation)
Visual C++ für Mobile-Entwicklung (iOS-Unterstützung) (HKLM-x32\...\{8fd9a549-20ac-4daf-8da3-c54b6621ac29}) (Version: 14.0.23027.0 - Microsoft Corporation)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio 2012 Update 4 (KB2707250) (HKLM-x32\...\{312d9252-c71c-4c84-b171-f4ad46e22098}) (Version: 11.0.61030 - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WCF Data Services 5.6.4 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Phone 8.1 Emulators - ENU (HKLM-x32\...\{166a69f6-6512-47ea-a342-17d954fc059a}) (Version: 12.0.31010.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.26624 (HKLM-x32\...\{e7a0c8b6-b0e9-41e2-8a0a-a6784f88d1d4}) (Version: 10.0.26624 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
WinRT Intellisense Desktop - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense Xbox Live Extension SDK - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense Xbox Live Extension SDK - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WorldWide Telescope (HKLM-x32\...\{5AAF8C68-9265-437C-8D9A-06EF98F07C09}) (Version: 5.2.09 - WorldWide Telescope)
Xamarin (HKLM-x32\...\{9D5E4FC0-7E1B-4934-8504-C0958FA73EA5}) (Version: 3.11.837.0 - Xamarin)
Средства Windows Phone 8.1 для Visual Studio 2015 — RUS (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
用于 Visual Studio 2015 的 Windows Phone 8.1 工具 - 简体中文 (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
適用於 Visual Studio 2015 的 Windows Phone 8.1 工具 - 繁體中文 (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job =>
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job =>
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job =>
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-12-20 16:35 - 2010-03-15 11:28 - 00052224 _____ () D:\Program Files\WinRAR\rarext64.dll
2013-09-17 17:20 - 2013-02-20 21:58 - 00111176 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2015-09-16 13:12 - 2015-09-16 13:12 - 00043480 _____ () D:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2013-10-03 23:42 - 2013-10-03 23:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-09-17 17:06 - 2013-09-17 17:06 - 01193176 _____ () C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Da befinden sich 7866 mehr Seiten.
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\123simsen.com -> www.123simsen.com
Da befinden sich 7866 mehr Seiten.
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2016-01-26 22:49 - 2016-01-26 22:49 - 00000822 ____A C:\WINDOWS\system32\Drivers\etc\hosts
# ::1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\Eigene\BabylonHG.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\StartupFolder: => "Acer Remote.lnk"
HKLM\...\StartupApproved\Run32: => "EaseUs Tray"
HKLM\...\StartupApproved\Run32: => "EaseUs Watch"
HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\StartupApproved\Run: => "1&1 Internet-Radio-PlayerTimer"
HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_8873E7926251A1FFF25FD5B64C244189"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{28F014DE-230B-4ACF-85F4-2BBC3BF7E7EA}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{3F7AF067-AFDF-4AE0-83A3-5540E5FBF4A1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{7440F1F0-425A-436E-A13A-B542BCAAA3EE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{B40D8E5C-BCEA-4160-814C-E31E19F88B03}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{B55976E3-DF67-44B5-98ED-30A5CFDCC9A8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{FDD9CFEE-2352-40B7-9CC8-FE3191D5F135}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{09196CDB-BC40-445D-9B37-7CFAC14CD519}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{1CB97F0E-B47C-44A8-B226-D99724F87BD3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{A5E80429-ECF5-420E-B98F-B9F097C79910}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{FD179F0B-96BF-48C8-B833-7F6321BEE06C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{98553A38-2649-4D65-9A55-B900E5B5125F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{1DC0BA17-7DCB-4514-B1E0-0C37B9ACC80D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{335BCE54-520B-4275-92E9-AA75B5C7358C}] => (Allow) C:\Users\RudolfAlexander\AppData\Local\Temp\7zS5314\hppiw.exe
FirewallRules: [{75A13A29-16DA-4694-8AED-5B8CB60B74F8}] => (Allow) C:\Users\RudolfAlexander\AppData\Local\Temp\7zS5314\hppiw.exe
FirewallRules: [{1917791C-5683-4E02-B85C-4DB9D0C8B065}] => (Allow) H:\Program Files\EaseUS\Todo Backup\bin\Agent.exe
FirewallRules: [{5229141A-E99B-476C-94E5-BA50228B93F4}] => (Allow) H:\Program Files\EASEUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{22F296FD-1CCD-4ED3-917A-D3959ABF62FA}] => (Allow) H:\Program Files\EASEUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{10BC7E16-FCD6-4770-A50E-AD1BCB95A6E1}] => (Allow) H:\Program Files\EASEUS\Todo Backup\bin\TbService.exe
FirewallRules: [{AF1AD763-1419-4B2B-BD62-131CD2D601F1}] => (Allow) H:\Program Files\EASEUS\Todo Backup\bin\TbService.exe
FirewallRules: [UDP Query User{590AD1C7-4A50-4F88-B7EA-490759C38D80}C:\program files (x86)\acer remote\arcserver.exe] => (Allow) C:\program files (x86)\acer remote\arcserver.exe
FirewallRules: [TCP Query User{1C29AE09-4315-4622-919D-CD2C646D09E8}C:\program files (x86)\acer remote\arcserver.exe] => (Allow) C:\program files (x86)\acer remote\arcserver.exe
FirewallRules: [UDP Query User{35002341-40BD-453E-9FB4-8E77F2E1F501}C:\program files (x86)\acer remote\arcserver.exe] => (Block) C:\program files (x86)\acer remote\arcserver.exe
FirewallRules: [TCP Query User{03D08A97-C2F8-44C5-B5D3-2340505EE555}C:\program files (x86)\acer remote\arcserver.exe] => (Block) C:\program files (x86)\acer remote\arcserver.exe
FirewallRules: [{F8CE7F3C-77A8-4DB2-98CC-D294FEEC3990}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe
FirewallRules: [{727A3365-83ED-42AD-881E-0AB34A286E11}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe
FirewallRules: [{BD1D269F-16F8-45E8-BEC4-35FF4BBD40F1}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe
FirewallRules: [{3A5409F3-908C-4484-86D4-01F5E25697C1}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe
FirewallRules: [{030E7187-1FD8-4E1E-A675-1F4ACD2ABD87}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{6896C87F-2A4B-490C-AD89-09871003F247}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{DF823242-CC34-4F2C-A391-2AA5194142C0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{C8F450ED-851C-43FE-A134-D621CBE99EE0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{B79C3D88-B406-42D3-8E40-6316AA3BCD57}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{D2D0EE2F-64E9-4FD1-B6C6-F14A0C092B0C}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{590A0C7C-A4EE-4BA0-A313-25DD66A0A781}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\PlayMovie.exe
FirewallRules: [{6FEB933F-57CE-4214-A43C-616EDF5951C5}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{1C2B145F-C011-4CF1-B992-F78A27CE4D7E}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{B57679DE-858E-46BA-B56A-7F472BEAE711}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{13B8F977-4B7D-403F-ABB9-4AE55FC860C1}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{81C6F084-57DD-4AFF-9B20-240CAFF8E483}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{2ED67888-28D1-435C-81DF-B726086F74AE}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{7A0E4ED8-681B-43F5-978E-624CF42C4F5A}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{5BA8D653-24F3-48A0-B287-B0AA4385EA0B}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{1A18B3ED-1CBF-4FB1-BE6C-15183FDF7209}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{8FB28222-AC16-4A93-8C36-860F201EC145}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [TCP Query User{A3B7E88D-841E-4817-A1CF-6362D0CCC1B3}I:\programme\microsoft games\age of empires ii\age2_x1\age2_x1.icd] => (Allow) I:\programme\microsoft games\age of empires ii\age2_x1\age2_x1.icd
FirewallRules: [UDP Query User{B4D45677-6B67-4A53-8CDA-6B1D2E8A99A8}I:\programme\microsoft games\age of empires ii\age2_x1\age2_x1.icd] => (Allow) I:\programme\microsoft games\age of empires ii\age2_x1\age2_x1.icd
FirewallRules: [{FACE4B9F-5C89-453B-8048-F842B568F362}] => (Allow) E:\Program Files\Microsoft Visual Studio 11.0\Common7\IDE\WDExpress.exe
FirewallRules: [{831275C3-9860-4DE4-B1AD-F670462D4893}] => (Allow) C:\Users\RudolfAlexander\AppData\Local\Temp\7zS5C6D\hppiw.exe
FirewallRules: [{4B669EE0-A9D1-4F09-89CE-78200F9B29F4}] => (Allow) C:\Users\RudolfAlexander\AppData\Local\Temp\7zS5C6D\hppiw.exe
FirewallRules: [{58C7AE4B-6A3C-4BCF-BF7F-A0911F042250}] => (Allow) C:\Users\RudolfAlexander\AppData\Local\Temp\7zS05FD\hppiw.exe
FirewallRules: [{3BA7B709-2475-43CD-A00E-462A5A44814E}] => (Allow) C:\Users\RudolfAlexander\AppData\Local\Temp\7zS05FD\hppiw.exe
FirewallRules: [{5D6CB60F-618B-4F68-87C8-1BCF9DC20FAC}] => (Allow) C:\Windows\SysWOW64\dplaysvr.exe
FirewallRules: [{BC8474A6-26B9-4472-9517-94BB71305E63}] => (Allow) C:\Windows\SysWOW64\dplaysvr.exe
FirewallRules: [{A345A686-F886-495C-91B1-9C8DC6DA4153}] => (Allow) I:\Programme\Microsoft Games\Age of Empires II\AGE2_X1\age2_x1.Exe
FirewallRules: [{F41A980A-890A-422C-BC01-6A79C5D6B23D}] => (Allow) I:\Programme\Microsoft Games\Age of Empires II\AGE2_X1\age2_x1.Exe
FirewallRules: [TCP Query User{A02D4A8D-D7B3-41CB-8C0F-B74185F91758}I:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.icd] => (Allow) I:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.icd
FirewallRules: [UDP Query User{0B010CEC-220B-41D7-A227-5D983233A0B1}I:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.icd] => (Allow) I:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.icd
FirewallRules: [{0E493143-C7CA-4B97-996D-610F988623AF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{94705516-98C9-4DBF-9645-E47CFFB6AF82}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{0EC2FCD1-5F09-464A-AFF8-92DE47EAE7EB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{45E00A3B-C982-4C28-A2C2-B24090BDF4CF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{7A9790D6-4262-46FD-ADB0-A88824F89C05}] => (Allow) D:\Program Files\Internet-Radio-Player\phonostarStarter.exe
FirewallRules: [{827162A1-098F-4EE6-A015-D2A6F92E6C03}] => (Allow) D:\Program Files\Internet-Radio-Player\phonostarStarter.exe
FirewallRules: [{8587BD94-30AF-4F53-81CD-DC514FCEEF41}] => (Allow) D:\Program Files\Internet-Radio-Player\phonostarStarter.exe
FirewallRules: [{CF120258-7A1A-40C2-96CE-0B703839BA5E}] => (Allow) D:\Program Files\Internet-Radio-Player\phonostarStarter.exe
FirewallRules: [{993D3A54-D83C-4CA7-9E58-3283387A6ABC}] => (Allow) D:\Program Files\JAP\jap.exe
FirewallRules: [{0A97A4C5-0E55-4E5E-845F-487B9D1673B2}] => (Allow) D:\Program Files\JAP\jap.exe
FirewallRules: [{05D91A0A-2D07-48C1-A14C-2B9EC07B4F92}] => (Allow) D:\Program Files\JAP\jap.exe
FirewallRules: [{62414625-DC71-41AF-9521-C4D495E1B7C4}] => (Allow) D:\Program Files\JAP\jap.exe
FirewallRules: [{B24DCB97-E781-45B0-9C7E-BFDC2BB76FF6}] => (Allow) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
FirewallRules: [{343BCB0D-A115-4169-B665-81C778DE589F}] => (Allow) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
FirewallRules: [{8EC0223E-EC1E-4489-B65D-C7CB4DE256DE}] => (Allow) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
FirewallRules: [{BCF9E82D-CC24-42B2-BCB8-4802AB756295}] => (Allow) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
FirewallRules: [{7EDB3FC4-1DDD-40B2-8C21-176A4DED00E4}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe
FirewallRules: [{E97232A3-8073-43E2-9917-D49FE4E1BB01}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe
FirewallRules: [{F4C08DAB-96C0-49C2-A333-CAF8975E9FD1}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe
FirewallRules: [{797EC598-4990-43FA-87A9-C0514F5D929C}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe
FirewallRules: [{DB5AFDC2-664F-41CF-BCA1-33B2518C675F}] => (Allow) D:\Program Files\Lightworks\ntcardvt.exe
FirewallRules: [{E9FF6430-7ACA-4404-8F2D-65855E82C606}] => (Allow) D:\Program Files\Lightworks\ntcardvt.exe
FirewallRules: [{41E8953A-5C23-4B85-93BA-62C33FDC7427}] => (Allow) C:\Users\RudolfAlexander\AppData\Local\Temp\7zS028F\hppiw.exe
FirewallRules: [{36122F37-8231-456B-9607-B5A87FE0EEEE}] => (Allow) C:\Users\RudolfAlexander\AppData\Local\Temp\7zS028F\hppiw.exe
FirewallRules: [{7ADF1E6C-4B4B-4165-ACA2-968577719846}] => (Allow) D:\Program Files\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{7549F9DF-F224-4F24-B542-1B35FDA112D4}] => (Allow) D:\Program Files\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{39330B85-C760-4C1C-ACD4-F79C9550E0C7}] => (Allow) D:\Program Files\pluginwrapper\opera_plugin_wrapper_32.exe
FirewallRules: [{FDF62D83-CB6E-489C-8DF2-BC895F0C2030}] => (Allow) D:\Program Files\pluginwrapper\opera_plugin_wrapper_32.exe
FirewallRules: [{32EDB9AD-3D11-4EAC-9C67-6FCB667B5C14}] => (Allow) D:\Program Files\opera.exe
FirewallRules: [{5FA9E85D-9BFC-43E3-907F-A8757FF89D90}] => (Allow) D:\Program Files\opera.exe
FirewallRules: [{6DCDB633-5F6C-4257-90EF-DFE556C8DCA9}] => (Allow) C:\Users\RudolfAlexander\AppData\Local\Temp\7zS18A4\hppiw.exe
FirewallRules: [{9819ABF1-961A-4946-8854-F1BEDF9B56E5}] => (Allow) C:\Users\RudolfAlexander\AppData\Local\Temp\7zS18A4\hppiw.exe
FirewallRules: [{690A066B-FBC3-457E-8866-AF25A3A0589A}] => (Allow) C:\Users\RudolfAlexander\AppData\Local\Temp\7zS2974\hppiw.exe
FirewallRules: [{1EBC7D26-FE50-400D-B4B4-75AC6B39413A}] => (Allow) C:\Users\RudolfAlexander\AppData\Local\Temp\7zS2974\hppiw.exe
FirewallRules: [TCP Query User{4B86C128-5107-4363-AC19-C5FA36465EA0}I:\program files\microsoft games\age of empires ii\age2_x1\age2_x2.exe] => (Allow) I:\program files\microsoft games\age of empires ii\age2_x1\age2_x2.exe
FirewallRules: [UDP Query User{5DFE83D5-835F-4683-9A5C-E6328CD9EC3B}I:\program files\microsoft games\age of empires ii\age2_x1\age2_x2.exe] => (Allow) I:\program files\microsoft games\age of empires ii\age2_x1\age2_x2.exe
FirewallRules: [{5656CEE0-F8E9-4855-B8AF-000CF4149F70}] => (Allow) D:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [{2EBCE465-408E-4F12-845C-8628440EFBC6}] => (Allow) D:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [{7E16960D-9B9F-4A0F-A47C-3D2777B43B4D}] => (Allow) D:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{38048089-9E32-4B04-8D66-D52FB58F7574}] => (Allow) D:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{4D6F0F96-700F-4928-B84B-9D6C4B4CAD6D}] => (Allow) D:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{4F07AAD3-A3B4-4E19-9953-19A16990F0DF}] => (Allow) D:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{F96DD952-B15E-424D-A717-F50BF4DC84DF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7D0A1B7F-FE37-4B25-BD20-4FCE7DD06914}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{2C193D0E-6E3F-498B-AF16-C250C26BC7BA}D:\program files\microsoft research\microsoft worldwide telescope\wwtexplorer.exe] => (Allow) D:\program files\microsoft research\microsoft worldwide telescope\wwtexplorer.exe
FirewallRules: [UDP Query User{3D72D360-45EF-4D3A-8E09-EC6EB03BA86D}D:\program files\microsoft research\microsoft worldwide telescope\wwtexplorer.exe] => (Allow) D:\program files\microsoft research\microsoft worldwide telescope\wwtexplorer.exe
FirewallRules: [{2AD4F1D9-7E36-4193-9313-5DEA07630321}] => (Allow) C:\Users\RudolfAlexander\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{8BD918FB-4CBA-44EC-80B9-91D86065FF09}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{94008313-981D-46F6-AC80-423F35D60837}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{7ECD8FE1-A1FD-4B57-8F46-AA17751F56D3}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{3D5D79AC-062A-489D-9913-3B678B26D972}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{EDA65F68-3A98-44CA-B9B4-F9DE43330F7C}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{AE4F2305-115F-4E44-868A-76F1D59DDA6E}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{ED027693-62EE-47F6-BBCE-A0623395610E}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{ECEB4C4A-0D28-422C-9F1B-EB1B1AA6FD63}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{E6D13397-7811-4430-A919-DF425B2B21A7}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{DE83BA7E-C1BB-4466-BCA3-8EECDAD4257E}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{6A79F00C-7D41-49F7-8009-F3E728CC1331}] => (Allow) D:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{393E28F3-9B19-4306-89AB-5C4EA09D06B1}] => (Allow) D:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{4C6DB319-5454-4DD1-BB6B-47FC7658BC96}] => (Allow) D:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper_32.exe
FirewallRules: [{825591BA-72C7-4EF5-90CA-84047CF1E966}] => (Allow) D:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper_32.exe
FirewallRules: [{4F52405F-0D82-4964-83E3-2834A50E65B4}] => (Allow) D:\Program Files\Opera\opera.exe
FirewallRules: [{A20FB031-BC47-4C1A-95AB-1F67BA7BC97C}] => (Allow) D:\Program Files\Opera\opera.exe
FirewallRules: [TCP Query User{083415FB-4C92-4C01-A9D7-555131751228}D:\program files\microsoft research\wwtexplorer.exe] => (Allow) D:\program files\microsoft research\wwtexplorer.exe
FirewallRules: [UDP Query User{2F767CBE-B792-4C81-B854-BBA72810F303}D:\program files\microsoft research\wwtexplorer.exe] => (Allow) D:\program files\microsoft research\wwtexplorer.exe
FirewallRules: [{DF33D451-0625-4FCF-97E2-072ABBB5ED5F}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{7BC0CCF5-CE4F-40D1-B639-FCED55DEE350}] => (Allow) C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{EC62D032-4D4F-4682-BCE8-60C1F2A35660}C:\program files\java\jre1.8.0_65\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_65\bin\javaw.exe
FirewallRules: [UDP Query User{BF47679A-4D0E-48DA-B09B-0D6C9777D9D8}C:\program files\java\jre1.8.0_65\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_65\bin\javaw.exe
FirewallRules: [TCP Query User{8AAC9022-3498-469D-8638-5606E8181247}D:\apache24\bin\httpd.exe] => (Allow) D:\apache24\bin\httpd.exe
FirewallRules: [UDP Query User{27ABF644-C24B-418F-A091-09D3FB56A0DD}D:\apache24\bin\httpd.exe] => (Allow) D:\apache24\bin\httpd.exe
FirewallRules: [{8F7E01E8-ED50-4C24-8A3C-D2CB7FD6136A}] => (Allow) D:\Programme\MariaDB 10.1\bin\mysqld.exe
FirewallRules: [{26029818-64E6-4F94-9E87-6145F55AAD41}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
Überprüfen Sie den "winmgmt" Dienst oder reparieren Sie den WMI.
