| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Probleme mit InternetbrowserWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
18.02.2016, 16:44
| #1 |
  |  Probleme mit Internetbrowser Hallo  ,seit einigen Tagen hab ich das Problem, dass Firefox keine Seite lädt und Chrome andauernd abstürzt. Zusätzlich wird der Prozess beim beenden der beiden Browser irgendwie nicht wirklich beendet. Im normalen Taskmanager taucht er nicht auf, allerdings im Process Explorer wird der Prozess weiterhin angezeigt und beim beenden kommt: Code:
ATTFilter Error terminating process: Zugriff verweigert
Code:
ATTFilter Unable to terminate firefox.exe (PID xxxx): Es wurde versucht, auf einen Prozess zuzugreifen, der gerade beendet wurde.
FRST: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:17-02-2016 durchgeführt von KaskadekingDE (Administrator) auf KASKADEKING-PC (18-02-2016 16:20:55) Gestartet von C:\Users\***\Desktop Geladene Profile: KaskadekingDE (Verfügbare Profile: KaskadekingDE) Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe (Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe (Guillemot Corporation) C:\Windows\SysWOW64\HerculesWiFiService.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe (JetBrains s.r.o) C:\Program Files (x86)\JetBrains\ETW Host\JetBrains.ETW.Collector.Host.exe (Apple Inc.) C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe (Hi-Rez Studios) D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe (Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe (Sophos Limited) C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsClient.exe (Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe (Malwarebytes) D:\Programme\ Malwarebytes Anti-Malware \mbamscheduler.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Sophos Limited) C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsAgent.exe (VMware, Inc.) D:\Programme\VMware\vmware-authd.exe (SeriousBit) D:\Programme\NetBalancer\SeriousBit.NetBalancer.Service.exe () D:\Programme\Synergy\synergyd.exe (Sophos Limited) C:\Program Files (x86)\Common Files\Sophos\Web Intelligence\swi_fc.exe (Malwarebytes) D:\Programme\ Malwarebytes Anti-Malware \mbamservice.exe (CHENGDU YIWO Tech Development Co., Ltd) D:\Programme\EaseUS Todo Backup\Todo Backup\bin\Agent.exe (CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe (Microsoft Corporation) C:\Windows\System32\vds.exe () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TodoBackupService.exe (Malwarebytes) D:\Programme\ Malwarebytes Anti-Malware \mbam.exe () D:\Programme\Hercules WiFi\WiFi Station N\WiFiN.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Ruiware) D:\Programme\WinPatrol\WinPatrol.exe (eM Client, Inc.) C:\Program Files (x86)\eM Client\MailClient.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Mozilla Corporation) D:\Programme\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe konnte nicht auf den Prozess zugreifen -> MicrosoftEdgeCP.exe (Sysinternals - www.sysinternals.com) D:\Bibliotheken\Dokumente\ProcessExplorer\procexp.exe (Sysinternals - www.sysinternals.com) C:\Users\***\AppData\Local\Temp\PROCEXP64.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Igor Pavlov) D:\Programme\7-Zip\7zFM.exe (Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe konnte nicht auf den Prozess zugreifen -> swi_lspdiag.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Valve Corporation) D:\Programme\Steam\Steam.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Valve Corporation) D:\Programme\Steam\bin\steamwebhelper.exe konnte nicht auf den Prozess zugreifen -> MicrosoftEdgeCP.exe (Valve Corporation) D:\Programme\Steam\bin\steamwebhelper.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Valve Corporation) D:\Programme\Steam\bin\steamwebhelper.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-07-29] (Realtek Semiconductor) HKLM\...\Run: [Greenshot] => D:\Programme\Greenshot\Greenshot.exe [528384 2015-11-10] (Greenshot) HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-10-01] (Raptr, Inc) HKLM-x32\...\Run: [EaseUS EPM tray] => D:\Programme\EaseUS Partition Master 10.8\bin\EpmNews.exe [2089056 2015-09-16] (CHENGDU YIWO Tech Development Co., Ltd) HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [883352 2015-12-14] (BlueStack Systems, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [VirtualCloneDrive] => D:\Programme\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG) HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] => C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [1418504 2016-01-03] (Sophos Limited) HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Run: [WinPatrol] => D:\Programme\WinPatrol\winpatrol.exe [1238152 2015-05-17] (Ruiware) HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Run: [eM Client] => C:\Program Files (x86)\eM Client\MailClient.exe [15681832 2015-12-14] (eM Client, Inc.) HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Run: [FileHippo.com] => D:\Programme\FileHippo.com\FileHippo.AppManager.exe [10574544 2015-05-12] () HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Run: [BitTorrent] => C:\Users\***\AppData\Roaming\BitTorrent\BitTorrent.exe [1873952 2015-12-06] (BitTorrent Inc.) HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Run: [Spotify Web Helper] => C:\Users\***\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2346096 2015-12-23] (Spotify Ltd) HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [787592 2015-09-21] (Sandboxie Holdings, LLC) HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.exe [433256 2015-11-05] (CyberGhost S.R.L.) HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Run: [GalaxyClient] => [X] HKU\S-1-5-21-117306591-3796779208-521460896-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [150528 2015-10-30] (Microsoft Corporation) AppInit_DLLs-x32: C:\PROGRA~2\Sophos\SOPHOS~1\\SOPHOS~1.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\\sophos_detoured.dll [275352 2015-12-02] (Sophos Limited) IFEO\SppExtComObj.exe: [Debugger] C:\WINDOWS\SECOH-QAD.exe ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\***\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64\FileSyncShell64.dll [2015-11-29] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\***\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64\FileSyncShell64.dll [2015-11-29] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\***\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64\FileSyncShell64.dll [2015-11-29] (Microsoft Corporation) ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Keine Datei ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Keine Datei ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Keine Datei ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Keine Datei ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\***\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\FileSyncShell.dll [2015-11-29] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\***\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\FileSyncShell.dll [2015-11-29] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\***\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\FileSyncShell.dll [2015-11-29] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Keine Datei ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Keine Datei ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Keine Datei ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{16b3da2f-3369-4f8c-958f-17af1676bbfc}: [DhcpNameServer] 10.175.0.1 Tcpip\..\Interfaces\{bd567df3-7c98-4f98-ae5e-f75c7867c650}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== HKU\S-1-5-21-117306591-3796779208-521460896-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://localoem.msn.com/ HKU\S-1-5-21-117306591-3796779208-521460896-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://localoem.msn.com BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> D:\Programme\Microsoft Office 2013\Office15\OCHelper.dll [2016-01-12] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Programme\Java\jre1.8.0_65\bin\ssv.dll [2015-11-16] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Programme\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-11-16] (Oracle Corporation) BHO-x32: Kein Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> Keine Datei BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-01-12] (Microsoft Corporation) BHO-x32: Kein Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Keine Datei Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - D:\Programme\Microsoft Office 2013\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\anscmfsk.default FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-10] () FF Plugin: @java.com/DTPlugin,version=11.65.2 -> D:\Programme\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-11-16] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.65.2 -> D:\Programme\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-11-16] (Oracle Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> D:\Programme\Microsoft Office 2013\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] () FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> D:\Programme\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [Keine Datei] FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> D:\Programme\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [Keine Datei] FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> D:\Programme\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-117306591-3796779208-521460896-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\***\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-07-11] (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation) FF SearchPlugin: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\anscmfsk.default\searchplugins\bugzilla.xml [2015-07-07] FF SearchPlugin: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\anscmfsk.default\searchplugins\vb-paradise-20.xml [2015-07-13] FF Extension: HttpRequester - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\anscmfsk.default\extensions\{ea4637dc-e014-4c17-9c2c-879322d23268} [2015-06-17] FF Extension: Greasemonkey - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\anscmfsk.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-11-22] FF Extension: DownThemAll! - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\anscmfsk.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-12-06] FF Extension: WOT - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\anscmfsk.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-12-10] FF Extension: NoScript - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\anscmfsk.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-02-13] FF Extension: uBlock Origin - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\anscmfsk.default\Extensions\uBlock0@raymondhill.net.xpi [2016-02-16] StartMenuInternet: FIREFOX.EXE - D:\Programme\Mozilla Firefox\firefox.exe Chrome: ======= CHR Profile: C:\Users\***\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Präsentationen) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-16] CHR Extension: (Google Docs) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-16] CHR Extension: (Google Drive) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-16] CHR Extension: (YouTube) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-16] CHR Extension: (uBlock Origin) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2016-02-16] CHR Extension: (Google-Suche) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-16] CHR Extension: (Tampermonkey) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-02-16] CHR Extension: (Google Tabellen) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-16] CHR Extension: (Google Docs Offline) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-16] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-16] CHR Extension: (Google Mail) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-16] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc.) R2 Bonjour Service; C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe [384512 2015-06-02] (Apple Inc.) [Datei ist nicht signiert] S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [432792 2015-12-14] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [412312 2015-12-14] (BlueStack Systems, Inc.) R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [854680 2015-12-14] (BlueStack Systems, Inc.) R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [65640 2015-11-05] (CyberGhost S.R.L) R2 EaseUS Agent; D:\Programme\EaseUS Todo Backup\Todo Backup\bin\Agent.exe [37416 2014-12-15] (CHENGDU YIWO Tech Development Co., Ltd) S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-19] (Microsoft Corporation) [Datei ist nicht signiert] S3 GalaxyClientService; D:\Programme\GalaxyClient\GalaxyClientService.exe [1616440 2015-10-14] (GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7220792 2016-02-11] (GOG.com) R2 HerculesWiFi; C:\WINDOWS\SysWOW64\\HerculesWiFiService.exe [78232 2012-09-26] (Guillemot Corporation) U2 HiPatchService; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2015-11-03] (Hi-Rez Studios) [Datei ist nicht signiert] R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe [14760 2013-01-11] (Microsoft Corporation) R2 jetbrainsetw.103.0.20150818.191753; C:\Program Files (x86)\JetBrains\ETW Host\JetBrains.ETW.Collector.Host.exe [1479288 2015-08-18] (JetBrains s.r.o) R2 MBAMScheduler; D:\Programme\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; D:\Programme\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 NetBalancerService; D:\Programme\NetBalancer\SeriousBit.NetBalancer.Service.exe [145272 2016-01-15] (SeriousBit) S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [3916368 2016-01-09] (INCA Internet Co., Ltd.) S3 Origin Client Service; D:\Programme\Origin\OriginClientService.exe [2104840 2016-02-05] (Electronic Arts) S3 OverwolfUpdater; D:\Programme\Overwolf\OverwolfUpdater.exe [1009392 2016-01-20] (Overwolf LTD) R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2015-12-29] () R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [288552 2015-12-02] (Sophos Limited) R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [208168 2015-12-02] (Sophos Limited) R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [177800 2015-09-21] (Sandboxie Holdings, LLC) R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [489224 2016-01-03] (Sophos Limited) R2 Sophos MCS Agent; C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsAgent.exe [331048 2016-01-03] (Sophos Limited) R2 Sophos MCS Client; C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsClient.exe [909608 2016-01-03] (Sophos Limited) R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [341768 2015-12-02] (Sophos Limited) S3 Survarium-Steam Update Service; D:\Programme\Steam\steamapps\common\Survarium\game\binaries\x86\survarium_service.exe [96856 2015-12-25] () R2 swi_filter; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe [300808 2015-12-02] (Sophos Limited) R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3278600 2015-12-02] (Sophos Limited) R2 Synergy; D:\Programme\Synergy\synergyd.exe [311488 2015-11-19] () S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [Datei ist nicht signiert] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH) R2 VMAuthdService; D:\Programme\VMware\vmware-authd.exe [87744 2015-05-31] (VMware, Inc.) S3 VSStandardCollectorService140; D:\Programme\Visual Studio\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-06] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc.) R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-13] (Advanced Micro Devices, Inc.) R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices) R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-07-22] (Advanced Micro Devices) R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [146016 2015-12-14] (BlueStack Systems) S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-07-30] (Disc Soft Ltd) S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [18528 2014-11-18] () S3 epmntdrv; C:\WINDOWS\SysWOW64\epmntdrv.sys [14944 2014-11-18] () R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48168 2014-12-14] () S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10848 2014-11-18] () S3 EuGdiDrv; C:\WINDOWS\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] () S3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (Visicom Media Inc.) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-02-18] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) S3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.) R1 nbdrv; C:\Windows\system32\DRIVERS\nbdrv.sys [42128 2016-01-15] (SeriousBit) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-07-29] (Realtek ) R3 rtlss; C:\Windows\System32\Drivers\rtlss.sys [27240 2010-06-21] (Realtek Semiconductor Corporation) R3 RtlWlanu; C:\Windows\System32\drivers\rtwlanu.sys [3870464 2015-10-01] (Realtek Semiconductor Corporation ) R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [161024 2015-12-02] (Sophos Limited) R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [191624 2015-09-21] (Sandboxie Holdings, LLC) S3 sdcfilter; C:\Windows\system32\DRIVERS\sdcfilter.sys [38144 2015-12-02] (Sophos Limited) R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation) S4 SophosBootDriver; C:\Windows\system32\DRIVERS\SophosBootDriver.sys [27904 2015-12-02] (Sophos Limited) R1 swi_callout; C:\Windows\system32\DRIVERS\swi_callout.sys [32512 2015-12-02] (Sophos Limited) S3 tapse01; C:\Windows\System32\drivers\tapse01.sys [26624 2015-05-25] (The OpenVPN Project) R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [146584 2015-10-15] (Oracle Corporation) R1 veracrypt; C:\Windows\System32\drivers\veracrypt.sys [195416 2016-02-05] (IDRIX) R0 vsock; C:\Windows\System32\drivers\vsock.sys [76480 2015-05-21] (VMware, Inc.) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) S3 WinDivert1.1; \??\D:\Programme\KMSpico\WinDivert.sys [X] S3 XSplit_Dummy; \SystemRoot\system32\drivers\xspltspk.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-02-18 16:20 - 2016-02-18 16:21 - 00027827 _____ C:\Users\***\Desktop\FRST.txt 2016-02-18 16:20 - 2016-02-18 16:20 - 02371072 _____ (Farbar) C:\Users\***\Desktop\FRST64.exe 2016-02-18 16:20 - 2016-02-18 16:20 - 00000000 ____D C:\Users\***\Desktop\FRST-OlderVersion 2016-02-18 15:24 - 2016-02-18 15:24 - 00001655 _____ C:\Users\***\Desktop\Twitter Downloader.lnk 2016-02-18 15:03 - 2016-02-18 15:03 - 00034328 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS 2016-02-16 16:54 - 2016-02-16 16:54 - 00002331 _____ C:\Users\***\Desktop\Google Chrome.lnk 2016-02-16 16:37 - 2015-12-02 18:11 - 00032512 _____ (Sophos Limited) C:\WINDOWS\system32\Drivers\swi_callout.sys 2016-02-16 16:35 - 2016-02-16 16:35 - 00000842 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2016-02-16 16:35 - 2016-02-16 16:35 - 00000842 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-02-16 16:35 - 2016-02-16 16:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-02-16 16:27 - 2016-02-16 16:28 - 00127698 _____ C:\WINDOWS\ntbtlog.txt 2016-02-16 15:52 - 2016-02-18 16:20 - 00000000 ____D C:\FRST 2016-02-15 17:46 - 2016-02-15 17:46 - 00000696 _____ C:\Users\Public\Desktop\EasyBCD 2.2.lnk 2016-02-15 17:46 - 2016-02-15 17:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NeoSmart Technologies 2016-02-15 17:32 - 2016-02-17 16:06 - 00000000 ____D C:\NST 2016-02-15 17:12 - 2016-02-15 17:12 - 00000000 ____D C:\Users\***\AppData\Local\NeoSmart_Technologies 2016-02-15 14:50 - 2016-02-15 14:50 - 00000173 _____ C:\Users\***\.gitconfig 2016-02-15 13:48 - 2016-02-15 13:48 - 00026290 _____ C:\Users\***\Desktop\bookmarks-2016-02-15.json 2016-02-12 19:04 - 2016-02-12 19:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Survarium-Steam 2016-02-12 17:58 - 2016-02-12 17:58 - 00000000 ____D C:\ProgramData\KONAMI 2016-02-10 16:25 - 2016-01-27 07:15 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2016-02-10 16:25 - 2016-01-27 07:01 - 07476064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-02-10 16:25 - 2016-01-27 06:56 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-02-10 16:25 - 2016-01-27 06:55 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2016-02-10 16:25 - 2016-01-27 06:45 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-02-10 16:25 - 2016-01-27 06:45 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2016-02-10 16:25 - 2016-01-27 06:37 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-02-10 16:25 - 2016-01-27 06:37 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-02-10 16:25 - 2016-01-27 06:10 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-02-10 16:25 - 2016-01-27 06:05 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-02-10 16:25 - 2016-01-27 06:05 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-02-10 16:25 - 2016-01-27 06:04 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-02-10 16:25 - 2016-01-27 06:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2016-02-10 16:25 - 2016-01-27 05:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-02-10 16:25 - 2016-01-27 05:55 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-02-10 16:25 - 2016-01-27 05:54 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-02-10 16:25 - 2016-01-27 05:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2016-02-10 16:25 - 2016-01-27 05:50 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-02-10 16:25 - 2016-01-27 05:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-02-10 16:25 - 2016-01-27 05:48 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-02-10 16:25 - 2016-01-27 05:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-02-10 16:25 - 2016-01-27 05:41 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-02-10 16:25 - 2016-01-27 05:39 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-02-10 16:25 - 2016-01-27 05:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-02-10 16:25 - 2016-01-27 05:37 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-02-10 16:25 - 2016-01-27 05:36 - 02757120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-02-10 16:25 - 2016-01-27 05:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2016-02-10 16:24 - 2016-01-29 07:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2016-02-10 16:24 - 2016-01-29 07:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2016-02-10 16:24 - 2016-01-27 07:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2016-02-10 16:24 - 2016-01-27 07:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2016-02-10 16:24 - 2016-01-27 07:01 - 01819720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2016-02-10 16:24 - 2016-01-27 06:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe 2016-02-10 16:24 - 2016-01-27 06:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-02-10 16:24 - 2016-01-27 06:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2016-02-10 16:24 - 2016-01-27 06:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2016-02-10 16:24 - 2016-01-27 06:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe 2016-02-10 16:24 - 2016-01-27 06:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2016-02-10 16:24 - 2016-01-27 06:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2016-02-10 16:24 - 2016-01-27 06:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2016-02-10 16:24 - 2016-01-27 06:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-02-10 16:24 - 2016-01-27 06:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe 2016-02-10 16:24 - 2016-01-27 06:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2016-02-10 16:24 - 2016-01-27 06:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll 2016-02-10 16:24 - 2016-01-27 06:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll 2016-02-10 16:24 - 2016-01-27 06:13 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll 2016-02-10 16:24 - 2016-01-27 06:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2016-02-10 16:24 - 2016-01-27 06:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll 2016-02-10 16:24 - 2016-01-27 06:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll 2016-02-10 16:24 - 2016-01-27 06:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll 2016-02-10 16:24 - 2016-01-27 06:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll 2016-02-10 16:24 - 2016-01-27 06:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll 2016-02-10 16:24 - 2016-01-27 06:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll 2016-02-10 16:24 - 2016-01-27 06:05 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2016-02-10 16:24 - 2016-01-27 06:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll 2016-02-10 16:24 - 2016-01-27 06:03 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll 2016-02-10 16:24 - 2016-01-27 06:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll 2016-02-10 16:24 - 2016-01-27 05:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll 2016-02-10 16:24 - 2016-01-27 05:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-02-10 16:24 - 2016-01-27 05:55 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-02-10 16:24 - 2016-01-27 05:50 - 01504768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-02-10 16:24 - 2016-01-27 05:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys 2016-02-10 16:24 - 2016-01-27 05:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll 2016-02-10 16:24 - 2016-01-27 05:38 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-02-10 16:24 - 2016-01-27 05:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll 2016-02-09 20:11 - 2016-02-09 20:11 - 00000836 _____ C:\Users\***\AppData\Local\recently-used.xbel 2016-02-05 22:07 - 2016-02-05 22:07 - 00001028 _____ C:\Users\Public\Desktop\Need for Speed™ Most Wanted.lnk 2016-02-05 18:18 - 2016-02-05 18:50 - 00000239 _____ C:\Users\***\Desktop\anime staffel 3.txt 2016-02-05 13:14 - 2016-02-05 13:14 - 00000212 _____ C:\Users\***\Desktop\Pro Evolution Soccer 2016 myClub.url 2016-02-05 09:57 - 2016-02-05 09:57 - 00195416 _____ (IDRIX) C:\WINDOWS\system32\Drivers\veracrypt.sys 2016-02-05 09:57 - 2016-02-05 09:57 - 00000747 _____ C:\Users\***\Desktop\VeraCrypt.lnk 2016-02-05 09:57 - 2016-02-05 09:57 - 00000000 ____D C:\Users\***\AppData\Roaming\VeraCrypt 2016-02-02 10:56 - 2016-02-02 10:56 - 00000000 ____D C:\Users\***\Desktop\SSQLib_v0.9.0 2016-02-01 18:24 - 2016-02-01 18:25 - 00000000 ____D C:\ProgramData\Overwolf 2016-02-01 18:24 - 2016-02-01 18:24 - 00003766 _____ C:\WINDOWS\System32\Tasks\Overwolf Updater Task 2016-02-01 18:24 - 2016-02-01 18:24 - 00000856 _____ C:\Users\Public\Desktop\Overwolf.lnk 2016-02-01 18:24 - 2016-02-01 18:24 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf 2016-02-01 18:22 - 2016-02-01 18:25 - 00000000 ____D C:\Users\***\AppData\Local\Overwolf 2016-01-31 13:55 - 2016-02-16 16:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-01-29 18:19 - 2016-01-29 18:19 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help 2016-01-29 18:19 - 2016-01-29 18:19 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help 2016-01-29 18:15 - 2016-01-30 19:53 - 00005386 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for KASKADEKING-PC-KaskadekingDE Kaskadeking-PC 2016-01-29 16:56 - 2016-02-06 21:45 - 00000120 _____ C:\Users\***\Desktop\anime staffel 2.txt 2016-01-29 16:12 - 2016-01-29 16:12 - 00000000 ____D C:\Users\***\Desktop\octoawesome-develop 2016-01-29 15:13 - 2016-01-29 15:13 - 00001899 _____ C:\Users\***\Desktop\PowerPoint 2013.lnk 2016-01-29 15:13 - 2016-01-29 15:13 - 00001855 _____ C:\Users\***\Desktop\Excel 2013.lnk 2016-01-29 15:01 - 2016-01-29 15:01 - 00001863 _____ C:\Users\***\Desktop\Word 2013.lnk 2016-01-29 14:56 - 2016-02-10 18:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2016-01-29 14:56 - 2016-01-29 14:56 - 00000000 ____D C:\Program Files\Common Files\DESIGNER 2016-01-29 14:55 - 2016-01-29 14:55 - 00000000 ____D C:\WINDOWS\PCHEALTH 2016-01-29 14:54 - 2016-01-29 14:54 - 00000000 ____D C:\Program Files\Microsoft Analysis Services 2016-01-29 14:54 - 2016-01-29 14:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services 2016-01-29 14:53 - 2016-01-30 15:45 - 00000000 ____D C:\Users\***\AppData\Local\Microsoft Help 2016-01-29 14:53 - 2016-01-29 14:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2016-01-28 15:25 - 2016-01-16 07:23 - 08728920 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2016-01-28 15:25 - 2016-01-16 07:21 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe 2016-01-28 15:25 - 2016-01-16 07:20 - 06971752 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2016-01-28 15:25 - 2016-01-16 06:45 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2016-01-28 15:25 - 2016-01-16 06:38 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2016-01-28 15:25 - 2016-01-16 06:35 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-01-28 15:25 - 2016-01-16 06:31 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2016-01-28 15:25 - 2016-01-16 06:30 - 01053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2016-01-28 15:25 - 2016-01-16 06:29 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe 2016-01-28 15:25 - 2016-01-16 06:28 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2016-01-28 15:25 - 2016-01-16 06:24 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll 2016-01-28 15:25 - 2016-01-16 06:21 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2016-01-28 15:25 - 2016-01-16 06:20 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2016-01-28 15:25 - 2016-01-16 06:20 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2016-01-28 15:25 - 2016-01-16 06:20 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2016-01-28 15:25 - 2016-01-16 06:17 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2016-01-28 15:25 - 2016-01-16 06:16 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2016-01-28 15:25 - 2016-01-16 06:15 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2016-01-28 15:25 - 2016-01-16 06:14 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2016-01-28 15:25 - 2016-01-16 06:14 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2016-01-28 15:24 - 2016-01-16 07:37 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll 2016-01-28 15:24 - 2016-01-16 07:36 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-01-28 15:24 - 2016-01-16 07:36 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-01-28 15:24 - 2016-01-16 07:34 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-01-28 15:24 - 2016-01-16 07:24 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll 2016-01-28 15:24 - 2016-01-16 07:23 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-01-28 15:24 - 2016-01-16 07:23 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll 2016-01-28 15:24 - 2016-01-16 07:23 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2016-01-28 15:24 - 2016-01-16 07:23 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2016-01-28 15:24 - 2016-01-16 07:23 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2016-01-28 15:24 - 2016-01-16 07:20 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll 2016-01-28 15:24 - 2016-01-16 07:20 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll 2016-01-28 15:24 - 2016-01-16 07:20 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2016-01-28 15:24 - 2016-01-16 07:19 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2016-01-28 15:24 - 2016-01-16 07:19 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2016-01-28 15:24 - 2016-01-16 07:12 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2016-01-28 15:24 - 2016-01-16 07:09 - 01089880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2016-01-28 15:24 - 2016-01-16 07:08 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2016-01-28 15:24 - 2016-01-16 07:08 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2016-01-28 15:24 - 2016-01-16 06:46 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys 2016-01-28 15:24 - 2016-01-16 06:44 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2016-01-28 15:24 - 2016-01-16 06:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll 2016-01-28 15:24 - 2016-01-16 06:44 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll 2016-01-28 15:24 - 2016-01-16 06:43 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll 2016-01-28 15:24 - 2016-01-16 06:42 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll 2016-01-28 15:24 - 2016-01-16 06:42 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll 2016-01-28 15:24 - 2016-01-16 06:41 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2016-01-28 15:24 - 2016-01-16 06:40 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll 2016-01-28 15:24 - 2016-01-16 06:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe 2016-01-28 15:24 - 2016-01-16 06:40 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe 2016-01-28 15:24 - 2016-01-16 06:39 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll 2016-01-28 15:24 - 2016-01-16 06:38 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2016-01-28 15:24 - 2016-01-16 06:38 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll 2016-01-28 15:24 - 2016-01-16 06:38 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll 2016-01-28 15:24 - 2016-01-16 06:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2016-01-28 15:24 - 2016-01-16 06:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll 2016-01-28 15:24 - 2016-01-16 06:37 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll 2016-01-28 15:24 - 2016-01-16 06:37 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll 2016-01-28 15:24 - 2016-01-16 06:36 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2016-01-28 15:24 - 2016-01-16 06:36 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll 2016-01-28 15:24 - 2016-01-16 06:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2016-01-28 15:24 - 2016-01-16 06:36 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll 2016-01-28 15:24 - 2016-01-16 06:36 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll 2016-01-28 15:24 - 2016-01-16 06:35 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2016-01-28 15:24 - 2016-01-16 06:35 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll 2016-01-28 15:24 - 2016-01-16 06:34 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2016-01-28 15:24 - 2016-01-16 06:34 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll 2016-01-28 15:24 - 2016-01-16 06:34 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll 2016-01-28 15:24 - 2016-01-16 06:34 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2016-01-28 15:24 - 2016-01-16 06:34 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll 2016-01-28 15:24 - 2016-01-16 06:33 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll 2016-01-28 15:24 - 2016-01-16 06:33 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll 2016-01-28 15:24 - 2016-01-16 06:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll 2016-01-28 15:24 - 2016-01-16 06:32 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll 2016-01-28 15:24 - 2016-01-16 06:32 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe 2016-01-28 15:24 - 2016-01-16 06:31 - 00851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2016-01-28 15:24 - 2016-01-16 06:31 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll 2016-01-28 15:24 - 2016-01-16 06:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll 2016-01-28 15:24 - 2016-01-16 06:31 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe 2016-01-28 15:24 - 2016-01-16 06:30 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2016-01-28 15:24 - 2016-01-16 06:30 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-01-28 15:24 - 2016-01-16 06:30 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll 2016-01-28 15:24 - 2016-01-16 06:30 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll 2016-01-28 15:24 - 2016-01-16 06:29 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll 2016-01-28 15:24 - 2016-01-16 06:28 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll 2016-01-28 15:24 - 2016-01-16 06:28 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll 2016-01-28 15:24 - 2016-01-16 06:28 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll 2016-01-28 15:24 - 2016-01-16 06:27 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2016-01-28 15:24 - 2016-01-16 06:26 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2016-01-28 15:24 - 2016-01-16 06:26 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2016-01-28 15:24 - 2016-01-16 06:26 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll 2016-01-28 15:24 - 2016-01-16 06:26 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2016-01-28 15:24 - 2016-01-16 06:25 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll 2016-01-28 15:24 - 2016-01-16 06:25 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll 2016-01-28 15:24 - 2016-01-16 06:25 - 00235008 _____ C:\WINDOWS\system32\MTF.dll 2016-01-28 15:24 - 2016-01-16 06:24 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2016-01-28 15:24 - 2016-01-16 06:24 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll 2016-01-28 15:24 - 2016-01-16 06:24 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll 2016-01-28 15:24 - 2016-01-16 06:23 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2016-01-28 15:24 - 2016-01-16 06:23 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-01-28 15:24 - 2016-01-16 06:20 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll 2016-01-28 15:24 - 2016-01-16 06:19 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll 2016-01-28 15:24 - 2016-01-16 06:19 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2016-01-28 15:24 - 2016-01-16 06:19 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll 2016-01-28 15:24 - 2016-01-16 06:19 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2016-01-28 15:24 - 2016-01-16 06:18 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll 2016-01-28 15:24 - 2016-01-16 06:16 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll 2016-01-28 15:24 - 2016-01-16 06:11 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll 2016-01-26 18:04 - 2016-01-26 18:05 - 00000000 ____D C:\Users\***\Desktop\Vae-master 2016-01-25 15:25 - 2016-01-25 15:25 - 00000212 _____ C:\Users\***\Desktop\Sven Co-op.url 2016-01-24 18:42 - 2016-01-24 18:42 - 00018099 _____ C:\Users\***\Desktop\TextDeutsch.odt 2016-01-23 16:08 - 2016-01-23 16:08 - 00000000 ____D C:\Users\***\AppData\Roaming\Awesomium 2016-01-23 16:08 - 2016-01-09 16:39 - 03916368 _____ (INCA Internet Co., Ltd.) C:\WINDOWS\SysWOW64\GameMon.des 2016-01-23 16:07 - 2016-01-23 16:07 - 00000000 ____D C:\Program Files\Common Files\INCA Shared 2016-01-23 16:07 - 2005-01-03 07:43 - 00004682 _____ (INCA Internet Co., Ltd.) C:\WINDOWS\SysWOW64\npptNT2.sys 2016-01-23 16:07 - 2003-07-18 22:17 - 00005174 _____ C:\WINDOWS\SysWOW64\nppt9x.vxd 2016-01-23 12:08 - 2016-01-23 12:18 - 00000000 ____D C:\Users\***\AppData\Roaming\discord 2016-01-23 12:08 - 2016-01-23 12:08 - 00002245 _____ C:\Users\***\Desktop\Discord.lnk 2016-01-23 12:08 - 2016-01-23 12:08 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc 2016-01-23 12:08 - 2016-01-23 12:08 - 00000000 ____D C:\Users\***\AppData\Local\Discord 2016-01-22 19:08 - 2016-01-22 19:08 - 00000792 _____ C:\Users\Public\Desktop\NetBalancer.lnk 2016-01-22 19:08 - 2016-01-15 08:41 - 00042128 _____ (SeriousBit) C:\WINDOWS\system32\Drivers\nbdrv.sys 2016-01-22 18:59 - 2016-01-22 18:59 - 00001502 _____ C:\Users\Public\Desktop\Blade & Soul.lnk 2016-01-22 18:58 - 2016-01-22 18:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCWest 2016-01-22 18:58 - 2016-01-22 18:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT 2016-01-22 18:58 - 2016-01-22 18:58 - 00000000 ____D C:\Program Files (x86)\NCWest 2016-01-22 17:32 - 2016-01-22 17:32 - 00000212 _____ C:\Users\***\Desktop\Survarium.url 2016-01-22 15:14 - 2016-01-22 15:14 - 00000000 ____D C:\Users\***\AppData\Roaming\Process Hacker 2 2016-01-22 15:12 - 2016-01-22 15:12 - 00000000 ____D C:\Users\***\Desktop\ProcessHacker 2016-01-21 19:23 - 2016-01-21 19:23 - 00003207 _____ C:\Users\***\Desktop\Wizard Chess.lnk 2016-01-21 19:23 - 2016-01-21 19:23 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wizard Chess 2016-01-21 14:37 - 2016-02-18 15:56 - 00003670 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-02-18 16:20 - 2015-05-30 18:32 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-02-18 16:14 - 2015-12-06 18:01 - 00001148 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-02-18 16:14 - 2015-12-06 18:01 - 00001144 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-02-18 16:12 - 2015-11-29 15:22 - 02011300 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-02-18 16:12 - 2015-10-30 19:35 - 00855194 _____ C:\WINDOWS\system32\perfh007.dat 2016-02-18 16:12 - 2015-10-30 19:35 - 00188946 _____ C:\WINDOWS\system32\perfc007.dat 2016-02-18 16:12 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF 2016-02-18 16:11 - 2015-06-04 20:10 - 00000000 ____D C:\ProgramData\BlueStacksSetup 2016-02-18 16:11 - 2015-05-30 15:43 - 00004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A816AD26-8DB1-4860-ADDE-5794E0E9DEB5} 2016-02-18 16:07 - 2015-05-30 18:26 - 00000000 ____D C:\Users\***\AppData\Roaming\eM Client 2016-02-18 16:06 - 2015-11-29 15:40 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-02-18 16:06 - 2015-08-13 17:48 - 00000000 ____D C:\ProgramData\VMware 2016-02-18 16:00 - 2015-10-30 07:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2016-02-18 16:00 - 2015-04-10 09:24 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin 2016-02-18 15:45 - 2015-06-15 20:09 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-02-18 15:10 - 2015-06-09 14:55 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-02-18 15:03 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-02-18 15:03 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-02-17 19:47 - 2015-06-29 15:19 - 00000000 ____D C:\Users\***\AppData\Local\CrashDumps 2016-02-17 16:07 - 2015-10-30 08:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template 2016-02-17 16:04 - 2015-12-30 13:07 - 00000000 ____D C:\Users\***\AppData\Local\Deployment 2016-02-17 14:39 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2016-02-16 19:25 - 2015-05-30 16:40 - 00000000 ____D C:\Users\***\AppData\Roaming\.minecraft 2016-02-16 16:20 - 2015-12-16 21:01 - 00000000 ____D C:\Users\***\AppData\Roaming\TeamViewer 2016-02-16 16:20 - 2015-06-23 15:28 - 00000000 ____D C:\Users\***\AppData\Roaming\BitTorrent 2016-02-16 15:37 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\L2Schemas 2016-02-15 21:15 - 2015-06-04 16:37 - 00000000 ____D C:\Users\***\.VirtualBox 2016-02-15 17:15 - 2015-11-29 15:22 - 00000000 ____D C:\Users\*** 2016-02-15 17:14 - 2015-05-30 18:15 - 00000000 ____D C:\Users\***\AppData\Roaming\GitHub 2016-02-15 17:14 - 2015-05-30 18:15 - 00000000 ____D C:\Users\***\AppData\Local\GitHub 2016-02-14 20:17 - 2015-08-01 12:19 - 00007625 _____ C:\Users\***\AppData\Local\Resmon.ResmonCfg 2016-02-14 18:08 - 2015-08-13 17:51 - 00000000 ____D C:\Users\***\AppData\Local\VMware 2016-02-14 17:53 - 2015-08-13 17:51 - 00000000 ____D C:\Users\***\AppData\Roaming\VMware 2016-02-14 17:52 - 2015-06-04 16:37 - 00000000 ____D C:\Users\***\VirtualBox VMs 2016-02-14 13:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-02-14 13:09 - 2015-08-13 09:40 - 00000000 ____D C:\Users\***\AppData\Local\ElevatedDiagnostics 2016-02-12 21:37 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache 2016-02-11 13:43 - 2015-04-15 09:17 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-02-10 20:33 - 2015-10-30 19:44 - 00000000 ____D C:\Program Files\Windows Journal 2016-02-10 20:16 - 2015-12-06 18:04 - 00002271 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-02-10 18:27 - 2015-01-23 13:16 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-02-10 18:18 - 2015-01-23 13:16 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-02-10 18:17 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-02-09 20:17 - 2015-12-03 15:07 - 00000000 ____D C:\Users\***\.gimp-2.8 2016-02-05 23:01 - 2015-05-30 18:40 - 00000000 ____D C:\ProgramData\Origin 2016-02-03 20:01 - 2015-10-30 08:26 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-02-03 20:01 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-02-02 23:51 - 2015-07-11 08:58 - 00000000 ____D C:\Users\***\AppData\Local\Spotify 2016-02-02 23:41 - 2015-07-11 08:57 - 00000000 ____D C:\Users\***\AppData\Roaming\Spotify 2016-02-02 16:09 - 2015-12-06 18:01 - 00004206 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2016-02-02 16:09 - 2015-12-06 18:01 - 00003974 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2016-02-01 22:57 - 2015-08-03 19:44 - 00000000 ____D C:\Users\***\AppData\Roaming\TS3Client 2016-01-30 19:12 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\FxsTmp 2016-01-30 09:54 - 2015-11-29 15:20 - 00360472 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-01-29 23:09 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\F12 2016-01-29 23:09 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog 2016-01-29 23:09 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2016-01-29 23:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2016-01-29 23:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe 2016-01-29 23:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-01-29 23:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr 2016-01-29 18:27 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2016-01-29 14:55 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-01-29 14:54 - 2015-10-30 19:44 - 00000000 ____D C:\WINDOWS\ShellNew 2016-01-23 12:08 - 2015-06-19 20:56 - 00000000 ____D C:\Users\***\AppData\Local\SquirrelTemp 2016-01-22 19:07 - 2015-12-06 13:59 - 00000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin 2016-01-22 18:58 - 2015-05-30 15:40 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-01-22 16:59 - 2016-01-11 20:57 - 00000000 ____D C:\Program Files\WinPcap 2016-01-21 19:33 - 2015-10-21 18:27 - 00000000 ____D C:\Users\***\AppData\Roaming\Audacity 2016-01-20 17:49 - 2015-12-19 17:46 - 00001856 _____ C:\Users\***\Desktop\UnlockPass.lnk 2016-01-19 19:54 - 2015-06-15 20:04 - 00000000 ____D C:\Users\***\AppData\Local\Windows Live 2016-01-19 12:52 - 2015-10-04 09:12 - 00000000 ____D C:\Users\***\AppData\Local\Syncthing ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-11-14 12:43 - 2015-11-14 12:43 - 0000000 _____ () C:\Users\***\AppData\Local\debuggee.mdmp 2016-02-09 20:11 - 2016-02-09 20:11 - 0000836 _____ () C:\Users\***\AppData\Local\recently-used.xbel 2015-08-01 12:19 - 2016-02-14 20:17 - 0007625 _____ () C:\Users\***\AppData\Local\Resmon.ResmonCfg 2015-11-29 15:21 - 2015-11-29 15:21 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Einige Dateien in TEMP: ==================== C:\Users\***\AppData\Local\Temp\PROCEXP64.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-02-11 16:34 ==================== Ende von FRST.txt ============================
__________________ Mfg, Kaskadeking |
|
18.02.2016, 16:44
| #2 |
| | Probleme mit Internetbrowser Addition:
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:17-02-2016
durchgeführt von KaskadekingDE (2016-02-18 16:21:37)
Gestartet von C:\Users\***\Desktop
Windows 10 Home (X64) (2015-11-29 14:42:33)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-117306591-3796779208-521460896-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-117306591-3796779208-521460896-503 - Limited - Disabled)
Gast (S-1-5-21-117306591-3796779208-521460896-501 - Limited - Disabled)
KaskadekingDE (S-1-5-21-117306591-3796779208-521460896-1001 - Administrator - Enabled) => C:\Users\***
SophosSAUKASKADEKIN0 (S-1-5-21-117306591-3796779208-521460896-1006 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Sophos Home (Enabled - Up to date) {6BABF8F7-3EB6-BD1D-9167-8C5ECA060A29}
AS: Sophos Home (Enabled - Up to date) {D0CA1913-188C-B293-ABD7-B72CB1814094}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 15.12 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1512-000001000000}) (Version: 15.12.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Amberlight (HKLM\...\Amberlight_is1) (Version: 1.2.1 - Escape Motions, s.r.o)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{66AFB595-BC05-2913-7696-6D58F9B733E1}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 4.0.0.0 - AppEx Networks)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
APB Reloaded (HKLM-x32\...\Steam App 113400) (Version: - Reloaded Productions)
Application Insights Tools for Visual Studio 2015 (x32 Version: 3.3 - Microsoft Corporation) Hidden
Artipic (HKLM-x32\...\{C8A6CFF8-9D80-4C6C-B490-805AD9F2906B}}_is1) (Version: 2.3.3.8 - Artipic AB)
Atom (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\atom) (Version: 0.210.0 - GitHub Inc.)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Banished (HKLM-x32\...\Steam App 242920) (Version: - Shining Rock Software LLC)
BitTorrent (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\BitTorrent) (Version: 7.9.5.41373 - BitTorrent Inc.)
Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.237 - NC Interactive, LLC)
Blade & Soul (x32 Version: 1.0.63.237 - NC Interactive, LLC) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
BlueStacks App Player (HKLM-x32\...\{EFA0FC40-7D96-4515-9715-7C0C5D872326}) (Version: 2.0.2.5623 - BlueStack Systems, Inc.)
Brawlhalla (HKLM-x32\...\Steam App 291550) (Version: - Blue Mammoth Games)
Build Tools Language Resources - amd64 (Version: 12.0.31010 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.31010 - Microsoft Corporation) Hidden
Bytescout BarCode Generator SDK (HKLM\...\Bytescout BarCode Generator SDK (DEMO) for .NET,~C2143553_is1) (Version: 4.31.773 - ByteScout)
Canon MP Navigator EX 2.1 (HKLM-x32\...\MP Navigator EX 2.1) (Version: - )
CanoScan LiDE 700F Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ9601) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
Clicker Heroes (HKLM-x32\...\Steam App 363970) (Version: - )
CMake 3.2.3, a cross-platform, open-source build system (HKLM-x32\...\CMake 3.2.3) (Version: 3.2.3 - Kitware)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version: - CyberGhost S.R.L.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DB Browser for SQLite (HKLM-x32\...\SqliteBrowser3) (Version: 3.7.0 - oldsch00l)
Devenv-Ressourcen für Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Discord (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Discord) (Version: 0.0.283 - Hammer & Chisel, Inc.)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dotfuscator and Analytics Community Edition 5.18.1 (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack 5.18.1 de-DE (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
Dungeon Defenders II (HKLM-x32\...\Steam App 236110) (Version: - Trendy Entertainment)
EaseUS Partition Master 10.8 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
EaseUS Todo Backup Home 8.3 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 8.3 - CHENGDU YIWO Tech Development Co., Ltd)
EasyBCD 2.2 (HKLM-x32\...\EasyBCD) (Version: 2.2 - NeoSmart Technologies)
eM Client (HKLM-x32\...\{CF65F1D0-451B-4989-94BD-C237EF492C45}) (Version: 6.0.24144.0 - eM Client Inc.)
Emily is Away (HKLM-x32\...\Steam App 417860) (Version: - Kyle Seeley)
Entity Framework 6.1.3 Tools for Visual Studio 2015 (HKLM-x32\...\{1A8A9739-BAD7-491F-B5B9-A79A2B965422}) (Version: 14.0.40302.0 - Microsoft Corporation)
FFmpeg (Windows) for Audacity Version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version: - FileHippo.com)
FileZilla Client 3.11.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.11.0.2 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2015 Sprachpaket (DEU) - v1.5 (x32 Version: 1.5.30619.1602 - Microsoft Corporation) Hidden
Genymotion version 2.5.4 (HKLM\...\{6D180286-D4DF-40EF-9227-923B9C07C08A}_is1) (Version: 2.5.4 - Genymobile)
Geometry Dash (HKLM-x32\...\Steam App 322170) (Version: - RobTop Games)
GhostDoc Community (HKLM-x32\...\{134A5765-D59B-4160-8C70-B84BF9F53DF9}) (Version: 5.0.15325.0 - SubMain)
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Git version 1.9.5-preview20150319 (HKLM-x32\...\Git_is1) (Version: 1.9.5-preview20150319 - The Git Development Community)
GitHub (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\5f7eb300e2ea4ebf) (Version: 3.0.12.0 - GitHub, Inc.)
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version: - Coffee Stain Studios)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Greenshot 1.2.8.12 (HKLM\...\Greenshot_is1) (Version: 1.2.8.12 - Greenshot)
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
HashCheck Shell Extension (x86-32) (HKLM-x32\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu)
HashCheck Shell Extension (x86-64) (HKLM\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu)
Hercules WiFi Station N (HKLM-x32\...\{120E5B08-DC3C-4DCD-AAB0-0BB5EB225929}) (Version: 7.1.0.0 - Hercules)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
IIS 10.0 Express (HKLM\...\{5984D8DA-C1AF-4284-9C88-D7150425B315}) (Version: 10.0.1734 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - )
ILMerge (HKLM-x32\...\{B7B9AF9F-408C-4168-985B-9861055B58C5}) (Version: 2.12.0803 - Microsoft)
ILMergeGui (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\62cf57378a6f68a5) (Version: 2.0.9.0 - ILMergeGui)
Inno Setup Version 5.5.6 (HKLM-x32\...\Inno Setup 5_is1) (Version: 5.5.6 - jrsoftware.org)
IntelliJ IDEA 14.1.3 (HKLM-x32\...\IntelliJ IDEA 14.1.3) (Version: 141.1010.3 - JetBrains s.r.o.)
Java 8 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Java SE Development Kit 7 Update 55 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170550}) (Version: 1.7.0.550 - Oracle)
Java SE Development Kit 7 Update 79 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle)
Java SE Development Kit 8 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180450}) (Version: 8.0.450.15 - Oracle Corporation)
JetBrains dotMemory 4.4 (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\{b8a6d796-db4f-58ea-aae4-a79c5c50ae08}) (Version: 2015.2 - JetBrains s.r.o.)
JetBrains dotTrace 6.2 (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\{88c98260-375d-5bfa-b13a-ed37aa84b268}) (Version: 2015.2 - JetBrains s.r.o.)
JetBrains ETW Host Service (x32 Version: 103.0.4.0 - JetBrains s.r.o) Hidden
JetBrains ReSharper Ultimate in Visual Studio 2015 (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\{02ee0a0e-7567-5503-9c73-1d5e05353513}) (Version: 2015.2 - JetBrains s.r.o.)
Jumpbox (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Jumpbox) (Version: - )
Lethal League (HKLM-x32\...\Steam App 261180) (Version: - Team Reptile)
LibreOffice 4.4.5.2 (HKLM-x32\...\{406EECCC-AF98-4F2C-A99F-FED788F7580C}) (Version: 4.4.5.2 - The Document Foundation)
LocalESPCui for de-de (x32 Version: 8.59.29989 - Microsoft) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{3D3CEBE6-40EA-4C48-97FD-73828281AB4A}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (14.0.50616.0) (HKLM-x32\...\{FA604873-01A0-4834-AF87-418534E465BB}) (Version: 14.0.50616.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.50616.0) (HKLM-x32\...\{58246C80-3941-4B69-AE31-264644E2ADB8}) (Version: 14.0.50616.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{CA191120-4CB1-4E3D-89B8-79FDB9017A2E}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{68BA34E8-9B9D-4A74-83F0-7D366B532D75}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{718FFB65-F6E4-4D62-861F-ED10ED32C936}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 RC Redistributable (x64) - 14.0.22816 (HKLM-x32\...\{e2495eb6-cca8-47aa-91ea-3410ca44d7b7}) (Version: 14.0.22816.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 RC Redistributable (x86) - 14.0.22816 (HKLM-x32\...\{714692fa-709b-4925-8170-821d51135f42}) (Version: 14.0.22816.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 (HKLM-x32\...\{50b32652-69d2-4b93-9316-edcd12067b8b}) (Version: 14.0.23107.10 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minimal ADB and Fastboot version 1.1.3 (HKLM-x32\...\{DE46417A-9E9E-4BCD-BBDD-DA21943193BB}_is1) (Version: 1.1.3 - )
MonoGame SDK (HKLM-x32\...\MonoGame) (Version: 3.4.0.456 - The MonoGame Team)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Studio Platinum 13.0 (64-bit) (HKLM\...\{2B593480-2BF0-11E5-9124-F04DA23A5C58}) (Version: 13.0.955 - Sony)
Mozilla Firefox 44.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 de)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2 - Mozilla)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version: - NCSOFT)
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts)
NetBalancer (HKLM\...\NetBalancer_is1) (Version: - SeriousBit)
Node.js (HKLM\...\{8C13D15E-D6C0-4ACB-A03C-1AE18931F3CE}) (Version: 4.2.2 - Node.js Foundation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.3 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Oracle VM VirtualBox 5.0.8 (HKLM\...\{C1B8ECDB-4DB0-47ED-B9CE-61638F876B0F}) (Version: 5.0.8 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.92.3.0 - Overwolf Ltd.)
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM-x32\...\{3F514FDC-F0F2-3B99-86D6-F7B3A2679B39}) (Version: 4.5.51209 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6 (Deutsch) (HKLM-x32\...\{7227EFF8-BC26-44D4-B91D-969A82DBDF4A}) (Version: 4.6.00081 - Microsoft Corporation)
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Pro Evolution Soccer 2016 myClub (HKLM-x32\...\Steam App 407250) (Version: - Konami Digital Entertainment)
Project 64 version 2.2.0.3 (HKLM-x32\...\{BEB5FB69-4080-466F-96C4-F15DF271718B}_is1) (Version: 2.2.0.3 - )
Projekt- und Elementvorlagen für Visual Studio Community 2015 – DEU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Python 2.7.10 (HKLM-x32\...\{E2B51919-207A-43EB-AE78-733F9C6797C2}) (Version: 2.7.10150 - Python Software Foundation)
Qt (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\{ac87b106-fe35-4fb0-a62c-ec8af1029b78}) (Version: 2.0.1 - The Qt Company Ltd)
Race The Sun (HKLM-x32\...\Steam App 253030) (Version: - Flippfly LLC)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RGSS-RTP Standard (HKLM-x32\...\RGSS-RTP Standard_is1) (Version: 1.04 - Enterbrain)
Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
RPGXP (HKLM-x32\...\{9B34CAC6-738F-4A20-B428-A115C3E3474C}) (Version: 1.0.0 - Enterbrain)
Sanctum (HKLM-x32\...\Steam App 91600) (Version: - Coffee Stain Studios)
Sauerbraten (HKLM-x32\...\Sauerbraten) (Version: - )
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
SMITE (HKLM-x32\...\Steam App 386360) (Version: - Hi-Rez Studios)
Sophos Anti-Virus (HKLM-x32\...\{D929B3B5-56C6-46CC-B3A3-A1A784CBB8E4}) (Version: 10.5.3 - Sophos Limited)
Sophos AutoUpdate (HKLM-x32\...\{BCF53039-A7FC-4C79-A3E3-437AE28FD918}) (Version: 5.1.2.0 - Sophos Limited)
Sophos Management Communications System (HKLM-x32\...\{1FFD3F20-5D24-4C9A-B9F6-A207A53CF179}) (Version: 2.0.1 - Sophos Limited)
Spooky's House of Jump Scares (HKLM-x32\...\Steam App 356670) (Version: - Lag Studios)
Spotify (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Spotify) (Version: 1.0.20.94.g8f8543b3 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Survarium (HKLM-x32\...\Steam App 355840) (Version: - Vostok Games)
Survarium-Steam (HKLM-x32\...\{A3D9343D-77CD-4bf4-A47A-F87B3BE985B4}_is1) (Version: 0.34a - )
Sven Co-op (HKLM-x32\...\Steam App 225840) (Version: - Sven Co-op Team)
Synergy (64-bit) (HKLM\...\{68C1AA13-4370-4761-B53F-1862C2CE26CB}) (Version: 1.7.5 - The Synergy Project)
Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.23102 - Microsoft Corporation) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
TypeScript Power Tool (x32 Version: 1.5.3.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.5.3.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 1.5.3.0 (HKLM-x32\...\{7f54b430-3428-4775-aeae-531e46185ec6}) (Version: 1.5.23115.0 - Microsoft Corporation)
Unity (HKLM-x32\...\Unity) (Version: 5.1.2f1 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\UnityWebPlayer) (Version: 5.1.2f1 - Unity Technologies ApS)
Universal CRT Extension SDK (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Redistributable (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{5D2260D6-DB16-41DC-915B-A39BF4F66362}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3114732) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{AD89B6F9-C98A-4506-ABDE-782B0959CC84}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3114732) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{AD89B6F9-C98A-4506-ABDE-782B0959CC84}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3114732) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{AD89B6F9-C98A-4506-ABDE-782B0959CC84}) (Version: - Microsoft)
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.16 - IDRIX)
Video to GIF 5.2 (HKLM-x32\...\Video to GIF) (Version: 5.2 - AoaoPhoto Digital Studio.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.9.0 - Elaborate Bytes)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 7.1.2 - VMware, Inc)
VMware Player (Version: 7.1.2 - VMware, Inc.) Hidden
WCF Data Services 5.6.2 Runtime (x32 Version: 5.6.61937.2 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPatrol (HKLM-x32\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 33.5.2015.12 - Ruiware)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wizard Chess (HKLM-x32\...\{7EDF4B2F-12CD-446A-B520-04C724FD01F0}) (Version: 1.00.0000 - IncaGold)
Wizard101(DE) (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Wizard101(DE)_is1) (Version: - Gameforge 4D GmbH)
Xamarin (HKLM-x32\...\{70E3C7E9-E984-4135-942B-52963D0B7039}) (Version: 3.11.590.0 - Xamarin)
Xamarin Studio 5.9.3 (HKLM-x32\...\{16D3BA45-EA63-46F0-968C-D9627C2A8325}) (Version: 5.9.3.1 - Xamarin)
Xamarin Universal Installer (HKLM-x32\...\{e2170c24-4ed1-4aca-8a8f-defa79cb4dae}) (Version: 3.5.0.0 - Xamarin, Inc)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {05ADF184-AC01-4BC3-B2E5-98BC702002B5} - System32\Tasks\Overwolf Updater Task => D:\Programme\Overwolf\OverwolfUpdater.exe [2016-01-20] (Overwolf LTD)
Task: {0D5249DB-0A2A-4264-BBFC-6389A47878C0} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-10] (Microsoft Corporation)
Task: {1829ECFA-894B-4244-8029-CC89588CBE94} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe
Task: {22034237-860F-4919-A56E-6B7E1801E579} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {2430B91C-8D5C-49EC-BA8E-10AFC8ABA5DF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe
Task: {2F43E5B9-4E07-4A9E-AF27-440ECA8184E3} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {34F2651E-101F-4CDC-9734-9854C940288C} - System32\Tasks\WiFiN => D:\Programme\Hercules WiFi\WiFi Station N\WiFiN.exe [2012-09-26] ()
Task: {49E95BCB-F7AC-4A23-9E75-DF3955DB6A38} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-06] (Google Inc.)