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/02/2016 01:45:48 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (02/02/2016 01:45:48 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (02/02/2016 01:44:30 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (02/02/2016 01:44:30 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (02/02/2016 11:18:39 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FarbarRecoveryScanTool64.exe, Version 3.3.14.2 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1814
Startzeit: 01d15da3034a5ae1
Endzeit: 0
Anwendungspfad: D:\Sicherung\Downloads\Microsoft\Tools\MalwareTools\FarbarRST\FarbarRecoveryScanTool64.exe
Berichts-ID: 5183d21c-c996-11e5-befb-7427ea2d679e
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (02/02/2016 11:15:54 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FarbarRecoveryScanTool64.exe, Version 3.3.14.2 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1bf0
Startzeit: 01d15da2a5996684
Endzeit: 0
Anwendungspfad: D:\Sicherung\Downloads\Microsoft\Tools\MalwareTools\FarbarRST\FarbarRecoveryScanTool64.exe
Berichts-ID: eebf6ade-c995-11e5-befb-7427ea2d679e
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (02/02/2016 11:14:29 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (02/02/2016 11:14:28 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (02/01/2016 02:57:14 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Pandora)
Description: Bei der Aktivierung der App „Microsoft.MicrosoftMahjong_8wekyb3d8bbwe!MicrosoftMahjong“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (01/31/2016 02:59:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Pandora)
Description: Bei der Aktivierung der App „Microsoft.MicrosoftMahjong_8wekyb3d8bbwe!MicrosoftMahjong“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Systemfehler:
=============
Error: (02/02/2016 01:41:18 PM) (Source: DCOM) (EventID: 10016) (User: Pandora)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}PandoraHeinzS-1-5-21-2932333098-1933949563-2559224823-1004LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (02/02/2016 01:40:02 PM) (Source: DCOM) (EventID: 10016) (User: Pandora)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}PandoraHeinzS-1-5-21-2932333098-1933949563-2559224823-1004LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (02/02/2016 01:39:57 PM) (Source: DCOM) (EventID: 10016) (User: Pandora)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}PandoraHeinzS-1-5-21-2932333098-1933949563-2559224823-1004LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (02/02/2016 12:48:08 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 20.
Error: (02/02/2016 12:41:14 PM) (Source: DCOM) (EventID: 10016) (User: Pandora)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}PandoraHeinzS-1-5-21-2932333098-1933949563-2559224823-1004LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (02/02/2016 12:41:10 PM) (Source: DCOM) (EventID: 10016) (User: Pandora)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}PandoraHeinzS-1-5-21-2932333098-1933949563-2559224823-1004LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (02/02/2016 12:41:02 PM) (Source: DCOM) (EventID: 10016) (User: Pandora)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}PandoraHeinzS-1-5-21-2932333098-1933949563-2559224823-1004LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (02/02/2016 11:17:44 AM) (Source: DCOM) (EventID: 10016) (User: Pandora)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}PandoraHeinzS-1-5-21-2932333098-1933949563-2559224823-1004LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (02/02/2016 11:17:40 AM) (Source: DCOM) (EventID: 10016) (User: Pandora)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}PandoraHeinzS-1-5-21-2932333098-1933949563-2559224823-1004LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (02/02/2016 11:17:40 AM) (Source: DCOM) (EventID: 10016) (User: Pandora)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}PandoraHeinzS-1-5-21-2932333098-1933949563-2559224823-1004LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
CodeIntegrity:
===================================
Date: 2016-01-26 15:47:40.625
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-26 15:47:40.437
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-26 15:47:40.187
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-26 15:47:40.000
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-25 00:23:33.871
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-25 00:23:33.684
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-25 00:23:33.496
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-25 00:23:32.793
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-25 00:23:32.527
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-25 00:23:32.277
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i3-3240 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 44%
Installierter physikalischer RAM: 3976.74 MB
Verfügbarer physikalischer RAM: 2188.54 MB
Summe virtueller Speicher: 5101.27 MB
Verfügbarer virtueller Speicher: 1736.6 MB
==================== Laufwerke ================================
Drive c: (MARILYN MONROE) (Fixed) (Total:223.25 GB) (Free:139 GB) NTFS
Drive d: (KASSANDRA) (Fixed) (Total:224.36 GB) (Free:165.57 GB) NTFS
Drive e: (LYNKEUS) (Fixed) (Total:118.54 GB) (Free:75.97 GB) NTFS
Drive f: (CORIOLANUS) (Fixed) (Total:117.19 GB) (Free:60.49 GB) NTFS
Drive g: (VERDANDI) (Fixed) (Total:102.54 GB) (Free:74.59 GB) NTFS
Drive h: (MESSALINA) (Fixed) (Total:97.85 GB) (Free:75.65 GB) NTFS
Drive i: (PYTHIA) (Fixed) (Total:10.07 GB) (Free:5.88 GB) FAT32
Drive j: (NIFLHEIM) (Fixed) (Total:8.42 GB) (Free:8.35 GB) NTFS
Drive l: (WAGNOFF) (Fixed) (Total:1.98 GB) (Free:1.98 GB) FAT32
Drive m: (ANUBIS) (Fixed) (Total:2.05 GB) (Free:2.05 GB) FAT32
==================== MBR & Partitionstabelle ==================
==================== Ende von Addition.txt ============================
|
|
11.02.2016, 22:13
| #13 |
| | "nbi cleaner" ist wieder/noch da Addition4.txt Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:27-01-2016
durchgeführt von Heinz (2016-02-10 22:55:29)
Gestartet von D:\Sicherung\Downloads\Microsoft\MalwareTools\FarbarRST
Windows 8.1 (X64) (2013-12-22 12:53:45)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2932333098-1933949563-2559224823-500 - Administrator - Disabled)
Gast (S-1-5-21-2932333098-1933949563-2559224823-501 - Limited - Disabled)
Heinz (S-1-5-21-2932333098-1933949563-2559224823-1004 - Limited - Enabled) => C:\Users\Heinz
Rudolf (S-1-5-21-2932333098-1933949563-2559224823-1001 - Administrator - Enabled) => C:\Users\Rudolf
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Emsisoft Anti-Malware (Enabled - Up to date) {15510D9D-6530-DA29-224F-7BA1BDD1CB58}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {AE30EC79-430A-D5A7-18FF-40D3C65681E5}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
ACDSee Trial Version (HKLM-x32\...\ACDSee Trial Version) (Version: - )
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3012 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2021 - Acer Incorporated)
aDF4de (HKLM\...\{d1e17d14-cabc-4f6f-9f46-c7ecf813645e}.sdb) (Version: - )
Adobe Acrobat 8 Professional - English, Français, Deutsch (HKLM-x32\...\Adobe Acrobat 8 Professional - English, Français, Deutsch) (Version: 8.0.0 - Adobe Systems)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe InDesign CS2 (HKLM-x32\...\Adobe InDesign CS2 - {7F4C8163-F259-49A0-A018-2857A90578BC}) (Version: 004.000.000 - Adobe Systems Incorporated)
Adobe Photoshop 7.0.1 (HKLM-x32\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Photoshop Elements 5.0 (HKLM-x32\...\Adobe Photoshop Elements 5) (Version: 5.0 - Adobe Systems, Inc.)
Adobe Premiere Pro 2.0 (HKLM-x32\...\Adobe Premiere Pro 2.0) (Version: 2.000.000 - Adobe Systems, Inc.)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Any Video Converter 5.8.6 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Application Insights Tools for Visual Studio 2015 (x32 Version: 3.3.1 - Microsoft Corporation) Hidden
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Avidemux 2.6 - 64bits (HKLM-x32\...\Avidemux 2.6 - 64bits (64-bit)) (Version: 2.6.8.9045 - )
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.51210.80 - Microsoft Corporation) Hidden
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Blend for Visual Studio Add-in for Adobe FXG Import (x32 Version: 1.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blender (HKLM\...\{87E4F4E2-99A4-44C6-9175-9FF2773E46CF}) (Version: 2.76.0 - Blender Foundation)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Build Tools for Windows 10 (x32 Version: 14.0.23309 - Microsoft Corporation) Hidden
Buildtools für Windows 10 - DEU (x32 Version: 14.0.23309 - Microsoft Corporation) Hidden
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5931 - CDBurnerXP)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
CodedUITestUAP (x32 Version: 14.0.23309 - Microsoft Corporation) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Corel Applications (HKLM-x32\...\Corel Applications) (Version: - )
CPUID CPU-Z 1.74 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CrystalDiskInfo 6.5.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.5.2 - Crystal Dew World)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Devenv-Ressourcen für Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4200_Software_Min (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Dotfuscator and Analytics Community Edition 5.18.1 (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack 5.18.1 de-DE (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
DVD slideshow GUI 0.9.5.4 (HKLM-x32\...\BE37E547-62DF-43C8-AE6A-D03E82BC67A2_is1) (Version: 0.9.5.4 - Tin2tin)
EaseUS Partition Master 10.8 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
EaseUS Todo Backup Free 8.2 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 8.2 - CHENGDU YIWO Tech Development Co., Ltd)
Emsisoft Anti-Malware (HKLM\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 11.0 - Emsisoft Ltd.)
Entity Framework 6.1.3 Tools for Visual Studio 2015 (HKLM-x32\...\{1A8A9739-BAD7-491F-B5B9-A79A2B965422}) (Version: 14.0.40302.0 - Microsoft Corporation)
Entity Framework Designer für Visual Studio 2012 - DEU (HKLM-x32\...\{B2BDC072-BE01-432D-B281-30891D597FBB}) (Version: 11.1.30729.00 - Microsoft Corporation)
Eraser 6.0.10.2620 (HKLM\...\{6E5159B4-A519-41EF-80EF-AD58371515DF}) (Version: 6.0.2620 - The Eraser Project)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{70D065C3-77E5-45E9-A75C-EEB2E84EA869}) (Version: 11.0.2100.60 - Microsoft Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
F4200 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
FastStone Capture 5.3 (HKLM-x32\...\FastStone Capture) (Version: 5.3 - FastStone Soft)
Ferramentas do Windows Phone 8.1 para Visual Studio 2015 - PTB (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
FFmpeg (Windows) for Audacity Version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
FileZilla Client 3.14.0 (HKLM-x32\...\FileZilla Client) (Version: 3.14.0 - Tim Kosse)
FinePixViewer Resource (HKLM-x32\...\{B44529FF-501E-47CD-A06D-223C161BE058}) (Version: 1.2 - FUJIFILM Corporation)
FinePixViewer Ver.5.5 (HKLM-x32\...\{24ED4D80-8294-11D5-96CD-0040266301AD}) (Version: 5.5 - FUJIFILM Corporation)
FinePixViewer YTUPL (HKLM-x32\...\{65EB09A3-993B-401E-8936-C9708CBFAB26}) (Version: 1.0 - FUJIFILM Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.2.5.930 - Foxit Software Inc.)
Free Dailymotion Download version 1.0.36.1215 (HKLM-x32\...\Free Dailymotion Download_is1) (Version: 1.0.36.1215 - DVDVideoSoft Ltd.)
Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2015 Sprachpaket (DEU) - v1.5 (x32 Version: 1.5.30619.1602 - Microsoft Corporation) Hidden
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Git version 1.9.5-preview20141217 (HKLM-x32\...\Git_is1) (Version: 1.9.5-preview20141217 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Greenfish Icon Editor Pro 3.31 (HKLM-x32\...\{27135B83-5AFF-42A3-BCEB-E689BE9E2090}_is1) (Version: - Greenfish Corporation)
GUI for dvdauthor 1.07 (HKLM-x32\...\GUI for dvdauthor) (Version: 1.07 - Boraxsoft)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
Helix YUV Codecs (remove only) (HKLM-x32\...\HelixYUVCodecs) (Version: - )
Herramientas de Windows Phone 8.1 para Visual Studio 2015 - ESN (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
Honeyview (HKLM\...\Honeyview) (Version: 5.05 - Bandisoft.com)
Hotkey Utility (HKLM-x32\...\{A6DC88AD-501A-44BC-884D-57435F972E2C}) (Version: 3.00.3004 - Acer Incorporated)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F4200 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{8C925017-72A8-4C4A-AF21-84901E26638F}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
i686-5.2.0-posix-dwarf-rt_v4-rev0 (HKLM-x32\...\i686-5.2.0-posix-dwarf-rt_v4-rev0) (Version: - MinGW-W64)
IDE Tools for Windows 10 (x32 Version: 14.0.23309 - Microsoft Corporation) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
IDE-Tools für Windows 10 - DEU (x32 Version: 14.0.23309 - Microsoft Corporation) Hidden
IIS 10.0 Express (HKLM\...\{5984D8DA-C1AF-4284-9C88-D7150425B315}) (Version: 10.0.1734 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - )
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.5.0 - LIGHTNING UK!)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3316 - Intel Corporation)
Intel(R) Programm für die Prozessorerkennung (HKLM-x32\...\{A92A4DB0-CD37-42D1-BE1D-603D53C24328}) (Version: 1.0.0.0 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intellisense Lang Pack Mobile Extension SDK 10.0.10240.0 (x32 Version: 10.0.10240.0 - Microsoft Corporation) Hidden
JAP (HKLM-x32\...\JAP) (Version: 00.19.001 - JAP-Team)
Java 8 Update 74 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418074F0}) (Version: 8.0.740.2 - Oracle Corporation)
Java SE Development Kit 8 Update 74 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180740}) (Version: 8.0.740.2 - Oracle Corporation)
jEdit 5.3.0 (HKLM\...\jEdit_is1) (Version: 5.3.0 - Contributors)
Kits Configuration Installer (x32 Version: 10.0.26624 - Microsoft) Hidden
LADSPA_plugins-win-0.4.15 (HKLM-x32\...\LADSPA_plugins-win_is1) (Version: - Audacity Team)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3008 - Acer Incorporated)
Macromedia Director 7 (HKLM-x32\...\Macromedia Director 7) (Version: - )
Macromedia HomeSite 5 (HKLM-x32\...\{74307C3F-EBD4-11D4-A4D9-0010A4C3AFF0}) (Version: - )
MariaDB 10.1 (x64) (HKLM\...\MariaDB 10.1 (x64)) (Version: 10.1.10.0 - MariaDB Corporation Ab)
MariaDB 10.1 (x64) (Version: 10.1.10.0 - MariaDB Corporation Ab) Hidden
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{98B45D1C-6EB1-460D-A87D-2B60678DC105}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft Age of Empires (HKLM-x32\...\Age of Empires) (Version: - )
Microsoft Age of Empires Expansion (HKLM-x32\...\Age of Empires Expansion 1.0) (Version: - )
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version: - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version: - )
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 Language Pack - DEU (HKLM-x32\...\Microsoft Help Viewer 2.0 Language Pack - DEU) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office XP Professional mit FrontPage (HKLM-x32\...\{90280407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2701.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\OneDriveSetup.exe) (Version: 17.3.6281.1202 - Microsoft Corporation)
Microsoft Silverlight 5 SDK - DEU (HKLM-x32\...\{F351AA2C-723C-4CFE-A7CB-8E43AB164F7F}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{EF18EF0F-96D3-4A6B-9600-2197F1720A15}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{6B7B7E62-9F56-4C87-8664-0E20F2CAB03B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{D4DA7C91-A59F-4C72-BAC4-DF7C76AB1CB8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{55FABD1D-8BE6-4A1A-958D-52B15F1DFEF0}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{13C9CD03-A5FE-4F50-AC8A-17B77C38CC52}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{28C7A4BB-3966-4373-8376-C11F38290630}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (11.1.20828.01) (HKLM-x32\...\{E511AE89-54BB-481D-BC4A-1B1F1E1B7693}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (14.0.50616.0) (HKLM-x32\...\{FA604873-01A0-4834-AF87-418534E465BB}) (Version: 14.0.50616.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (11.1.20828.01) (HKLM-x32\...\{00C84D22-DB8F-4159-BF70-682B8EA56A1E}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server*2014 Express LocalDB (HKLM\...\{CA191120-4CB1-4E3D-89B8-79FDB9017A2E}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Virtual PC 2007 SP1 (HKLM\...\{AD483998-2E9A-4405-83FF-6E503AF49CBB}) (Version: 6.0.192.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2015 SDK - ENU (HKLM-x32\...\{028a4515-c200-4460-bccf-a9b338b0c0f4}) (Version: 14.0.23107.10 - Microsoft Corporation)
Microsoft Visual Studio Code (HKLM-x32\...\{F8A2A208-72B3-4D61-95FC-8A65D340689B}_is1) (Version: 0.10.1 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 (HKLM-x32\...\{5944afa8-29ae-4a05-ab68-30c0dfab197e}) (Version: 14.0.23107.156 - Microsoft Corporation)
Microsoft Visual Studio Express 2012 für Windows Desktop - DEU (HKLM-x32\...\{69ec32be-d994-44de-9eae-6d86ced6f352}) (Version: 11.0.50727.42 - Microsoft Corporation)
Microsoft Visual Studio Tools for Apache Cordova (HKLM-x32\...\{2035a5cc-fa3e-41a8-a718-0feaa2ae94eb}) (Version: 14.0.50902.4 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{4C0B27C3-3E8F-4BD2-80FF-6E9E48EBD6D8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{64A5D39C-95CD-4B8B-B2FA-6C713133B57F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{63967E7E-5D53-42FA-A7B2-DC50FB0F976F}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{2ADB6B9D-83C6-494E-B8AE-E815956A4670}) (Version: 12.0.2402.11 - Microsoft Corporation)
Mit C# erstellte geräteübergreifende Hybrid-Apps - Vorlagen - DEU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla)
Mozilla Thunderbird 38.5.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.5.1 (x86 de)) (Version: 38.5.1 - Mozilla)
MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
Nástroje Windows Phone 8.1 pro sadu Visual Studio 2015 – CSY (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
Nmap 7.00 (HKLM-x32\...\Nmap) (Version: - )
Node.js (HKLM-x32\...\{69735668-F8BC-4E9A-839A-4006FDFDD5AC}) (Version: 0.12.2 - Joyent, Inc. and other Node contributors)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.8 - Notepad++ Team)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera 12.17 (HKLM\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Oracle VM VirtualBox 5.0.14 (HKLM\...\{82022940-639B-48A3-86D9-B139864105F7}) (Version: 5.0.14 - Oracle Corporation)
Outils Windows Phone*8.1 pour Visual Studio*2015 - FRA (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM-x32\...\{3F514FDC-F0F2-3B99-86D6-F7B3A2679B39}) (Version: 4.5.51209 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6 (Deutsch) (HKLM-x32\...\{7227EFF8-BC26-44D4-B91D-969A82DBDF4A}) (Version: 4.6.00081 - Microsoft Corporation)
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Projekt- und Elementvorlagen für Visual Studio Express 2015 für Windows 10 – DEU (x32 Version: 14.0.23309 - Microsoft Corporation) Hidden
Projekt- und Elementvorlagen für Visual Studio Professional 2015 – DEU (x32 Version: 14.0.23309 - Microsoft Corporation) Hidden
Python Tools 2.2 for Visual Studio 2015 (HKLM-x32\...\{DE3F045F-57D5-4DAF-A479-DB759047966B}) (Version: 2.2.30718.00 - Microsoft Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6680 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.2.2.0 - Lenovo Group Limited)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Strawberry Perl (64-bit) (HKLM\...\{C450F47E-72FF-1014-BC43-0A7831843670}) (Version: 5.22.1002 - strawberryperl.com project)
Strumenti di Windows Phone 8.1 per Visual Studio 2015 - ITA (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.23102 - Microsoft Corporation) Hidden
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
TextPad 7 (HKLM-x32\...\{9F53AC20-2D32-4341-9DA1-29DD40E2199E}) (Version: 7.0.9 - Helios)
Tool zum Entfernen verborgener Daten (HKLM-x32\...\{90F80407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.6361.0 - Microsoft Corporation)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TopStyle Lite (Version 3.0) (HKLM-x32\...\TopStyle Lite (Version 3.0)) (Version: 3.1.0 - Bradbury Software, LLC)
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
TypeScript Power Tool (x32 Version: 1.6.3.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.6.3.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 1.6.3.0 (HKLM-x32\...\{da31aa25-410a-4c1b-9ec0-114dd8dff786}) (Version: 1.6.23313.0 - Microsoft Corporation)
Universal CRT Extension SDK (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Redistributable (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VBA (2720) (x32 Version: 6.01.00.1234 - Microsoft Corporation) Hidden
Visual C++ für Mobile-Entwicklung (Android-Unterstützung) (HKLM-x32\...\{fd8b6372-b8b3-4a14-bb21-fbc5cb94f7ac}) (Version: 14.0.23027.0 - Microsoft Corporation)
Visual C++ für Mobile-Entwicklung (iOS-Unterstützung) (HKLM-x32\...\{8fd9a549-20ac-4daf-8da3-c54b6621ac29}) (Version: 14.0.23027.0 - Microsoft Corporation)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio 2012 Update 4 (KB2707250) (HKLM-x32\...\{312d9252-c71c-4c84-b171-f4ad46e22098}) (Version: 11.0.61030 - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WCF Data Services 5.6.4 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Phone 8.1 Emulators - ENU (HKLM-x32\...\{166a69f6-6512-47ea-a342-17d954fc059a}) (Version: 12.0.31010.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.26624 (HKLM-x32\...\{e7a0c8b6-b0e9-41e2-8a0a-a6784f88d1d4}) (Version: 10.0.26624 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
WinRT Intellisense Desktop - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense Xbox Live Extension SDK - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WinRT Intellisense Xbox Live Extension SDK - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
WorldWide Telescope (HKLM-x32\...\{5AAF8C68-9265-437C-8D9A-06EF98F07C09}) (Version: 5.2.09 - WorldWide Telescope)
Xamarin (HKLM-x32\...\{9D5E4FC0-7E1B-4934-8504-C0958FA73EA5}) (Version: 3.11.837.0 - Xamarin)
???????? Windows Phone 8.1 ??? Visual Studio 2015 — RUS (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
?? Visual Studio 2015 ? Windows Phone 8.1 ?? - ???? (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
??? Visual Studio 2015 ? Windows Phone 8.1 ?? - ???? (x32 Version: 14.0.23311 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job =>
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job =>
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job =>
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-09-17 17:20 - 2013-02-20 21:58 - 00111176 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2015-09-16 13:12 - 2015-09-16 13:12 - 00043480 _____ () D:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2013-10-03 23:42 - 2013-10-03 23:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-09-17 17:06 - 2013-09-17 17:06 - 01193176 _____ () C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\15194178.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\15194178.sys => ""="Driver"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Da befinden sich 7866 mehr Seiten.