Task: {4B93025F-70D9-4D34-8FEF-91E08A1F1AAA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {61246773-85FA-4604-8169-7372EDB3993E} - System32\Tasks\Microsoft Office 15 Sync Maintenance for KASKADEKING-PC-KaskadekingDE Kaskadeking-PC => D:\Programme\Microsoft Office 2013\Office15\MsoSync.exe [2015-11-10] (Microsoft Corporation)
Task: {66DEC9EC-C7E5-4C08-886C-39628DAE2F69} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-06] (Google Inc.)
Task: {88DBA2F1-5099-434F-B42A-E1EF0C79CCBC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {8C86B49E-B6CB-4EB0-AA6C-2C6B062C496D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {99952BA4-4F55-4B26-840C-1A515DAC9524} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {A5844AE5-7238-4D95-8F90-11A89510DFA0} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {A61971F0-2372-4F59-8FE4-01A661B3D632} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {A6412D8C-E11E-49DE-AA02-F12085622173} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {B85BD12C-1C2B-4D11-B6AE-AB6713412D16} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {D158BD57-5782-404E-935E-08BE45754DC0} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {D200A9DC-F5EC-4DFF-9298-BCEDFD97EFA4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {DCC06BCC-1BF0-49DF-B1ED-861D343F94AC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10] (Adobe Systems Incorporated)
Task: {E0E9B1E2-FFF4-40C8-B009-F979C830C131} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {E9ECD999-20E2-4CB3-A9DB-75D03B2CD2E4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {EA8DC422-7597-4E80-9867-A63A73F99147} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\***\Desktop\Sauerbraten.lnk -> D:\Programme\Sauerbraten\sauerbraten.bat ()
Shortcut: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sauerbraten\Sauerbraten.lnk -> D:\Programme\Sauerbraten\sauerbraten.bat ()
ShortcutWithArgument: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qt\5.4\MSVC 2013 OpenGL (64-bit)\Qt 5.4 64-bit for Desktop (MSVC 2013 OpenGL).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /A /Q /K D:\Qt\5.4\msvc2013_64_opengl\bin\qtenv2.bat
ShortcutWithArgument: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qt\5.4\MinGW 4.9 (32-bit)\Qt 5.4 for Desktop (MinGW 4.9 32 bit).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /A /Q /K D:\Qt\5.4\mingw491_32\bin\qtenv2.bat
ShortcutWithArgument: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Node.js\Node.js command prompt.lnk -> C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) -> /k "D:\Program Files (x86)\NodeJS\nodevars.bat"
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-30 08:17 - 2015-10-30 08:17 - 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-11-04 16:43 - 2015-11-04 16:43 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 00817152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2015-11-04 16:43 - 2015-11-04 16:43 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-12-29 12:04 - 2015-12-29 12:19 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2015-11-19 20:19 - 2015-11-19 20:19 - 00311488 _____ () D:\Programme\Synergy\synergyd.exe
2015-05-30 17:50 - 2014-12-15 00:03 - 00241704 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TodoBackupService.exe
2015-12-03 13:41 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-24 08:45 - 2012-09-26 13:29 - 01250712 _____ () D:\Programme\Hercules WiFi\WiFi Station N\WiFiN.exe
2016-01-22 14:31 - 2016-01-22 14:32 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-03 13:41 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-06-02 16:18 - 2015-06-02 16:18 - 00043480 _____ () D:\Programme\FileZilla FTP Client\fzshellext_64.dll
2015-04-15 21:13 - 2015-04-15 21:13 - 00222720 _____ () D:\Programme\Notepad++\NppShell_06.dll
2015-12-18 18:35 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-18 18:35 - 2015-12-07 05:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-18 18:35 - 2015-12-07 05:00 - 00674816 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2016-01-13 17:12 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-13 17:12 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-28 15:25 - 2016-01-16 06:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-28 15:25 - 2016-01-16 06:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-11-04 16:43 - 2015-11-04 16:43 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2013-01-11 20:05 - 2013-01-11 20:05 - 00228264 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbPc.DLL
2016-01-03 10:46 - 2016-01-03 10:46 - 00306472 _____ () C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\log4cplus.dll
2015-05-31 06:59 - 2015-05-31 06:59 - 01301696 _____ () D:\Programme\VMware\libxml2.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00098856 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\CodeLog.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00017448 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\CompressFile.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00088616 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TBGetRemoteNetInfo.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 01296424 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\libxml2.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00060968 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\zlib1.dll
2015-05-30 17:50 - 2015-03-14 10:53 - 00107560 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\ActivationOnline.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00077864 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\logsys.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00030248 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\DiskSearchImg.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00068136 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\MountImg.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00158248 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\ImgFile.dll
2015-05-30 17:50 - 2015-03-14 10:54 - 00281128 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\DsImgFile.dll
2015-05-30 17:50 - 2015-03-14 10:54 - 00072232 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\CheckImg.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00139816 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\vhdvmdk.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00037416 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\BootDriver.dll
2015-05-30 17:50 - 2015-03-14 10:54 - 00759848 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\ExImage.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00193064 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\EmailBackupSize.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00407080 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\AndroidImage.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00148008 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\EnumDisk.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00076840 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\FatLib.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00207912 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\NTFSLib.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00024616 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\GetDriverInfo.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00020520 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\CorrectMbr.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00032296 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\EnumTapeDevice.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00034856 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TbTapeBrowse.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00064040 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\RegLib.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00022568 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\AccountManager.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00115752 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\NasOperator.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00194088 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\EmailBrowser.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00077864 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\CloudOperator.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00037928 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\ActiveOnline.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00135720 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\VMConfig.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00020008 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\AndroidDeviceManager.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00043048 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TbDataSwap.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00353832 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\DeviceManager.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00027176 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\DeviceAdapter.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00137256 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\Device.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00096808 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TBFireWall.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00146984 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\Partition.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00050216 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\FileSystemAnalyser.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00061992 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\FATFileSystemAnalyser.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00089640 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\Common.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00056360 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\NTFSFileSystemAnalyser.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00223784 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\SmartBackup.dll
2016-01-22 14:31 - 2016-01-22 14:32 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-22 14:31 - 2016-01-22 14:34 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-12-27 12:16 - 2015-12-27 12:16 - 00134656 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.1d52ed9e#\14d5e46970fc56c56394b8383cb9f499\MailClient.Collections.ni.dll
2016-02-12 21:29 - 2016-02-12 21:29 - 00491520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Mail\0575eee1d26008282a31448129fbb12e\MailClient.Mail.ni.dll
2016-02-12 21:30 - 2016-02-12 21:30 - 00934400 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\HTMLEditorControl\2c861552d87a2b1305c1a928d4c5c2ef\HTMLEditorControl.ni.dll
2016-02-12 21:29 - 2016-02-12 21:29 - 00552960 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\LinqBridge\cc0ac0ce661546619504ae4bda015336\LinqBridge.ni.dll
2016-02-12 21:29 - 2016-02-12 21:29 - 00020992 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Interop\b5641c74578e7d1b6d0ce86c97a2b92e\MailClient.Interop.ni.dll
2016-02-12 21:29 - 2016-02-12 21:29 - 00580096 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Common.UI\71210286d98f8abe1d2c4a58edf95d4c\MailClient.Common.UI.ni.dll
2015-03-27 12:19 - 2015-03-27 12:19 - 00642016 _____ () C:\Program Files (x86)\eM Client\SQLite\x86\sqlite3.dll
2015-12-20 16:34 - 2015-12-20 16:34 - 00083456 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SystemCoreTimeZone\5a5f3ab9496147415a2aee4ef0820a63\SystemCoreTimeZone.ni.dll
2016-02-12 21:29 - 2016-02-12 21:29 - 00097280 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Sasl\4afad7ebad38e58d8d550faa9fbf7120\MailClient.Sasl.ni.dll
2016-02-12 21:29 - 2016-02-12 21:29 - 00639488 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\HtmlInterop\a1f68054ecaf1db78eecd45d3aa49931\HtmlInterop.ni.dll
2016-02-12 21:30 - 2016-02-12 21:30 - 01570816 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsAPICodePack\d52ba91105e028f9307ac1a0e5f63a12\WindowsAPICodePack.ni.dll
2016-02-12 21:30 - 2016-02-12 21:30 - 00249344 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Imap.Base\7981132ef1afe7770510626d29808f38\MailClient.Imap.Base.ni.dll
2016-02-03 12:48 - 2015-12-15 06:54 - 00782336 _____ () D:\Programme\Steam\SDL2.dll
2016-02-03 12:48 - 2015-07-03 17:12 - 04962816 _____ () D:\Programme\Steam\v8.dll
2016-02-05 12:01 - 2016-02-04 22:02 - 02546768 _____ () D:\Programme\Steam\video.dll
2016-02-03 12:48 - 2015-07-03 17:12 - 01556992 _____ () D:\Programme\Steam\icui18n.dll
2016-02-03 12:48 - 2015-07-03 17:12 - 01187840 _____ () D:\Programme\Steam\icuuc.dll
2016-02-03 12:48 - 2015-09-24 01:33 - 02549248 _____ () D:\Programme\Steam\libavcodec-56.dll
2016-02-03 12:48 - 2015-09-24 01:33 - 00491008 _____ () D:\Programme\Steam\libavformat-56.dll
2016-02-03 12:48 - 2015-09-24 01:33 - 00332800 _____ () D:\Programme\Steam\libavresample-2.dll
2016-02-03 12:48 - 2015-09-24 01:33 - 00442880 _____ () D:\Programme\Steam\libavutil-54.dll
2016-02-03 12:48 - 2015-09-24 01:33 - 00485888 _____ () D:\Programme\Steam\libswscale-3.dll
2016-02-05 12:01 - 2016-02-04 22:01 - 00802896 _____ () D:\Programme\Steam\bin\chromehtml.DLL
2016-02-03 12:48 - 2015-12-30 02:51 - 00208896 _____ () D:\Programme\Steam\bin\openvr_api.dll
2016-02-03 12:48 - 2016-01-06 02:52 - 48387872 _____ () D:\Programme\Steam\bin\libcef.dll
2016-02-03 12:48 - 2015-09-25 00:56 - 00119208 _____ () D:\Programme\Steam\winh264.dll
2016-02-10 20:16 - 2016-02-09 12:58 - 01632584 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libglesv2.dll
2016-02-10 20:16 - 2016-02-09 12:58 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAVService => ""="service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\localhost -> hxxps://localhost
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2016-02-14 12:55 - 00001252 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-117306591-3796779208-521460896-1001\Control Panel\Desktop\\Wallpaper -> D:\Bibliotheken\Bilder\Amberlight\Phoenix.png
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run: => "Greenshot"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "Greenshot"
HKLM\...\StartupApproved\Run32: => "EaseUS EPM tray"
HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\StartupApproved\Run: => "FileHippo.com"
HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\StartupApproved\Run: => "SandboxieControl"
HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\StartupApproved\Run: => "BitTorrent"
HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\StartupApproved\Run: => "My Daily Wallpaper"
HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\StartupApproved\Run: => "CyberGhost"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{C4141F71-C3A1-4F34-86B7-867903A2A6F6}D:\programme\synergy\synergy.exe] => (Allow) D:\programme\synergy\synergy.exe
FirewallRules: [TCP Query User{D4C9B2A0-0084-4D10-8CC8-E0B659972792}D:\programme\synergy\synergy.exe] => (Allow) D:\programme\synergy\synergy.exe
FirewallRules: [{97671048-577F-461E-A897-097BCBF1ED24}] => (Allow) D:\Programme\Synergy\synergys.exe
FirewallRules: [UDP Query User{7500319B-2CF9-443F-A252-3C22F8D4EAD8}D:\bibliotheken\dokumente\visual studio 2015\projects\chainreact\chainreact.server\bin\debug\chainreact.server.vshost.exe] => (Allow) D:\bibliotheken\dokumente\visual studio 2015\projects\chainreact\chainreact.server\bin\debug\chainreact.server.vshost.exe
FirewallRules: [TCP Query User{10EBB3FC-16FC-4B2E-83A4-DF8638542A17}D:\bibliotheken\dokumente\visual studio 2015\projects\chainreact\chainreact.server\bin\debug\chainreact.server.vshost.exe] => (Allow) D:\bibliotheken\dokumente\visual studio 2015\projects\chainreact\chainreact.server\bin\debug\chainreact.server.vshost.exe
FirewallRules: [UDP Query User{4677EC9E-394D-4067-A0E7-A32D5F8AD13E}D:\programme\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) D:\programme\steam\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{67BC321B-59B8-4CC4-85BB-4874BE3DDA93}D:\programme\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) D:\programme\steam\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [{DCDC105C-32FF-44A9-90D7-BDB99B939A3D}] => (Allow) D:\Programme\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{559799D2-E92E-4716-9302-F1D3B80B2769}] => (Allow) D:\Programme\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [UDP Query User{158CD29C-F5F5-463D-8772-FA257DE8B006}D:\programme\java\jre1.8.0_65\bin\java.exe] => (Allow) D:\programme\java\jre1.8.0_65\bin\java.exe
FirewallRules: [TCP Query User{9EB2DED0-DDC0-494A-8B6F-AC0095436B01}D:\programme\java\jre1.8.0_65\bin\java.exe] => (Allow) D:\programme\java\jre1.8.0_65\bin\java.exe
FirewallRules: [{AABF8BA5-81B8-42EB-A4A7-52D52340D38A}] => (Allow) LPort=1900
FirewallRules: [{E7E5E118-C166-435F-B44F-CB6B15A3E984}] => (Allow) LPort=2869
FirewallRules: [{8BF604C4-3DCE-4661-AC7F-248C98D8BBCD}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [UDP Query User{11714CE4-FDE5-4CD2-948C-F87BA0161397}D:\stuff\server\gmod\srcds.exe] => (Allow) D:\stuff\server\gmod\srcds.exe
FirewallRules: [TCP Query User{F4BB2557-42F1-4EDE-947D-21984F99849B}D:\stuff\server\gmod\srcds.exe] => (Allow) D:\stuff\server\gmod\srcds.exe
FirewallRules: [UDP Query User{2E69E92A-BC0F-43CD-BD62-8152B3DFCFBF}D:\bibliotheken\dokumente\visual studio 2015\projects\voicenetwork\voicenetworkserver\bin\debug\voicenetworkserver.vshost.exe] => (Allow) D:\bibliotheken\dokumente\visual studio 2015\projects\voicenetwork\voicenetworkserver\bin\debug\voicenetworkserver.vshost.exe
FirewallRules: [TCP Query User{8CB00356-EEAC-45C9-9B02-4DC3DCD019D3}D:\bibliotheken\dokumente\visual studio 2015\projects\voicenetwork\voicenetworkserver\bin\debug\voicenetworkserver.vshost.exe] => (Allow) D:\bibliotheken\dokumente\visual studio 2015\projects\voicenetwork\voicenetworkserver\bin\debug\voicenetworkserver.vshost.exe
FirewallRules: [{59F1648B-4EC2-4464-8D70-07398D3277F3}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{9655E630-FD2B-477F-935A-B099ACA6CC89}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{9237BF5E-D2AA-4170-8A52-5D21F5026AEF}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{E0F72C8A-995A-4CA0-9E0E-947FF69825D2}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [UDP Query User{CEE2CF2D-6726-4724-8F18-CD0386915983}D:\stuff\syncthing\syncthing.exe] => (Allow) D:\stuff\syncthing\syncthing.exe
FirewallRules: [TCP Query User{BBC091B2-196B-4298-9123-B57880675558}D:\stuff\syncthing\syncthing.exe] => (Allow) D:\stuff\syncthing\syncthing.exe
FirewallRules: [{ACD2EEA9-6303-4805-80D6-F893DBC3DEC2}] => (Allow) D:\Programme\Steam\steamapps\common\Dungeon Defenders 2\DunDefLauncher.exe
FirewallRules: [{37679D3B-22C7-441E-8C74-05F03229F600}] => (Allow) D:\Programme\Steam\steamapps\common\Dungeon Defenders 2\DunDefLauncher.exe
FirewallRules: [UDP Query User{C5711CDC-D02A-403F-BABD-7CB222E7C5BA}D:\bibliotheken\dokumente\rtmpdumphelper\rtmpsuck.exe] => (Allow) D:\bibliotheken\dokumente\rtmpdumphelper\rtmpsuck.exe
FirewallRules: [TCP Query User{AACB4166-486E-44C9-9144-41B89B2D4C36}D:\bibliotheken\dokumente\rtmpdumphelper\rtmpsuck.exe] => (Allow) D:\bibliotheken\dokumente\rtmpdumphelper\rtmpsuck.exe
FirewallRules: [{5B8558F7-78CE-4B9E-8807-BE3A7ECBEAA7}] => (Allow) D:\Programme\Steam\steamapps\common\Spooky's House of Jump Scares\SPOOKY.exe
FirewallRules: [{953C693C-1395-4A24-AFF9-9603E4620A69}] => (Allow) D:\Programme\Steam\steamapps\common\Spooky's House of Jump Scares\SPOOKY.exe
FirewallRules: [{677FB6E7-2E4B-4CA3-9F66-D2E934499F76}] => (Allow) D:\Programme\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BA9D9184-C5FC-4B0D-8165-A157356EAAD3}] => (Allow) D:\Programme\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A4793B95-D94A-4819-B65E-B407FEFEBECF}] => (Allow) D:\Programme\Hercules WiFi\WiFi Station N\Rtldhcp.exe
FirewallRules: [{EB91B1B8-5EB7-4576-AE9F-3C2252B408FD}] => (Allow) LPort=53
FirewallRules: [{981A61B3-2087-4456-A671-6438657D7081}] => (Allow) LPort=53
FirewallRules: [{989E8CD2-9B61-4D74-A7E0-E66768360659}] => (Allow) LPort=68
FirewallRules: [{4D7C9518-04AA-4A65-AD66-0E3D057B5281}] => (Allow) LPort=67
FirewallRules: [{040AFE65-EAF9-4474-BB60-16AF65F9A06F}] => (Allow) D:\Programme\VMware\vmware-authd.exe
FirewallRules: [{C080D89D-57E1-4F8A-A797-8FCC5605E435}] => (Allow) D:\Programme\VMware\vmware-authd.exe
FirewallRules: [{5858909B-BE33-4C37-A45C-4F19F95B567E}] => (Allow) D:\Programme\Steam\steamapps\common\RaceTheSun\RaceTheSun.exe
FirewallRules: [{3C868682-F800-4A45-AC47-15FD8E3866A8}] => (Allow) D:\Programme\Steam\steamapps\common\RaceTheSun\RaceTheSun.exe
FirewallRules: [{1C47162F-906F-4FBD-970B-1734AC394BF0}] => (Allow) LPort=1542
FirewallRules: [{F2A42F04-92E8-47E2-A4D0-291E2767404F}] => (Allow) LPort=1542
FirewallRules: [{99249CA2-B0C6-41EE-AB41-390C886B67A6}] => (Allow) LPort=53
FirewallRules: [{CD15A26A-5EFF-4B5C-A71F-B1071E72E3C4}] => (Allow) D:\Programme\Firefox\firefox.exe
FirewallRules: [{CD1E7EC9-93A5-4E68-915C-C4E4DEAF5625}] => (Allow) D:\Programme\Steam\Steam.exe
FirewallRules: [{5162FA48-429A-4C58-80DB-9BC35598D786}] => (Allow) D:\Programme\Steam\Steam.exe
FirewallRules: [{A58AABD6-C737-42E1-AA29-DBCC37F5A84C}] => (Allow) D:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{B0541F35-A58F-4D75-B07B-15B02B93A79E}] => (Allow) D:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{A55F7C7A-5BC5-49F9-8F90-6711086DC828}] => (Allow) D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TbService.exe
FirewallRules: [{6AC2EB43-E360-43E7-A9F0-BA7C4CE90581}] => (Allow) D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TbService.exe
FirewallRules: [{C6F9C01C-FB0F-4905-AD46-AB11873D8667}] => (Allow) D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{CD6063B3-1106-46FF-93F9-EEE7DD4B2B31}] => (Allow) D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{5FFDABAB-DF82-445C-A825-BBED69916778}] => (Allow) D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{BCB3820C-E844-4975-9564-D555F51DA011}] => (Allow) D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{C637198C-981F-4339-ABA4-4C8901ED58DB}] => (Allow) D:\Programme\EaseUS Todo Backup\Todo Backup\bin\Agent.exe
FirewallRules: [{FEBE2770-4BD6-4EDD-AD5C-3AE4B3D31F5D}] => (Allow) D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{04957A38-9767-4FB8-9219-8C86E7E9007C}] => (Allow) D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [TCP Query User{421B369D-BD39-4563-825B-93C9D00FE367}D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{5DA2CF70-D8FE-4D82-AA04-07688139C690}D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{B6A6220A-0A79-4CA7-BEEE-37EE1EF02009}] => (Allow) D:\Programme\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{33BDF5C9-DDB5-4B21-978B-8D642FC2944A}] => (Allow) D:\Programme\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{FAC6F82F-2188-4B26-9654-9EAD2532D09F}] => (Allow) D:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{4AB61BCB-D819-46C1-981C-B8D5373E3EB1}] => (Allow) D:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [TCP Query User{E5128E6C-6F31-4053-9BCF-5A012621CAF2}D:\programme\intellij idea 14.1.3\bin\idea.exe] => (Allow) D:\programme\intellij idea 14.1.3\bin\idea.exe
FirewallRules: [UDP Query User{BC4421CB-80E6-4DC5-9D0F-360CAC2333FE}D:\programme\intellij idea 14.1.3\bin\idea.exe] => (Allow) D:\programme\intellij idea 14.1.3\bin\idea.exe
FirewallRules: [{532A6236-1134-4C06-B25A-8CED3D9889C0}] => (Allow) C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe
FirewallRules: [{3B9CFBB6-F641-45BA-BE23-3E7BECD1B7C9}] => (Allow) C:\Users\***\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{F7F86BE2-B56F-4CF0-9AAF-716EC68DF793}] => (Allow) C:\Users\***\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [TCP Query User{1C6D81E2-7A13-4FE8-923E-1CE3626701C3}D:\bibliotheken\dokumente\visual studio 2015\projects\filetransport\filetransportreceiver\bin\debug\filetransportreceiver.vshost.exe] => (Allow) D:\bibliotheken\dokumente\visual studio 2015\projects\filetransport\filetransportreceiver\bin\debug\filetransportreceiver.vshost.exe
FirewallRules: [UDP Query User{64212B61-FE51-4CF1-A999-1F4176368480}D:\bibliotheken\dokumente\visual studio 2015\projects\filetransport\filetransportreceiver\bin\debug\filetransportreceiver.vshost.exe] => (Allow) D:\bibliotheken\dokumente\visual studio 2015\projects\filetransport\filetransportreceiver\bin\debug\filetransportreceiver.vshost.exe
FirewallRules: [{DB7CD632-356D-45B6-B34F-6C16E3DE3A88}] => (Allow) D:\Programme\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{D58DFCE1-A394-41AD-97C4-0FC00DA9124B}] => (Allow) D:\Programme\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{F00F1495-705D-42C0-B52D-986B3E6E84AF}] => (Allow) D:\Programme\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{1ACDBE71-E4E9-483A-B605-A00205F63CC8}] => (Allow) D:\Programme\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{B0DC9B2E-25A0-4813-A50E-282DDB817750}] => (Allow) D:\Programme\Steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{AD1E481A-CA10-4FEA-B762-5E6FB769AA21}] => (Allow) D:\Programme\Steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{20A49020-4357-4C59-A241-35738852D653}] => (Allow) D:\Programme\Steam\steamapps\common\Geometry Dash\GeometryDash.exe
FirewallRules: [{813811C7-250D-480D-99FA-1B7F6A01707B}] => (Allow) D:\Programme\Steam\steamapps\common\Geometry Dash\GeometryDash.exe
FirewallRules: [{2C3606E9-2891-49D1-871C-CDCA43E26F17}] => (Allow) D:\Programme\Steam\steamapps\common\Sanctum\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{97777FA6-9C44-4FB5-8F30-DDC4E4D5CA61}] => (Allow) D:\Programme\Steam\steamapps\common\Sanctum\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{810B4087-29A3-42E9-9B15-79A87304AA0E}] => (Allow) D:\Programme\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{8D01D1A4-424C-494A-9881-BA717E59CEC5}] => (Allow) D:\Programme\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{A567D6BD-71E0-44A7-BE58-D82E89664419}] => (Allow) D:\Programme\Steam\steamapps\common\Banished\Application-steam-x64.exe
FirewallRules: [{45B3B229-80A7-4E6D-8CF5-36AC2C5EC183}] => (Allow) D:\Programme\Steam\steamapps\common\Banished\Application-steam-x64.exe
FirewallRules: [TCP Query User{B52D78CD-51F1-42E9-BD21-6516619D9795}C:\users\***\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\***\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{973DDF6E-7AB4-4113-B018-67DC52CC7A10}C:\users\***\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\***\appdata\roaming\spotify\spotify.exe
FirewallRules: [{29F6FED4-3832-4FA6-A09C-D7B27F9F61C6}] => (Allow) D:\Programme\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{38CD8322-5103-4C8F-A831-57A318120A73}] => (Allow) D:\Programme\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{A078D75B-61B9-4892-AF73-DAA873C3DD2A}] => (Allow) D:\Programme\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{AD47C713-7A78-42D5-BC79-76938F868B17}] => (Allow) D:\Programme\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [TCP Query User{DA102E3F-3218-4850-9BD2-8604C69F755E}D:\program files (x86)\nodejs\node.exe] => (Allow) D:\program files (x86)\nodejs\node.exe
FirewallRules: [UDP Query User{3B8B2AC7-79C4-487B-B356-39DD81A1097E}D:\program files (x86)\nodejs\node.exe] => (Allow) D:\program files (x86)\nodejs\node.exe
FirewallRules: [{4BE6CA9A-C9F2-4B5F-8C1F-11E6EA41EBFC}] => (Allow) D:\Programme\Visual Studio\Common7\IDE\devenv.exe
FirewallRules: [{7410F56F-71AA-48C9-A4E5-BC1EE228E05C}] => (Allow) D:\Programme\Visual Studio\Common7\IDE\devenv.exe
FirewallRules: [TCP Query User{18C2F638-5FAA-4C6B-ABD2-18B682296B3E}D:\programme\unity\editor\unity.exe] => (Allow) D:\programme\unity\editor\unity.exe
FirewallRules: [UDP Query User{03D5B151-AEFF-4168-90A9-3EBD59130077}D:\programme\unity\editor\unity.exe] => (Allow) D:\programme\unity\editor\unity.exe
FirewallRules: [TCP Query User{280ADC29-3DCD-439A-90A3-552E6A77D5E6}D:\programme\unity\monodevelop\bin\monodevelop.exe] => (Allow) D:\programme\unity\monodevelop\bin\monodevelop.exe
FirewallRules: [UDP Query User{E45FE307-4C7E-4FEF-AACD-29143A06A1E1}D:\programme\unity\monodevelop\bin\monodevelop.exe] => (Allow) D:\programme\unity\monodevelop\bin\monodevelop.exe
FirewallRules: [TCP Query User{A5A88852-1BEE-4125-B280-C37CD641F3EF}D:\programme\firefox\plugin-container.exe] => (Allow) D:\programme\firefox\plugin-container.exe
FirewallRules: [UDP Query User{78DC1F8F-42CC-4F77-B024-F66A1076F042}D:\programme\firefox\plugin-container.exe] => (Allow) D:\programme\firefox\plugin-container.exe
FirewallRules: [{F9F085E5-84E2-41BF-9D82-16E69DFA6859}] => (Allow) D:\Programme\Steam\steamapps\common\lethalleague\LethalLeague.exe
FirewallRules: [{FE89FDC2-F4EC-4D0A-90C8-205D23C00894}] => (Allow) D:\Programme\Steam\steamapps\common\lethalleague\LethalLeague.exe
FirewallRules: [{837AAA17-907F-4022-8FEA-8CB08C96B9E0}] => (Allow) D:\Programme\Steam\steamapps\common\Emily is Away\emily is away.exe
FirewallRules: [{99D71EFB-DEF0-49C8-BDA2-B126B8CC594A}] => (Allow) D:\Programme\Steam\steamapps\common\Emily is Away\emily is away.exe
FirewallRules: [{E402AA54-B19F-4FEE-A657-CD7D5CC0D40F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B3291579-8C66-413E-8941-3CD682949412}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{5F2FC6D3-8725-4C42-A5B6-9EF9E6B9703D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{19465167-8102-4FCC-9115-53D6F9E7E519}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{BB23F745-3825-4925-A188-E614BA9FEC6B}] => (Allow) D:\Programme\Steam\steamapps\common\APB Reloaded\Launcher\APBLauncher.exe
FirewallRules: [{E55872BB-597D-4C83-A052-5BFA907E0CB1}] => (Allow) D:\Programme\Steam\steamapps\common\APB Reloaded\Launcher\APBLauncher.exe
FirewallRules: [{6C0F7DE6-0D66-4E97-952B-06BC0C4CDB71}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{483C009E-5D66-4B22-B156-522A960CE9D2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1545ADCD-EE25-4B35-B997-5D839799056D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6D4149CE-C651-4D44-B67E-0DAC638457F5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B20BEC19-D01A-447B-A65E-E4D7B44FBF2C}] => (Allow) D:\Programme\Steam\steamapps\common\APB Reloaded\Binaries\APB.exe
FirewallRules: [{9C942DB7-C8AB-4C61-A85E-9BFBAF15656F}] => (Allow) D:\Programme\Steam\steamapps\common\APB Reloaded\Binaries\APB.exe
FirewallRules: [{F01BF58E-2C30-4D10-BCB7-C392B50B9D46}] => (Allow) D:\Programme\Steam\steamapps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [{AD612527-AD71-43BC-835D-E580888A39BF}] => (Allow) D:\Programme\Steam\steamapps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [{703E0406-7185-462A-8766-E6F03C082BBD}] => (Allow) D:\Programme\Steam\steamapps\common\Sven Co-op\svencoop.exe
FirewallRules: [{72DCA22B-BEDF-4277-909D-027E0B607F76}] => (Allow) D:\Programme\Steam\steamapps\common\Sven Co-op\svencoop.exe
FirewallRules: [{712F8169-4A64-4624-87E4-1824E2A17D2C}] => (Allow) D:\Programme\Microsoft Office 2013\Office15\lync.exe
FirewallRules: [{30CADEA3-A8A5-45E7-98A0-063453D5D7DF}] => (Allow) D:\Programme\Microsoft Office 2013\Office15\lync.exe
FirewallRules: [{30F08DBA-D584-4804-802A-5BC07582ECED}] => (Allow) D:\Programme\Microsoft Office 2013\Office15\UcMapi.exe
FirewallRules: [{38E6EE8D-893D-4E70-88D6-F7959235B6E9}] => (Allow) D:\Programme\Microsoft Office 2013\Office15\UcMapi.exe
FirewallRules: [{40D623E8-1B93-44A8-A436-0F17D109FE1C}] => (Allow) D:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{AB9F31BD-D567-4862-8C80-82E3171168AD}] => (Allow) D:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{BEA05228-DA4B-4663-AB29-35101B3E720F}] => (Allow) D:\Programme\Steam\steamapps\common\DOMO_US\Main\DOMO.exe
FirewallRules: [{55379890-22FC-425E-87C5-108687B16478}] => (Allow) D:\Programme\Steam\steamapps\common\DOMO_US\Main\DOMO.exe
FirewallRules: [{94D54CD0-7ED0-4FDC-94A8-D7BABFFEC2B4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{6C16AD60-A79E-4F5C-9180-59ADFDC740F6}] => (Allow) D:\Programme\Steam\steamapps\common\Pro Evolution Soccer 2016 myClub\PES2016.exe
FirewallRules: [{A791CEC0-88D1-435C-A119-8938D8AB1904}] => (Allow) D:\Programme\Steam\steamapps\common\Pro Evolution Soccer 2016 myClub\PES2016.exe
FirewallRules: [{65CA07C2-5E42-4436-AEF2-1C3737F88EDB}] => (Allow) D:\Programme\Steam\steamapps\common\Survarium\temp\survarium_launcher.exe
FirewallRules: [{6C4F96A3-C852-4A31-AF00-DA9C9F2FBB93}] => (Allow) D:\Programme\Steam\steamapps\common\Survarium\temp\survarium_updater.exe
FirewallRules: [{1FFFAF77-DD5B-4007-8F38-33A0199AD0E0}] => (Allow) D:\Programme\Steam\steamapps\common\Survarium\temp\survarium_updater.exe
FirewallRules: [{A0D0FE67-C630-44AD-8299-5771B58A188F}] => (Allow) D:\Programme\Steam\steamapps\common\Survarium\temp\survarium_updater.exe
FirewallRules: [{5CDCCEB7-22B1-4BC3-918F-FD6C2574105A}] => (Allow) D:\Programme\Steam\steamapps\common\Survarium\temp\survarium_updater.exe
FirewallRules: [{C4383461-FE60-4CCE-B402-D15042238099}] => (Allow) D:\Programme\Steam\steamapps\common\Survarium\game\binaries\x86\survarium.exe
FirewallRules: [{70D59486-A6A3-4A13-BEFD-5CBDF13CAD3D}] => (Allow) D:\Programme\Steam\steamapps\common\Survarium\game\binaries\x86\survarium.exe
FirewallRules: [{6F82E02D-E318-4AB7-9AC4-40D2F7D68474}] => (Allow) D:\Programme\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{EE534453-97E6-475E-9375-5627856E0527}] => (Allow) D:\Programme\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{75546729-045B-4E4B-AC8B-32FB3E9F91D3}] => (Allow) LPort=1689
FirewallRules: [{FE5524CD-31D8-404D-BE9F-6BBBD2793C1B}] => (Allow) LPort=1688
FirewallRules: [{D2518655-E8F5-4118-8048-070AE5C579DB}] => (Allow) D:\Programme\Mozilla Firefox\firefox.exe
FirewallRules: [{CAEE5C5F-7360-4D84-B761-00A87C3C0BB5}] => (Allow) D:\Programme\Mozilla Firefox\firefox.exe
FirewallRules: [{118C0F15-4F4E-4FF6-90A3-3931A462AB2D}] => (Allow) D:\Programme\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{C624A013-B218-4367-94A9-A1DF9AD7B7B5}] => (Allow) D:\Programme\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
==================== Wiederherstellungspunkte =========================
04-02-2016 12:14:10 Windows Update
05-02-2016 13:07:07 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
08-02-2016 14:34:28 Windows Update
12-02-2016 15:12:33 Windows Update
15-02-2016 21:03:34 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: VMware Virtual Ethernet Adapter for VMnet1
Description: VMware Virtual Ethernet Adapter for VMnet1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: VMware Virtual Ethernet Adapter for VMnet8
Description: VMware Virtual Ethernet Adapter for VMnet8
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/18/2016 03:56:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm explorer.exe, Version 10.0.10586.104 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 16c
Startzeit: 01d16a5c8c924c2c
Beendigungszeit: 0
Anwendungspfad: C:\Windows\explorer.exe
Berichts-ID: d4833318-d64f-11e5-82d7-7824af404841
Vollständiger Name des fehlerhaften Pakets:
Auf das fehlerhafte Paket bezogene Anwendungs-ID:
Error: (02/18/2016 03:55:03 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: KASKADEKING-PC)
Description: Das Paket „Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge#{850b5dd6-d5d1-4686-8119-a7ad2c899624}“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (02/18/2016 03:55:03 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: KASKADEKING-PC)
Description: Das Paket „Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge#{90e0fd49-03fb-4987-8852-a2d856167f33}“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (02/18/2016 03:55:03 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: KASKADEKING-PC)
Description: Das Paket „Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge#{580c8ce5-1559-4742-9661-33c4822d2c3a}“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (02/18/2016 03:53:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 48.0.2564.109 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 3908
Startzeit: 01d16a5bdbc3e8ba
Beendigungszeit: 60000
Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Berichts-ID: 2adab1a4-d64f-11e5-82d7-7824af404841
Vollständiger Name des fehlerhaften Pakets:
Auf das fehlerhafte Paket bezogene Anwendungs-ID:
Error: (02/18/2016 03:43:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iexplore.exe, Version 11.0.10586.20 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1200
Startzeit: 01d16a5956781510
Beendigungszeit: 60000
Anwendungspfad: C:\Program Files\Internet Explorer\iexplore.exe
Berichts-ID: ceee7200-d64d-11e5-82d7-7824af404841
Vollständiger Name des fehlerhaften Pakets:
Auf das fehlerhafte Paket bezogene Anwendungs-ID:
Error: (02/18/2016 03:33:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iexplore.exe, Version 11.0.10586.20 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2994
Startzeit: 01d16a589aa63ebd
Beendigungszeit: 60000
Anwendungspfad: C:\Program Files\Internet Explorer\iexplore.exe
Berichts-ID: 56afb66e-d64c-11e5-82d7-7824af404841
Vollständiger Name des fehlerhaften Pakets:
Auf das fehlerhafte Paket bezogene Anwendungs-ID:
Error: (02/18/2016 03:25:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 48.0.2564.109 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1954
Startzeit: 01d16a553d77da7d
Beendigungszeit: 60000
Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Berichts-ID: 39fbb574-d64b-11e5-82d7-7824af404841
Vollständiger Name des fehlerhaften Pakets:
Auf das fehlerhafte Paket bezogene Anwendungs-ID:
Error: (02/18/2016 03:09:50 PM) (Source: MsiInstaller) (EventID: 1024) (User: KASKADEKING-PC)
Description: Produkt: Adobe Acrobat Reader DC - Deutsch - Update "{AC76BA86-7AD7-0000-2550-AC0F0A4E5B00}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
Error: (02/18/2016 02:51:52 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KASKADEKING-PC)
Description: Bei der Aktivierung der App „Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Systemfehler:
=============
Error: (02/18/2016 04:00:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_50a2c" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/18/2016 04:00:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _50a2c" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/18/2016 04:00:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_50a2c" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/18/2016 04:00:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_50a2c" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/18/2016 04:00:05 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (02/18/2016 03:59:54 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT-AUTORITÄT)
Description: Bei der automatischen WLAN-Konfiguration wurde eine eingeschränkte Konnektivität erkannt, "Reset/Recover.adapter" wird ausgeführt.
Code: 8 0x0 0x0
Error: (02/18/2016 03:59:36 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT-AUTORITÄT)
Description: Bei der automatischen WLAN-Konfiguration wurde eine eingeschränkte Konnektivität erkannt, "Reset/Recover.adapter" wird ausgeführt.
Code: 2 0xdeaddeed 0xeeec
Error: (02/18/2016 03:59:36 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT-AUTORITÄT)
Description: Bei der automatischen WLAN-Konfiguration wurde eine eingeschränkte Konnektivität erkannt, "Reset/Recover.adapter" wird ausgeführt.
Code: 1 0xc 0x4
Error: (02/18/2016 03:57:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Synchronisierungshost_7e680 erreicht.
Error: (02/18/2016 03:57:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Benutzerdatenspeicher _7e680 erreicht.
CodeIntegrity:
===================================
Date: 2016-02-11 17:29:08.364
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-11 13:42:12.036
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-31 14:22:33.092
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-30 09:54:28.092
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-29 18:28:03.987
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-29 18:16:18.014
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-29 15:07:10.925
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-29 15:00:30.393
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-29 14:58:24.104
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-29 14:57:07.832
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: AMD A8-6600K APU with Radeon(tm) HD Graphics
Prozentuale Nutzung des RAM: 52%
Installierter physikalischer RAM: 7364.16 MB
Verfügbarer physikalischer RAM: 3487.28 MB
Summe virtueller Speicher: 13060.16 MB
Verfügbarer virtueller Speicher: 8571 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:107.86 GB) (Free:20.66 GB) NTFS
Drive d: (Daten) (Fixed) (Total:731.51 GB) (Free:368.97 GB) NTFS
Drive h: (UUI) (Removable) (Total:7.48 GB) (Free:6.51 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 72B5DD30)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=107.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11 GB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: DFE201F7)
Partition 1: (Not Active) - (Size=731.5 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (Size: 7.5 GB) (Disk ID: 20AC7DDA)
No partition Table on disk 3.
==================== Ende von Addition.txt ============================
__________________ |
|
20.02.2016, 16:59
| #3 |
| | Probleme mit Internetbrowser Niemand da?
__________________
__________________ |
|
29.02.2016, 17:55
| #4 |
| /// TB-Ausbilder /// Anleitungs-Guru  | Probleme mit Internetbrowser Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das... 
 Hinweis:Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden. Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert. Adware & Co. können wir sehr gut entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean  bekommst.Los geht's: Schritt 1   Bitte starte FRST erneut, markiere auch die checkbox  und drücke auf Untersuchen. Bitte poste mir den Inhalt der beiden Logs die erstellt werden.
__________________ Gruß deeprybka  Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
29.02.2016, 18:41
| #5 |
| | Probleme mit Internetbrowser Hallo FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:17-02-2016 durchgeführt von KaskadekingDE (Administrator) auf KASKADEKING-PC (29-02-2016 18:27:39) Gestartet von C:\Users\***\Desktop Geladene Profile: KaskadekingDE (Verfügbare Profile: KaskadekingDE) Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: "D:\Programme\BitBox\bin\BitBoxClient.exe" start "%1") Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AMD) C:\Windows\System32\atiesrxx.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe (Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Apple Inc.) C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (Guillemot Corporation) C:\Windows\SysWOW64\HerculesWiFiService.exe (JetBrains s.r.o) C:\Program Files (x86)\JetBrains\ETW Host\JetBrains.ETW.Collector.Host.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe (CHENGDU YIWO Tech Development Co., Ltd) D:\Programme\EaseUS Todo Backup\Todo Backup\bin\Agent.exe (Hi-Rez Studios) D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (Malwarebytes) D:\Programme\ Malwarebytes Anti-Malware \mbamscheduler.exe (Sirrix AG) D:\Programme\BitBox\bin\BitBoxService.exe (Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe (Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe (Malwarebytes) D:\Programme\ Malwarebytes Anti-Malware \mbamservice.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Sophos Limited) C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsAgent.exe (Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe (SeriousBit) D:\Programme\NetBalancer\SeriousBit.NetBalancer.Service.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.) D:\Programme\VMware\vmware-authd.exe (Sophos Limited) C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsClient.exe (Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe (Sophos Limited) C:\Program Files (x86)\Common Files\Sophos\Web Intelligence\swi_fc.exe () D:\Programme\Synergy\synergyd.exe (CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe (Microsoft Corporation) C:\Windows\System32\vds.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe konnte nicht auf den Prozess zugreifen -> firefox.exe konnte nicht auf den Prozess zugreifen -> swi_lspdiag.exe konnte nicht auf den Prozess zugreifen -> chrome.exe konnte nicht auf den Prozess zugreifen -> firefox.exe (Microsoft Corporation) D:\Programme\Visual Studio\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe (AMD) C:\Windows\System32\atieclxx.exe (Malwarebytes) D:\Programme\ Malwarebytes Anti-Malware \mbam.exe () D:\Programme\Hercules WiFi\WiFi Station N\WiFiN.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Ruiware) D:\Programme\WinPatrol\WinPatrol.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Sirrix AG) D:\Programme\BitBox\bin\BitBoxTrayapp.exe (Sirrix AG) D:\Programme\BitBox\bin\BITBstartApplicationAsUser.exe (Sirrix AG) D:\Programme\BitBox\bin\bitb.exe (Oracle Corporation) D:\Programme\VirtualBox\VBoxSVC.exe (Oracle Corporation) D:\Programme\VirtualBox\VirtualBox.exe (Oracle Corporation) D:\Programme\VirtualBox\VirtualBox.exe (Oracle Corporation) D:\Programme\VirtualBox\VirtualBox.exe () D:\Programme\VirtualBox\VBoxNetNAT.exe () D:\Programme\VirtualBox\VBoxNetNAT.exe () D:\Programme\VirtualBox\VBoxNetNAT.exe (Sirrix AG) D:\Programme\BitBox\bin\watchdog.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe (Epic Games, Inc.) D:\Programme\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe () D:\Programme\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe () D:\Programme\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe (eM Client s.r.o.) C:\Program Files (x86)\eM Client\MailClient.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-07-29] (Realtek Semiconductor) HKLM\...\Run: [Greenshot] => D:\Programme\Greenshot\Greenshot.exe [528384 2015-11-10] (Greenshot) HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-10-01] (Raptr, Inc) HKLM-x32\...\Run: [EaseUS EPM tray] => D:\Programme\EaseUS Partition Master 10.8\bin\EpmNews.exe [2089056 2015-09-16] (CHENGDU YIWO Tech Development Co., Ltd) HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [883352 2015-12-14] (BlueStack Systems, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [VirtualCloneDrive] => D:\Programme\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG) HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] => C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [1418504 2016-01-03] (Sophos Limited) HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Run: [WinPatrol] => D:\Programme\WinPatrol\winpatrol.exe [1238152 2015-05-17] (Ruiware) HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Run: [eM Client] => C:\Program Files (x86)\eM Client\MailClient.exe [15698792 2016-02-29] (eM Client s.r.o.) HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Run: [FileHippo.com] => D:\Programme\FileHippo.com\FileHippo.AppManager.exe [10574544 2015-05-12] () HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Run: [BitTorrent] => C:\Users\***\AppData\Roaming\BitTorrent\BitTorrent.exe [1873952 2015-12-06] (BitTorrent Inc.) HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Run: [Spotify Web Helper] => C:\Users\***\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1524336 2016-02-20] (Spotify Ltd) HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [787592 2015-09-21] (Sandboxie Holdings, LLC) HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.exe [433256 2015-11-05] (CyberGhost S.R.L.) HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Run: [GalaxyClient] => [X] HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Policies\Explorer: [NoRecentDocsNetHood] 1 HKU\S-1-5-21-117306591-3796779208-521460896-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [150528 2015-10-30] (Microsoft Corporation) AppInit_DLLs-x32: C:\PROGRA~2\Sophos\SOPHOS~1\\SOPHOS~1.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\\sophos_detoured.dll [275352 2015-12-02] (Sophos Limited) IFEO\SppExtComObj.exe: [Debugger] C:\WINDOWS\SECOH-QAD.exe ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\***\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64\FileSyncShell64.dll [2015-11-29] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\***\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64\FileSyncShell64.dll [2015-11-29] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\***\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64\FileSyncShell64.dll [2015-11-29] (Microsoft Corporation) ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Keine Datei ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Keine Datei ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Keine Datei ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Keine Datei ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\***\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\FileSyncShell.dll [2015-11-29] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\***\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\FileSyncShell.dll [2015-11-29] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\***\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\FileSyncShell.dll [2015-11-29] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Keine Datei ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Keine Datei ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Keine Datei ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{16b3da2f-3369-4f8c-958f-17af1676bbfc}: [DhcpNameServer] 10.175.0.1 Tcpip\..\Interfaces\{bd567df3-7c98-4f98-ae5e-f75c7867c650}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== HKU\S-1-5-21-117306591-3796779208-521460896-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://localoem.msn.com/ HKU\S-1-5-21-117306591-3796779208-521460896-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://localoem.msn.com BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> D:\Programme\Microsoft Office 2013\Office15\OCHelper.dll [2016-01-12] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Programme\Java\jre1.8.0_65\bin\ssv.dll [2015-11-16] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Programme\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-11-16] (Oracle Corporation) BHO-x32: Kein Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> Keine Datei BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-01-12] (Microsoft Corporation) BHO-x32: Kein Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Keine Datei Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - D:\Programme\Microsoft Office 2013\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\anscmfsk.default FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-10] () FF Plugin: @java.com/DTPlugin,version=11.65.2 -> D:\Programme\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-11-16] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.65.2 -> D:\Programme\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-11-16] (Oracle Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> D:\Programme\Microsoft Office 2013\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] () FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> D:\Programme\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [Keine Datei] FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> D:\Programme\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [Keine Datei] FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> D:\Programme\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-117306591-3796779208-521460896-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\***\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-07-11] (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation) FF SearchPlugin: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\anscmfsk.default\searchplugins\bugzilla.xml [2015-07-07] FF SearchPlugin: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\anscmfsk.default\searchplugins\vb-paradise-20.xml [2015-07-13] FF Extension: HttpRequester - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\anscmfsk.default\extensions\{ea4637dc-e014-4c17-9c2c-879322d23268} [2015-06-17] FF Extension: DownThemAll! - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\anscmfsk.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-12-06] FF Extension: WOT - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\anscmfsk.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-12-10] FF Extension: NoScript - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\anscmfsk.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-02-13] FF Extension: Greasemonkey - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\anscmfsk.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-02-21] FF Extension: uBlock Origin - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\anscmfsk.default\Extensions\uBlock0@raymondhill.net.xpi [2016-02-25] StartMenuInternet: FIREFOX.EXE - D:\Programme\Mozilla Firefox\firefox.exe Chrome: ======= CHR Profile: C:\Users\***\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Präsentationen) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-16] CHR Extension: (Google Docs) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-16] CHR Extension: (Google Drive) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-16] CHR Extension: (YouTube) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-16] CHR Extension: (uBlock Origin) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2016-02-16] CHR Extension: (Google-Suche) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-16] CHR Extension: (Tampermonkey) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-02-16] CHR Extension: (Google Tabellen) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-16] CHR Extension: (Google Docs Offline) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-16] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-16] CHR Extension: (Google Mail) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-16] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc.) R2 BitBoxService; D:\Programme\BitBox\bin\BitBoxService.exe [738304 2016-02-01] (Sirrix AG) [Datei ist nicht signiert] R2 Bonjour Service; C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe [384512 2015-06-02] (Apple Inc.) [Datei ist nicht signiert] S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [432792 2015-12-14] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [412312 2015-12-14] (BlueStack Systems, Inc.) R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [854680 2015-12-14] (BlueStack Systems, Inc.) R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [65640 2015-11-05] (CyberGhost S.R.L) R2 EaseUS Agent; D:\Programme\EaseUS Todo Backup\Todo Backup\bin\Agent.exe [37416 2014-12-15] (CHENGDU YIWO Tech Development Co., Ltd) S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-19] (Microsoft Corporation) [Datei ist nicht signiert] S3 GalaxyClientService; D:\Programme\GalaxyClient\GalaxyClientService.exe [1616440 2015-10-14] (GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7220792 2016-02-11] (GOG.com) R2 HerculesWiFi; C:\WINDOWS\SysWOW64\\HerculesWiFiService.exe [78232 2012-09-26] (Guillemot Corporation) U2 HiPatchService; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2015-11-03] (Hi-Rez Studios) [Datei ist nicht signiert] R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe [14760 2013-01-11] (Microsoft Corporation) R2 jetbrainsetw.103.0.20150818.191753; C:\Program Files (x86)\JetBrains\ETW Host\JetBrains.ETW.Collector.Host.exe [1479288 2015-08-18] (JetBrains s.r.o) R2 MBAMScheduler; D:\Programme\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; D:\Programme\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 NetBalancerService; D:\Programme\NetBalancer\SeriousBit.NetBalancer.Service.exe [145272 2016-01-15] (SeriousBit) S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [3916368 2016-01-09] (INCA Internet Co., Ltd.) S3 Origin Client Service; D:\Programme\Origin\OriginClientService.exe [2104840 2016-02-05] (Electronic Arts) S3 OverwolfUpdater; D:\Programme\Overwolf\OverwolfUpdater.exe [1009904 2016-02-11] (Overwolf LTD) R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2015-12-29] () R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [288552 2015-12-02] (Sophos Limited) R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [208168 2015-12-02] (Sophos Limited) R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [177800 2015-09-21] (Sandboxie Holdings, LLC) R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [489224 2016-01-03] (Sophos Limited) R2 Sophos MCS Agent; C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsAgent.exe [331048 2016-01-03] (Sophos Limited) R2 Sophos MCS Client; C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsClient.exe [909608 2016-01-03] (Sophos Limited) R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [341768 2015-12-02] (Sophos Limited) S3 Survarium-Steam Update Service; D:\Programme\Steam\steamapps\common\Survarium\game\binaries\x86\survarium_service.exe [96856 2015-12-25] () R2 swi_filter; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe [300808 2015-12-02] (Sophos Limited) R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3278600 2015-12-02] (Sophos Limited) R2 Synergy; D:\Programme\Synergy\synergyd.exe [311488 2015-11-19] () S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [Datei ist nicht signiert] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH) R2 VMAuthdService; D:\Programme\VMware\vmware-authd.exe [87744 2015-05-31] (VMware, Inc.) R3 VSStandardCollectorService140; D:\Programme\Visual Studio\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-06] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc.) R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-13] (Advanced Micro Devices, Inc.) R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices) R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-07-22] (Advanced Micro Devices) R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [146016 2015-12-14] (BlueStack Systems) S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-07-30] (Disc Soft Ltd) S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [18528 2014-11-18] () S3 epmntdrv; C:\WINDOWS\SysWOW64\epmntdrv.sys [14944 2014-11-18] () R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48168 2014-12-14] () S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10848 2014-11-18] () S3 EuGdiDrv; C:\WINDOWS\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] () S3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (Visicom Media Inc.) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-02-29] (Malwarebytes) S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) S3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.) R1 nbdrv; C:\Windows\system32\DRIVERS\nbdrv.sys [42128 2016-01-15] (SeriousBit) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-07-29] (Realtek ) R3 rtlss; C:\Windows\System32\Drivers\rtlss.sys [27240 2010-06-21] (Realtek Semiconductor Corporation) R3 RtlWlanu; C:\Windows\System32\drivers\rtwlanu.sys [3870464 2015-10-01] (Realtek Semiconductor Corporation ) R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [161024 2015-12-02] (Sophos Limited) R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [191624 2015-09-21] (Sandboxie Holdings, LLC) S3 sdcfilter; C:\Windows\system32\DRIVERS\sdcfilter.sys [38144 2015-12-02] (Sophos Limited) R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation) S4 SophosBootDriver; C:\Windows\system32\DRIVERS\SophosBootDriver.sys [27904 2015-12-02] (Sophos Limited) R1 swi_callout; C:\Windows\system32\DRIVERS\swi_callout.sys [32512 2015-12-02] (Sophos Limited) S3 tapse01; C:\Windows\System32\drivers\tapse01.sys [26624 2015-05-25] (The OpenVPN Project) R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [194816 2016-01-29] (Oracle Corporation) R1 veracrypt; C:\Windows\System32\drivers\veracrypt.sys [195416 2016-02-05] (IDRIX) R0 vsock; C:\Windows\System32\drivers\vsock.sys [76480 2015-05-21] (VMware, Inc.) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) S3 WinDivert1.1; \??\D:\Programme\KMSpico\WinDivert.sys [X] S3 XSplit_Dummy; \SystemRoot\system32\drivers\xspltspk.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-02-29 18:27 - 2016-02-29 18:28 - 00027082 _____ C:\Users\***\Desktop\FRST.txt 2016-02-28 16:52 - 2016-02-28 16:52 - 00000000 ____D C:\Users\***\AppData\Roaming\Unreal Engine 2016-02-28 13:26 - 2016-02-28 13:26 - 00000000 ____D C:\Users\***\AppData\Local\UnrealEngineLauncher 2016-02-28 13:18 - 2016-02-28 16:53 - 00000000 ____D C:\Users\***\AppData\Local\UnrealEngine 2016-02-28 13:18 - 2016-02-28 13:18 - 00000000 ____D C:\Users\***\AppData\Local\EpicGamesLauncher 2016-02-28 13:17 - 2016-02-28 13:27 - 00001340 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk 2016-02-28 13:17 - 2016-02-28 13:27 - 00001340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk 2016-02-28 13:17 - 2016-02-28 13:26 - 00000000 ____D C:\ProgramData\Epic 2016-02-25 17:02 - 2016-02-25 17:02 - 00000137 _____ C:\Users\***\Desktop\SteamVR Performance Test.url 2016-02-23 20:12 - 2016-02-23 20:12 - 00000794 _____ C:\Users\***\Desktop\Start Tor Browser.lnk 2016-02-23 20:12 - 2016-02-23 20:12 - 00000794 _____ C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk 2016-02-23 15:59 - 2016-02-23 15:59 - 00000000 ____D C:\Users\***\AppData\Roaming\Conway's Game Of Life 2016-02-22 19:40 - 2016-02-22 19:42 - 00000000 ____D C:\Users\***\AppData\Roaming\QtProject 2016-02-22 17:49 - 2016-02-22 17:49 - 00000000 ____D C:\Users\***\Desktop\Neuer Ordner 2016-02-20 18:40 - 2016-02-20 18:40 - 00000000 ____D C:\Users\***\AppData\Roaming\Trove 2016-02-20 11:00 - 2016-02-20 11:00 - 00000212 _____ C:\Users\***\Desktop\Trove.url 2016-02-19 14:45 - 2016-02-15 13:48 - 00026290 _____ C:\Users\***\Downloads\bookmarks-2016-02-15.json 2016-02-19 12:32 - 2016-02-19 12:32 - 00000802 _____ C:\Users\Public\Desktop\Browser in the Box.lnk 2016-02-19 12:32 - 2016-02-19 12:32 - 00000802 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser in the Box.lnk 2016-02-19 12:32 - 2016-02-19 12:32 - 00000000 ____D C:\Users\***\AppData\Roaming\Sirrix AG 2016-02-19 12:32 - 2016-02-19 12:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser in the Box 2016-02-19 12:31 - 2016-02-19 12:31 - 00000000 ____D C:\ProgramData\Sirrix AG 2016-02-18 16:20 - 2016-02-18 16:20 - 02371072 _____ (Farbar) C:\Users\***\Desktop\FRST64.exe 2016-02-18 16:20 - 2016-02-18 16:20 - 00000000 ____D C:\Users\***\Desktop\FRST-OlderVersion 2016-02-18 15:24 - 2016-02-18 15:24 - 00001655 _____ C:\Users\***\Desktop\Twitter Downloader.lnk 2016-02-18 15:03 - 2016-02-19 12:07 - 00034328 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS 2016-02-16 16:54 - 2016-02-16 16:54 - 00002331 _____ C:\Users\***\Desktop\Google Chrome.lnk 2016-02-16 16:37 - 2015-12-02 18:11 - 00032512 _____ (Sophos Limited) C:\WINDOWS\system32\Drivers\swi_callout.sys 2016-02-16 16:35 - 2016-02-16 16:35 - 00000842 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2016-02-16 16:35 - 2016-02-16 16:35 - 00000842 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-02-16 16:35 - 2016-02-16 16:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-02-16 16:27 - 2016-02-16 16:28 - 00127698 _____ C:\WINDOWS\ntbtlog.txt 2016-02-16 15:52 - 2016-02-29 18:27 - 00000000 ____D C:\FRST 2016-02-15 17:46 - 2016-02-15 17:46 - 00000696 _____ C:\Users\Public\Desktop\EasyBCD 2.2.lnk 2016-02-15 17:46 - 2016-02-15 17:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NeoSmart Technologies 2016-02-15 17:32 - 2016-02-17 16:06 - 00000000 ____D C:\NST 2016-02-15 17:12 - 2016-02-15 17:12 - 00000000 ____D C:\Users\***\AppData\Local\NeoSmart_Technologies 2016-02-15 14:50 - 2016-02-15 14:50 - 00000173 _____ C:\Users\***\.gitconfig 2016-02-15 13:48 - 2016-02-15 13:48 - 00026290 _____ C:\Users\***\Desktop\bookmarks-2016-02-15.json 2016-02-12 19:04 - 2016-02-12 19:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Survarium-Steam 2016-02-12 17:58 - 2016-02-12 17:58 - 00000000 ____D C:\ProgramData\KONAMI 2016-02-10 16:25 - 2016-01-27 07:15 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2016-02-10 16:25 - 2016-01-27 07:01 - 07476064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-02-10 16:25 - 2016-01-27 06:56 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-02-10 16:25 - 2016-01-27 06:55 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2016-02-10 16:25 - 2016-01-27 06:45 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-02-10 16:25 - 2016-01-27 06:45 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2016-02-10 16:25 - 2016-01-27 06:37 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-02-10 16:25 - 2016-01-27 06:37 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-02-10 16:25 - 2016-01-27 06:10 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-02-10 16:25 - 2016-01-27 06:05 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-02-10 16:25 - 2016-01-27 06:05 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-02-10 16:25 - 2016-01-27 06:04 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-02-10 16:25 - 2016-01-27 06:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2016-02-10 16:25 - 2016-01-27 05:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-02-10 16:25 - 2016-01-27 05:55 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-02-10 16:25 - 2016-01-27 05:54 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-02-10 16:25 - 2016-01-27 05:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2016-02-10 16:25 - 2016-01-27 05:50 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-02-10 16:25 - 2016-01-27 05:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-02-10 16:25 - 2016-01-27 05:48 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-02-10 16:25 - 2016-01-27 05:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-02-10 16:25 - 2016-01-27 05:41 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-02-10 16:25 - 2016-01-27 05:39 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-02-10 16:25 - 2016-01-27 05:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-02-10 16:25 - 2016-01-27 05:37 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-02-10 16:25 - 2016-01-27 05:36 - 02757120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-02-10 16:25 - 2016-01-27 05:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2016-02-10 16:24 - 2016-01-29 07:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2016-02-10 16:24 - 2016-01-29 07:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2016-02-10 16:24 - 2016-01-27 07:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2016-02-10 16:24 - 2016-01-27 07:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2016-02-10 16:24 - 2016-01-27 07:01 - 01819720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2016-02-10 16:24 - 2016-01-27 06:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe 2016-02-10 16:24 - 2016-01-27 06:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-02-10 16:24 - 2016-01-27 06:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2016-02-10 16:24 - 2016-01-27 06:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2016-02-10 16:24 - 2016-01-27 06:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe 2016-02-10 16:24 - 2016-01-27 06:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2016-02-10 16:24 - 2016-01-27 06:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2016-02-10 16:24 - 2016-01-27 06:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2016-02-10 16:24 - 2016-01-27 06:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-02-10 16:24 - 2016-01-27 06:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe 2016-02-10 16:24 - 2016-01-27 06:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2016-02-10 16:24 - 2016-01-27 06:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll 2016-02-10 16:24 - 2016-01-27 06:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll 2016-02-10 16:24 - 2016-01-27 06:13 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll 2016-02-10 16:24 - 2016-01-27 06:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2016-02-10 16:24 - 2016-01-27 06:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll 2016-02-10 16:24 - 2016-01-27 06:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll 2016-02-10 16:24 - 2016-01-27 06:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll 2016-02-10 16:24 - 2016-01-27 06:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll 2016-02-10 16:24 - 2016-01-27 06:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll 2016-02-10 16:24 - 2016-01-27 06:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll 2016-02-10 16:24 - 2016-01-27 06:05 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2016-02-10 16:24 - 2016-01-27 06:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll 2016-02-10 16:24 - 2016-01-27 06:03 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll 2016-02-10 16:24 - 2016-01-27 06:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll 2016-02-10 16:24 - 2016-01-27 05:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll 2016-02-10 16:24 - 2016-01-27 05:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-02-10 16:24 - 2016-01-27 05:55 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-02-10 16:24 - 2016-01-27 05:50 - 01504768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-02-10 16:24 - 2016-01-27 05:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys 2016-02-10 16:24 - 2016-01-27 05:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll 2016-02-10 16:24 - 2016-01-27 05:38 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-02-10 16:24 - 2016-01-27 05:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll 2016-02-09 20:11 - 2016-02-09 20:11 - 00000836 _____ C:\Users\***\AppData\Local\recently-used.xbel 2016-02-05 13:14 - 2016-02-05 13:14 - 00000212 _____ C:\Users\***\Desktop\Pro Evolution Soccer 2016 myClub.url 2016-02-05 09:57 - 2016-02-05 09:57 - 00195416 _____ (IDRIX) C:\WINDOWS\system32\Drivers\veracrypt.sys 2016-02-05 09:57 - 2016-02-05 09:57 - 00000747 _____ C:\Users\***\Desktop\VeraCrypt.lnk 2016-02-05 09:57 - 2016-02-05 09:57 - 00000000 ____D C:\Users\***\AppData\Roaming\VeraCrypt 2016-02-01 18:24 - 2016-02-01 18:25 - 00000000 ____D C:\ProgramData\Overwolf 2016-02-01 18:24 - 2016-02-01 18:24 - 00003766 _____ C:\WINDOWS\System32\Tasks\Overwolf Updater Task 2016-02-01 18:24 - 2016-02-01 18:24 - 00000856 _____ C:\Users\Public\Desktop\Overwolf.lnk 2016-02-01 18:24 - 2016-02-01 18:24 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf 2016-02-01 18:22 - 2016-02-01 18:25 - 00000000 ____D C:\Users\***\AppData\Local\Overwolf 2016-01-31 13:55 - 2016-02-16 16:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-02-29 18:15 - 2015-12-06 18:01 - 00001148 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-02-29 18:15 - 2015-05-30 18:26 - 00000000 ____D C:\Users\***\AppData\Roaming\eM Client 2016-02-29 18:15 - 2015-05-30 18:25 - 00001042 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eM Client.lnk 2016-02-29 18:15 - 2015-05-30 18:25 - 00000000 ____D C:\Program Files (x86)\eM Client 2016-02-29 18:10 - 2015-05-30 18:32 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-02-29 18:09 - 2015-12-06 18:01 - 00001144 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-02-28 21:53 - 2015-05-30 15:43 - 00004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A816AD26-8DB1-4860-ADDE-5794E0E9DEB5} 2016-02-28 21:45 - 2015-06-15 20:09 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-02-28 20:46 - 2015-06-04 20:10 - 00000000 ____D C:\ProgramData\BlueStacksSetup 2016-02-28 20:03 - 2015-06-29 15:19 - 00000000 ____D C:\Users\***\AppData\Local\CrashDumps 2016-02-28 16:49 - 2015-11-29 15:21 - 00000000 ____D C:\ProgramData\Package Cache 2016-02-27 22:05 - 2015-11-29 15:22 - 00000000 ____D C:\Users\*** 2016-02-27 21:38 - 2015-07-08 12:28 - 00000000 ____D C:\Users\***\AppData\Roaming\vlc 2016-02-27 18:57 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-02-27 18:13 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2016-02-27 09:31 - 2015-11-29 15:22 - 02011300 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-02-27 09:31 - 2015-10-30 19:35 - 00855194 _____ C:\WINDOWS\system32\perfh007.dat 2016-02-27 09:31 - 2015-10-30 19:35 - 00188946 _____ C:\WINDOWS\system32\perfc007.dat 2016-02-27 09:31 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF 2016-02-27 09:25 - 2015-11-29 15:40 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-02-27 09:25 - 2015-08-13 17:48 - 00000000 ____D C:\ProgramData\VMware 2016-02-26 21:27 - 2015-07-11 08:57 - 00000000 ____D C:\Users\***\AppData\Roaming\Spotify 2016-02-26 15:57 - 2015-07-11 08:58 - 00000000 ____D C:\Users\***\AppData\Local\Spotify 2016-02-26 15:56 - 2015-06-08 16:47 - 00000000 ____D C:\Users\***\AppData\Roaming\Qt 2016-02-26 15:52 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-02-25 14:51 - 2015-10-04 09:12 - 00000000 ____D C:\Users\***\AppData\Local\Syncthing 2016-02-24 16:07 - 2015-08-13 09:40 - 00000000 ____D C:\Users\***\AppData\Local\ElevatedDiagnostics 2016-02-21 21:21 - 2015-05-30 18:40 - 00000000 ____D C:\ProgramData\Origin 2016-02-19 22:18 - 2015-12-06 18:04 - 00002271 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-02-19 12:17 - 2015-12-19 17:46 - 00001849 _____ C:\Users\***\Desktop\UnlockPass.lnk 2016-02-19 12:11 - 2016-01-23 12:08 - 00002245 _____ C:\Users\***\Desktop\Discord.lnk 2016-02-19 12:11 - 2016-01-23 12:08 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc 2016-02-19 12:11 - 2016-01-23 12:08 - 00000000 ____D C:\Users\***\AppData\Local\Discord 2016-02-19 12:11 - 2015-06-19 20:56 - 00000000 ____D C:\Users\***\AppData\Local\SquirrelTemp 2016-02-18 21:32 - 2015-10-30 07:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2016-02-18 21:32 - 2015-04-10 09:24 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin 2016-02-18 15:56 - 2016-01-21 14:37 - 00003670 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask 2016-02-18 15:10 - 2015-06-09 14:55 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-02-17 16:07 - 2015-10-30 08:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template 2016-02-17 16:04 - 2015-12-30 13:07 - 00000000 ____D C:\Users\***\AppData\Local\Deployment 2016-02-16 19:25 - 2015-05-30 16:40 - 00000000 ____D C:\Users\***\AppData\Roaming\.minecraft 2016-02-16 16:20 - 2015-12-16 21:01 - 00000000 ____D C:\Users\***\AppData\Roaming\TeamViewer 2016-02-16 16:20 - 2015-06-23 15:28 - 00000000 ____D C:\Users\***\AppData\Roaming\BitTorrent 2016-02-16 15:37 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\L2Schemas 2016-02-15 21:15 - 2015-06-04 16:37 - 00000000 ____D C:\Users\***\.VirtualBox 2016-02-15 17:14 - 2015-05-30 18:15 - 00000000 ____D C:\Users\***\AppData\Roaming\GitHub 2016-02-15 17:14 - 2015-05-30 18:15 - 00000000 ____D C:\Users\***\AppData\Local\GitHub 2016-02-14 20:17 - 2015-08-01 12:19 - 00007625 _____ C:\Users\***\AppData\Local\Resmon.ResmonCfg 2016-02-14 18:08 - 2015-08-13 17:51 - 00000000 ____D C:\Users\***\AppData\Local\VMware 2016-02-14 17:53 - 2015-08-13 17:51 - 00000000 ____D C:\Users\***\AppData\Roaming\VMware 2016-02-14 17:52 - 2015-06-04 16:37 - 00000000 ____D C:\Users\***\VirtualBox VMs 2016-02-14 13:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-02-12 21:37 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache 2016-02-11 13:43 - 2015-04-15 09:17 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-02-10 20:33 - 2015-10-30 19:44 - 00000000 ____D C:\Program Files\Windows Journal 2016-02-10 18:32 - 2016-01-29 14:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2016-02-10 18:27 - 2015-01-23 13:16 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-02-10 18:18 - 2015-01-23 13:16 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-02-10 18:17 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-02-09 20:17 - 2015-12-03 15:07 - 00000000 ____D C:\Users\***\.gimp-2.8 2016-02-03 20:01 - 2015-10-30 08:26 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-02-03 20:01 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-02-02 16:09 - 2015-12-06 18:01 - 00004206 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2016-02-02 16:09 - 2015-12-06 18:01 - 00003974 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2016-02-01 22:57 - 2015-08-03 19:44 - 00000000 ____D C:\Users\***\AppData\Roaming\TS3Client 2016-01-30 19:12 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\FxsTmp 2016-01-30 15:45 - 2016-01-29 14:53 - 00000000 ____D C:\Users\***\AppData\Local\Microsoft Help 2016-01-30 09:54 - 2015-11-29 15:20 - 00360472 _____ C:\WINDOWS\system32\FNTCACHE.DAT ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-11-14 12:43 - 2015-11-14 12:43 - 0000000 _____ () C:\Users\***\AppData\Local\debuggee.mdmp 2016-02-09 20:11 - 2016-02-09 20:11 - 0000836 _____ () C:\Users\***\AppData\Local\recently-used.xbel 2015-08-01 12:19 - 2016-02-14 20:17 - 0007625 _____ () C:\Users\***\AppData\Local\Resmon.ResmonCfg 2015-11-29 15:21 - 2015-11-29 15:21 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Einige Dateien in TEMP: ==================== C:\Users\***\AppData\Local\Temp\procexp64.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-02-21 19:17 ==================== Ende von FRST.txt ============================ 1/2
__________________ Mfg, Kaskadeking |
|
29.02.2016, 18:42
| #6 |
| | Probleme mit InternetbrowserCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:17-02-2016
durchgeführt von KaskadekingDE (2016-02-29 18:29:08)
Gestartet von C:\Users\***\Desktop
Windows 10 Home (X64) (2015-11-29 14:42:33)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-117306591-3796779208-521460896-500 - Administrator - Disabled)
BitBox (S-1-5-21-117306591-3796779208-521460896-1011 - Limited - Enabled)
DefaultAccount (S-1-5-21-117306591-3796779208-521460896-503 - Limited - Disabled)
Gast (S-1-5-21-117306591-3796779208-521460896-501 - Limited - Disabled)
KaskadekingDE (S-1-5-21-117306591-3796779208-521460896-1001 - Administrator - Enabled) => C:\Users\***
SophosSAUKASKADEKIN0 (S-1-5-21-117306591-3796779208-521460896-1006 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Sophos Home (Enabled - Up to date) {6BABF8F7-3EB6-BD1D-9167-8C5ECA060A29}
AS: Sophos Home (Enabled - Up to date) {D0CA1913-188C-B293-ABD7-B72CB1814094}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 15.12 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1512-000001000000}) (Version: 15.12.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Amberlight (HKLM\...\Amberlight_is1) (Version: 1.2.1 - Escape Motions, s.r.o)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{66AFB595-BC05-2913-7696-6D58F9B733E1}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 4.0.0.0 - AppEx Networks)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
APB Reloaded (HKLM-x32\...\Steam App 113400) (Version: - Reloaded Productions)
Application Insights Tools for Visual Studio 2015 (x32 Version: 3.3 - Microsoft Corporation) Hidden
Artipic (HKLM-x32\...\{C8A6CFF8-9D80-4C6C-B490-805AD9F2906B}}_is1) (Version: 2.3.3.8 - Artipic AB)
Atom (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\atom) (Version: 0.210.0 - GitHub Inc.)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Banished (HKLM-x32\...\Steam App 242920) (Version: - Shining Rock Software LLC)
BitTorrent (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\BitTorrent) (Version: 7.9.5.41373 - BitTorrent Inc.)
Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.237 - NC Interactive, LLC)
Blade & Soul (x32 Version: 1.0.63.237 - NC Interactive, LLC) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
BlueStacks App Player (HKLM-x32\...\{EFA0FC40-7D96-4515-9715-7C0C5D872326}) (Version: 2.0.2.5623 - BlueStack Systems, Inc.)
Brawlhalla (HKLM-x32\...\Steam App 291550) (Version: - Blue Mammoth Games)
Browser in the Box (HKLM-x32\...\BitBox) (Version: 4.2.3-r170 - Sirrix AG)
Build Tools Language Resources - amd64 (Version: 12.0.31010 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.31010 - Microsoft Corporation) Hidden
Bytescout BarCode Generator SDK (HKLM\...\Bytescout BarCode Generator SDK (DEMO) for .NET,~C2143553_is1) (Version: 4.31.773 - ByteScout)
Canon MP Navigator EX 2.1 (HKLM-x32\...\MP Navigator EX 2.1) (Version: - )
CanoScan LiDE 700F Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ9601) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
Clicker Heroes (HKLM-x32\...\Steam App 363970) (Version: - )
CMake 3.2.3, a cross-platform, open-source build system (HKLM-x32\...\CMake 3.2.3) (Version: 3.2.3 - Kitware)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version: - CyberGhost S.R.L.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DB Browser for SQLite (HKLM-x32\...\SqliteBrowser3) (Version: 3.7.0 - oldsch00l)
Devenv-Ressourcen für Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Discord (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Discord) (Version: 0.0.284 - Hammer & Chisel, Inc.)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dotfuscator and Analytics Community Edition 5.18.1 (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack 5.18.1 de-DE (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
Dungeon Defenders II (HKLM-x32\...\Steam App 236110) (Version: - Trendy Entertainment)
EaseUS Partition Master 10.8 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
EaseUS Todo Backup Home 8.3 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 8.3 - CHENGDU YIWO Tech Development Co., Ltd)
EasyBCD 2.2 (HKLM-x32\...\EasyBCD) (Version: 2.2 - NeoSmart Technologies)
eM Client (HKLM-x32\...\{7B35918E-43E4-45AF-8F1B-C15D86CA919D}) (Version: 6.0.24928.0 - eM Client Inc.)
Emily is Away (HKLM-x32\...\Steam App 417860) (Version: - Kyle Seeley)
Entity Framework 6.1.3 Tools for Visual Studio 2015 (HKLM-x32\...\{1A8A9739-BAD7-491F-B5B9-A79A2B965422}) (Version: 14.0.40302.0 - Microsoft Corporation)
Epic Games Launcher (HKLM-x32\...\{F536F039-8E81-4FF0-9C33-C8DBCC0482C5}) (Version: 1.1.58.0 - Epic Games, Inc.)
FFmpeg (Windows) for Audacity Version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version: - FileHippo.com)
FileZilla Client 3.11.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.11.0.2 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2015 Sprachpaket (DEU) - v1.5 (x32 Version: 1.5.30619.1602 - Microsoft Corporation) Hidden
Genymotion version 2.5.4 (HKLM\...\{6D180286-D4DF-40EF-9227-923B9C07C08A}_is1) (Version: 2.5.4 - Genymobile)
Geometry Dash (HKLM-x32\...\Steam App 322170) (Version: - RobTop Games)
GhostDoc Community (HKLM-x32\...\{134A5765-D59B-4160-8C70-B84BF9F53DF9}) (Version: 5.0.15325.0 - SubMain)
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Git version 1.9.5-preview20150319 (HKLM-x32\...\Git_is1) (Version: 1.9.5-preview20150319 - The Git Development Community)
GitHub (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\5f7eb300e2ea4ebf) (Version: 3.0.12.0 - GitHub, Inc.)
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version: - Coffee Stain Studios)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Greenshot 1.2.8.12 (HKLM\...\Greenshot_is1) (Version: 1.2.8.12 - Greenshot)
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
HashCheck Shell Extension (x86-32) (HKLM-x32\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu)
HashCheck Shell Extension (x86-64) (HKLM\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu)
Hercules WiFi Station N (HKLM-x32\...\{120E5B08-DC3C-4DCD-AAB0-0BB5EB225929}) (Version: 7.1.0.0 - Hercules)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
IIS 10.0 Express (HKLM\...\{5984D8DA-C1AF-4284-9C88-D7150425B315}) (Version: 10.0.1734 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - )
ILMerge (HKLM-x32\...\{B7B9AF9F-408C-4168-985B-9861055B58C5}) (Version: 2.12.0803 - Microsoft)
ILMergeGui (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\62cf57378a6f68a5) (Version: 2.0.9.0 - ILMergeGui)
Inno Setup Version 5.5.6 (HKLM-x32\...\Inno Setup 5_is1) (Version: 5.5.6 - jrsoftware.org)
IntelliJ IDEA 14.1.3 (HKLM-x32\...\IntelliJ IDEA 14.1.3) (Version: 141.1010.3 - JetBrains s.r.o.)