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\123simsen.com -> www.123simsen.com
Da befinden sich 7866 mehr Seiten.
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2016-01-26 22:49 - 2016-01-26 22:49 - 00000822 ____A C:\WINDOWS\system32\Drivers\etc\hosts
# ::1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\Eigene\BabylonHG.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\StartupFolder: => "Acer Remote.lnk"
HKLM\...\StartupApproved\Run32: => "EaseUs Tray"
HKLM\...\StartupApproved\Run32: => "EaseUs Watch"
HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\StartupApproved\Run: => "1&1 Internet-Radio-PlayerTimer"
HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_8873E7926251A1FFF25FD5B64C244189"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{28F014DE-230B-4ACF-85F4-2BBC3BF7E7EA}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{3F7AF067-AFDF-4AE0-83A3-5540E5FBF4A1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{7440F1F0-425A-436E-A13A-B542BCAAA3EE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{B40D8E5C-BCEA-4160-814C-E31E19F88B03}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{B55976E3-DF67-44B5-98ED-30A5CFDCC9A8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{FDD9CFEE-2352-40B7-9CC8-FE3191D5F135}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{09196CDB-BC40-445D-9B37-7CFAC14CD519}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{1CB97F0E-B47C-44A8-B226-D99724F87BD3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{A5E80429-ECF5-420E-B98F-B9F097C79910}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{FD179F0B-96BF-48C8-B833-7F6321BEE06C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{98553A38-2649-4D65-9A55-B900E5B5125F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{1DC0BA17-7DCB-4514-B1E0-0C37B9ACC80D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{335BCE54-520B-4275-92E9-AA75B5C7358C}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS5314\hppiw.exe
FirewallRules: [{75A13A29-16DA-4694-8AED-5B8CB60B74F8}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS5314\hppiw.exe
FirewallRules: [{1917791C-5683-4E02-B85C-4DB9D0C8B065}] => (Allow) H:\Program Files\EaseUS\Todo Backup\bin\Agent.exe
FirewallRules: [{5229141A-E99B-476C-94E5-BA50228B93F4}] => (Allow) H:\Program Files\EASEUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{22F296FD-1CCD-4ED3-917A-D3959ABF62FA}] => (Allow) H:\Program Files\EASEUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{10BC7E16-FCD6-4770-A50E-AD1BCB95A6E1}] => (Allow) H:\Program Files\EASEUS\Todo Backup\bin\TbService.exe
FirewallRules: [{AF1AD763-1419-4B2B-BD62-131CD2D601F1}] => (Allow) H:\Program Files\EASEUS\Todo Backup\bin\TbService.exe
FirewallRules: [UDP Query User{590AD1C7-4A50-4F88-B7EA-490759C38D80}C:\program files (x86)\acer remote\arcserver.exe] => (Allow) C:\program files (x86)\acer remote\arcserver.exe
FirewallRules: [TCP Query User{1C29AE09-4315-4622-919D-CD2C646D09E8}C:\program files (x86)\acer remote\arcserver.exe] => (Allow) C:\program files (x86)\acer remote\arcserver.exe
FirewallRules: [UDP Query User{35002341-40BD-453E-9FB4-8E77F2E1F501}C:\program files (x86)\acer remote\arcserver.exe] => (Block) C:\program files (x86)\acer remote\arcserver.exe
FirewallRules: [TCP Query User{03D08A97-C2F8-44C5-B5D3-2340505EE555}C:\program files (x86)\acer remote\arcserver.exe] => (Block) C:\program files (x86)\acer remote\arcserver.exe
FirewallRules: [{F8CE7F3C-77A8-4DB2-98CC-D294FEEC3990}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe
FirewallRules: [{727A3365-83ED-42AD-881E-0AB34A286E11}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe
FirewallRules: [{BD1D269F-16F8-45E8-BEC4-35FF4BBD40F1}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe
FirewallRules: [{3A5409F3-908C-4484-86D4-01F5E25697C1}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe
FirewallRules: [{030E7187-1FD8-4E1E-A675-1F4ACD2ABD87}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{6896C87F-2A4B-490C-AD89-09871003F247}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{DF823242-CC34-4F2C-A391-2AA5194142C0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{C8F450ED-851C-43FE-A134-D621CBE99EE0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{B79C3D88-B406-42D3-8E40-6316AA3BCD57}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{D2D0EE2F-64E9-4FD1-B6C6-F14A0C092B0C}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{590A0C7C-A4EE-4BA0-A313-25DD66A0A781}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\PlayMovie.exe
FirewallRules: [{6FEB933F-57CE-4214-A43C-616EDF5951C5}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{1C2B145F-C011-4CF1-B992-F78A27CE4D7E}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{B57679DE-858E-46BA-B56A-7F472BEAE711}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{13B8F977-4B7D-403F-ABB9-4AE55FC860C1}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{81C6F084-57DD-4AFF-9B20-240CAFF8E483}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{2ED67888-28D1-435C-81DF-B726086F74AE}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{7A0E4ED8-681B-43F5-978E-624CF42C4F5A}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{5BA8D653-24F3-48A0-B287-B0AA4385EA0B}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{1A18B3ED-1CBF-4FB1-BE6C-15183FDF7209}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{8FB28222-AC16-4A93-8C36-860F201EC145}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [TCP Query User{A3B7E88D-841E-4817-A1CF-6362D0CCC1B3}I:\programme\microsoft games\age of empires ii\age2_x1\age2_x1.icd] => (Allow) I:\programme\microsoft games\age of empires ii\age2_x1\age2_x1.icd
FirewallRules: [UDP Query User{B4D45677-6B67-4A53-8CDA-6B1D2E8A99A8}I:\programme\microsoft games\age of empires ii\age2_x1\age2_x1.icd] => (Allow) I:\programme\microsoft games\age of empires ii\age2_x1\age2_x1.icd
FirewallRules: [{FACE4B9F-5C89-453B-8048-F842B568F362}] => (Allow) E:\Program Files\Microsoft Visual Studio 11.0\Common7\IDE\WDExpress.exe
FirewallRules: [{831275C3-9860-4DE4-B1AD-F670462D4893}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS5C6D\hppiw.exe
FirewallRules: [{4B669EE0-A9D1-4F09-89CE-78200F9B29F4}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS5C6D\hppiw.exe
FirewallRules: [{58C7AE4B-6A3C-4BCF-BF7F-A0911F042250}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS05FD\hppiw.exe
FirewallRules: [{3BA7B709-2475-43CD-A00E-462A5A44814E}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS05FD\hppiw.exe
FirewallRules: [{5D6CB60F-618B-4F68-87C8-1BCF9DC20FAC}] => (Allow) C:\Windows\SysWOW64\dplaysvr.exe
FirewallRules: [{BC8474A6-26B9-4472-9517-94BB71305E63}] => (Allow) C:\Windows\SysWOW64\dplaysvr.exe
FirewallRules: [{A345A686-F886-495C-91B1-9C8DC6DA4153}] => (Allow) I:\Programme\Microsoft Games\Age of Empires II\AGE2_X1\age2_x1.Exe
FirewallRules: [{F41A980A-890A-422C-BC01-6A79C5D6B23D}] => (Allow) I:\Programme\Microsoft Games\Age of Empires II\AGE2_X1\age2_x1.Exe
FirewallRules: [TCP Query User{A02D4A8D-D7B3-41CB-8C0F-B74185F91758}I:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.icd] => (Allow) I:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.icd
FirewallRules: [UDP Query User{0B010CEC-220B-41D7-A227-5D983233A0B1}I:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.icd] => (Allow) I:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.icd
FirewallRules: [{0E493143-C7CA-4B97-996D-610F988623AF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{94705516-98C9-4DBF-9645-E47CFFB6AF82}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{0EC2FCD1-5F09-464A-AFF8-92DE47EAE7EB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{45E00A3B-C982-4C28-A2C2-B24090BDF4CF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{7A9790D6-4262-46FD-ADB0-A88824F89C05}] => (Allow) D:\Program Files\Internet-Radio-Player\phonostarStarter.exe
FirewallRules: [{827162A1-098F-4EE6-A015-D2A6F92E6C03}] => (Allow) D:\Program Files\Internet-Radio-Player\phonostarStarter.exe
FirewallRules: [{8587BD94-30AF-4F53-81CD-DC514FCEEF41}] => (Allow) D:\Program Files\Internet-Radio-Player\phonostarStarter.exe
FirewallRules: [{CF120258-7A1A-40C2-96CE-0B703839BA5E}] => (Allow) D:\Program Files\Internet-Radio-Player\phonostarStarter.exe
FirewallRules: [{993D3A54-D83C-4CA7-9E58-3283387A6ABC}] => (Allow) D:\Program Files\JAP\jap.exe
FirewallRules: [{0A97A4C5-0E55-4E5E-845F-487B9D1673B2}] => (Allow) D:\Program Files\JAP\jap.exe
FirewallRules: [{05D91A0A-2D07-48C1-A14C-2B9EC07B4F92}] => (Allow) D:\Program Files\JAP\jap.exe
FirewallRules: [{62414625-DC71-41AF-9521-C4D495E1B7C4}] => (Allow) D:\Program Files\JAP\jap.exe
FirewallRules: [{B24DCB97-E781-45B0-9C7E-BFDC2BB76FF6}] => (Allow) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
FirewallRules: [{343BCB0D-A115-4169-B665-81C778DE589F}] => (Allow) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
FirewallRules: [{8EC0223E-EC1E-4489-B65D-C7CB4DE256DE}] => (Allow) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
FirewallRules: [{BCF9E82D-CC24-42B2-BCB8-4802AB756295}] => (Allow) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
FirewallRules: [{7EDB3FC4-1DDD-40B2-8C21-176A4DED00E4}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe
FirewallRules: [{E97232A3-8073-43E2-9917-D49FE4E1BB01}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe
FirewallRules: [{F4C08DAB-96C0-49C2-A333-CAF8975E9FD1}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe
FirewallRules: [{797EC598-4990-43FA-87A9-C0514F5D929C}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe
FirewallRules: [{DB5AFDC2-664F-41CF-BCA1-33B2518C675F}] => (Allow) D:\Program Files\Lightworks\ntcardvt.exe
FirewallRules: [{E9FF6430-7ACA-4404-8F2D-65855E82C606}] => (Allow) D:\Program Files\Lightworks\ntcardvt.exe
FirewallRules: [{41E8953A-5C23-4B85-93BA-62C33FDC7427}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS028F\hppiw.exe
FirewallRules: [{36122F37-8231-456B-9607-B5A87FE0EEEE}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS028F\hppiw.exe
FirewallRules: [{7ADF1E6C-4B4B-4165-ACA2-968577719846}] => (Allow) D:\Program Files\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{7549F9DF-F224-4F24-B542-1B35FDA112D4}] => (Allow) D:\Program Files\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{39330B85-C760-4C1C-ACD4-F79C9550E0C7}] => (Allow) D:\Program Files\pluginwrapper\opera_plugin_wrapper_32.exe
FirewallRules: [{FDF62D83-CB6E-489C-8DF2-BC895F0C2030}] => (Allow) D:\Program Files\pluginwrapper\opera_plugin_wrapper_32.exe
FirewallRules: [{32EDB9AD-3D11-4EAC-9C67-6FCB667B5C14}] => (Allow) D:\Program Files\opera.exe
FirewallRules: [{5FA9E85D-9BFC-43E3-907F-A8757FF89D90}] => (Allow) D:\Program Files\opera.exe
FirewallRules: [{6DCDB633-5F6C-4257-90EF-DFE556C8DCA9}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS18A4\hppiw.exe
FirewallRules: [{9819ABF1-961A-4946-8854-F1BEDF9B56E5}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS18A4\hppiw.exe
FirewallRules: [{690A066B-FBC3-457E-8866-AF25A3A0589A}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS2974\hppiw.exe
FirewallRules: [{1EBC7D26-FE50-400D-B4B4-75AC6B39413A}] => (Allow) C:\Users\Rudolf\AppData\Local\Temp\7zS2974\hppiw.exe
FirewallRules: [TCP Query User{4B86C128-5107-4363-AC19-C5FA36465EA0}I:\program files\microsoft games\age of empires ii\age2_x1\age2_x2.exe] => (Allow) I:\program files\microsoft games\age of empires ii\age2_x1\age2_x2.exe
FirewallRules: [UDP Query User{5DFE83D5-835F-4683-9A5C-E6328CD9EC3B}I:\program files\microsoft games\age of empires ii\age2_x1\age2_x2.exe] => (Allow) I:\program files\microsoft games\age of empires ii\age2_x1\age2_x2.exe
FirewallRules: [{5656CEE0-F8E9-4855-B8AF-000CF4149F70}] => (Allow) D:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [{2EBCE465-408E-4F12-845C-8628440EFBC6}] => (Allow) D:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [{7E16960D-9B9F-4A0F-A47C-3D2777B43B4D}] => (Allow) D:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{38048089-9E32-4B04-8D66-D52FB58F7574}] => (Allow) D:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{4D6F0F96-700F-4928-B84B-9D6C4B4CAD6D}] => (Allow) D:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{4F07AAD3-A3B4-4E19-9953-19A16990F0DF}] => (Allow) D:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{F96DD952-B15E-424D-A717-F50BF4DC84DF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7D0A1B7F-FE37-4B25-BD20-4FCE7DD06914}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{2C193D0E-6E3F-498B-AF16-C250C26BC7BA}D:\program files\microsoft research\microsoft worldwide telescope\wwtexplorer.exe] => (Allow) D:\program files\microsoft research\microsoft worldwide telescope\wwtexplorer.exe
FirewallRules: [UDP Query User{3D72D360-45EF-4D3A-8E09-EC6EB03BA86D}D:\program files\microsoft research\microsoft worldwide telescope\wwtexplorer.exe] => (Allow) D:\program files\microsoft research\microsoft worldwide telescope\wwtexplorer.exe
FirewallRules: [{2AD4F1D9-7E36-4193-9313-5DEA07630321}] => (Allow) C:\Users\Rudolf\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{8BD918FB-4CBA-44EC-80B9-91D86065FF09}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{94008313-981D-46F6-AC80-423F35D60837}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{7ECD8FE1-A1FD-4B57-8F46-AA17751F56D3}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{3D5D79AC-062A-489D-9913-3B678B26D972}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{EDA65F68-3A98-44CA-B9B4-F9DE43330F7C}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{AE4F2305-115F-4E44-868A-76F1D59DDA6E}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{ED027693-62EE-47F6-BBCE-A0623395610E}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{ECEB4C4A-0D28-422C-9F1B-EB1B1AA6FD63}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{E6D13397-7811-4430-A919-DF425B2B21A7}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{DE83BA7E-C1BB-4466-BCA3-8EECDAD4257E}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{6A79F00C-7D41-49F7-8009-F3E728CC1331}] => (Allow) D:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{393E28F3-9B19-4306-89AB-5C4EA09D06B1}] => (Allow) D:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{4C6DB319-5454-4DD1-BB6B-47FC7658BC96}] => (Allow) D:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper_32.exe
FirewallRules: [{825591BA-72C7-4EF5-90CA-84047CF1E966}] => (Allow) D:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper_32.exe
FirewallRules: [{4F52405F-0D82-4964-83E3-2834A50E65B4}] => (Allow) D:\Program Files\Opera\opera.exe
FirewallRules: [{A20FB031-BC47-4C1A-95AB-1F67BA7BC97C}] => (Allow) D:\Program Files\Opera\opera.exe
FirewallRules: [TCP Query User{083415FB-4C92-4C01-A9D7-555131751228}D:\program files\microsoft research\wwtexplorer.exe] => (Allow) D:\program files\microsoft research\wwtexplorer.exe
FirewallRules: [UDP Query User{2F767CBE-B792-4C81-B854-BBA72810F303}D:\program files\microsoft research\wwtexplorer.exe] => (Allow) D:\program files\microsoft research\wwtexplorer.exe
FirewallRules: [{DF33D451-0625-4FCF-97E2-072ABBB5ED5F}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{7BC0CCF5-CE4F-40D1-B639-FCED55DEE350}] => (Allow) C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{EC62D032-4D4F-4682-BCE8-60C1F2A35660}C:\program files\java\jre1.8.0_65\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_65\bin\javaw.exe
FirewallRules: [UDP Query User{BF47679A-4D0E-48DA-B09B-0D6C9777D9D8}C:\program files\java\jre1.8.0_65\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_65\bin\javaw.exe
FirewallRules: [TCP Query User{8AAC9022-3498-469D-8638-5606E8181247}D:\apache24\bin\httpd.exe] => (Allow) D:\apache24\bin\httpd.exe
FirewallRules: [UDP Query User{27ABF644-C24B-418F-A091-09D3FB56A0DD}D:\apache24\bin\httpd.exe] => (Allow) D:\apache24\bin\httpd.exe
FirewallRules: [{8F7E01E8-ED50-4C24-8A3C-D2CB7FD6136A}] => (Allow) D:\Programme\MariaDB 10.1\bin\mysqld.exe
FirewallRules: [{2E818699-90A2-44BF-9FCF-CD4A30FEB10F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
Überprüfen Sie den "winmgmt" Dienst oder reparieren Sie den WMI.
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/10/2016 10:52:49 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (02/10/2016 10:52:48 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (02/10/2016 06:22:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm IEXPLORE.EXE, Version 11.0.9600.18124 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 16f8
Startzeit: 01d16425ce8488f0
Endzeit: 11
Anwendungspfad: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Berichts-ID: e05e676b-d01a-11e5-bf04-7427ea2d679e
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (02/10/2016 05:06:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm IEXPLORE.EXE, Version 11.0.9600.18124 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 82c
Startzeit: 01d1641791937c8d
Endzeit: 46
Anwendungspfad: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Berichts-ID: 483ae346-d010-11e5-bf04-7427ea2d679e
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (02/10/2016 03:05:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Pandora)
Description: Bei der Aktivierung der App „Microsoft.MicrosoftMahjong_8wekyb3d8bbwe!MicrosoftMahjong“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (02/10/2016 01:14:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm WINWORD.EXE, Version 10.0.2627.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: c78
Startzeit: 01d163fc8a668d29
Endzeit: 15
Anwendungspfad: D:\Program Files\Microsoft Office\Office10\WINWORD.EXE
Berichts-ID: d76a1019-cfef-11e5-bf04-7427ea2d679e
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (02/10/2016 10:31:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: delegate_execute.exe, Version: 48.0.2564.103, Zeitstempel: 0x56b11bc1
Name des fehlerhaften Moduls: delegate_execute.exe, Version: 48.0.2564.103, Zeitstempel: 0x56b11bc1
Ausnahmecode: 0x80000003
Fehleroffset: 0x00007f91
ID des fehlerhaften Prozesses: 0x14d8
Startzeit der fehlerhaften Anwendung: 0xdelegate_execute.exe0
Pfad der fehlerhaften Anwendung: delegate_execute.exe1
Pfad des fehlerhaften Moduls: delegate_execute.exe2
Berichtskennung: delegate_execute.exe3
Vollständiger Name des fehlerhaften Pakets: delegate_execute.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: delegate_execute.exe5
Error: (02/09/2016 11:50:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm cdbxpp.exe, Version 4.4.2.3442 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1ba8
Startzeit: 01d16388cb261919
Endzeit: 60000
Anwendungspfad: D:\Program Files\CDBurnerXP\cdbxpp.exe
Berichts-ID: 64646d58-cf7f-11e5-bf03-7427ea2d679e
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (02/09/2016 05:13:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: opera_plugin_wrapper.exe, Version: 12.17.1863.0, Zeitstempel: 0x534cfe97
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18185, Zeitstempel: 0x5683f0c5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000003dd0e
ID des fehlerhaften Prozesses: 0x102c
Startzeit der fehlerhaften Anwendung: 0xopera_plugin_wrapper.exe0
Pfad der fehlerhaften Anwendung: opera_plugin_wrapper.exe1
Pfad des fehlerhaften Moduls: opera_plugin_wrapper.exe2
Berichtskennung: opera_plugin_wrapper.exe3
Vollständiger Name des fehlerhaften Pakets: opera_plugin_wrapper.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: opera_plugin_wrapper.exe5
Error: (02/09/2016 02:55:39 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Pandora)
Description: Bei der Aktivierung der App „Microsoft.MicrosoftMahjong_8wekyb3d8bbwe!MicrosoftMahjong“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Systemfehler:
=============
Error: (02/10/2016 09:53:11 PM) (Source: DCOM) (EventID: 10010) (User: Pandora)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (02/10/2016 09:30:43 PM) (Source: DCOM) (EventID: 10016) (User: Pandora)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}PandoraHeinzS-1-5-21-2932333098-1933949563-2559224823-1004LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (02/10/2016 09:30:11 PM) (Source: DCOM) (EventID: 10016) (User: Pandora)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}PandoraHeinzS-1-5-21-2932333098-1933949563-2559224823-1004LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (02/10/2016 09:29:58 PM) (Source: DCOM) (EventID: 10016) (User: Pandora)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}PandoraHeinzS-1-5-21-2932333098-1933949563-2559224823-1004LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (02/10/2016 09:27:13 PM) (Source: DCOM) (EventID: 10016) (User: Pandora)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}PandoraHeinzS-1-5-21-2932333098-1933949563-2559224823-1004LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (02/10/2016 09:19:13 PM) (Source: DCOM) (EventID: 10016) (User: Pandora)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}PandoraHeinzS-1-5-21-2932333098-1933949563-2559224823-1004LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (02/10/2016 09:19:13 PM) (Source: DCOM) (EventID: 10016) (User: Pandora)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}PandoraHeinzS-1-5-21-2932333098-1933949563-2559224823-1004LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (02/10/2016 08:17:09 PM) (Source: Microsoft-Windows-Eventlog) (EventID: 30) (User: NT-AUTORITÄT)
Description: Der Ereignisprotokollierungsdienst hat beim Aktivieren des Herausgebers "{0BF2FB94-7B60-4B4D-9766-E82F658DF540}" für den Kanal "Microsoft-Windows-Kernel-ShimEngine/Operational" einen Fehler (5) erkannt. Dieser Fehler hat keinen Einfluss auf den Betrieb des Kanals, beeinträchtigt jedoch die Fähigkeit des Herausgebers, Ereignisse für den Kanal auszulösen. Dieser Fehler ist oft darauf zurückzuführen, dass der Anbieter die ETW-Anbietersicherheit verwendet und der Ereignisprotokoll-Dienstidentität keine Berechtigungen zum Aktivieren gewährt hat.
Error: (02/10/2016 08:17:06 PM) (Source: Microsoft-Windows-Eventlog) (EventID: 30) (User: NT-AUTORITÄT)
Description: Der Ereignisprotokollierungsdienst hat beim Aktivieren des Herausgebers "{0BF2FB94-7B60-4B4D-9766-E82F658DF540}" für den Kanal "Microsoft-Windows-Kernel-ShimEngine/Operational" einen Fehler (5) erkannt. Dieser Fehler hat keinen Einfluss auf den Betrieb des Kanals, beeinträchtigt jedoch die Fähigkeit des Herausgebers, Ereignisse für den Kanal auszulösen. Dieser Fehler ist oft darauf zurückzuführen, dass der Anbieter die ETW-Anbietersicherheit verwendet und der Ereignisprotokoll-Dienstidentität keine Berechtigungen zum Aktivieren gewährt hat.
Error: (02/10/2016 06:06:20 PM) (Source: DCOM) (EventID: 10016) (User: Pandora)
Description: AnwendungsspezifischLokalAktivierung{0C0A3666-30C9-11D0-8F20-00805F2CD064}{9209B1A6-964A-11D0-9372-00A0C9034910}PandoraHeinzS-1-5-21-2932333098-1933949563-2559224823-1004LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
CodeIntegrity:
===================================
Date: 2016-01-26 15:47:40.625
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-26 15:47:40.437
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-26 15:47:40.187
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-26 15:47:40.000
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-25 00:23:33.871
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-25 00:23:33.684
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-25 00:23:33.496
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-25 00:23:32.793
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-25 00:23:32.527
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-25 00:23:32.277
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i3-3240 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 39%
Installierter physikalischer RAM: 3976.74 MB
Verfügbarer physikalischer RAM: 2388.42 MB
Summe virtueller Speicher: 8072.74 MB
Verfügbarer virtueller Speicher: 5088.15 MB
==================== Laufwerke ================================
Drive c: (MARILYN MONROE) (Fixed) (Total:223.25 GB) (Free:138.16 GB) NTFS
Drive d: (KASSANDRA) (Fixed) (Total:224.36 GB) (Free:161.79 GB) NTFS
Drive e: (LYNKEUS) (Fixed) (Total:118.54 GB) (Free:75.97 GB) NTFS
Drive f: (CORIOLANUS) (Fixed) (Total:117.19 GB) (Free:60.49 GB) NTFS
Drive g: (VERDANDI) (Fixed) (Total:102.54 GB) (Free:74.59 GB) NTFS
Drive h: (MESSALINA) (Fixed) (Total:97.85 GB) (Free:75.45 GB) NTFS
Drive i: (PYTHIA) (Fixed) (Total:10.07 GB) (Free:3.94 GB) FAT32
Drive j: (NIFLHEIM) (Fixed) (Total:8.42 GB) (Free:3.62 GB) NTFS
Drive k: (FREYJA) (Fixed) (Total:11.12 GB) (Free:11.08 GB) NTFS
==================== MBR & Partitionstabelle ==================
==================== Ende von Addition.txt ============================
|
|
11.02.2016, 22:14
| #14 |
| | "nbi cleaner" ist wieder/noch da FRST1 FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:25-01-2016 durchgeführt von Heinz (ACHTUNG: der Benutzer ist kein Administrator) auf PANDORA (27-01-2016 12:08:23) Gestartet von D:\Sicherung\Downloads\Microsoft\Tools\MalwareErkennung\FarbarRST Geladene Profile: Heinz (Verfügbare Profile: Rudolf & Heinz) Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: IE) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) konnte nicht auf den Prozess zugreifen -> smss.exe konnte nicht auf den Prozess zugreifen -> csrss.exe konnte nicht auf den Prozess zugreifen -> wininit.exe konnte nicht auf den Prozess zugreifen -> csrss.exe konnte nicht auf den Prozess zugreifen -> winlogon.exe konnte nicht auf den Prozess zugreifen -> services.exe konnte nicht auf den Prozess zugreifen -> lsass.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> dwm.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> spoolsv.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> armsvc.exe konnte nicht auf den Prozess zugreifen -> BBSvc.EXE konnte nicht auf den Prozess zugreifen -> mDNSResponder.exe konnte nicht auf den Prozess zugreifen -> CCDMonitorService.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> Agent.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> HeciServer.exe konnte nicht auf den Prozess zugreifen -> IpOverUsbSvc.exe konnte nicht auf den Prozess zugreifen -> Jhi_service.exe konnte nicht auf den Prozess zugreifen -> mbamscheduler.exe konnte nicht auf den Prozess zugreifen -> mbamservice.exe konnte nicht auf den Prozess zugreifen -> mdm.exe konnte nicht auf den Prozess zugreifen -> mysqld.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> sqlwriter.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> TodoBackupService.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> vds.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> WUDFHost.exe konnte nicht auf den Prozess zugreifen -> dasHost.exe (Malwarebytes) D:\Program Files\ Malwarebytes Anti-Malware \mbam.exe (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe konnte nicht auf den Prozess zugreifen -> SearchIndexer.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (The Eraser Project) D:\Program Files\Eraser\Eraser.exe konnte nicht auf den Prozess zugreifen -> RIconMan.exe () C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe konnte nicht auf den Prozess zugreifen -> LMS.exe konnte nicht auf den Prozess zugreifen -> NASvc.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (CHENGDU YIWO Tech Development Co., Ltd) D:\Program Files\EaseUS\EaseUS Partition Maste10-8\bin\EpmNews.exe konnte nicht auf den Prozess zugreifen -> UNS.exe (Adobe Systems Inc.) D:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe konnte nicht auf den Prozess zugreifen -> wmpnetwk.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (FUJIFILM Corporation) C:\Program Files (x86)\FinePixViewer\QuickDCF2.exe (Hewlett-Packard Co.) D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe konnte nicht auf den Prozess zugreifen -> FNPLicensingService.exe (Hewlett-Packard Co.) D:\Program Files\HP\Digital Imaging\bin\hpqste08.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe (Hewlett-Packard Co.) D:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard) D:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe konnte nicht auf den Prozess zugreifen -> ePowerSvc.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe konnte nicht auf den Prozess zugreifen -> MsMpEng.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe konnte nicht auf den Prozess zugreifen -> SeaPort.EXE (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingApp.exe (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingBar.exe (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\bingsurrogate.exe (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\bingsurrogate.exe (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\bingsurrogate.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe (Adobe Systems Incorporated) D:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrobat_sl.exe konnte nicht auf den Prozess zugreifen -> MpCmdRun.exe konnte nicht auf den Prozess zugreifen -> SearchFilterHost.exe (Farbar) D:\Sicherung\Downloads\Microsoft\Tools\MalwareErkennung\FarbarRST\FarbarRecoveryScanTool64.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-02] (Realtek Semiconductor) HKLM\...\Run: [Eraser] => D:\Program Files\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project) HKLM\...\Run: [Classic Start Menu] => C:\Programme\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft) HKLM-x32\...\Run: [EaseUS EPM tray] => D:\Program Files\EaseUS\EaseUS Partition Maste10-8\bin\EpmNews.exe [2089056 2015-09-16] (CHENGDU YIWO Tech Development Co., Ltd) HKLM-x32\...\Run: [EaseUs Watch] => "H:\Program Files\EaseUS\Todo Backup\bin\EuWatch.exe" HKLM-x32\...\Run: [EaseUs Tray] => "H:\Program Files\EaseUS\Todo Backup\bin\TrayNotify.exe" HKLM-x32\...\Run: [Acrobat Assistant 8.0] => D:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [620152 2006-10-22] (Adobe Systems Inc.) HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe HKLM-x32\...\Run: [HP Software Update] => D:\Program Files\HP\HP Software Update\HPWuSchd2.exe HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-12-22] (Oracle Corporation) HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe [54072 2015-10-05] (Malwarebytes) Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\Run: [GoogleChromeAutoLaunch_8873E7926251A1FFF25FD5B64C244189] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [748360 2016-01-12] (Google Inc.) HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1193176 2013-09-17] () HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [133632 2014-10-29] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Programme\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft) ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Programme\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk [2016-01-27] ShortcutTarget: Adobe Acrobat Speed Launcher.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Synchronizer.lnk [2016-01-27] ShortcutTarget: Adobe Acrobat Synchronizer.lnk -> D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2016-01-27] ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ExifLauncher2.lnk [2016-01-27] ShortcutTarget: ExifLauncher2.lnk -> C:\Program Files (x86)\FinePixViewer\QuickDCF2.exe (FUJIFILM Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-01-27] ShortcutTarget: HP Digital Imaging Monitor.lnk -> D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2016-01-27] ShortcutTarget: Microsoft Office.lnk -> D:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation) Startup: C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2016-01-27] ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) Startup: C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Corel Registration.lnk [2016-01-27] ShortcutTarget: Corel Registration.lnk -> I:\Programme\Corel\Graphics9\Register\Remind32.exe (IntelliQuest Communications, Inc.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) ProxyServer: [S-1-5-21-2932333098-1933949563-2559224823-1004] => 127.0.0.1:4001 Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{B3CAEEBF-3743-4152-A0F7-CCF641E2A859}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.qone8.com/web/?type=ds&ts=1398545656&from=kmp&uid=ST500DM002-1BD142_Z3TML6A8XXXXZ3TML6A8&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.qone8.com/web/?type=ds&ts=1398545656&from=kmp&uid=ST500DM002-1BD142_Z3TML6A8XXXXZ3TML6A8&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.qone8.com/web/?type=ds&ts=1398545656&from=kmp&uid=ST500DM002-1BD142_Z3TML6A8XXXXZ3TML6A8&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.qone8.com/web/?type=ds&ts=1398545656&from=kmp&uid=ST500DM002-1BD142_Z3TML6A8XXXXZ3TML6A8&q={searchTerms} HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de/ SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms} SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKU\.DEFAULT -> {B7DE1827-F960-445E-9E13-EF6E99B49D87} URL = SearchScopes: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms} SearchScopes: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004 -> {B7DE1827-F960-445E-9E13-EF6E99B49D87} URL = BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Programme\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Program Files\Java\bin\ssv.dll [2016-01-26] (Oracle Corporation) BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Program Files\Java\bin\jp2ssv.dll [2016-01-26] (Oracle Corporation) BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Programme\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft) BHO-x32: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated) BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Programme\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft) BHO-x32: SSVHelper Class -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.5.0_17\bin\ssv.dll => Keine Datei BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems Incorporated) BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.) BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Programme\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft) Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.) Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Programme\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft) Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.) Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Programme\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft) Toolbar: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei DPF: HKLM-x32 {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://javadl-esd.sun.com/update/1.5.0/jinstall-1_5-windows-i586.cab DPF: HKLM-x32 {DED4D168-AEEE-4E0C-B699-36A9A320ED5E} hxxp://de.cyberlink.com/prog/win8/js/UpdateAdvisor.cab Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default FF Homepage: hxxp://de.msn.com/ FF NetworkProxy: "backup.ftp", "127.0.0.1" FF NetworkProxy: "backup.ftp_port", 4001 FF NetworkProxy: "backup.socks", "127.0.0.1" FF NetworkProxy: "backup.socks_port", 4001 FF NetworkProxy: "backup.ssl", "127.0.0.1" FF NetworkProxy: "backup.ssl_port", 4001 FF NetworkProxy: "ftp", "127.0.0.1" FF NetworkProxy: "ftp_port", 4001 FF NetworkProxy: "http", "127.0.0.1" FF NetworkProxy: "http_port", 4001 FF NetworkProxy: "share_proxy_settings", true FF NetworkProxy: "socks", "127.0.0.1" FF NetworkProxy: "socks_port", 4001 FF NetworkProxy: "socks_remote_dns", true FF NetworkProxy: "ssl", "127.0.0.1" FF NetworkProxy: "ssl_port", 4001 FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-20] () FF Plugin: @java.com/DTPlugin,version=11.72.2 -> D:\Program Files\Java\bin\dtplugin\npDeployJava1.dll [2016-01-26] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.72.2 -> D:\Program Files\Java\bin\plugin2\npjp2.dll [2016-01-26] (Oracle Corporation) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-20] () FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> D:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> D:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> D:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> D:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2932333098-1933949563-2559224823-1004: @phonostar.de/1&1 Internet-Radio-Player -> D:\Program Files\1&1 Internet-Radio-Player\npphonostarDetectNP.dll [Keine Datei] FF Plugin HKU\S-1-5-21-2932333098-1933949563-2559224823-1004: @phonostar.de/phonostar-Player -> D:\Program Files\Internet-Radio-Player\phonostar-Player\npphonostarDetectNP.dll [Keine Datei] FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) FF Extension: Proxy Selector - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\extensions\proxyselector@mozilla.org.xpi [2015-06-04] FF Extension: Webpage Snapshot - Snapilicious.com - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\extensions\admin@snapilicious.com.xpi [2015-06-04] FF Extension: FoxyProxy Standard - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\extensions\foxyproxy@eric.h.jung [2015-06-04] FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2014-12-15] [ist nicht signiert] FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\extensions\artur.dubovoy@gmail.com [2016-01-26] FF Extension: Hotspot Shield Free VPN Proxy – Unblock Sites - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\Extensions\hotspot-shield@anchorfree.com.xpi [2015-11-03] [ist nicht signiert] FF Extension: ProxTube - Unblock YouTube - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\Extensions\ich@maltegoetz.de.xpi [2015-08-09] FF Extension: YouTube Unblocker - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\Extensions\youtubeunblocker__web@unblocker.yt [2015-12-04] FF Extension: unity player - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\Extensions\{05cfb51c-ba6e-41f7-89b3-a96f5c837a87}.xpi [2015-09-22] [ist nicht signiert] FF Extension: YouTube High Definition - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2016-01-24] FF Extension: Download YouTube Videos as MP4 - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2016-01-08] FF Extension: Video DownloadHelper - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-10-30] FF Extension: mpeg4 manager free - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\Extensions\{df4bd301-ee66-4f5e-a6e0-25ddf2bf381e}.xpi [2016-01-01] [ist nicht signiert] FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA} [2015-10-23] [ist nicht signiert] FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden Chrome: ======= CHR StartupUrls: Default -> "hxxps://www.google.de/" CHR Profile: C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (ProxFlow) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-07-29] CHR Extension: (Magic Actions for YouTube™) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2015-12-11] CHR Extension: (Google Docs) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05] CHR Extension: (Google Drive) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24] CHR Extension: (YouTube) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24] CHR Extension: (Google-Suche) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Google Docs Offline) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-20] CHR Extension: (TinEye Reverse Image Search) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2014-05-23] CHR Extension: (TV für Google Chrome™) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe [2016-01-19] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-29] CHR Extension: (YouTube Unblocker) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnkeeiehehhefofiekoflfedgehcdhl [2014-12-29] [UpdateUrl: hxxp://www.unblocker.yt/addon/chrome/updates.xml] <==== ACHTUNG CHR Extension: (Google Mail) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28] Opera: ======= StartMenuInternet: (HKLM) Opera - D:\Program Files\Opera\Opera.exe StartMenuInternet: (HKU\S-1-5-21-2932333098-1933949563-2559224823-1004) Opera - "C:\Users\Heinz\AppData\Local\Programs\Opera x64\Opera.exe" ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-01-28] (Adobe Systems) [Datei ist nicht signiert] R2 Bonjour Service; C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe [384512 2015-08-18] (Apple Inc.) [Datei ist nicht signiert] R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated) R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [37416 2014-12-15] (CHENGDU YIWO Tech Development Co., Ltd) R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [660040 2013-01-18] (Acer Incorporated) R3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2013-12-21] (Macrovision Europe Ltd.) [Datei ist nicht signiert] R3 hpqcxs08; D:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [254824 2011-04-29] (Hewlett-Packard Co.) R2 hpqddsvc; D:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [138600 2011-04-29] (Hewlett-Packard Co.) R2 HPSLPSVC; C:\Users\Rudolf\AppData\Local\Temp\7zS5C6D\hpslpsvc64.dll [1039360 2013-07-19] (Hewlett-Packard Co.) [Datei ist nicht signiert] R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [Datei ist nicht signiert] R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21744 2015-07-09] (Microsoft Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation) S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [625640 2015-04-24] (Lenovo) R2 lmhosts; C:\Windows\system32\svchost.exe [38792 2014-10-29] (Microsoft Corporation) R2 lmhosts; C:\WINDOWS\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation) R2 MBAMScheduler; D:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; D:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe [270336 2001-02-23] (Microsoft Corporation) [Datei ist nicht signiert] R2 MySQL; D:\Programme\MariaDB 10.1\bin\mysqld.exe [13470536 2015-12-23] () R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert] R2 NlaSvc; C:\Windows\System32\svchost.exe [38792 2014-10-29] (Microsoft Corporation) R2 NlaSvc; C:\WINDOWS\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation) R2 nsi; C:\Windows\system32\svchost.exe [38792 2014-10-29] (Microsoft Corporation) R2 nsi; C:\WINDOWS\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation) R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert] S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [134656 2015-07-09] (Microsoft Corporation) [Datei ist nicht signiert] S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-06] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider) S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [18528 2014-11-18] () S3 epmntdrv; C:\WINDOWS\SysWOW64\epmntdrv.sys [14944 2014-11-18] () R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48168 2014-12-14] () S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10848 2014-11-18] () S3 EuGdiDrv; C:\WINDOWS\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] () R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-27] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2015-11-15] (Riverbed Technology, Inc.) R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation) S1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-12-18] (Oracle Corporation) R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [194976 2016-01-19] (Oracle Corporation) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) S3 cpuz137; \??\D:\Program Files\CPUID\PC Wizard 2013\pcwiz_x64.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-01-27 10:41 - 2016-01-27 11:45 - 00000792 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-01-27 10:41 - 2016-01-27 10:42 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-01-27 10:41 - 2016-01-27 10:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-01-27 10:41 - 2016-01-27 10:41 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-01-27 10:41 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2016-01-27 10:41 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2016-01-27 10:41 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2016-01-27 00:02 - 2016-01-27 00:02 - 00000000 ____D C:\Program Files (x86)\ESET 2016-01-26 22:00 - 2016-01-27 12:08 - 00000000 ____D C:\FRST 2016-01-26 21:05 - 2016-01-26 21:05 - 00000079 _____ C:\WINDOWS\wininit.ini 2016-01-26 17:48 - 2016-01-26 17:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Strawberry Perl (64-bit) 2016-01-26 17:38 - 2016-01-26 17:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox 2016-01-26 17:15 - 2016-01-26 17:15 - 00110176 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll 2016-01-26 17:15 - 2016-01-26 17:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-01-26 16:36 - 2016-01-26 16:36 - 00001468 _____ C:\Users\Heinz\Desktop\WinMD5.lnk 2016-01-25 18:51 - 2016-01-26 10:48 - 00000000 ____D C:\Users\Heinz\VirtualBox VMs 2016-01-25 17:38 - 2016-01-26 10:48 - 00000000 ____D C:\Users\Heinz\.VirtualBox 2016-01-25 17:32 - 2016-01-25 17:33 - 00000000 ____D C:\Users\Rudolf\.VirtualBox 2016-01-25 17:27 - 2016-01-25 17:27 - 00000000 ____D C:\MATS 2016-01-19 17:40 - 2016-01-19 17:40 - 00194976 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxNetLwf.sys 2016-01-17 12:35 - 2016-01-18 00:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2016-01-14 17:48 - 2016-01-26 17:17 - 00000000 ____D C:\Users\Heinz\.oracle_jre_usage 2016-01-14 17:45 - 2016-01-14 17:45 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\HeidiSQL 2016-01-14 17:43 - 2016-01-27 11:45 - 00001170 _____ C:\Users\Public\Desktop\HeidiSQL.lnk 2016-01-14 17:43 - 2016-01-14 17:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MariaDB 10.1 (x64) 2016-01-14 16:26 - 2016-01-27 11:45 - 00000715 _____ C:\Users\Public\Desktop\Notepad++ 6.8.8.lnk 2016-01-13 22:48 - 2016-01-12 20:40 - 00001576 _____ C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Win Media Player.lnk 2016-01-12 21:26 - 2015-12-30 20:32 - 07453016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-01-12 21:26 - 2015-12-30 20:32 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2016-01-12 21:26 - 2015-12-30 20:32 - 01499912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2016-01-12 21:26 - 2015-12-11 05:38 - 25837568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-01-12 21:26 - 2015-12-11 05:00 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2016-01-12 21:26 - 2015-12-11 04:55 - 06051328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-01-12 21:26 - 2015-12-11 04:50 - 20367360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-01-12 21:26 - 2015-12-11 04:45 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2016-01-12 21:26 - 2015-12-11 04:21 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2016-01-12 21:26 - 2015-12-11 04:18 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2016-01-12 21:26 - 2015-12-11 04:09 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2016-01-12 21:26 - 2015-12-11 04:09 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2016-01-12 21:26 - 2015-12-11 04:03 - 14456832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-01-12 21:26 - 2015-12-11 03:59 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-01-12 21:26 - 2015-12-11 03:43 - 04610560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-01-12 21:26 - 2015-12-11 03:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2016-01-12 21:26 - 2015-12-11 03:38 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-01-12 21:26 - 2015-12-11 03:37 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-01-12 21:26 - 2015-12-11 03:35 - 12856320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-01-12 21:26 - 2015-12-11 03:26 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-01-12 21:26 - 2015-12-11 03:14 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2016-01-12 21:26 - 2015-12-11 03:12 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-01-12 21:26 - 2015-12-11 03:08 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-01-12 21:26 - 2015-12-11 03:07 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2016-01-12 21:26 - 2015-12-10 01:40 - 00033456 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2016-01-12 21:26 - 2015-12-07 11:56 - 01380600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2016-01-12 21:26 - 2015-12-05 06:58 - 02745184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 02528784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 02450240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVENCOD.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 02447136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVENCOD.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 02334104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2016-01-12 21:26 - 2015-12-05 06:58 - 02324744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2016-01-12 21:26 - 2015-12-05 06:58 - 01877504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll 2016-01-12 21:26 - 2015-12-05 06:58 - 01798480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll 2016-01-12 21:26 - 2015-12-05 06:58 - 01484888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll 2016-01-12 21:26 - 2015-12-05 06:58 - 01288128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll 2016-01-12 21:26 - 2015-12-05 06:58 - 01210200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 01150232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 01115640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2016-01-12 21:26 - 2015-12-05 06:58 - 01037680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 00914672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 00850680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2016-01-12 21:26 - 2015-12-05 06:58 - 00735496 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll 2016-01-12 21:26 - 2015-12-05 06:58 - 00700360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2016-01-12 21:26 - 2015-12-05 06:58 - 00629600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll 2016-01-12 21:26 - 2015-12-05 06:58 - 00557856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSDECD.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 00498472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-01-12 21:26 - 2015-12-05 06:58 - 00492736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSDECD.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 00463776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 00399776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2016-01-12 21:26 - 2015-12-05 06:58 - 00299080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VIDRESZR.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 00275312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MPG4DECD.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 00274280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP43DECD.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 00250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPG4DECD.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 00248432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP43DECD.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 00246856 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 00244296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2016-01-12 21:26 - 2015-12-05 06:58 - 00229272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 00203016 _____ (Microsoft Corporation) C:\WINDOWS\system32\COLORCNV.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 00184912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COLORCNV.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 00183856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VIDRESZR.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 00110544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll 2016-01-12 21:26 - 2015-12-05 06:58 - 00099136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 00090904 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll 2016-01-12 21:26 - 2015-12-05 06:58 - 00090392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfvdsp.dll 2016-01-12 21:26 - 2015-12-05 06:58 - 00081032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll 2016-01-12 21:26 - 2015-12-05 06:58 - 00076936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfvdsp.dll 2016-01-12 21:26 - 2015-12-04 16:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2016-01-12 21:26 - 2015-12-03 20:42 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-01-12 21:26 - 2015-12-03 20:42 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll 2016-01-12 21:26 - 2015-12-03 20:42 - 00137968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll 2016-01-12 21:26 - 2015-12-03 20:42 - 00106960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll 2016-01-12 21:26 - 2015-12-03 20:41 - 00177488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2016-01-12 21:26 - 2015-12-03 19:52 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2016-01-12 21:26 - 2015-12-03 19:52 - 00120376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll 2016-01-12 21:26 - 2015-12-03 19:52 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll 2016-01-12 21:26 - 2015-12-03 19:28 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2016-01-12 21:26 - 2015-12-03 19:28 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2016-01-12 21:26 - 2015-12-03 19:07 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll 2016-01-12 21:26 - 2015-12-03 19:07 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax 2016-01-12 21:26 - 2015-12-03 19:05 - 00644608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL 2016-01-12 21:26 - 2015-12-03 19:02 - 01664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL 2016-01-12 21:26 - 2015-12-03 19:00 - 00451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL 2016-01-12 21:26 - 2015-12-03 18:58 - 00378880 ____C (Microsoft Corporation) C:\WINDOWS\system32\SysFxUI.dll 2016-01-12 21:26 - 2015-12-03 18:51 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2016-01-12 21:26 - 2015-12-03 18:36 - 01697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll 2016-01-12 21:26 - 2015-12-03 18:30 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFWMAAEC.DLL 2016-01-12 21:26 - 2015-12-03 18:28 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll 2016-01-12 21:26 - 2015-12-03 18:28 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax 2016-01-12 21:26 - 2015-12-03 18:27 - 00736256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL 2016-01-12 21:26 - 2015-12-03 18:24 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL 2016-01-12 21:26 - 2015-12-03 18:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL 2016-01-12 21:26 - 2015-12-03 18:16 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2016-01-12 21:26 - 2015-12-03 18:13 - 01441280 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-01-12 21:26 - 2015-12-03 18:07 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2016-01-12 21:26 - 2015-12-03 18:06 - 01501184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll 2016-01-12 21:26 - 2015-12-03 18:01 - 00743936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFWMAAEC.DLL 2016-01-12 21:26 - 2015-12-03 17:45 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2016-01-12 21:26 - 2015-12-03 17:40 - 01010688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL 2016-01-12 21:26 - 2015-12-03 17:29 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL 2016-01-12 21:26 - 2015-12-02 16:04 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll 2016-01-12 21:26 - 2015-12-02 16:01 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll 2016-01-12 21:26 - 2015-11-17 22:07 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-01-12 21:26 - 2015-11-17 22:07 - 01164800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-01-12 21:26 - 2015-11-17 22:07 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2016-01-12 21:26 - 2015-11-17 22:07 - 00705024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-01-12 21:26 - 2015-11-17 22:07 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-01-12 21:26 - 2015-11-17 22:07 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2016-01-12 21:26 - 2015-11-17 22:07 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-01-12 21:25 - 2015-12-08 20:08 - 00685432 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll 2016-01-12 21:25 - 2015-12-08 20:07 - 00507176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll 2016-01-12 16:31 - 2015-12-18 17:08 - 00965440 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxDrv.sys 2016-01-11 22:15 - 2016-01-11 22:15 - 00000000 ____D C:\Users\Rudolf\AppData\Roaming\MySQL 2016-01-11 21:58 - 2016-01-11 21:58 - 00000000 ____D C:\Users\Rudolf\AppData\Roaming\Oracle 2016-01-11 21:54 - 2016-01-11 22:31 - 00000000 ____D C:\ProgramData\MySQL 2016-01-11 17:56 - 2016-01-11 17:56 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\postgresql 2016-01-03 13:46 - 2016-01-03 13:51 - 00000000 ____D C:\Users\Rudolf\AppData\Local\VSIXInstaller 2016-01-03 13:46 - 2016-01-03 13:46 - 00000000 ____D C:\Program Files (x86)\Microsoft Office365 Tools 2016-01-03 13:15 - 2016-01-11 23:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinImage 2016-01-03 13:15 - 2016-01-03 13:15 - 00000000 ____D C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinImage ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-01-27 12:01 - 2013-12-24 15:04 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\ClassicShell 2016-01-27 11:54 - 2013-12-26 15:30 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-01-27 11:52 - 2013-12-21 21:49 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-01-27 11:50 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-01-27 11:45 - 2015-12-26 17:55 - 00000851 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk 2016-01-27 11:45 - 2015-12-26 17:55 - 00000789 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk 2016-01-27 11:45 - 2015-12-18 16:14 - 00000760 _____ C:\Users\Rudolf\Desktop\jEdit.lnk 2016-01-27 11:45 - 2015-11-23 13:04 - 00000777 _____ C:\Users\Public\Desktop\GIMP 2.lnk 2016-01-27 11:45 - 2015-11-23 13:04 - 00000777 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk 2016-01-27 11:45 - 2015-11-21 17:31 - 00000877 _____ C:\Users\Rudolf\Desktop\Any Video Converter.lnk 2016-01-27 11:45 - 2015-11-21 17:13 - 00001017 _____ C:\Users\Public\Desktop\Foxit Reader.lnk 2016-01-27 11:45 - 2015-11-21 16:07 - 00000675 _____ C:\Users\Rudolf\Desktop\Nmap - Zenmap GUI.lnk 2016-01-27 11:45 - 2015-10-31 11:47 - 00002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-01-27 11:45 - 2015-10-31 11:47 - 00002075 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk 2016-01-27 11:45 - 2015-09-26 14:47 - 00001556 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2015.lnk 2016-01-27 11:45 - 2015-09-26 14:35 - 00001557 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015.lnk 2016-01-27 11:45 - 2015-07-22 16:57 - 00001216 _____ C:\Users\Rudolf\Desktop\CrystalDiskInfo.lnk 2016-01-27 11:45 - 2015-07-17 11:55 - 00002779 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Outlook.lnk 2016-01-27 11:45 - 2015-07-17 11:55 - 00002719 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Excel.lnk 2016-01-27 11:45 - 2015-07-17 11:55 - 00002707 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft PowerPoint.lnk 2016-01-27 11:45 - 2015-07-17 11:55 - 00002687 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Word.lnk 2016-01-27 11:45 - 2015-07-17 11:55 - 00002649 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Access.lnk 2016-01-27 11:45 - 2015-07-15 21:55 - 00002178 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk 2016-01-27 11:45 - 2015-05-30 10:37 - 00000741 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2016-01-27 11:45 - 2015-04-20 14:37 - 00000707 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk 2016-01-27 11:45 - 2015-02-22 19:36 - 00001096 _____ C:\Users\Public\Desktop\paint.net.lnk 2016-01-27 11:45 - 2015-02-08 17:33 - 00002597 _____ C:\Users\Public\Desktop\WorldWide Telescope.lnk 2016-01-27 11:45 - 2015-01-31 12:52 - 00000823 _____ C:\Users\Public\Desktop\Greenfish Icon Editor Pro.lnk 2016-01-27 11:45 - 2015-01-31 11:04 - 00001122 _____ C:\Users\Public\Desktop\VLC media player.lnk 2016-01-27 11:45 - 2014-12-26 22:10 - 00001142 _____ C:\Users\Public\Desktop\Free Dailymotion Download.lnk 2016-01-27 11:45 - 2014-10-31 10:42 - 00001178 _____ C:\Users\Rudolf\Desktop\Calculator.lnk 2016-01-27 11:45 - 2014-10-31 10:35 - 00002083 _____ C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\startscreen.lnk 2016-01-27 11:45 - 2014-08-13 15:59 - 00001989 _____ C:\Users\Public\Desktop\FinePixViewer.lnk 2016-01-27 11:45 - 2014-08-07 15:19 - 00001895 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk 2016-01-27 11:45 - 2014-08-07 15:19 - 00000787 _____ C:\Users\Rudolf\Desktop\DVD slideshow GUI.lnk 2016-01-27 11:45 - 2014-08-07 15:05 - 00001096 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk 2016-01-27 11:45 - 2014-08-05 08:11 - 00001109 _____ C:\Users\Public\Desktop\HP Solution Center.lnk 2016-01-27 11:45 - 2014-08-05 08:11 - 00001109 _____ C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk 2016-01-27 11:45 - 2014-08-05 08:11 - 00000763 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk 2016-01-27 11:45 - 2014-05-17 16:09 - 00000842 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ImageReady 7.0.1.lnk 2016-01-27 11:45 - 2014-05-17 16:09 - 00000837 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 7.0.1.lnk 2016-01-27 11:45 - 2014-04-23 15:11 - 00000784 _____ C:\Users\Public\Desktop\Avidemux 2.6 - 64bits.lnk 2016-01-27 11:45 - 2014-01-28 16:34 - 00002089 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge.lnk 2016-01-27 11:45 - 2014-01-28 16:33 - 00001939 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2.0.lnk 2016-01-27 11:45 - 2013-12-25 18:13 - 00001177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-01-27 11:45 - 2013-12-25 18:13 - 00001171 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2016-01-27 11:45 - 2013-12-25 18:01 - 00002059 _____ C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lollipop.lnk 2016-01-27 11:45 - 2013-12-22 13:54 - 00001468 _____ C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-01-27 11:45 - 2013-12-22 13:37 - 00001511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2016-01-27 11:45 - 2013-12-22 00:26 - 00001557 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eraser.lnk 2016-01-27 11:45 - 2013-12-21 22:02 - 00002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 8.lnk 2016-01-27 11:45 - 2013-12-21 22:02 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 8 Professional.lnk 2016-01-27 11:45 - 2013-12-21 22:02 - 00001885 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle Designer 8.0.lnk 2016-01-27 11:45 - 2013-12-21 21:33 - 00001096 _____ C:\Users\Rudolf\Desktop\RegEdit.lnk 2016-01-27 11:45 - 2013-12-21 15:10 - 00000837 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 5.0.lnk 2016-01-27 11:45 - 2013-12-21 15:04 - 00002107 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help Center.lnk 2016-01-27 11:45 - 2013-12-21 15:03 - 00000765 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign CS2.lnk 2016-01-27 11:45 - 2013-12-20 20:34 - 00000805 _____ C:\Users\Rudolf\Desktop\ACDSee Trial Version.lnk 2016-01-27 11:45 - 2013-12-20 16:36 - 00000717 _____ C:\Users\Public\Desktop\WinRAR 3.93.lnk 2016-01-27 11:45 - 2013-12-19 17:02 - 00001227 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2016-01-27 11:45 - 2013-09-17 17:06 - 00001927 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2016-01-27 11:44 - 2013-12-25 18:00 - 00000000 ____D C:\Users\Rudolf\AppData\Local\genienext 2016-01-27 11:44 - 2013-12-21 21:26 - 00000000 ____D C:\Users\Rudolf\AppData\Roaming\Systweak 2016-01-27 11:39 - 2013-12-21 21:49 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-01-27 00:12 - 2013-12-22 11:17 - 00000000 ____D C:\Users\Heinz\AppData\Local\Eraser 6 2016-01-26 22:54 - 2013-12-21 15:23 - 00000000 ____D C:\TEMP 2016-01-26 21:05 - 2015-11-28 13:22 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2016-01-26 21:05 - 2013-08-22 14:36 - 00000000 ____D C:\Windows 2016-01-26 20:04 - 2013-12-21 14:42 - 00000000 ____D C:\Users\Heinz\AppData\Local\CrashDumps 2016-01-26 18:09 - 2014-10-31 10:35 - 00000000 ____D C:\Users\Rudolf\AppData\Roaming\ClassicShell 2016-01-26 17:51 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-01-26 17:46 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps 2016-01-26 17:38 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf 2016-01-26 17:30 - 2013-12-24 17:22 - 00000000 ___DO C:\Users\Rudolf\SkyDrive 2016-01-26 17:22 - 2014-03-26 18:26 - 00000000 ____D C:\Users\Rudolf\.nbi 2016-01-26 16:59 - 2013-08-22 15:44 - 01027912 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-01-26 16:19 - 2015-09-26 14:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0 2016-01-26 16:19 - 2014-01-02 16:14 - 00000000 ____D C:\ProgramData\Package Cache 2016-01-26 16:19 - 2013-12-22 13:23 - 00000000 ____D C:\Program Files (x86)\MSBuild 2016-01-26 16:15 - 2015-09-26 15:05 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0 2016-01-26 16:14 - 2015-09-26 14:46 - 00000000 ____D C:\Program Files (x86)\Windows Phone Kits 2016-01-26 11:27 - 2013-12-22 13:33 - 00000000 ____D C:\Users\Heinz 2016-01-26 11:21 - 2013-12-22 13:33 - 00000000 ____D C:\Users\Rudolf 2016-01-26 11:20 - 2015-11-21 16:07 - 00000000 ____D C:\Users\Rudolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nmap 2016-01-26 11:20 - 2013-12-21 21:18 - 00000000 ____D C:\ProgramData\FLEXnet 2016-01-26 11:06 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\registration 2016-01-25 17:29 - 2014-10-30 12:03 - 00000000 ____D C:\Users\Rudolf\AppData\Local\ElevatedDiagnostics 2016-01-22 18:16 - 2013-12-26 15:10 - 00000000 ____D C:\Users\Heinz\dwhelper 2016-01-22 02:07 - 2015-01-31 11:04 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\vlc 2016-01-22 00:34 - 2014-12-23 01:01 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\dvdcss 2016-01-17 14:05 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache 2016-01-14 22:32 - 2013-11-14 08:27 - 01886820 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-01-14 22:32 - 2013-11-14 08:11 - 00805954 _____ C:\WINDOWS\system32\perfh007.dat 2016-01-14 22:32 - 2013-11-14 08:11 - 00176466 _____ C:\WINDOWS\system32\perfc007.dat 2016-01-14 16:26 - 2013-12-22 00:10 - 00000000 ____D C:\Users\Rudolf\AppData\Roaming\Notepad++ 2016-01-13 22:06 - 2013-12-20 16:06 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-01-13 22:00 - 2013-12-20 16:06 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-01-13 17:49 - 2013-12-22 12:50 - 00321840 _____ C:\Users\Heinz\AppData\Roaming\GDIPFONTCACHEV1.DAT 2016-01-13 00:23 - 2015-04-15 16:58 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-01-13 00:23 - 2015-03-11 23:47 - 00000000 ___SD C:\WINDOWS\system32\CompatTel 2016-01-12 21:51 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-01-12 20:40 - 2013-12-19 21:41 - 00001576 _____ C:\Users\Heinz\Desktop\Win Media Player.lnk 2016-01-11 23:37 - 2014-01-02 16:16 - 00000000 ____D C:\WINDOWS\SysWOW64\1031 2016-01-11 23:37 - 2014-01-02 16:16 - 00000000 ____D C:\WINDOWS\system32\1033 2016-01-11 23:37 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2016-01-11 23:36 - 2015-12-18 16:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jEdit 5.3.0 2016-01-11 23:36 - 2015-09-26 14:50 - 00000000 ____D C:\Program Files\IIS Express 2016-01-11 23:36 - 2015-09-26 14:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015 2016-01-11 23:36 - 2014-01-01 17:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games 2016-01-11 23:35 - 2015-09-26 14:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Web Tools 2016-01-11 23:35 - 2013-12-19 17:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-01-11 23:34 - 2015-09-26 14:50 - 00000000 ____D C:\Program Files (x86)\IIS Express 2016-01-11 23:34 - 2015-09-26 14:41 - 00000000 ____D C:\Program Files (x86)\HTML Help Workshop 2016-01-11 23:01 - 2015-09-26 14:41 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 12.0 2016-01-11 22:56 - 2015-09-26 14:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 14.0 2016-01-11 22:50 - 2014-01-02 16:17 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs 2016-01-10 22:03 - 2014-02-08 22:26 - 00000376 _____ C:\Users\Heinz\Desktop\Live Anmelden.url 2016-01-10 13:40 - 2013-12-19 19:37 - 00000000 ____D C:\Users\Rudolf\AppData\Local\CrashDumps 2016-01-08 18:04 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-01-05 21:04 - 2013-08-22 16:38 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-01-05 21:04 - 2013-08-22 16:38 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-01-03 13:46 - 2014-01-02 16:38 - 00000000 ____D C:\Program Files (x86)\NuGet 2016-01-01 21:05 - 2015-12-18 16:14 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\jEdit 2016-01-01 17:55 - 2013-12-21 14:53 - 00000000 ____D C:\Users\Heinz\AppData\Local\Adobe 2015-12-28 15:31 - 2013-12-21 18:01 - 00000000 _____ C:\WINDOWS\BcdLog.txt 2015-12-28 15:30 - 2013-12-21 18:01 - 00000028 _____ C:\WINDOWS\OutLog.txt ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2013-12-26 22:06 - 2015-07-28 21:44 - 0009216 _____ () C:\Users\Heinz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-11-27 20:52 - 2015-11-27 20:52 - 0001516 _____ () C:\Users\Heinz\AppData\Local\recently-used.xbel 2013-12-21 15:57 - 2015-01-28 12:41 - 0016515 _____ () C:\ProgramData\hpzinstall.log Einige Dateien in TEMP: ==================== C:\Users\Heinz\AppData\Local\Temp\ICSharpCode.SharpZipLib.dll C:\Users\Heinz\AppData\Local\Temp\npp.6.7.8.2.Installer.exe C:\Users\Heinz\AppData\Local\Temp\npp.6.8.1.Installer.exe C:\Users\Heinz\AppData\Local\Temp\npp.6.8.3.Installer.exe C:\Users\Heinz\AppData\Local\Temp\npp.6.8.6.Installer.exe C:\Users\Heinz\AppData\Local\Temp\npp.6.8.8.Installer.exe C:\Users\Heinz\AppData\Local\Temp\TubeItUpdater.exe C:\Users\Heinz\AppData\Local\Temp\WatermarkImageSetup.3.5.1.5.exe C:\Users\Rudolf\AppData\Local\Temp\6_Offer_13.exe C:\Users\Rudolf\AppData\Local\Temp\bdcam_0.dll C:\Users\Rudolf\AppData\Local\Temp\bdfilters.dll C:\Users\Rudolf\AppData\Local\Temp\DRVMGT.DLL C:\Users\Rudolf\AppData\Local\Temp\HPInstaller.exe C:\Users\Rudolf\AppData\Local\Temp\KMP_3.9.1.131.exe C:\Users\Rudolf\AppData\Local\Temp\mgxoschk.dll C:\Users\Rudolf\AppData\Local\Temp\MgxVistaTools.dll C:\Users\Rudolf\AppData\Local\Temp\msxml6-KB927977-enu-amd64.exe C:\Users\Rudolf\AppData\Local\Temp\msxml6-KB927977-enu-x86.exe C:\Users\Rudolf\AppData\Local\Temp\TouchURL.exe C:\Users\Rudolf\AppData\Local\Temp\xmlUpdater.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert ACHTUNG: ==> Auf den BCD konnte nicht zugegriffen werden. der Benutzer ist kein Administrator ==================== Ende von FRST.txt ============================ [/CODE] |
|
11.02.2016, 22:15
| #15 |
| | "nbi cleaner" ist wieder/noch da FRST2 FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:25-01-2016 durchgeführt von Heinz (ACHTUNG: der Benutzer ist kein Administrator) auf PANDORA (27-01-2016 12:08:23) Gestartet von D:\Sicherung\Downloads\Microsoft\Tools\MalwareErkennung\FarbarRST Geladene Profile: Heinz (Verfügbare Profile: RudolfAlexander & Heinz) Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: IE) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) konnte nicht auf den Prozess zugreifen -> smss.exe konnte nicht auf den Prozess zugreifen -> csrss.exe konnte nicht auf den Prozess zugreifen -> wininit.exe konnte nicht auf den Prozess zugreifen -> csrss.exe konnte nicht auf den Prozess zugreifen -> winlogon.exe konnte nicht auf den Prozess zugreifen -> services.exe konnte nicht auf den Prozess zugreifen -> lsass.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> dwm.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> spoolsv.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> armsvc.exe konnte nicht auf den Prozess zugreifen -> BBSvc.EXE konnte nicht auf den Prozess zugreifen -> mDNSResponder.exe konnte nicht auf den Prozess zugreifen -> CCDMonitorService.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> Agent.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> HeciServer.exe konnte nicht auf den Prozess zugreifen -> IpOverUsbSvc.exe konnte nicht auf den Prozess zugreifen -> Jhi_service.exe konnte nicht auf den Prozess zugreifen -> mbamscheduler.exe konnte nicht auf den Prozess zugreifen -> mbamservice.exe konnte nicht auf den Prozess zugreifen -> mdm.exe konnte nicht auf den Prozess zugreifen -> mysqld.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> sqlwriter.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> TodoBackupService.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> vds.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> WUDFHost.exe konnte nicht auf den Prozess zugreifen -> dasHost.exe (Malwarebytes) D:\Program Files\ Malwarebytes Anti-Malware \mbam.exe (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe konnte nicht auf den Prozess zugreifen -> SearchIndexer.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (The Eraser Project) D:\Program Files\Eraser\Eraser.exe konnte nicht auf den Prozess zugreifen -> RIconMan.exe () C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe konnte nicht auf den Prozess zugreifen -> LMS.exe konnte nicht auf den Prozess zugreifen -> NASvc.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (CHENGDU YIWO Tech Development Co., Ltd) D:\Program Files\EaseUS\EaseUS Partition Maste10-8\bin\EpmNews.exe konnte nicht auf den Prozess zugreifen -> UNS.exe (Adobe Systems Inc.) D:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe konnte nicht auf den Prozess zugreifen -> wmpnetwk.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (FUJIFILM Corporation) C:\Program Files (x86)\FinePixViewer\QuickDCF2.exe (Hewlett-Packard Co.) D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe konnte nicht auf den Prozess zugreifen -> FNPLicensingService.exe (Hewlett-Packard Co.) D:\Program Files\HP\Digital Imaging\bin\hpqste08.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe (Hewlett-Packard Co.) D:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard) D:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe konnte nicht auf den Prozess zugreifen -> ePowerSvc.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe konnte nicht auf den Prozess zugreifen -> MsMpEng.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe konnte nicht auf den Prozess zugreifen -> SeaPort.EXE (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingApp.exe (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingBar.exe (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\bingsurrogate.exe (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\bingsurrogate.exe (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\bingsurrogate.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe (Adobe Systems Incorporated) D:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrobat_sl.exe konnte nicht auf den Prozess zugreifen -> MpCmdRun.exe konnte nicht auf den Prozess zugreifen -> SearchFilterHost.exe (Farbar) D:\Sicherung\Downloads\Microsoft\Tools\MalwareErkennung\FarbarRST\FarbarRecoveryScanTool64.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-02] (Realtek Semiconductor) HKLM\...\Run: [Eraser] => D:\Program Files\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project) HKLM\...\Run: [Classic Start Menu] => C:\Programme\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft) HKLM-x32\...\Run: [EaseUS EPM tray] => D:\Program Files\EaseUS\EaseUS Partition Maste10-8\bin\EpmNews.exe [2089056 2015-09-16] (CHENGDU YIWO Tech Development Co., Ltd) HKLM-x32\...\Run: [EaseUs Watch] => "H:\Program Files\EaseUS\Todo Backup\bin\EuWatch.exe" HKLM-x32\...\Run: [EaseUs Tray] => "H:\Program Files\EaseUS\Todo Backup\bin\TrayNotify.exe" HKLM-x32\...\Run: [Acrobat Assistant 8.0] => D:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [620152 2006-10-22] (Adobe Systems Inc.) HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe HKLM-x32\...\Run: [HP Software Update] => D:\Program Files\HP\HP Software Update\HPWuSchd2.exe HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-12-22] (Oracle Corporation) HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe [54072 2015-10-05] (Malwarebytes) Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\Run: [GoogleChromeAutoLaunch_8873E7926251A1FFF25FD5B64C244189] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [748360 2016-01-12] (Google Inc.) HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1193176 2013-09-17] () HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [133632 2014-10-29] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Programme\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft) ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Programme\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk [2016-01-27] ShortcutTarget: Adobe Acrobat Speed Launcher.