Java 8 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Java SE Development Kit 7 Update 55 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170550}) (Version: 1.7.0.550 - Oracle)
Java SE Development Kit 7 Update 79 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle)
Java SE Development Kit 8 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180450}) (Version: 8.0.450.15 - Oracle Corporation)
JetBrains dotMemory 4.4 (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\{b8a6d796-db4f-58ea-aae4-a79c5c50ae08}) (Version: 2015.2 - JetBrains s.r.o.)
JetBrains dotTrace 6.2 (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\{88c98260-375d-5bfa-b13a-ed37aa84b268}) (Version: 2015.2 - JetBrains s.r.o.)
JetBrains ETW Host Service (x32 Version: 103.0.4.0 - JetBrains s.r.o) Hidden
JetBrains ReSharper Ultimate in Visual Studio 2015 (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\{02ee0a0e-7567-5503-9c73-1d5e05353513}) (Version: 2015.2 - JetBrains s.r.o.)
Jumpbox (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Jumpbox) (Version: - )
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lethal League (HKLM-x32\...\Steam App 261180) (Version: - Team Reptile)
LibreOffice 4.4.5.2 (HKLM-x32\...\{406EECCC-AF98-4F2C-A99F-FED788F7580C}) (Version: 4.4.5.2 - The Document Foundation)
LocalESPCui for de-de (x32 Version: 8.59.29989 - Microsoft) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{3D3CEBE6-40EA-4C48-97FD-73828281AB4A}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (14.0.50616.0) (HKLM-x32\...\{FA604873-01A0-4834-AF87-418534E465BB}) (Version: 14.0.50616.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.50616.0) (HKLM-x32\...\{58246C80-3941-4B69-AE31-264644E2ADB8}) (Version: 14.0.50616.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{CA191120-4CB1-4E3D-89B8-79FDB9017A2E}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{68BA34E8-9B9D-4A74-83F0-7D366B532D75}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{718FFB65-F6E4-4D62-861F-ED10ED32C936}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 RC Redistributable (x64) - 14.0.22816 (HKLM-x32\...\{e2495eb6-cca8-47aa-91ea-3410ca44d7b7}) (Version: 14.0.22816.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 RC Redistributable (x86) - 14.0.22816 (HKLM-x32\...\{714692fa-709b-4925-8170-821d51135f42}) (Version: 14.0.22816.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 (HKLM-x32\...\{50b32652-69d2-4b93-9316-edcd12067b8b}) (Version: 14.0.23107.10 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minimal ADB and Fastboot version 1.1.3 (HKLM-x32\...\{DE46417A-9E9E-4BCD-BBDD-DA21943193BB}_is1) (Version: 1.1.3 - )
MonoGame SDK (HKLM-x32\...\MonoGame) (Version: 3.4.0.456 - The MonoGame Team)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Studio Platinum 13.0 (64-bit) (HKLM\...\{2B593480-2BF0-11E5-9124-F04DA23A5C58}) (Version: 13.0.955 - Sony)
Mozilla Firefox 44.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 de)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2 - Mozilla)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version: - NCSOFT)
NetBalancer (HKLM\...\NetBalancer_is1) (Version: - SeriousBit)
Node.js (HKLM\...\{8C13D15E-D6C0-4ACB-A03C-1AE18931F3CE}) (Version: 4.2.2 - Node.js Foundation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.3 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Oracle VM VirtualBox 5.0.14_Sirrix (HKLM\...\{98048387-2E41-426D-A8BA-DA9948BF8408}) (Version: 5.0.14 - Sirrix AG)
Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.92.21.0 - Overwolf Ltd.)
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM-x32\...\{3F514FDC-F0F2-3B99-86D6-F7B3A2679B39}) (Version: 4.5.51209 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6 (Deutsch) (HKLM-x32\...\{7227EFF8-BC26-44D4-B91D-969A82DBDF4A}) (Version: 4.6.00081 - Microsoft Corporation)
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Pro Evolution Soccer 2016 myClub (HKLM-x32\...\Steam App 407250) (Version: - Konami Digital Entertainment)
Project 64 version 2.2.0.3 (HKLM-x32\...\{BEB5FB69-4080-466F-96C4-F15DF271718B}_is1) (Version: 2.2.0.3 - )
Projekt- und Elementvorlagen für Visual Studio Community 2015 – DEU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Python 2.7.10 (HKLM-x32\...\{E2B51919-207A-43EB-AE78-733F9C6797C2}) (Version: 2.7.10150 - Python Software Foundation)
Qt (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\{ac87b106-fe35-4fb0-a62c-ec8af1029b78}) (Version: 2.0.1 - The Qt Company Ltd)
Race The Sun (HKLM-x32\...\Steam App 253030) (Version: - Flippfly LLC)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RGSS-RTP Standard (HKLM-x32\...\RGSS-RTP Standard_is1) (Version: 1.04 - Enterbrain)
Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
RPGXP (HKLM-x32\...\{9B34CAC6-738F-4A20-B428-A115C3E3474C}) (Version: 1.0.0 - Enterbrain)
Sanctum (HKLM-x32\...\Steam App 91600) (Version: - Coffee Stain Studios)
Sauerbraten (HKLM-x32\...\Sauerbraten) (Version: - )
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
SMITE (HKLM-x32\...\Steam App 386360) (Version: - Hi-Rez Studios)
Sophos Anti-Virus (HKLM-x32\...\{D929B3B5-56C6-46CC-B3A3-A1A784CBB8E4}) (Version: 10.5.3 - Sophos Limited)
Sophos AutoUpdate (HKLM-x32\...\{BCF53039-A7FC-4C79-A3E3-437AE28FD918}) (Version: 5.1.2.0 - Sophos Limited)
Sophos Management Communications System (HKLM-x32\...\{1FFD3F20-5D24-4C9A-B9F6-A207A53CF179}) (Version: 2.0.1 - Sophos Limited)
Spooky's House of Jump Scares (HKLM-x32\...\Steam App 356670) (Version: - Lag Studios)
Spotify (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Spotify) (Version: 1.0.23.90.g42187855 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteamVR Performance Test (HKLM-x32\...\Steam App 323910) (Version: - Valve)
Survarium (HKLM-x32\...\Steam App 355840) (Version: - Vostok Games)
Survarium-Steam (HKLM-x32\...\{A3D9343D-77CD-4bf4-A47A-F87B3BE985B4}_is1) (Version: 0.34a - )
Sven Co-op (HKLM-x32\...\Steam App 225840) (Version: - Sven Co-op Team)
Synergy (64-bit) (HKLM\...\{68C1AA13-4370-4761-B53F-1862C2CE26CB}) (Version: 1.7.5 - The Synergy Project)
Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.23102 - Microsoft Corporation) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Trove (HKLM-x32\...\Steam App 304050) (Version: - Trion Worlds)
TypeScript Power Tool (x32 Version: 1.5.3.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.5.3.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 1.5.3.0 (HKLM-x32\...\{7f54b430-3428-4775-aeae-531e46185ec6}) (Version: 1.5.23115.0 - Microsoft Corporation)
UE4 Prerequisites (x64) (Version: 1.0.10.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (x32 Version: 1.0.12.0 - Epic Games, Inc.) Hidden
Unity (HKLM-x32\...\Unity) (Version: 5.1.2f1 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\UnityWebPlayer) (Version: 5.1.2f1 - Unity Technologies ApS)
Universal CRT Extension SDK (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Redistributable (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{5D2260D6-DB16-41DC-915B-A39BF4F66362}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3114732) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{AD89B6F9-C98A-4506-ABDE-782B0959CC84}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3114732) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{AD89B6F9-C98A-4506-ABDE-782B0959CC84}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3114732) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{AD89B6F9-C98A-4506-ABDE-782B0959CC84}) (Version: - Microsoft)
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.16 - IDRIX)
Video to GIF 5.2 (HKLM-x32\...\Video to GIF) (Version: 5.2 - AoaoPhoto Digital Studio.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.9.0 - Elaborate Bytes)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 7.1.2 - VMware, Inc)
VMware Player (Version: 7.1.2 - VMware, Inc.) Hidden
WCF Data Services 5.6.2 Runtime (x32 Version: 5.6.61937.2 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPatrol (HKLM-x32\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 33.5.2015.12 - Ruiware)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wizard Chess (HKLM-x32\...\{7EDF4B2F-12CD-446A-B520-04C724FD01F0}) (Version: 1.00.0000 - IncaGold)
Wizard101(DE) (HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\Wizard101(DE)_is1) (Version: - Gameforge 4D GmbH)
Xamarin (HKLM-x32\...\{70E3C7E9-E984-4135-942B-52963D0B7039}) (Version: 3.11.590.0 - Xamarin)
Xamarin Studio 5.9.3 (HKLM-x32\...\{16D3BA45-EA63-46F0-968C-D9627C2A8325}) (Version: 5.9.3.1 - Xamarin)
Xamarin Universal Installer (HKLM-x32\...\{e2170c24-4ed1-4aca-8a8f-defa79cb4dae}) (Version: 3.5.0.0 - Xamarin, Inc)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {05ADF184-AC01-4BC3-B2E5-98BC702002B5} - System32\Tasks\Overwolf Updater Task => D:\Programme\Overwolf\OverwolfUpdater.exe [2016-02-11] (Overwolf LTD)
Task: {1829ECFA-894B-4244-8029-CC89588CBE94} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe
Task: {22034237-860F-4919-A56E-6B7E1801E579} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {2430B91C-8D5C-49EC-BA8E-10AFC8ABA5DF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe
Task: {2F43E5B9-4E07-4A9E-AF27-440ECA8184E3} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {34F2651E-101F-4CDC-9734-9854C940288C} - System32\Tasks\WiFiN => D:\Programme\Hercules WiFi\WiFi Station N\WiFiN.exe [2012-09-26] ()
Task: {49E95BCB-F7AC-4A23-9E75-DF3955DB6A38} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-06] (Google Inc.)
Task: {4B93025F-70D9-4D34-8FEF-91E08A1F1AAA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {66DEC9EC-C7E5-4C08-886C-39628DAE2F69} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-06] (Google Inc.)
Task: {88DBA2F1-5099-434F-B42A-E1EF0C79CCBC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {8C86B49E-B6CB-4EB0-AA6C-2C6B062C496D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {99952BA4-4F55-4B26-840C-1A515DAC9524} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {A5844AE5-7238-4D95-8F90-11A89510DFA0} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {A61971F0-2372-4F59-8FE4-01A661B3D632} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {A6412D8C-E11E-49DE-AA02-F12085622173} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {B85BD12C-1C2B-4D11-B6AE-AB6713412D16} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {D158BD57-5782-404E-935E-08BE45754DC0} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {D200A9DC-F5EC-4DFF-9298-BCEDFD97EFA4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {DCC06BCC-1BF0-49DF-B1ED-861D343F94AC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10] (Adobe Systems Incorporated)
Task: {E0E9B1E2-FFF4-40C8-B009-F979C830C131} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {E9ECD999-20E2-4CB3-A9DB-75D03B2CD2E4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {EA8DC422-7597-4E80-9867-A63A73F99147} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {EDA33C9F-9A3A-4379-BB7F-8E1D91280A27} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-10] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\***\Desktop\Sauerbraten.lnk -> D:\Programme\Sauerbraten\sauerbraten.bat ()
Shortcut: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sauerbraten\Sauerbraten.lnk -> D:\Programme\Sauerbraten\sauerbraten.bat ()
ShortcutWithArgument: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qt\5.4\MSVC 2013 OpenGL (64-bit)\Qt 5.4 64-bit for Desktop (MSVC 2013 OpenGL).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /A /Q /K D:\Qt\5.4\msvc2013_64_opengl\bin\qtenv2.bat
ShortcutWithArgument: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qt\5.4\MinGW 4.9 (32-bit)\Qt 5.4 for Desktop (MinGW 4.9 32 bit).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /A /Q /K D:\Qt\5.4\mingw491_32\bin\qtenv2.bat
ShortcutWithArgument: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Node.js\Node.js command prompt.lnk -> C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) -> /k "D:\Program Files (x86)\NodeJS\nodevars.bat"
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-30 08:17 - 2015-10-30 08:17 - 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-11-04 16:43 - 2015-11-04 16:43 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 00817152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2015-11-04 16:43 - 2015-11-04 16:43 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-12-29 12:04 - 2015-12-29 12:19 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2015-11-19 20:19 - 2015-11-19 20:19 - 00311488 _____ () D:\Programme\Synergy\synergyd.exe
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-03 13:41 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-24 08:45 - 2012-09-26 13:29 - 01250712 _____ () D:\Programme\Hercules WiFi\WiFi Station N\WiFiN.exe
2015-12-03 13:41 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-06-02 16:18 - 2015-06-02 16:18 - 00043480 _____ () D:\Programme\FileZilla FTP Client\fzshellext_64.dll
2015-12-18 18:35 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-18 18:35 - 2015-12-07 05:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-13 17:12 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-13 17:12 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-28 15:25 - 2016-01-16 06:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-28 15:25 - 2016-01-16 06:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-11-04 16:43 - 2015-11-04 16:43 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2016-01-29 11:26 - 2016-01-29 11:26 - 01060576 _____ () D:\Programme\VirtualBox\VBoxNetNAT.exe
2016-01-22 14:31 - 2016-01-22 14:32 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-02-28 13:20 - 2016-02-28 13:25 - 00001024 _____ () D:\Programme\Epic Games\Launcher\Engine\Binaries\ThirdParty\ICU\icu4c-53_1\Win64\VS2013\icudt53.dll
2016-02-28 13:20 - 2016-02-28 13:25 - 59334656 _____ () D:\Programme\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
2016-02-28 13:20 - 2016-02-28 13:25 - 02096640 _____ () D:\Programme\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
2016-02-28 13:20 - 2016-02-28 13:25 - 00087040 _____ () D:\Programme\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
2016-02-28 13:20 - 2016-02-28 13:25 - 09384896 _____ () D:\Programme\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
2013-01-11 20:05 - 2013-01-11 20:05 - 00228264 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbPc.DLL
2015-05-30 17:50 - 2014-12-14 23:53 - 00098856 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\CodeLog.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00017448 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\CompressFile.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00088616 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TBGetRemoteNetInfo.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 01296424 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\libxml2.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00060968 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\zlib1.dll
2015-05-30 17:50 - 2015-03-14 10:53 - 00107560 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\ActivationOnline.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00077864 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\logsys.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00030248 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\DiskSearchImg.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00068136 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\MountImg.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00158248 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\ImgFile.dll
2015-05-30 17:50 - 2015-03-14 10:54 - 00281128 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\DsImgFile.dll
2015-05-30 17:50 - 2015-03-14 10:54 - 00072232 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\CheckImg.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00139816 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\vhdvmdk.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00037416 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\BootDriver.dll
2015-05-30 17:50 - 2015-03-14 10:54 - 00759848 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\ExImage.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00193064 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\EmailBackupSize.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00407080 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\AndroidImage.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00148008 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\EnumDisk.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00076840 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\FatLib.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00207912 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\NTFSLib.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00024616 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\GetDriverInfo.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00020520 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\CorrectMbr.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00032296 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\EnumTapeDevice.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00034856 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TbTapeBrowse.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00064040 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\RegLib.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00022568 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\AccountManager.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00115752 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\NasOperator.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00194088 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\EmailBrowser.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00077864 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\CloudOperator.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00037928 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\ActiveOnline.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00135720 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\VMConfig.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00020008 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\AndroidDeviceManager.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00043048 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TbDataSwap.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00353832 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\DeviceManager.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00027176 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\DeviceAdapter.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00137256 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\Device.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00096808 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TBFireWall.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00146984 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\Partition.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00050216 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\FileSystemAnalyser.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00061992 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\FATFileSystemAnalyser.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00089640 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\Common.dll
2015-05-30 17:50 - 2014-12-14 23:53 - 00056360 _____ () D:\Programme\EaseUS Todo Backup\Todo Backup\bin\NTFSFileSystemAnalyser.dll
2010-12-23 11:06 - 2010-12-23 11:06 - 00028672 _____ () D:\Programme\BitBox\bin\cx_Logging.pyd
2012-10-27 15:21 - 2012-10-27 15:21 - 00098816 _____ () D:\Programme\BitBox\bin\win32api.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00110080 _____ () D:\Programme\BitBox\bin\pywintypes27.dll
2012-10-27 15:20 - 2012-10-27 15:20 - 00018432 _____ () D:\Programme\BitBox\bin\win32event.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00119808 _____ () D:\Programme\BitBox\bin\win32file.pyd
2012-10-27 15:21 - 2012-10-27 15:21 - 00167936 _____ () D:\Programme\BitBox\bin\win32gui.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00024064 _____ () D:\Programme\BitBox\bin\win32pipe.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00035840 _____ () D:\Programme\BitBox\bin\win32process.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00017408 _____ () D:\Programme\BitBox\bin\win32profile.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00108544 _____ () D:\Programme\BitBox\bin\win32security.pyd
2012-10-27 15:21 - 2012-10-27 15:21 - 00022528 _____ () D:\Programme\BitBox\bin\win32ts.pyd
2012-10-27 15:22 - 2012-10-27 15:22 - 00364544 _____ () D:\Programme\BitBox\bin\pythoncom27.dll
2012-10-27 15:23 - 2012-10-27 15:23 - 00320512 _____ () D:\Programme\BitBox\bin\win32com.shell.shell.pyd
2014-06-30 16:04 - 2014-06-30 16:04 - 00087552 _____ () D:\Programme\BitBox\bin\_ctypes.pyd
2014-06-30 16:04 - 2014-06-30 16:04 - 00715264 _____ () D:\Programme\BitBox\bin\_hashlib.pyd
2014-06-30 16:03 - 2014-06-30 16:03 - 00046080 _____ () D:\Programme\BitBox\bin\_socket.pyd
2014-06-30 16:04 - 2014-06-30 16:04 - 01160704 _____ () D:\Programme\BitBox\bin\_ssl.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00025600 _____ () D:\Programme\BitBox\bin\win32cred.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00011264 _____ () D:\Programme\BitBox\bin\win32crypt.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00064512 _____ () D:\Programme\BitBox\bin\win32net.pyd
2016-01-03 10:46 - 2016-01-03 10:46 - 00306472 _____ () C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\log4cplus.dll
2015-05-31 06:59 - 2015-05-31 06:59 - 01301696 _____ () D:\Programme\VMware\libxml2.dll
2014-02-15 15:29 - 2014-02-15 15:29 - 01853440 _____ () D:\Programme\BitBox\bin\PySide.QtCore.pyd
2014-02-15 15:25 - 2014-02-15 15:25 - 00110592 _____ () D:\Programme\BitBox\bin\pyside-python2.7.dll
2014-02-15 15:24 - 2014-02-15 15:24 - 00108544 _____ () D:\Programme\BitBox\bin\shiboken-python2.7.dll
2014-02-15 15:47 - 2014-02-15 15:47 - 06947328 _____ () D:\Programme\BitBox\bin\PySide.QtGui.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00042496 _____ () D:\Programme\BitBox\bin\win32service.pyd
2014-04-30 08:25 - 2014-04-30 08:25 - 00036352 _____ () D:\Programme\BitBox\bin\_psutil_windows.pyd
2014-06-30 16:04 - 2014-06-30 16:04 - 00128512 _____ () D:\Programme\BitBox\bin\_elementtree.pyd
2014-06-30 16:04 - 2014-06-30 16:04 - 00127488 _____ () D:\Programme\BitBox\bin\pyexpat.pyd
2016-01-22 14:31 - 2016-01-22 14:32 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-22 14:31 - 2016-01-22 14:34 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-02-12 21:29 - 2016-02-12 21:29 - 00552960 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\LinqBridge\cc0ac0ce661546619504ae4bda015336\LinqBridge.ni.dll
2016-02-12 21:30 - 2016-02-12 21:30 - 01570816 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsAPICodePack\d52ba91105e028f9307ac1a0e5f63a12\WindowsAPICodePack.ni.dll
2015-03-27 12:19 - 2015-03-27 12:19 - 00642016 _____ () C:\Program Files (x86)\eM Client\SQLite\x86\sqlite3.dll
2015-12-20 16:34 - 2015-12-20 16:34 - 00083456 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SystemCoreTimeZone\5a5f3ab9496147415a2aee4ef0820a63\SystemCoreTimeZone.ni.dll
2016-02-12 21:29 - 2016-02-12 21:29 - 00639488 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\HtmlInterop\a1f68054ecaf1db78eecd45d3aa49931\HtmlInterop.ni.dll
2011-01-12 02:00 - 2011-01-12 02:00 - 00195584 _____ () D:\Programme\Open Codecs\dsfOggDemux2.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAVService => ""="service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\localhost -> hxxps://localhost
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2016-02-14 12:55 - 00001252 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-117306591-3796779208-521460896-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\***\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run: => "Greenshot"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "Greenshot"
HKLM\...\StartupApproved\Run32: => "EaseUS EPM tray"
HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\StartupApproved\Run: => "FileHippo.com"
HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\StartupApproved\Run: => "SandboxieControl"
HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\StartupApproved\Run: => "BitTorrent"
HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\StartupApproved\Run: => "My Daily Wallpaper"
HKU\S-1-5-21-117306591-3796779208-521460896-1001\...\StartupApproved\Run: => "CyberGhost"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{C4141F71-C3A1-4F34-86B7-867903A2A6F6}D:\programme\synergy\synergy.exe] => (Allow) D:\programme\synergy\synergy.exe
FirewallRules: [TCP Query User{D4C9B2A0-0084-4D10-8CC8-E0B659972792}D:\programme\synergy\synergy.exe] => (Allow) D:\programme\synergy\synergy.exe
FirewallRules: [{97671048-577F-461E-A897-097BCBF1ED24}] => (Allow) D:\Programme\Synergy\synergys.exe
FirewallRules: [UDP Query User{7500319B-2CF9-443F-A252-3C22F8D4EAD8}D:\bibliotheken\dokumente\visual studio 2015\projects\chainreact\chainreact.server\bin\debug\chainreact.server.vshost.exe] => (Allow) D:\bibliotheken\dokumente\visual studio 2015\projects\chainreact\chainreact.server\bin\debug\chainreact.server.vshost.exe
FirewallRules: [TCP Query User{10EBB3FC-16FC-4B2E-83A4-DF8638542A17}D:\bibliotheken\dokumente\visual studio 2015\projects\chainreact\chainreact.server\bin\debug\chainreact.server.vshost.exe] => (Allow) D:\bibliotheken\dokumente\visual studio 2015\projects\chainreact\chainreact.server\bin\debug\chainreact.server.vshost.exe
FirewallRules: [UDP Query User{4677EC9E-394D-4067-A0E7-A32D5F8AD13E}D:\programme\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) D:\programme\steam\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{67BC321B-59B8-4CC4-85BB-4874BE3DDA93}D:\programme\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) D:\programme\steam\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [{DCDC105C-32FF-44A9-90D7-BDB99B939A3D}] => (Allow) D:\Programme\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [{559799D2-E92E-4716-9302-F1D3B80B2769}] => (Allow) D:\Programme\Steam\steamapps\common\SMITE\Binaries\Win32\HirezBridge.exe
FirewallRules: [UDP Query User{158CD29C-F5F5-463D-8772-FA257DE8B006}D:\programme\java\jre1.8.0_65\bin\java.exe] => (Allow) D:\programme\java\jre1.8.0_65\bin\java.exe
FirewallRules: [TCP Query User{9EB2DED0-DDC0-494A-8B6F-AC0095436B01}D:\programme\java\jre1.8.0_65\bin\java.exe] => (Allow) D:\programme\java\jre1.8.0_65\bin\java.exe