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Synchronizer.lnk [2016-01-27] ShortcutTarget: Adobe Acrobat Synchronizer.lnk -> D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2016-01-27] ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ExifLauncher2.lnk [2016-01-27] ShortcutTarget: ExifLauncher2.lnk -> C:\Program Files (x86)\FinePixViewer\QuickDCF2.exe (FUJIFILM Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-01-27] ShortcutTarget: HP Digital Imaging Monitor.lnk -> D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2016-01-27] ShortcutTarget: Microsoft Office.lnk -> D:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation) Startup: C:\Users\RudolfAlexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2016-01-27] ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) Startup: C:\Users\RudolfAlexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Corel Registration.lnk [2016-01-27] ShortcutTarget: Corel Registration.lnk -> I:\Programme\Corel\Graphics9\Register\Remind32.exe (IntelliQuest Communications, Inc.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) ProxyServer: [S-1-5-21-2932333098-1933949563-2559224823-1004] => 127.0.0.1:4001 Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{B3CAEEBF-3743-4152-A0F7-CCF641E2A859}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.qone8.com/web/?type=ds&ts=1398545656&from=kmp&uid=ST500DM002-1BD142_Z3TML6A8XXXXZ3TML6A8&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.qone8.com/web/?type=ds&ts=1398545656&from=kmp&uid=ST500DM002-1BD142_Z3TML6A8XXXXZ3TML6A8&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.qone8.com/web/?type=ds&ts=1398545656&from=kmp&uid=ST500DM002-1BD142_Z3TML6A8XXXXZ3TML6A8&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.qone8.com/web/?type=ds&ts=1398545656&from=kmp&uid=ST500DM002-1BD142_Z3TML6A8XXXXZ3TML6A8&q={searchTerms} HKU\S-1-5-21-2932333098-1933949563-2559224823-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de/ SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms} SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKU\.DEFAULT -> {B7DE1827-F960-445E-9E13-EF6E99B49D87} URL = SearchScopes: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms} SearchScopes: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004 -> {B7DE1827-F960-445E-9E13-EF6E99B49D87} URL = BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Programme\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Program Files\Java\bin\ssv.dll [2016-01-26] (Oracle Corporation) BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Program Files\Java\bin\jp2ssv.dll [2016-01-26] (Oracle Corporation) BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Programme\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft) BHO-x32: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated) BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Programme\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft) BHO-x32: SSVHelper Class -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.5.0_17\bin\ssv.dll => Keine Datei BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems Incorporated) BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.) BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Programme\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft) Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.) Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Programme\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft) Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.) Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Programme\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft) Toolbar: HKU\S-1-5-21-2932333098-1933949563-2559224823-1004 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei DPF: HKLM-x32 {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://javadl-esd.sun.com/update/1.5.0/jinstall-1_5-windows-i586.cab DPF: HKLM-x32 {DED4D168-AEEE-4E0C-B699-36A9A320ED5E} hxxp://de.cyberlink.com/prog/win8/js/UpdateAdvisor.cab Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default FF Homepage: hxxp://de.msn.com/ FF NetworkProxy: "backup.ftp", "127.0.0.1" FF NetworkProxy: "backup.ftp_port", 4001 FF NetworkProxy: "backup.socks", "127.0.0.1" FF NetworkProxy: "backup.socks_port", 4001 FF NetworkProxy: "backup.ssl", "127.0.0.1" FF NetworkProxy: "backup.ssl_port", 4001 FF NetworkProxy: "ftp", "127.0.0.1" FF NetworkProxy: "ftp_port", 4001 FF NetworkProxy: "http", "127.0.0.1" FF NetworkProxy: "http_port", 4001 FF NetworkProxy: "share_proxy_settings", true FF NetworkProxy: "socks", "127.0.0.1" FF NetworkProxy: "socks_port", 4001 FF NetworkProxy: "socks_remote_dns", true FF NetworkProxy: "ssl", "127.0.0.1" FF NetworkProxy: "ssl_port", 4001 FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-20] () FF Plugin: @java.com/DTPlugin,version=11.72.2 -> D:\Program Files\Java\bin\dtplugin\npDeployJava1.dll [2016-01-26] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.72.2 -> D:\Program Files\Java\bin\plugin2\npjp2.dll [2016-01-26] (Oracle Corporation) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-20] () FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> D:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> D:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> D:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> D:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-01-12] (Foxit Corporation) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2932333098-1933949563-2559224823-1004: @phonostar.de/1&1 Internet-Radio-Player -> D:\Program Files\1&1 Internet-Radio-Player\npphonostarDetectNP.dll [Keine Datei] FF Plugin HKU\S-1-5-21-2932333098-1933949563-2559224823-1004: @phonostar.de/phonostar-Player -> D:\Program Files\Internet-Radio-Player\phonostar-Player\npphonostarDetectNP.dll [Keine Datei] FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) FF Extension: Proxy Selector - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\extensions\proxyselector@mozilla.org.xpi [2015-06-04] FF Extension: Webpage Snapshot - Snapilicious.com - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\extensions\admin@snapilicious.com.xpi [2015-06-04] FF Extension: FoxyProxy Standard - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\extensions\foxyproxy@eric.h.jung [2015-06-04] FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2014-12-15] [ist nicht signiert] FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\extensions\artur.dubovoy@gmail.com [2016-01-26] FF Extension: Hotspot Shield Free VPN Proxy – Unblock Sites - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\Extensions\hotspot-shield@anchorfree.com.xpi [2015-11-03] [ist nicht signiert] FF Extension: ProxTube - Unblock YouTube - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\Extensions\ich@maltegoetz.de.xpi [2015-08-09] FF Extension: YouTube Unblocker - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\Extensions\youtubeunblocker__web@unblocker.yt [2015-12-04] FF Extension: unity player - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\Extensions\{05cfb51c-ba6e-41f7-89b3-a96f5c837a87}.xpi [2015-09-22] [ist nicht signiert] FF Extension: YouTube High Definition - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2016-01-24] FF Extension: Download YouTube Videos as MP4 - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2016-01-08] FF Extension: Video DownloadHelper - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-10-30] FF Extension: mpeg4 manager free - C:\Users\Heinz\AppData\Roaming\Mozilla\Firefox\Profiles\xv8vxxkx.default\Extensions\{df4bd301-ee66-4f5e-a6e0-25ddf2bf381e}.xpi [2016-01-01] [ist nicht signiert] FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA} [2015-10-23] [ist nicht signiert] FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden Chrome: ======= CHR StartupUrls: Default -> "hxxps://www.google.de/" CHR Profile: C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (ProxFlow) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-07-29] CHR Extension: (Magic Actions for YouTube™) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2015-12-11] CHR Extension: (Google Docs) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05] CHR Extension: (Google Drive) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24] CHR Extension: (YouTube) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24] CHR Extension: (Google-Suche) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Google Docs Offline) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-20] CHR Extension: (TinEye Reverse Image Search) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2014-05-23] CHR Extension: (TV für Google Chrome™) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe [2016-01-19] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-29] CHR Extension: (YouTube Unblocker) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnkeeiehehhefofiekoflfedgehcdhl [2014-12-29] [UpdateUrl: hxxp://www.unblocker.yt/addon/chrome/updates.xml] <==== ACHTUNG CHR Extension: (Google Mail) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28] Opera: ======= StartMenuInternet: (HKLM) Opera - D:\Program Files\Opera\Opera.exe StartMenuInternet: (HKU\S-1-5-21-2932333098-1933949563-2559224823-1004) Opera - "C:\Users\Heinz\AppData\Local\Programs\Opera x64\Opera.exe" ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-01-28] (Adobe Systems) [Datei ist nicht signiert] R2 Bonjour Service; C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe [384512 2015-08-18] (Apple Inc.) [Datei ist nicht signiert] R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated) R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [37416 2014-12-15] (CHENGDU YIWO Tech Development Co., Ltd) R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [660040 2013-01-18] (Acer Incorporated) R3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2013-12-21] (Macrovision Europe Ltd.) [Datei ist nicht signiert] R3 hpqcxs08; D:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [254824 2011-04-29] (Hewlett-Packard Co.) R2 hpqddsvc; D:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [138600 2011-04-29] (Hewlett-Packard Co.) R2 HPSLPSVC; C:\Users\RudolfAlexander\AppData\Local\Temp\7zS5C6D\hpslpsvc64.dll [1039360 2013-07-19] (Hewlett-Packard Co.) [Datei ist nicht signiert] R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [Datei ist nicht signiert] R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21744 2015-07-09] (Microsoft Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation) S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [625640 2015-04-24] (Lenovo) R2 lmhosts; C:\Windows\system32\svchost.exe [38792 2014-10-29] (Microsoft Corporation) R2 lmhosts; C:\WINDOWS\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation) R2 MBAMScheduler; D:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; D:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe [270336 2001-02-23] (Microsoft Corporation) [Datei ist nicht signiert] R2 MySQL; D:\Programme\MariaDB 10.1\bin\mysqld.exe [13470536 2015-12-23] () R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert] R2 NlaSvc; C:\Windows\System32\svchost.exe [38792 2014-10-29] (Microsoft Corporation) R2 NlaSvc; C:\WINDOWS\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation) R2 nsi; C:\Windows\system32\svchost.exe [38792 2014-10-29] (Microsoft Corporation) R2 nsi; C:\WINDOWS\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation) R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert] S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [134656 2015-07-09] (Microsoft Corporation) [Datei ist nicht signiert] S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-06] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider) S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [18528 2014-11-18] () S3 epmntdrv; C:\WINDOWS\SysWOW64\epmntdrv.sys [14944 2014-11-18] () R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48168 2014-12-14] () S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10848 2014-11-18] () S3 EuGdiDrv; C:\WINDOWS\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] () R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-27] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2015-11-15] (Riverbed Technology, Inc.) R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation) S1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-12-18] (Oracle Corporation) R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [194976 2016-01-19] (Oracle Corporation) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) S3 cpuz137; \??\D:\Program Files\CPUID\PC Wizard 2013\pcwiz_x64.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-01-27 10:41 - 2016-01-27 11:45 - 00000792 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-01-27 10:41 - 2016-01-27 10:42 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-01-27 10:41 - 2016-01-27 10:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-01-27 10:41 - 2016-01-27 10:41 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-01-27 10:41 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2016-01-27 10:41 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2016-01-27 10:41 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2016-01-27 00:02 - 2016-01-27 00:02 - 00000000 ____D C:\Program Files (x86)\ESET 2016-01-26 22:00 - 2016-01-27 12:08 - 00000000 ____D C:\FRST 2016-01-26 21:05 - 2016-01-26 21:05 - 00000079 _____ C:\WINDOWS\wininit.ini 2016-01-26 17:48 - 2016-01-26 17:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Strawberry Perl (64-bit) 2016-01-26 17:38 - 2016-01-26 17:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox 2016-01-26 17:15 - 2016-01-26 17:15 - 00110176 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll 2016-01-26 17:15 - 2016-01-26 17:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-01-26 16:36 - 2016-01-26 16:36 - 00001468 _____ C:\Users\Heinz\Desktop\WinMD5.lnk 2016-01-25 18:51 - 2016-01-26 10:48 - 00000000 ____D C:\Users\Heinz\VirtualBox VMs 2016-01-25 17:38 - 2016-01-26 10:48 - 00000000 ____D C:\Users\Heinz\.VirtualBox 2016-01-25 17:32 - 2016-01-25 17:33 - 00000000 ____D C:\Users\RudolfAlexander\.VirtualBox 2016-01-25 17:27 - 2016-01-25 17:27 - 00000000 ____D C:\MATS 2016-01-19 17:40 - 2016-01-19 17:40 - 00194976 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxNetLwf.sys 2016-01-17 12:35 - 2016-01-18 00:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2016-01-14 17:48 - 2016-01-26 17:17 - 00000000 ____D C:\Users\Heinz\.oracle_jre_usage 2016-01-14 17:45 - 2016-01-14 17:45 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\HeidiSQL 2016-01-14 17:43 - 2016-01-27 11:45 - 00001170 _____ C:\Users\Public\Desktop\HeidiSQL.lnk 2016-01-14 17:43 - 2016-01-14 17:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MariaDB 10.1 (x64) 2016-01-14 16:26 - 2016-01-27 11:45 - 00000715 _____ C:\Users\Public\Desktop\Notepad++ 6.8.8.lnk 2016-01-13 22:48 - 2016-01-12 20:40 - 00001576 _____ C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Win Media Player.lnk 2016-01-12 21:26 - 2015-12-30 20:32 - 07453016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-01-12 21:26 - 2015-12-30 20:32 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2016-01-12 21:26 - 2015-12-30 20:32 - 01499912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2016-01-12 21:26 - 2015-12-11 05:38 - 25837568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-01-12 21:26 - 2015-12-11 05:00 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2016-01-12 21:26 - 2015-12-11 04:55 - 06051328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-01-12 21:26 - 2015-12-11 04:50 - 20367360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-01-12 21:26 - 2015-12-11 04:45 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2016-01-12 21:26 - 2015-12-11 04:21 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2016-01-12 21:26 - 2015-12-11 04:18 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2016-01-12 21:26 - 2015-12-11 04:09 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2016-01-12 21:26 - 2015-12-11 04:09 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2016-01-12 21:26 - 2015-12-11 04:03 - 14456832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-01-12 21:26 - 2015-12-11 03:59 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-01-12 21:26 - 2015-12-11 03:43 - 04610560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-01-12 21:26 - 2015-12-11 03:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2016-01-12 21:26 - 2015-12-11 03:38 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-01-12 21:26 - 2015-12-11 03:37 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-01-12 21:26 - 2015-12-11 03:35 - 12856320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-01-12 21:26 - 2015-12-11 03:26 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-01-12 21:26 - 2015-12-11 03:14 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2016-01-12 21:26 - 2015-12-11 03:12 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-01-12 21:26 - 2015-12-11 03:08 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-01-12 21:26 - 2015-12-11 03:07 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2016-01-12 21:26 - 2015-12-10 01:40 - 00033456 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2016-01-12 21:26 - 2015-12-07 11:56 - 01380600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2016-01-12 21:26 - 2015-12-05 06:58 - 02745184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 02528784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 02450240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVENCOD.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 02447136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVENCOD.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 02334104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2016-01-12 21:26 - 2015-12-05 06:58 - 02324744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2016-01-12 21:26 - 2015-12-05 06:58 - 01877504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll 2016-01-12 21:26 - 2015-12-05 06:58 - 01798480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll 2016-01-12 21:26 - 2015-12-05 06:58 - 01484888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll 2016-01-12 21:26 - 2015-12-05 06:58 - 01288128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll 2016-01-12 21:26 - 2015-12-05 06:58 - 01210200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 01150232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 01115640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2016-01-12 21:26 - 2015-12-05 06:58 - 01037680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 00914672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 00850680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2016-01-12 21:26 - 2015-12-05 06:58 - 00735496 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll 2016-01-12 21:26 - 2015-12-05 06:58 - 00700360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2016-01-12 21:26 - 2015-12-05 06:58 - 00629600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll 2016-01-12 21:26 - 2015-12-05 06:58 - 00557856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSDECD.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 00498472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-01-12 21:26 - 2015-12-05 06:58 - 00492736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSDECD.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 00463776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 00399776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2016-01-12 21:26 - 2015-12-05 06:58 - 00299080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VIDRESZR.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 00275312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MPG4DECD.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 00274280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP43DECD.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 00250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPG4DECD.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 00248432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP43DECD.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 00246856 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 00244296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2016-01-12 21:26 - 2015-12-05 06:58 - 00229272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 00203016 _____ (Microsoft Corporation) C:\WINDOWS\system32\COLORCNV.