FirewallRules: [{AABF8BA5-81B8-42EB-A4A7-52D52340D38A}] => (Allow) LPort=1900
FirewallRules: [{E7E5E118-C166-435F-B44F-CB6B15A3E984}] => (Allow) LPort=2869
FirewallRules: [{8BF604C4-3DCE-4661-AC7F-248C98D8BBCD}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [UDP Query User{11714CE4-FDE5-4CD2-948C-F87BA0161397}D:\stuff\server\gmod\srcds.exe] => (Allow) D:\stuff\server\gmod\srcds.exe
FirewallRules: [TCP Query User{F4BB2557-42F1-4EDE-947D-21984F99849B}D:\stuff\server\gmod\srcds.exe] => (Allow) D:\stuff\server\gmod\srcds.exe
FirewallRules: [UDP Query User{2E69E92A-BC0F-43CD-BD62-8152B3DFCFBF}D:\bibliotheken\dokumente\visual studio 2015\projects\voicenetwork\voicenetworkserver\bin\debug\voicenetworkserver.vshost.exe] => (Allow) D:\bibliotheken\dokumente\visual studio 2015\projects\voicenetwork\voicenetworkserver\bin\debug\voicenetworkserver.vshost.exe
FirewallRules: [TCP Query User{8CB00356-EEAC-45C9-9B02-4DC3DCD019D3}D:\bibliotheken\dokumente\visual studio 2015\projects\voicenetwork\voicenetworkserver\bin\debug\voicenetworkserver.vshost.exe] => (Allow) D:\bibliotheken\dokumente\visual studio 2015\projects\voicenetwork\voicenetworkserver\bin\debug\voicenetworkserver.vshost.exe
FirewallRules: [{59F1648B-4EC2-4464-8D70-07398D3277F3}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{9655E630-FD2B-477F-935A-B099ACA6CC89}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{9237BF5E-D2AA-4170-8A52-5D21F5026AEF}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{E0F72C8A-995A-4CA0-9E0E-947FF69825D2}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [UDP Query User{CEE2CF2D-6726-4724-8F18-CD0386915983}D:\stuff\syncthing\syncthing.exe] => (Allow) D:\stuff\syncthing\syncthing.exe
FirewallRules: [TCP Query User{BBC091B2-196B-4298-9123-B57880675558}D:\stuff\syncthing\syncthing.exe] => (Allow) D:\stuff\syncthing\syncthing.exe
FirewallRules: [{ACD2EEA9-6303-4805-80D6-F893DBC3DEC2}] => (Allow) D:\Programme\Steam\steamapps\common\Dungeon Defenders 2\DunDefLauncher.exe
FirewallRules: [{37679D3B-22C7-441E-8C74-05F03229F600}] => (Allow) D:\Programme\Steam\steamapps\common\Dungeon Defenders 2\DunDefLauncher.exe
FirewallRules: [UDP Query User{C5711CDC-D02A-403F-BABD-7CB222E7C5BA}D:\bibliotheken\dokumente\rtmpdumphelper\rtmpsuck.exe] => (Allow) D:\bibliotheken\dokumente\rtmpdumphelper\rtmpsuck.exe
FirewallRules: [TCP Query User{AACB4166-486E-44C9-9144-41B89B2D4C36}D:\bibliotheken\dokumente\rtmpdumphelper\rtmpsuck.exe] => (Allow) D:\bibliotheken\dokumente\rtmpdumphelper\rtmpsuck.exe
FirewallRules: [{5B8558F7-78CE-4B9E-8807-BE3A7ECBEAA7}] => (Allow) D:\Programme\Steam\steamapps\common\Spooky's House of Jump Scares\SPOOKY.exe
FirewallRules: [{953C693C-1395-4A24-AFF9-9603E4620A69}] => (Allow) D:\Programme\Steam\steamapps\common\Spooky's House of Jump Scares\SPOOKY.exe
FirewallRules: [{677FB6E7-2E4B-4CA3-9F66-D2E934499F76}] => (Allow) D:\Programme\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BA9D9184-C5FC-4B0D-8165-A157356EAAD3}] => (Allow) D:\Programme\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A4793B95-D94A-4819-B65E-B407FEFEBECF}] => (Allow) D:\Programme\Hercules WiFi\WiFi Station N\Rtldhcp.exe
FirewallRules: [{EB91B1B8-5EB7-4576-AE9F-3C2252B408FD}] => (Allow) LPort=53
FirewallRules: [{981A61B3-2087-4456-A671-6438657D7081}] => (Allow) LPort=53
FirewallRules: [{989E8CD2-9B61-4D74-A7E0-E66768360659}] => (Allow) LPort=68
FirewallRules: [{4D7C9518-04AA-4A65-AD66-0E3D057B5281}] => (Allow) LPort=67
FirewallRules: [{040AFE65-EAF9-4474-BB60-16AF65F9A06F}] => (Allow) D:\Programme\VMware\vmware-authd.exe
FirewallRules: [{C080D89D-57E1-4F8A-A797-8FCC5605E435}] => (Allow) D:\Programme\VMware\vmware-authd.exe
FirewallRules: [{5858909B-BE33-4C37-A45C-4F19F95B567E}] => (Allow) D:\Programme\Steam\steamapps\common\RaceTheSun\RaceTheSun.exe
FirewallRules: [{3C868682-F800-4A45-AC47-15FD8E3866A8}] => (Allow) D:\Programme\Steam\steamapps\common\RaceTheSun\RaceTheSun.exe
FirewallRules: [{1C47162F-906F-4FBD-970B-1734AC394BF0}] => (Allow) LPort=1542
FirewallRules: [{F2A42F04-92E8-47E2-A4D0-291E2767404F}] => (Allow) LPort=1542
FirewallRules: [{99249CA2-B0C6-41EE-AB41-390C886B67A6}] => (Allow) LPort=53
FirewallRules: [{CD15A26A-5EFF-4B5C-A71F-B1071E72E3C4}] => (Allow) D:\Programme\Firefox\firefox.exe
FirewallRules: [{CD1E7EC9-93A5-4E68-915C-C4E4DEAF5625}] => (Allow) D:\Programme\Steam\Steam.exe
FirewallRules: [{5162FA48-429A-4C58-80DB-9BC35598D786}] => (Allow) D:\Programme\Steam\Steam.exe
FirewallRules: [{A58AABD6-C737-42E1-AA29-DBCC37F5A84C}] => (Allow) D:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{B0541F35-A58F-4D75-B07B-15B02B93A79E}] => (Allow) D:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{A55F7C7A-5BC5-49F9-8F90-6711086DC828}] => (Allow) D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TbService.exe
FirewallRules: [{6AC2EB43-E360-43E7-A9F0-BA7C4CE90581}] => (Allow) D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TbService.exe
FirewallRules: [{C6F9C01C-FB0F-4905-AD46-AB11873D8667}] => (Allow) D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{CD6063B3-1106-46FF-93F9-EEE7DD4B2B31}] => (Allow) D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{5FFDABAB-DF82-445C-A825-BBED69916778}] => (Allow) D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{BCB3820C-E844-4975-9564-D555F51DA011}] => (Allow) D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{C637198C-981F-4339-ABA4-4C8901ED58DB}] => (Allow) D:\Programme\EaseUS Todo Backup\Todo Backup\bin\Agent.exe
FirewallRules: [{FEBE2770-4BD6-4EDD-AD5C-3AE4B3D31F5D}] => (Allow) D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{04957A38-9767-4FB8-9219-8C86E7E9007C}] => (Allow) D:\Programme\EaseUS Todo Backup\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [TCP Query User{421B369D-BD39-4563-825B-93C9D00FE367}D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{5DA2CF70-D8FE-4D82-AA04-07688139C690}D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\spiele\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{B6A6220A-0A79-4CA7-BEEE-37EE1EF02009}] => (Allow) D:\Programme\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{33BDF5C9-DDB5-4B21-978B-8D642FC2944A}] => (Allow) D:\Programme\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{FAC6F82F-2188-4B26-9654-9EAD2532D09F}] => (Allow) D:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{4AB61BCB-D819-46C1-981C-B8D5373E3EB1}] => (Allow) D:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [TCP Query User{E5128E6C-6F31-4053-9BCF-5A012621CAF2}D:\programme\intellij idea 14.1.3\bin\idea.exe] => (Allow) D:\programme\intellij idea 14.1.3\bin\idea.exe
FirewallRules: [UDP Query User{BC4421CB-80E6-4DC5-9D0F-360CAC2333FE}D:\programme\intellij idea 14.1.3\bin\idea.exe] => (Allow) D:\programme\intellij idea 14.1.3\bin\idea.exe
FirewallRules: [{532A6236-1134-4C06-B25A-8CED3D9889C0}] => (Allow) C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe
FirewallRules: [{3B9CFBB6-F641-45BA-BE23-3E7BECD1B7C9}] => (Allow) C:\Users\***\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{F7F86BE2-B56F-4CF0-9AAF-716EC68DF793}] => (Allow) C:\Users\***\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [TCP Query User{1C6D81E2-7A13-4FE8-923E-1CE3626701C3}D:\bibliotheken\dokumente\visual studio 2015\projects\filetransport\filetransportreceiver\bin\debug\filetransportreceiver.vshost.exe] => (Allow) D:\bibliotheken\dokumente\visual studio 2015\projects\filetransport\filetransportreceiver\bin\debug\filetransportreceiver.vshost.exe
FirewallRules: [UDP Query User{64212B61-FE51-4CF1-A999-1F4176368480}D:\bibliotheken\dokumente\visual studio 2015\projects\filetransport\filetransportreceiver\bin\debug\filetransportreceiver.vshost.exe] => (Allow) D:\bibliotheken\dokumente\visual studio 2015\projects\filetransport\filetransportreceiver\bin\debug\filetransportreceiver.vshost.exe
FirewallRules: [{DB7CD632-356D-45B6-B34F-6C16E3DE3A88}] => (Allow) D:\Programme\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{D58DFCE1-A394-41AD-97C4-0FC00DA9124B}] => (Allow) D:\Programme\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{F00F1495-705D-42C0-B52D-986B3E6E84AF}] => (Allow) D:\Programme\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{1ACDBE71-E4E9-483A-B605-A00205F63CC8}] => (Allow) D:\Programme\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{B0DC9B2E-25A0-4813-A50E-282DDB817750}] => (Allow) D:\Programme\Steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{AD1E481A-CA10-4FEA-B762-5E6FB769AA21}] => (Allow) D:\Programme\Steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{20A49020-4357-4C59-A241-35738852D653}] => (Allow) D:\Programme\Steam\steamapps\common\Geometry Dash\GeometryDash.exe
FirewallRules: [{813811C7-250D-480D-99FA-1B7F6A01707B}] => (Allow) D:\Programme\Steam\steamapps\common\Geometry Dash\GeometryDash.exe
FirewallRules: [{2C3606E9-2891-49D1-871C-CDCA43E26F17}] => (Allow) D:\Programme\Steam\steamapps\common\Sanctum\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{97777FA6-9C44-4FB5-8F30-DDC4E4D5CA61}] => (Allow) D:\Programme\Steam\steamapps\common\Sanctum\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{810B4087-29A3-42E9-9B15-79A87304AA0E}] => (Allow) D:\Programme\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{8D01D1A4-424C-494A-9881-BA717E59CEC5}] => (Allow) D:\Programme\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{A567D6BD-71E0-44A7-BE58-D82E89664419}] => (Allow) D:\Programme\Steam\steamapps\common\Banished\Application-steam-x64.exe
FirewallRules: [{45B3B229-80A7-4E6D-8CF5-36AC2C5EC183}] => (Allow) D:\Programme\Steam\steamapps\common\Banished\Application-steam-x64.exe
FirewallRules: [TCP Query User{B52D78CD-51F1-42E9-BD21-6516619D9795}C:\users\***\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\***\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{973DDF6E-7AB4-4113-B018-67DC52CC7A10}C:\users\***\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\***\appdata\roaming\spotify\spotify.exe
FirewallRules: [{29F6FED4-3832-4FA6-A09C-D7B27F9F61C6}] => (Allow) D:\Programme\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{38CD8322-5103-4C8F-A831-57A318120A73}] => (Allow) D:\Programme\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{A078D75B-61B9-4892-AF73-DAA873C3DD2A}] => (Allow) D:\Programme\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{AD47C713-7A78-42D5-BC79-76938F868B17}] => (Allow) D:\Programme\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [TCP Query User{DA102E3F-3218-4850-9BD2-8604C69F755E}D:\program files (x86)\nodejs\node.exe] => (Allow) D:\program files (x86)\nodejs\node.exe
FirewallRules: [UDP Query User{3B8B2AC7-79C4-487B-B356-39DD81A1097E}D:\program files (x86)\nodejs\node.exe] => (Allow) D:\program files (x86)\nodejs\node.exe
FirewallRules: [{4BE6CA9A-C9F2-4B5F-8C1F-11E6EA41EBFC}] => (Allow) D:\Programme\Visual Studio\Common7\IDE\devenv.exe
FirewallRules: [{7410F56F-71AA-48C9-A4E5-BC1EE228E05C}] => (Allow) D:\Programme\Visual Studio\Common7\IDE\devenv.exe
FirewallRules: [TCP Query User{18C2F638-5FAA-4C6B-ABD2-18B682296B3E}D:\programme\unity\editor\unity.exe] => (Allow) D:\programme\unity\editor\unity.exe
FirewallRules: [UDP Query User{03D5B151-AEFF-4168-90A9-3EBD59130077}D:\programme\unity\editor\unity.exe] => (Allow) D:\programme\unity\editor\unity.exe
FirewallRules: [TCP Query User{280ADC29-3DCD-439A-90A3-552E6A77D5E6}D:\programme\unity\monodevelop\bin\monodevelop.exe] => (Allow) D:\programme\unity\monodevelop\bin\monodevelop.exe
FirewallRules: [UDP Query User{E45FE307-4C7E-4FEF-AACD-29143A06A1E1}D:\programme\unity\monodevelop\bin\monodevelop.exe] => (Allow) D:\programme\unity\monodevelop\bin\monodevelop.exe
FirewallRules: [TCP Query User{A5A88852-1BEE-4125-B280-C37CD641F3EF}D:\programme\firefox\plugin-container.exe] => (Allow) D:\programme\firefox\plugin-container.exe
FirewallRules: [UDP Query User{78DC1F8F-42CC-4F77-B024-F66A1076F042}D:\programme\firefox\plugin-container.exe] => (Allow) D:\programme\firefox\plugin-container.exe
FirewallRules: [{F9F085E5-84E2-41BF-9D82-16E69DFA6859}] => (Allow) D:\Programme\Steam\steamapps\common\lethalleague\LethalLeague.exe
FirewallRules: [{FE89FDC2-F4EC-4D0A-90C8-205D23C00894}] => (Allow) D:\Programme\Steam\steamapps\common\lethalleague\LethalLeague.exe
FirewallRules: [{837AAA17-907F-4022-8FEA-8CB08C96B9E0}] => (Allow) D:\Programme\Steam\steamapps\common\Emily is Away\emily is away.exe
FirewallRules: [{99D71EFB-DEF0-49C8-BDA2-B126B8CC594A}] => (Allow) D:\Programme\Steam\steamapps\common\Emily is Away\emily is away.exe
FirewallRules: [{E402AA54-B19F-4FEE-A657-CD7D5CC0D40F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B3291579-8C66-413E-8941-3CD682949412}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{5F2FC6D3-8725-4C42-A5B6-9EF9E6B9703D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{19465167-8102-4FCC-9115-53D6F9E7E519}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{BB23F745-3825-4925-A188-E614BA9FEC6B}] => (Allow) D:\Programme\Steam\steamapps\common\APB Reloaded\Launcher\APBLauncher.exe
FirewallRules: [{E55872BB-597D-4C83-A052-5BFA907E0CB1}] => (Allow) D:\Programme\Steam\steamapps\common\APB Reloaded\Launcher\APBLauncher.exe
FirewallRules: [{6C0F7DE6-0D66-4E97-952B-06BC0C4CDB71}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{483C009E-5D66-4B22-B156-522A960CE9D2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1545ADCD-EE25-4B35-B997-5D839799056D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6D4149CE-C651-4D44-B67E-0DAC638457F5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B20BEC19-D01A-447B-A65E-E4D7B44FBF2C}] => (Allow) D:\Programme\Steam\steamapps\common\APB Reloaded\Binaries\APB.exe
FirewallRules: [{9C942DB7-C8AB-4C61-A85E-9BFBAF15656F}] => (Allow) D:\Programme\Steam\steamapps\common\APB Reloaded\Binaries\APB.exe
FirewallRules: [{F01BF58E-2C30-4D10-BCB7-C392B50B9D46}] => (Allow) D:\Programme\Steam\steamapps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [{AD612527-AD71-43BC-835D-E580888A39BF}] => (Allow) D:\Programme\Steam\steamapps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [{703E0406-7185-462A-8766-E6F03C082BBD}] => (Allow) D:\Programme\Steam\steamapps\common\Sven Co-op\svencoop.exe
FirewallRules: [{72DCA22B-BEDF-4277-909D-027E0B607F76}] => (Allow) D:\Programme\Steam\steamapps\common\Sven Co-op\svencoop.exe
FirewallRules: [{712F8169-4A64-4624-87E4-1824E2A17D2C}] => (Allow) D:\Programme\Microsoft Office 2013\Office15\lync.exe
FirewallRules: [{30CADEA3-A8A5-45E7-98A0-063453D5D7DF}] => (Allow) D:\Programme\Microsoft Office 2013\Office15\lync.exe
FirewallRules: [{30F08DBA-D584-4804-802A-5BC07582ECED}] => (Allow) D:\Programme\Microsoft Office 2013\Office15\UcMapi.exe
FirewallRules: [{38E6EE8D-893D-4E70-88D6-F7959235B6E9}] => (Allow) D:\Programme\Microsoft Office 2013\Office15\UcMapi.exe
FirewallRules: [{40D623E8-1B93-44A8-A436-0F17D109FE1C}] => (Allow) D:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{AB9F31BD-D567-4862-8C80-82E3171168AD}] => (Allow) D:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{BEA05228-DA4B-4663-AB29-35101B3E720F}] => (Allow) D:\Programme\Steam\steamapps\common\DOMO_US\Main\DOMO.exe
FirewallRules: [{55379890-22FC-425E-87C5-108687B16478}] => (Allow) D:\Programme\Steam\steamapps\common\DOMO_US\Main\DOMO.exe
FirewallRules: [{6C16AD60-A79E-4F5C-9180-59ADFDC740F6}] => (Allow) D:\Programme\Steam\steamapps\common\Pro Evolution Soccer 2016 myClub\PES2016.exe
FirewallRules: [{A791CEC0-88D1-435C-A119-8938D8AB1904}] => (Allow) D:\Programme\Steam\steamapps\common\Pro Evolution Soccer 2016 myClub\PES2016.exe
FirewallRules: [{65CA07C2-5E42-4436-AEF2-1C3737F88EDB}] => (Allow) D:\Programme\Steam\steamapps\common\Survarium\temp\survarium_launcher.exe
FirewallRules: [{6C4F96A3-C852-4A31-AF00-DA9C9F2FBB93}] => (Allow) D:\Programme\Steam\steamapps\common\Survarium\temp\survarium_updater.exe
FirewallRules: [{1FFFAF77-DD5B-4007-8F38-33A0199AD0E0}] => (Allow) D:\Programme\Steam\steamapps\common\Survarium\temp\survarium_updater.exe
FirewallRules: [{A0D0FE67-C630-44AD-8299-5771B58A188F}] => (Allow) D:\Programme\Steam\steamapps\common\Survarium\temp\survarium_updater.exe
FirewallRules: [{5CDCCEB7-22B1-4BC3-918F-FD6C2574105A}] => (Allow) D:\Programme\Steam\steamapps\common\Survarium\temp\survarium_updater.exe
FirewallRules: [{C4383461-FE60-4CCE-B402-D15042238099}] => (Allow) D:\Programme\Steam\steamapps\common\Survarium\game\binaries\x86\survarium.exe
FirewallRules: [{70D59486-A6A3-4A13-BEFD-5CBDF13CAD3D}] => (Allow) D:\Programme\Steam\steamapps\common\Survarium\game\binaries\x86\survarium.exe
FirewallRules: [{6F82E02D-E318-4AB7-9AC4-40D2F7D68474}] => (Allow) D:\Programme\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{EE534453-97E6-475E-9375-5627856E0527}] => (Allow) D:\Programme\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{75546729-045B-4E4B-AC8B-32FB3E9F91D3}] => (Allow) LPort=1689
FirewallRules: [{FE5524CD-31D8-404D-BE9F-6BBBD2793C1B}] => (Allow) LPort=1688
FirewallRules: [{D2518655-E8F5-4118-8048-070AE5C579DB}] => (Allow) D:\Programme\Mozilla Firefox\firefox.exe
FirewallRules: [{CAEE5C5F-7360-4D84-B761-00A87C3C0BB5}] => (Allow) D:\Programme\Mozilla Firefox\firefox.exe
FirewallRules: [{7F96F179-061E-4488-84DC-C6CACB1A2EC4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{A50E5906-B757-4A7B-9F5A-370F8368AE2F}] => (Allow) D:\Programme\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{D5DF9CF8-BF0B-4D7C-AECB-13C94FAC5552}] => (Allow) D:\Programme\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{78EDC2DB-A5A9-4D67-9ACF-B39C87214F09}] => (Allow) D:\Programme\Steam\steamapps\common\DOMO_US\Main\DOMO.exe
FirewallRules: [{97B3CA3B-17B5-462A-BC1D-91D33DA98661}] => (Allow) D:\Programme\Steam\steamapps\common\DOMO_US\Main\DOMO.exe
FirewallRules: [TCP Query User{BFB3F05F-BE60-4D34-9D14-7372F83FAB32}D:\programme\mozilla firefox\plugin-container.exe] => (Allow) D:\programme\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{85014EF6-FB9A-4C14-973A-AD3B59179C93}D:\programme\mozilla firefox\plugin-container.exe] => (Allow) D:\programme\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{68A2B2F7-8E7E-42E3-9BBB-70DA68160C51}D:\programme\vlc\vlc.exe] => (Allow) D:\programme\vlc\vlc.exe
FirewallRules: [UDP Query User{A2590862-ACD0-414A-9F30-D0A56CECA5DD}D:\programme\vlc\vlc.exe] => (Allow) D:\programme\vlc\vlc.exe
FirewallRules: [{A3479CAB-96E8-4B47-A6E5-4FEF440BC006}] => (Allow) D:\Programme\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{F5013485-C103-4F8F-83CC-EA822D1182C9}] => (Allow) D:\Programme\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [TCP Query User{D586A2B5-29F5-47C5-AC83-EBE4F8314416}D:\programme\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\programme\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{F64F3593-0E9D-4915-A5D1-DDD47CDB330F}D:\programme\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\programme\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{25E9A2E0-D344-4FD1-8908-4ED77D8E8A6C}D:\programme\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\programme\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{B581A923-8868-4146-9E8E-91FC43A4D341}D:\programme\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\programme\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{7FD70F3C-D82E-4934-8385-31B1538AD2D1}D:\programme\epic games\4.10\engine\binaries\win64\ue4editor.exe] => (Allow) D:\programme\epic games\4.10\engine\binaries\win64\ue4editor.exe
FirewallRules: [UDP Query User{B1BD8D0C-1505-4EF5-982D-71562D7F67C3}D:\programme\epic games\4.10\engine\binaries\win64\ue4editor.exe] => (Allow) D:\programme\epic games\4.10\engine\binaries\win64\ue4editor.exe
FirewallRules: [TCP Query User{6C65CD53-A12B-4022-9449-E582AD2971E9}D:\programme\epic games\4.10\engine\binaries\dotnet\swarmagent.exe] => (Allow) D:\programme\epic games\4.10\engine\binaries\dotnet\swarmagent.exe
FirewallRules: [UDP Query User{1B5A33FB-31D1-4495-B4C3-5234F73A9387}D:\programme\epic games\4.10\engine\binaries\dotnet\swarmagent.exe] => (Allow) D:\programme\epic games\4.10\engine\binaries\dotnet\swarmagent.exe
==================== Wiederherstellungspunkte =========================
08-02-2016 14:34:28 Windows Update
12-02-2016 15:12:33 Windows Update
15-02-2016 21:03:34 Windows Update
19-02-2016 12:15:24 Windows Update
22-02-2016 15:50:52 Windows Update
24-02-2016 17:37:03 Installed eM Client
28-02-2016 10:15:40 Windows Update
29-02-2016 18:13:24 Installed eM Client
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: VMware Virtual Ethernet Adapter for VMnet1
Description: VMware Virtual Ethernet Adapter for VMnet1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: VMware Virtual Ethernet Adapter for VMnet8
Description: VMware Virtual Ethernet Adapter for VMnet8
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/29/2016 06:13:26 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (02/28/2016 08:03:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel: 0x56bf6dfa
Name des fehlerhaften Moduls: client.dll, Version: 1.0.0.1, Zeitstempel: 0x56cbb9b3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000edaba
ID des fehlerhaften Prozesses: 0x42c
Startzeit der fehlerhaften Anwendung: 0xhl2.exe0
Pfad der fehlerhaften Anwendung: hl2.exe1
Pfad des fehlerhaften Moduls: hl2.exe2
Berichtskennung: hl2.exe3
Vollständiger Name des fehlerhaften Pakets: hl2.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: hl2.exe5
Error: (02/28/2016 04:58:41 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll8
Error: (02/28/2016 04:58:40 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description:
Error: (02/28/2016 04:58:40 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL8
Error: (02/28/2016 04:58:40 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll8
Error: (02/28/2016 01:00:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel: 0x56bf6dfa
Name des fehlerhaften Moduls: client.dll, Version: 1.0.0.1, Zeitstempel: 0x56cbb9b3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000edaba
ID des fehlerhaften Prozesses: 0x1b88
Startzeit der fehlerhaften Anwendung: 0xhl2.exe0
Pfad der fehlerhaften Anwendung: hl2.exe1
Pfad des fehlerhaften Moduls: hl2.exe2
Berichtskennung: hl2.exe3
Vollständiger Name des fehlerhaften Pakets: hl2.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: hl2.exe5
Error: (02/28/2016 10:15:42 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (02/27/2016 09:09:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: hl2.exe, Version: 0.0.0.0, Zeitstempel: 0x56bf6dfa
Name des fehlerhaften Moduls: client.dll, Version: 1.0.0.1, Zeitstempel: 0x56cbb9b3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000edaba
ID des fehlerhaften Prozesses: 0x284c
Startzeit der fehlerhaften Anwendung: 0xhl2.exe0
Pfad der fehlerhaften Anwendung: hl2.exe1
Pfad des fehlerhaften Moduls: hl2.exe2
Berichtskennung: hl2.exe3
Vollständiger Name des fehlerhaften Pakets: hl2.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: hl2.exe5
Error: (02/27/2016 08:59:29 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Systemfehler:
=============
Error: (02/29/2016 06:11:15 PM) (Source: DCOM) (EventID: 10016) (User: KASKADEKING-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}KASKADEKING-PCKaskadekingDES-1-5-21-117306591-3796779208-521460896-1001LocalHost (unter Verwendung von LRPC)Microsoft.WindowsStore_2016.27.2.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157
Error: (02/29/2016 06:07:33 PM) (Source: DCOM) (EventID: 10010) (User: KASKADEKING-PC)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
Error: (02/28/2016 10:01:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_6fa5dfc" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/28/2016 10:01:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _6fa5dfc" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/28/2016 10:01:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_6fa5dfc" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/28/2016 10:01:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_6fa5dfc" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/28/2016 10:01:14 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (02/27/2016 10:05:44 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Synchronisierungshost_cedd1 erreicht.
Error: (02/27/2016 10:05:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Benutzerdatenspeicher _cedd1 erreicht.
Error: (02/27/2016 10:05:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_cedd1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2016-02-11 17:29:08.364
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-11 13:42:12.036
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-31 14:22:33.092
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-30 09:54:28.092
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-29 18:28:03.987
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-29 18:16:18.014
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-29 15:07:10.925
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-29 15:00:30.393
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-29 14:58:24.104
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-29 14:57:07.832
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: AMD A8-6600K APU with Radeon(tm) HD Graphics
Prozentuale Nutzung des RAM: 49%
Installierter physikalischer RAM: 7364.16 MB
Verfügbarer physikalischer RAM: 3693.43 MB
Summe virtueller Speicher: 13828.16 MB
Verfügbarer virtueller Speicher: 8857.11 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:107.86 GB) (Free:13.33 GB) NTFS
Drive d: (Daten) (Fixed) (Total:731.51 GB) (Free:367.17 GB) NTFS
Drive h: (HI) (Removable) (Total:7.48 GB) (Free:6.24 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 72B5DD30)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=107.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11 GB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: DFE201F7)
Partition 1: (Not Active) - (Size=731.5 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (Size: 7.5 GB) (Disk ID: 0DFF7265)
No partition Table on disk 3.
==================== Ende von Addition.txt ============================
__________________ --> Probleme mit Internetbrowser |
|
01.03.2016, 21:27
| #7 |
| /// TB-Ausbilder /// Anleitungs-Guru | Probleme mit Internetbrowser Seit wann besteht das Problem genau? Schritt 1 Downloade Dir  Process Explorer auf Deinen Desktop und entpacke die zip-Datei.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
04.03.2016, 16:00
| #8 |
| | Probleme mit Internetbrowser Sorry, dass ich dir jetzt erst antworte. Hatte keine Email-Benachrichtigung bekommen. Bei allen Prozessen wurde nix gefunden, soll ich den Screenshot trotzdem posten? Ich kann dir leider nicht genau sagen seit wann, aber ich würde sagen seit ca. 2 Wochen.
__________________ Mfg, Kaskadeking |
|
05.03.2016, 14:11
| #9 |
| /// TB-Ausbilder /// Anleitungs-Guru | Probleme mit Internetbrowser ja...