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 00184912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COLORCNV.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 00183856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VIDRESZR.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 00110544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll 2016-01-12 21:26 - 2015-12-05 06:58 - 00099136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL 2016-01-12 21:26 - 2015-12-05 06:58 - 00090904 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll 2016-01-12 21:26 - 2015-12-05 06:58 - 00090392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfvdsp.dll 2016-01-12 21:26 - 2015-12-05 06:58 - 00081032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll 2016-01-12 21:26 - 2015-12-05 06:58 - 00076936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfvdsp.dll 2016-01-12 21:26 - 2015-12-04 16:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2016-01-12 21:26 - 2015-12-03 20:42 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-01-12 21:26 - 2015-12-03 20:42 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll 2016-01-12 21:26 - 2015-12-03 20:42 - 00137968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll 2016-01-12 21:26 - 2015-12-03 20:42 - 00106960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll 2016-01-12 21:26 - 2015-12-03 20:41 - 00177488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2016-01-12 21:26 - 2015-12-03 19:52 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2016-01-12 21:26 - 2015-12-03 19:52 - 00120376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll 2016-01-12 21:26 - 2015-12-03 19:52 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll 2016-01-12 21:26 - 2015-12-03 19:28 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2016-01-12 21:26 - 2015-12-03 19:28 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2016-01-12 21:26 - 2015-12-03 19:07 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll 2016-01-12 21:26 - 2015-12-03 19:07 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax 2016-01-12 21:26 - 2015-12-03 19:05 - 00644608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL 2016-01-12 21:26 - 2015-12-03 19:02 - 01664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL 2016-01-12 21:26 - 2015-12-03 19:00 - 00451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL 2016-01-12 21:26 - 2015-12-03 18:58 - 00378880 ____C (Microsoft Corporation) C:\WINDOWS\system32\SysFxUI.dll 2016-01-12 21:26 - 2015-12-03 18:51 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2016-01-12 21:26 - 2015-12-03 18:36 - 01697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll 2016-01-12 21:26 - 2015-12-03 18:30 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFWMAAEC.DLL 2016-01-12 21:26 - 2015-12-03 18:28 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll 2016-01-12 21:26 - 2015-12-03 18:28 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax 2016-01-12 21:26 - 2015-12-03 18:27 - 00736256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL 2016-01-12 21:26 - 2015-12-03 18:24 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL 2016-01-12 21:26 - 2015-12-03 18:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL 2016-01-12 21:26 - 2015-12-03 18:16 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2016-01-12 21:26 - 2015-12-03 18:13 - 01441280 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-01-12 21:26 - 2015-12-03 18:07 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2016-01-12 21:26 - 2015-12-03 18:06 - 01501184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll 2016-01-12 21:26 - 2015-12-03 18:01 - 00743936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFWMAAEC.DLL 2016-01-12 21:26 - 2015-12-03 17:45 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2016-01-12 21:26 - 2015-12-03 17:40 - 01010688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL 2016-01-12 21:26 - 2015-12-03 17:29 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL 2016-01-12 21:26 - 2015-12-02 16:04 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll 2016-01-12 21:26 - 2015-12-02 16:01 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll 2016-01-12 21:26 - 2015-11-17 22:07 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-01-12 21:26 - 2015-11-17 22:07 - 01164800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-01-12 21:26 - 2015-11-17 22:07 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2016-01-12 21:26 - 2015-11-17 22:07 - 00705024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-01-12 21:26 - 2015-11-17 22:07 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-01-12 21:26 - 2015-11-17 22:07 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2016-01-12 21:26 - 2015-11-17 22:07 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-01-12 21:25 - 2015-12-08 20:08 - 00685432 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll 2016-01-12 21:25 - 2015-12-08 20:07 - 00507176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll 2016-01-12 16:31 - 2015-12-18 17:08 - 00965440 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxDrv.sys 2016-01-11 22:15 - 2016-01-11 22:15 - 00000000 ____D C:\Users\RudolfAlexander\AppData\Roaming\MySQL 2016-01-11 21:58 - 2016-01-11 21:58 - 00000000 ____D C:\Users\RudolfAlexander\AppData\Roaming\Oracle 2016-01-11 21:54 - 2016-01-11 22:31 - 00000000 ____D C:\ProgramData\MySQL 2016-01-11 17:56 - 2016-01-11 17:56 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\postgresql 2016-01-03 13:46 - 2016-01-03 13:51 - 00000000 ____D C:\Users\RudolfAlexander\AppData\Local\VSIXInstaller 2016-01-03 13:46 - 2016-01-03 13:46 - 00000000 ____D C:\Program Files (x86)\Microsoft Office365 Tools 2016-01-03 13:15 - 2016-01-11 23:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinImage 2016-01-03 13:15 - 2016-01-03 13:15 - 00000000 ____D C:\Users\RudolfAlexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinImage ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-01-27 12:01 - 2013-12-24 15:04 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\ClassicShell 2016-01-27 11:54 - 2013-12-26 15:30 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-01-27 11:52 - 2013-12-21 21:49 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-01-27 11:50 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-01-27 11:45 - 2015-12-26 17:55 - 00000851 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk 2016-01-27 11:45 - 2015-12-26 17:55 - 00000789 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk 2016-01-27 11:45 - 2015-12-18 16:14 - 00000760 _____ C:\Users\RudolfAlexander\Desktop\jEdit.lnk 2016-01-27 11:45 - 2015-11-23 13:04 - 00000777 _____ C:\Users\Public\Desktop\GIMP 2.lnk 2016-01-27 11:45 - 2015-11-23 13:04 - 00000777 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk 2016-01-27 11:45 - 2015-11-21 17:31 - 00000877 _____ C:\Users\RudolfAlexander\Desktop\Any Video Converter.lnk 2016-01-27 11:45 - 2015-11-21 17:13 - 00001017 _____ C:\Users\Public\Desktop\Foxit Reader.lnk 2016-01-27 11:45 - 2015-11-21 16:07 - 00000675 _____ C:\Users\RudolfAlexander\Desktop\Nmap - Zenmap GUI.lnk 2016-01-27 11:45 - 2015-10-31 11:47 - 00002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-01-27 11:45 - 2015-10-31 11:47 - 00002075 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk 2016-01-27 11:45 - 2015-09-26 14:47 - 00001556 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2015.lnk 2016-01-27 11:45 - 2015-09-26 14:35 - 00001557 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015.lnk 2016-01-27 11:45 - 2015-07-22 16:57 - 00001216 _____ C:\Users\RudolfAlexander\Desktop\CrystalDiskInfo.lnk 2016-01-27 11:45 - 2015-07-17 11:55 - 00002779 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Outlook.lnk 2016-01-27 11:45 - 2015-07-17 11:55 - 00002719 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Excel.lnk 2016-01-27 11:45 - 2015-07-17 11:55 - 00002707 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft PowerPoint.lnk 2016-01-27 11:45 - 2015-07-17 11:55 - 00002687 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Word.lnk 2016-01-27 11:45 - 2015-07-17 11:55 - 00002649 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Access.lnk 2016-01-27 11:45 - 2015-07-15 21:55 - 00002178 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk 2016-01-27 11:45 - 2015-05-30 10:37 - 00000741 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2016-01-27 11:45 - 2015-04-20 14:37 - 00000707 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk 2016-01-27 11:45 - 2015-02-22 19:36 - 00001096 _____ C:\Users\Public\Desktop\paint.net.lnk 2016-01-27 11:45 - 2015-02-08 17:33 - 00002597 _____ C:\Users\Public\Desktop\WorldWide Telescope.lnk 2016-01-27 11:45 - 2015-01-31 12:52 - 00000823 _____ C:\Users\Public\Desktop\Greenfish Icon Editor Pro.lnk 2016-01-27 11:45 - 2015-01-31 11:04 - 00001122 _____ C:\Users\Public\Desktop\VLC media player.lnk 2016-01-27 11:45 - 2014-12-26 22:10 - 00001142 _____ C:\Users\Public\Desktop\Free Dailymotion Download.lnk 2016-01-27 11:45 - 2014-10-31 10:42 - 00001178 _____ C:\Users\RudolfAlexander\Desktop\Calculator.lnk 2016-01-27 11:45 - 2014-10-31 10:35 - 00002083 _____ C:\Users\RudolfAlexander\AppData\Roaming\Microsoft\Windows\Start Menu\startscreen.lnk 2016-01-27 11:45 - 2014-08-13 15:59 - 00001989 _____ C:\Users\Public\Desktop\FinePixViewer.lnk 2016-01-27 11:45 - 2014-08-07 15:19 - 00001895 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk 2016-01-27 11:45 - 2014-08-07 15:19 - 00000787 _____ C:\Users\RudolfAlexander\Desktop\DVD slideshow GUI.lnk 2016-01-27 11:45 - 2014-08-07 15:05 - 00001096 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk 2016-01-27 11:45 - 2014-08-05 08:11 - 00001109 _____ C:\Users\Public\Desktop\HP Solution Center.lnk 2016-01-27 11:45 - 2014-08-05 08:11 - 00001109 _____ C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk 2016-01-27 11:45 - 2014-08-05 08:11 - 00000763 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk 2016-01-27 11:45 - 2014-05-17 16:09 - 00000842 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ImageReady 7.0.1.lnk 2016-01-27 11:45 - 2014-05-17 16:09 - 00000837 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 7.0.1.lnk 2016-01-27 11:45 - 2014-04-23 15:11 - 00000784 _____ C:\Users\Public\Desktop\Avidemux 2.6 - 64bits.lnk 2016-01-27 11:45 - 2014-01-28 16:34 - 00002089 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge.lnk 2016-01-27 11:45 - 2014-01-28 16:33 - 00001939 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2.0.lnk 2016-01-27 11:45 - 2013-12-25 18:13 - 00001177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-01-27 11:45 - 2013-12-25 18:13 - 00001171 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2016-01-27 11:45 - 2013-12-25 18:01 - 00002059 _____ C:\Users\RudolfAlexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lollipop.lnk 2016-01-27 11:45 - 2013-12-22 13:54 - 00001468 _____ C:\Users\RudolfAlexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-01-27 11:45 - 2013-12-22 13:37 - 00001511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2016-01-27 11:45 - 2013-12-22 00:26 - 00001557 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eraser.lnk 2016-01-27 11:45 - 2013-12-21 22:02 - 00002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 8.lnk 2016-01-27 11:45 - 2013-12-21 22:02 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 8 Professional.lnk 2016-01-27 11:45 - 2013-12-21 22:02 - 00001885 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle Designer 8.0.lnk 2016-01-27 11:45 - 2013-12-21 21:33 - 00001096 _____ C:\Users\RudolfAlexander\Desktop\RegEdit.lnk 2016-01-27 11:45 - 2013-12-21 15:10 - 00000837 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 5.0.lnk 2016-01-27 11:45 - 2013-12-21 15:04 - 00002107 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help Center.lnk 2016-01-27 11:45 - 2013-12-21 15:03 - 00000765 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign CS2.lnk 2016-01-27 11:45 - 2013-12-20 20:34 - 00000805 _____ C:\Users\RudolfAlexander\Desktop\ACDSee Trial Version.lnk 2016-01-27 11:45 - 2013-12-20 16:36 - 00000717 _____ C:\Users\Public\Desktop\WinRAR 3.93.lnk 2016-01-27 11:45 - 2013-12-19 17:02 - 00001227 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2016-01-27 11:45 - 2013-09-17 17:06 - 00001927 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2016-01-27 11:44 - 2013-12-25 18:00 - 00000000 ____D C:\Users\RudolfAlexander\AppData\Local\genienext 2016-01-27 11:44 - 2013-12-21 21:26 - 00000000 ____D C:\Users\RudolfAlexander\AppData\Roaming\Systweak 2016-01-27 11:39 - 2013-12-21 21:49 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-01-27 00:12 - 2013-12-22 11:17 - 00000000 ____D C:\Users\Heinz\AppData\Local\Eraser 6 2016-01-26 22:54 - 2013-12-21 15:23 - 00000000 ____D C:\TEMP 2016-01-26 21:05 - 2015-11-28 13:22 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2016-01-26 21:05 - 2013-08-22 14:36 - 00000000 ____D C:\Windows 2016-01-26 20:04 - 2013-12-21 14:42 - 00000000 ____D C:\Users\Heinz\AppData\Local\CrashDumps 2016-01-26 18:09 - 2014-10-31 10:35 - 00000000 ____D C:\Users\RudolfAlexander\AppData\Roaming\ClassicShell 2016-01-26 17:51 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-01-26 17:46 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps 2016-01-26 17:38 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf 2016-01-26 17:30 - 2013-12-24 17:22 - 00000000 ___DO C:\Users\RudolfAlexander\SkyDrive 2016-01-26 17:22 - 2014-03-26 18:26 - 00000000 ____D C:\Users\RudolfAlexander\.nbi 2016-01-26 16:59 - 2013-08-22 15:44 - 01027912 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-01-26 16:19 - 2015-09-26 14:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0 2016-01-26 16:19 - 2014-01-02 16:14 - 00000000 ____D C:\ProgramData\Package Cache 2016-01-26 16:19 - 2013-12-22 13:23 - 00000000 ____D C:\Program Files (x86)\MSBuild 2016-01-26 16:15 - 2015-09-26 15:05 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0 2016-01-26 16:14 - 2015-09-26 14:46 - 00000000 ____D C:\Program Files (x86)\Windows Phone Kits 2016-01-26 11:27 - 2013-12-22 13:33 - 00000000 ____D C:\Users\Heinz 2016-01-26 11:21 - 2013-12-22 13:33 - 00000000 ____D C:\Users\RudolfAlexander 2016-01-26 11:20 - 2015-11-21 16:07 - 00000000 ____D C:\Users\RudolfAlexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nmap 2016-01-26 11:20 - 2013-12-21 21:18 - 00000000 ____D C:\ProgramData\FLEXnet 2016-01-26 11:06 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\registration 2016-01-25 17:29 - 2014-10-30 12:03 - 00000000 ____D C:\Users\RudolfAlexander\AppData\Local\ElevatedDiagnostics 2016-01-22 18:16 - 2013-12-26 15:10 - 00000000 ____D C:\Users\Heinz\dwhelper 2016-01-22 02:07 - 2015-01-31 11:04 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\vlc 2016-01-22 00:34 - 2014-12-23 01:01 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\dvdcss 2016-01-17 14:05 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache 2016-01-14 22:32 - 2013-11-14 08:27 - 01886820 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-01-14 22:32 - 2013-11-14 08:11 - 00805954 _____ C:\WINDOWS\system32\perfh007.dat 2016-01-14 22:32 - 2013-11-14 08:11 - 00176466 _____ C:\WINDOWS\system32\perfc007.dat 2016-01-14 16:26 - 2013-12-22 00:10 - 00000000 ____D C:\Users\RudolfAlexander\AppData\Roaming\Notepad++ 2016-01-13 22:06 - 2013-12-20 16:06 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-01-13 22:00 - 2013-12-20 16:06 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-01-13 17:49 - 2013-12-22 12:50 - 00321840 _____ C:\Users\Heinz\AppData\Roaming\GDIPFONTCACHEV1.DAT 2016-01-13 00:23 - 2015-04-15 16:58 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-01-13 00:23 - 2015-03-11 23:47 - 00000000 ___SD C:\WINDOWS\system32\CompatTel 2016-01-12 21:51 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-01-12 20:40 - 2013-12-19 21:41 - 00001576 _____ C:\Users\Heinz\Desktop\Win Media Player.lnk 2016-01-11 23:37 - 2014-01-02 16:16 - 00000000 ____D C:\WINDOWS\SysWOW64\1031 2016-01-11 23:37 - 2014-01-02 16:16 - 00000000 ____D C:\WINDOWS\system32\1033 2016-01-11 23:37 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2016-01-11 23:36 - 2015-12-18 16:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jEdit 5.3.0 2016-01-11 23:36 - 2015-09-26 14:50 - 00000000 ____D C:\Program Files\IIS Express 2016-01-11 23:36 - 2015-09-26 14:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015 2016-01-11 23:36 - 2014-01-01 17:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games 2016-01-11 23:35 - 2015-09-26 14:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Web Tools 2016-01-11 23:35 - 2013-12-19 17:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-01-11 23:34 - 2015-09-26 14:50 - 00000000 ____D C:\Program Files (x86)\IIS Express 2016-01-11 23:34 - 2015-09-26 14:41 - 00000000 ____D C:\Program Files (x86)\HTML Help Workshop 2016-01-11 23:01 - 2015-09-26 14:41 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 12.0 2016-01-11 22:56 - 2015-09-26 14:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 14.0 2016-01-11 22:50 - 2014-01-02 16:17 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs 2016-01-10 22:03 - 2014-02-08 22:26 - 00000376 _____ C:\Users\Heinz\Desktop\Live Anmelden.url 2016-01-10 13:40 - 2013-12-19 19:37 - 00000000 ____D C:\Users\RudolfAlexander\AppData\Local\CrashDumps 2016-01-08 18:04 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-01-05 21:04 - 2013-08-22 16:38 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-01-05 21:04 - 2013-08-22 16:38 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-01-03 13:46 - 2014-01-02 16:38 - 00000000 ____D C:\Program Files (x86)\NuGet 2016-01-01 21:05 - 2015-12-18 16:14 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\jEdit 2016-01-01 17:55 - 2013-12-21 14:53 - 00000000 ____D C:\Users\Heinz\AppData\Local\Adobe 2015-12-28 15:31 - 2013-12-21 18:01 - 00000000 _____ C:\WINDOWS\BcdLog.txt 2015-12-28 15:30 - 2013-12-21 18:01 - 00000028 _____ C:\WINDOWS\OutLog.txt ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2013-12-26 22:06 - 2015-07-28 21:44 - 0009216 _____ () C:\Users\Heinz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-11-27 20:52 - 2015-11-27 20:52 - 0001516 _____ () C:\Users\Heinz\AppData\Local\recently-used.xbel 2013-12-21 15:57 - 2015-01-28 12:41 - 0016515 _____ () C:\ProgramData\hpzinstall.log Einige Dateien in TEMP: ==================== C:\Users\Heinz\AppData\Local\Temp\ICSharpCode.SharpZipLib.dll C:\Users\Heinz\AppData\Local\Temp\npp.6.7.8.2.Installer.exe C:\Users\Heinz\AppData\Local\Temp\npp.6.8.1.Installer.exe C:\Users\Heinz\AppData\Local\Temp\npp.6.8.3.Installer.exe C:\Users\Heinz\AppData\Local\Temp\npp.6.8.6.Installer.exe C:\Users\Heinz\AppData\Local\Temp\npp.6.8.8.Installer.exe C:\Users\Heinz\AppData\Local\Temp\TubeItUpdater.exe C:\Users\Heinz\AppData\Local\Temp\WatermarkImageSetup.3.5.1.5.exe C:\Users\RudolfAlexander\AppData\Local\Temp\6_Offer_13.exe C:\Users\RudolfAlexander\AppData\Local\Temp\bdcam_0.dll C:\Users\RudolfAlexander\AppData\Local\Temp\bdfilters.dll C:\Users\RudolfAlexander\AppData\Local\Temp\DRVMGT.DLL C:\Users\RudolfAlexander\AppData\Local\Temp\HPInstaller.exe C:\Users\RudolfAlexander\AppData\Local\Temp\KMP_3.9.1.131.exe C:\Users\RudolfAlexander\AppData\Local\Temp\mgxoschk.dll C:\Users\RudolfAlexander\AppData\Local\Temp\MgxVistaTools.dll C:\Users\RudolfAlexander\AppData\Local\Temp\msxml6-KB927977-enu-amd64.exe C:\Users\RudolfAlexander\AppData\Local\Temp\msxml6-KB927977-enu-x86.exe C:\Users\RudolfAlexander\AppData\Local\Temp\TouchURL.exe C:\Users\RudolfAlexander\AppData\Local\Temp\xmlUpdater.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert ACHTUNG: ==> Auf den BCD konnte nicht zugegriffen werden. der Benutzer ist kein Administrator ==================== Ende von FRST.txt ============================ [/CODE] |
|
| Themen zu "nbi cleaner" ist wieder/noch da |
| alten, bedrohung, bekannte, cleaner, entdeck, entdeckt, exe-dateien, found, handel, heute, hoffe, installer, installier, installiere, installieren, java, löschen, melde, runtergeladen, schei, seite, troja, trojan, trojaner, verlasse, verlassen |
Linear-Darstellung