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
05.03.2016, 14:34
| #10 |
| | Probleme mit InternetbrowserCode:
ATTFilter Code:
ATTFilter
__________________ Mfg, Kaskadeking |
|
05.03.2016, 16:20
| #11 |
| /// TB-Ausbilder /// Anleitungs-Guru | Probleme mit Internetbrowser Boote mal in den abgesicherten Modus mit Netzwerktreibern und teste die Browser.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
06.03.2016, 09:33
| #12 |
| | Probleme mit Internetbrowser Obwohl ich den Abgesicherten Modus mit Netzwerktreibern aktiviert habe wird keine Verbindung zum Internet hergestellt bzw. es wird kein Netzwerk gefunden.
__________________ Mfg, Kaskadeking |
|
06.03.2016, 12:56
| #13 |
| /// TB-Ausbilder /// Anleitungs-Guru | Probleme mit Internetbrowser Gut, dann machen wir die Routine-Scans nach Malware. Schritt 1 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
06.03.2016, 13:54
| #14 |
| | Probleme mit InternetbrowserCode:
ATTFilter 13:50:46.0221 0x1e14 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
13:50:49.0552 0x1e14 ============================================================
13:50:49.0553 0x1e14 Current date / time: 2016/03/06 13:50:49.0552
13:50:49.0553 0x1e14 SystemInfo:
13:50:49.0553 0x1e14
13:50:49.0553 0x1e14 OS Version: 10.0.10586 ServicePack: 0.0
13:50:49.0553 0x1e14 Product type: Workstation
13:50:49.0553 0x1e14 ComputerName: KASKADEKING-PC
13:50:49.0553 0x1e14 UserName: KaskadekingDE
13:50:49.0553 0x1e14 Windows directory: C:\WINDOWS
13:50:49.0553 0x1e14 System windows directory: C:\WINDOWS
13:50:49.0553 0x1e14 Running under WOW64
13:50:49.0553 0x1e14 Processor architecture: Intel x64
13:50:49.0553 0x1e14 Number of processors: 4
13:50:49.0553 0x1e14 Page size: 0x1000
13:50:49.0553 0x1e14 Boot type: Normal boot
13:50:49.0553 0x1e14 ============================================================
13:50:49.0856 0x1e14 KLMD registered as C:\WINDOWS\system32\drivers\96934519.sys
13:50:50.0090 0x1e14 System UUID: {0F7950E4-C068-B77D-9D9C-525E1276903C}
13:50:50.0849 0x1e14 Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:50:50.0867 0x1e14 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:50:50.0885 0x1e14 Drive \Device\Harddisk3\DR3 - Size: 0x1E0000000 ( 7.50 Gb ), SectorSize: 0x200, Cylinders: 0x3D3, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:50:50.0887 0x1e14 ============================================================
13:50:50.0887 0x1e14 \Device\Harddisk0\DR0:
13:50:50.0887 0x1e14 MBR partitions:
13:50:50.0887 0x1e14 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAF000
13:50:50.0887 0x1e14 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xAF800, BlocksNum 0xD7BA000
13:50:50.0887 0x1e14 \Device\Harddisk1\DR1:
13:50:50.0887 0x1e14 MBR partitions:
13:50:50.0887 0x1e14 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x5B705000
13:50:50.0887 0x1e14 \Device\Harddisk3\DR3:
13:50:50.0889 0x1e14 MBR partitions:
13:50:50.0889 0x1e14 ============================================================
13:50:50.0890 0x1e14 C: <-> \Device\Harddisk0\DR0\Partition2
13:50:50.0901 0x1e14 D: <-> \Device\Harddisk1\DR1\Partition1
13:50:50.0901 0x1e14 ============================================================
13:50:50.0901 0x1e14 Initialize success
13:50:50.0901 0x1e14 ============================================================
13:51:15.0561 0x2154 ============================================================
13:51:15.0561 0x2154 Scan started
13:51:15.0561 0x2154 Mode: Manual; SigCheck; TDLFS;
13:51:15.0561 0x2154 ============================================================
13:51:15.0561 0x2154 KSN ping started
13:51:17.0996 0x2154 KSN ping finished: true
13:51:18.0426 0x2154 ================ Scan system memory ========================
13:51:18.0426 0x2154 System memory - ok
13:51:18.0426 0x2154 ================ Scan services =============================
13:51:18.0460 0x2154 1394ohci - ok
13:51:18.0465 0x2154 3ware - ok
13:51:18.0470 0x2154 ACPI - ok
13:51:18.0477 0x2154 acpiex - ok
13:51:18.0482 0x2154 acpipagr - ok
13:51:18.0486 0x2154 AcpiPmi - ok
13:51:18.0491 0x2154 acpitime - ok
13:51:18.0499 0x2154 [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:51:18.0558 0x2154 AdobeARMservice - ok
13:51:18.0579 0x2154 [ 785FD0E36CA75D90DD50042E2594BC63, 471A5ED43A3E18A5A69C28F7F351558E90F20416D9C532ADF50888808090AE89 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:51:18.0634 0x2154 AdobeFlashPlayerUpdateSvc - ok
13:51:18.0642 0x2154 ADP80XX - ok
13:51:18.0649 0x2154 AFD - ok
13:51:18.0654 0x2154 agp440 - ok
13:51:18.0660 0x2154 ahcache - ok
13:51:18.0664 0x2154 AJRouter - ok
13:51:18.0669 0x2154 ALG - ok
13:51:18.0680 0x2154 [ BBADD85854BFB5D43C60B7AC8EEA3DBA, 968C043ABEA46F5C79525863B3FE2681AC0FA4202036C9EFD20B408DECF407E2 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
13:51:18.0709 0x2154 AMD External Events Utility - ok
13:51:18.0720 0x2154 [ DE51F5BB5C05D4C831ECB6E1A70E1B5E, 465834210ACE469481F75EDBB8532386029BD5277C41D084134E9E71B9BD8371 ] AMD FUEL Service C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
13:51:18.0751 0x2154 AMD FUEL Service - ok
13:51:18.0756 0x2154 AmdK8 - ok
13:51:18.0762 0x2154 [ BE258C17CFD09F4210602105432E784A, FD38B50785206D6E5EADE65396030E18C8B9D993D7225057B0C24F3256BCE2E3 ] amdkmafd C:\WINDOWS\system32\drivers\amdkmafd.sys
13:51:18.0782 0x2154 amdkmafd - ok
13:51:18.0788 0x2154 amdkmdag - ok
13:51:18.0806 0x2154 [ 17BA5C907E14947574CBB788F4CEB85F, EAA3DBF436637C58666A91905E388287FC54334EBB2589A00727EB09AC4870E3 ] amdkmdap C:\WINDOWS\system32\DRIVERS\atikmpag.sys
13:51:19.0056 0x2154 amdkmdap - ok
13:51:19.0063 0x2154 [ EF4680F07516F6D61F6E0BA1D34B3A3A, C367B323B26CF56AA6260E41129AE5F2DC97CFD0A9D984D9D5C051BE61ACD247 ] amdkmpfd C:\WINDOWS\system32\drivers\amdkmpfd.sys
13:51:19.0077 0x2154 amdkmpfd - ok
13:51:19.0082 0x2154 AmdPPM - ok
13:51:19.0087 0x2154 amdsata - ok
13:51:19.0093 0x2154 amdsbs - ok
13:51:19.0098 0x2154 amdxata - ok
13:51:19.0109 0x2154 [ 7DCA2C59491D420947A0B529DB37C7CF, 4673DD141F02801A61FF057BE9DA7FD214C1F9ED31BCB035A8C4E44C579799E4 ] amdxhc C:\WINDOWS\System32\drivers\amdxhc.sys
13:51:19.0136 0x2154 amdxhc - ok
13:51:19.0143 0x2154 [ 172C69FE64D07BDF5CE24146274F8CB8, 0A36069BA7B1E2C8B00E8E611E5F2AEF3A7571FAEA252752577EF9DE11F343DA ] amd_sata C:\WINDOWS\system32\drivers\amd_sata.sys
13:51:19.0157 0x2154 amd_sata - ok
13:51:19.0163 0x2154 [ A8FD2F5F3E70BE8FF66D2AFC6B6FB051, E5C9CDBEA96B008F2B73E5151B85867128479FBEEADF2500AB16E3B0692AC030 ] amd_xata C:\WINDOWS\system32\drivers\amd_xata.sys
13:51:19.0176 0x2154 amd_xata - ok
13:51:19.0181 0x2154 [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.3 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
13:51:19.0202 0x2154 AODDriver4.3 - ok
13:51:19.0207 0x2154 AppID - ok
13:51:19.0212 0x2154 AppIDSvc - ok
13:51:19.0217 0x2154 Appinfo - ok
13:51:19.0223 0x2154 AppReadiness - ok
13:51:19.0227 0x2154 AppXSvc - ok
13:51:19.0238 0x2154 [ CF6E96336D3B247AB48F28CC570B83D8, B606BE7A2127E8FD3C7DFFEE844EFC8ABCBD08FE48384692B7B5928970AD54E3 ] APXACC C:\WINDOWS\system32\DRIVERS\appexDrv.sys
13:51:19.0266 0x2154 APXACC - ok
13:51:19.0272 0x2154 arcsas - ok
13:51:19.0286 0x2154 aspnet_state - ok
13:51:19.0292 0x2154 AsyncMac - ok
13:51:19.0296 0x2154 atapi - ok
13:51:19.0307 0x2154 [ FD9A5BCC3AFB02E87668B749546B6229, 4BE969A11CEE8033F40EDE7E06A5904B328D3FC1842855C0DB38D5EEF458219C ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWT6.sys
13:51:19.0337 0x2154 AtiHDAudioService - ok
13:51:19.0342 0x2154 AudioEndpointBuilder - ok
13:51:19.0346 0x2154 Audiosrv - ok
13:51:19.0353 0x2154 AxInstSV - ok
13:51:19.0357 0x2154 b06bdrv - ok
13:51:19.0363 0x2154 BasicDisplay - ok
13:51:19.0368 0x2154 BasicRender - ok
13:51:19.0376 0x2154 bcmfn - ok
13:51:19.0381 0x2154 bcmfn2 - ok
13:51:19.0388 0x2154 BDESVC - ok
13:51:19.0393 0x2154 Beep - ok
13:51:19.0398 0x2154 BFE - ok
13:51:19.0516 0x2154 [ 67EC059D86749294C5F228EE17276BAA, 1B68A5A9391AEA52DE00BD0AED3BEFAF5457ACA0B14E6C7AEA23D8579A69B812 ] BitBoxService D:\Programme\BitBox\bin\BitBoxService.exe
13:51:19.0578 0x2154 BitBoxService - detected UnsignedFile.Multi.Generic ( 1 )
13:51:22.0004 0x2154 Detect skipped due to KSN trusted
13:51:22.0004 0x2154 BitBoxService - ok
13:51:22.0012 0x2154 BITS - ok
13:51:22.0032 0x2154 [ C34F17588D07AF45E8718AD0CE3192B9, 16951D12809CAB931D2317D37EE02370C84E94BB1E8E015F2F7DA3F0A89A5F50 ] Bonjour Service C:\Program Files (x86)\Xamarin\Bonjour\mDNSResponder.exe
13:51:22.0103 0x2154 Bonjour Service - detected UnsignedFile.Multi.Generic ( 1 )
13:51:24.0532 0x2154 Detect skipped due to KSN trusted
13:51:24.0533 0x2154 Bonjour Service - ok
13:51:24.0540 0x2154 bowser - ok
13:51:24.0547 0x2154 BrokerInfrastructure - ok
13:51:24.0556 0x2154 Browser - ok
13:51:24.0571 0x2154 [ 56923A5C69593C0F09B6ABBCB3F2A316, 0943E1BC09DCECC67FED099DFBC657CB3A379F623DC894E768BD7D8EA3E8294D ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe
13:51:24.0669 0x2154 BstHdAndroidSvc - ok
13:51:24.0676 0x2154 [ 431418FF64C8301D7F390C01F5AE0A8A, AB6D684BD4B5D413E56DBE743B95E6734B64813C958D5D252EB226AFFFA7D719 ] BstHdDrv C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys
13:51:24.0699 0x2154 BstHdDrv - ok
13:51:24.0710 0x2154 [ 1A3E73E34A1C5A9C183B297CAE067BE3, A68436B35807B96E088E66156BFCFE404C2ECA31FE4A90EFBDAF08D7FFF00415 ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
13:51:24.0799 0x2154 BstHdLogRotatorSvc - ok
13:51:24.0818 0x2154 [ 8D348914BC6262CC2CA16980406B6A5D, 6B3747D93AD0C29E560F71E10268B54BE6BCC8EDE3501142193A6FF284C8F833 ] BstHdUpdaterSvc C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
13:51:24.0960 0x2154 BstHdUpdaterSvc - ok
13:51:24.0966 0x2154 BthAvrcpTg - ok
13:51:24.0971 0x2154 BthHFEnum - ok
13:51:24.0977 0x2154 bthhfhid - ok
13:51:24.0983 0x2154 BthHFSrv - ok
13:51:24.0988 0x2154 BTHMODEM - ok
13:51:24.0995 0x2154 bthserv - ok
13:51:25.0001 0x2154 buttonconverter - ok
13:51:25.0006 0x2154 CapImg - ok
13:51:25.0011 0x2154 cdfs - ok
13:51:25.0016 0x2154 CDPSvc - ok
13:51:25.0020 0x2154 cdrom - ok
13:51:25.0026 0x2154 CertPropSvc - ok
13:51:25.0031 0x2154 [ 6FED735D3B808D51C725C886E8F53116, 7DABDFA995C1323E222D7D5AE7F3AE28E11703E21430EA7B7B16B12DF0102B86 ] CGVPNCliService C:\Program Files\CyberGhost 5\Service.exe
13:51:25.0073 0x2154 CGVPNCliService - ok
13:51:25.0078 0x2154 circlass - ok
13:51:25.0083 0x2154 CLFS - ok
13:51:25.0089 0x2154 ClipSVC - ok
13:51:25.0104 0x2154 CmBatt - ok
13:51:25.0110 0x2154 CNG - ok
13:51:25.0115 0x2154 cnghwassist - ok
13:51:25.0126 0x2154 CompositeBus - ok
13:51:25.0132 0x2154 COMSysApp - ok
13:51:25.0137 0x2154 condrv - ok
13:51:25.0141 0x2154 CoreMessagingRegistrar - ok
13:51:25.0151 0x2154 CryptSvc - ok
13:51:25.0155 0x2154 dam - ok
13:51:25.0164 0x2154 DcomLaunch - ok
13:51:25.0168 0x2154 DcpSvc - ok
13:51:25.0173 0x2154 defragsvc - ok
13:51:25.0178 0x2154 DeviceAssociationService - ok
13:51:25.0184 0x2154 DeviceInstall - ok
13:51:25.0189 0x2154 DevQueryBroker - ok
13:51:25.0194 0x2154 Dfsc - ok
13:51:25.0204 0x2154 [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
13:51:25.0231 0x2154 dg_ssudbus - ok
13:51:25.0235 0x2154 Dhcp - ok
13:51:25.0241 0x2154 diagnosticshub.standardcollector.service - ok
13:51:25.0247 0x2154 DiagTrack - ok
13:51:25.0251 0x2154 disk - ok
13:51:25.0256 0x2154 DmEnrollmentSvc - ok
13:51:25.0262 0x2154 dmvsc - ok
13:51:25.0268 0x2154 dmwappushservice - ok
13:51:25.0272 0x2154 Dnscache - ok
13:51:25.0280 0x2154 dot3svc - ok
13:51:25.0285 0x2154 DPS - ok
13:51:25.0291 0x2154 drmkaud - ok
13:51:25.0296 0x2154 DsmSvc - ok
13:51:25.0301 0x2154 DsSvc - ok
13:51:25.0307 0x2154 [ 496C3C6BC3D930D0960C9E75AA30F4A7, 3FE0E86DA8C2C6A990BB2F1B92C22BD3483882B8D69FF8025BB68A199362C234 ] dtlitescsibus C:\WINDOWS\System32\drivers\dtlitescsibus.sys
13:51:25.0332 0x2154 dtlitescsibus - ok
13:51:25.0337 0x2154 DXGKrnl - ok
13:51:25.0341 0x2154 Eaphost - ok
13:51:25.0397 0x2154 [ 09036ED65D41B334CF541D3F3E982EAB, 7B68E0D732ADA2C15A7C3AEC62105076132F71B653467A793729D893366AA76B ] EaseUS Agent D:\Programme\EaseUS Todo Backup\Todo Backup\bin\Agent.exe
13:51:25.0627 0x2154 EaseUS Agent - ok
13:51:25.0635 0x2154 ebdrv - ok
13:51:25.0643 0x2154 EFS - ok
13:51:25.0651 0x2154 EhStorClass - ok
13:51:25.0659 0x2154 EhStorTcgDrv - ok
13:51:25.0668 0x2154 [ BDD265EEB37DF5953A547FE412E2472F, 17EB4FD54D62207937F8CA7454837DBF1EEC867AEDAF201FC2E839A3ED357F4F ] ElbyCDIO C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
13:51:25.0692 0x2154 ElbyCDIO - ok
13:51:25.0697 0x2154 embeddedmode - ok
13:51:25.0702 0x2154 EntAppSvc - ok
13:51:25.0707 0x2154 [ 1B677389760689A11241884C700B48E0, 75EC4D16F3F6004D2697AE25E029B95D8B9611911039777B781C5707DA6048C6 ] epmntdrv C:\WINDOWS\system32\epmntdrv.sys
13:51:25.0733 0x2154 epmntdrv - ok
13:51:25.0737 0x2154 ErrDev - ok
13:51:25.0747 0x2154 [ E47A0ECA90AF393983EF30E458606BB5, 1EB07711968ADBAB63A993FC54795DAAA9514F6E58FDED9EE9CA2DA3CCD620E1 ] EUBAKUP C:\WINDOWS\system32\drivers\eubakup.sys
13:51:25.0760 0x2154 EUBAKUP - ok
13:51:25.0766 0x2154 [ 17696B5ACDBDFFC7D26C4B56BF132AD5, 3D2499FE2406300357B746AF82F69CBF1A1039B1F2DD755018F2185FDE26EA7E ] EUBKMON C:\WINDOWS\system32\drivers\EUBKMON.sys
13:51:25.0779 0x2154 EUBKMON - ok
13:51:25.0784 0x2154 [ FCFD172899D0A026E5BD29F4775BFA76, CC651EAA870D9107B9FAC84B2FA2B8F166C5CA8FBDA803AFBDE07F523FA8C667 ] EUDSKACS C:\Windows\system32\drivers\eudskacs.sys
13:51:25.0803 0x2154 EUDSKACS - ok
13:51:25.0811 0x2154 [ 1D866B50C9B1BA3FE90CC81E0DBC0E15, 07606693CA155EC3BA2FEF6B1C70263AD0F6C2935E1C99572BB2152260F33E28 ] EUFDDISK C:\Windows\system32\drivers\EuFdDisk.sys
13:51:25.0837 0x2154 EUFDDISK - ok
13:51:25.0843 0x2154 [ 08C997734B2CECE882656BB2855E6E76, B3C1DEF26C9C9123D34395717220B450C705B5FA9FC8E321ADC444A4D63E6F36 ] EuGdiDrv C:\WINDOWS\system32\EuGdiDrv.sys
13:51:25.0865 0x2154 EuGdiDrv - ok
13:51:25.0871 0x2154 EventSystem - ok
13:51:25.0877 0x2154 exfat - ok
13:51:25.0882 0x2154 fastfat - ok
13:51:25.0887 0x2154 Fax - ok
13:51:25.0893 0x2154 fdc - ok
13:51:25.0898 0x2154 fdPHost - ok
13:51:25.0902 0x2154 FDResPub - ok
13:51:25.0908 0x2154 fhsvc - ok
13:51:25.0913 0x2154 FileCrypt - ok
13:51:25.0919 0x2154 FileInfo - ok
13:51:25.0924 0x2154 Filetrace - ok
13:51:25.0929 0x2154 flpydisk - ok
13:51:25.0933 0x2154 FltMgr - ok
13:51:25.0939 0x2154 FontCache - ok
13:51:25.0945 0x2154 FontCache3.0.0.0 - ok
13:51:25.0950 0x2154 FsDepends - ok
13:51:25.0954 0x2154 Fs_Rec - ok
13:51:25.0964 0x2154 [ 38F3CF15321DC2B47C7907EB222B637A, C2CE4F62BD7C93566C36B7290DA3E804FB79A18A18E2544E2B6404B473483D4E ] fussvc C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe
13:51:25.0981 0x2154 fussvc - detected UnsignedFile.Multi.Generic ( 1 )
13:51:28.0410 0x2154 Detect skipped due to KSN trusted
13:51:28.0410 0x2154 fussvc - ok
13:51:28.0428 0x2154 [ DD20EE28F6A5B0B9CCA98C2070C718FF, C4630692ECEE311F7F35C459D1AD194EA754964354A5D581DBD30EEF36B4D4EB ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe
13:51:28.0491 0x2154 Futuremark SystemInfo Service - ok
13:51:28.0496 0x2154 fvevol - ok
13:51:28.0501 0x2154 gagp30kx - ok
13:51:28.0568 0x2154 [ 6D18B1088696CF96CBEBD31B8A519BD4, 4B47EECD18C12749FBEFA9C20B466F1A501F238166BBAE5B1793C918305A3348 ] GalaxyClientService D:\Programme\GalaxyClient\GalaxyClientService.exe
13:51:28.0793 0x2154 GalaxyClientService - ok
13:51:28.0929 0x2154 [ C6B53600271EA23A03D5C23316407013, A2B672134EC6415D689F5F1BDF0500B876CB3BA2BA022E4C7FF4C15215AF7BC2 ] GalaxyCommunication C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
13:51:29.0976 0x2154 GalaxyCommunication - ok
13:51:29.0994 0x2154 gencounter - ok
13:51:29.0999 0x2154 genericusbfn - ok
13:51:30.0005 0x2154 GPIOClx0101 - ok
13:51:30.0011 0x2154 gpsvc - ok
13:51:30.0018 0x2154 GpuEnergyDrv - ok
13:51:30.0026 0x2154 [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:51:30.0063 0x2154 gupdate - ok
13:51:30.0068 0x2154 [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:51:30.0105 0x2154 gupdatem - ok
13:51:30.0111 0x2154 [ 3F95931AEEA6DEF9FC02C565D2EFC145, A77CE97B0143A035D7C2655C2BF31008D4D555EF63CCF188EC58D5611782E635 ] hcmon C:\WINDOWS\system32\drivers\hcmon.sys
13:51:30.0133 0x2154 hcmon - ok
13:51:30.0138 0x2154 HDAudBus - ok
13:51:30.0151 0x2154 [ D95AAA765E0DF05DA881D259D3EF5B84, 9FF0305323AA04B7622CBC065D27BAD347D7C5B757A0B82F0A2AA99B517F9606 ] HerculesWiFi C:\WINDOWS\SysWOW64\\HerculesWiFiService.exe
13:51:30.0195 0x2154 HerculesWiFi - ok
13:51:30.0199 0x2154 HidBatt - ok
13:51:30.0204 0x2154 HidBth - ok
13:51:30.0209 0x2154 hidi2c - ok
13:51:30.0215 0x2154 hidinterrupt - ok
13:51:30.0219 0x2154 HidIr - ok
13:51:30.0224 0x2154 hidserv - ok
13:51:30.0230 0x2154 HidUsb - ok
13:51:30.0299 0x2154 [ 7D8A3C3D22CE3826693DC7E600EFC1D7, C7B4585BEBB9E0E3628D922859DA3BFE6CCC2612ED31C7FDCB541116483F3046 ] HiPatchService D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
13:51:30.0319 0x2154 HiPatchService - detected UnsignedFile.Multi.Generic ( 1 )
13:51:32.0777 0x2154 Detect skipped due to KSN trusted
13:51:32.0777 0x2154 HiPatchService - ok
13:51:32.0782 0x2154 HomeGroupListener - ok
13:51:32.0788 0x2154 HomeGroupProvider - ok
13:51:32.0793 0x2154 HpSAMD - ok
13:51:32.0799 0x2154 HTTP - ok
13:51:32.0805 0x2154 hwpolicy - ok
13:51:32.0812 0x2154 hyperkbd - ok
13:51:32.0817 0x2154 i8042prt - ok
13:51:32.0822 0x2154 iai2c - ok
13:51:32.0828 0x2154 iaLPSS2i_I2C - ok
13:51:32.0833 0x2154 iaLPSSi_GPIO - ok
13:51:32.0838 0x2154 iaLPSSi_I2C - ok
13:51:32.0844 0x2154 iaStorAV - ok
13:51:32.0848 0x2154 iaStorV - ok
13:51:32.0854 0x2154 ibbus - ok
13:51:32.0858 0x2154 icssvc - ok
13:51:32.0864 0x2154 IEEtwCollectorService - ok
13:51:32.0869 0x2154 IKEEXT - ok
13:51:32.0958 0x2154 [ 622868E4BAE8FBCD22CB1A5901A2C824, C1A2264C0984DD16C83B663C9CE43E049E1356E32C5771C3ACE225F285699138 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
13:51:33.0127 0x2154 IntcAzAudAddService - ok
13:51:33.0139 0x2154 intelide - ok
13:51:33.0144 0x2154 intelpep - ok
13:51:33.0150 0x2154 intelppm - ok
13:51:33.0154 0x2154 IoQos - ok
13:51:33.0161 0x2154 IpFilterDriver - ok
13:51:33.0166 0x2154 iphlpsvc - ok
13:51:33.0171 0x2154 IPMIDRV - ok
13:51:33.0176 0x2154 IPNAT - ok
13:51:33.0182 0x2154 [ 30228DC3268ADAA214B03A3948CA85BC, 0F1F8898A64FFD61B84E9B2E2A4E5FF468295F6A55FCE95748957DFC5D94D56A ] IpOverUsbSvc C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe
13:51:33.0212 0x2154 IpOverUsbSvc - ok
13:51:33.0217 0x2154 IRENUM - ok
13:51:33.0221 0x2154 isapnp - ok
13:51:33.0227 0x2154 iScsiPrt - ok
13:51:33.0257 0x2154 [ 68AD877758CEB893FABC6D85F9CD0E04, 54C28C9FEB1C87E3634EB08735A8E82CACFDAC858D2B18E5C45598D2785B9115 ] jetbrainsetw.103.0.20150818.191753 C:\Program Files (x86)\JetBrains\ETW Host\JetBrains.ETW.Collector.Host.exe
13:51:33.0310 0x2154 jetbrainsetw.103.0.20150818.191753 - ok
13:51:33.0317 0x2154 kbdclass - ok
13:51:33.0323 0x2154 kbdhid - ok
13:51:33.0328 0x2154 kdnic - ok
13:51:33.0334 0x2154 KeyIso - ok
13:51:33.0338 0x2154 KSecDD - ok
13:51:33.0344 0x2154 KSecPkg - ok
13:51:33.0348 0x2154 ksthunk - ok
13:51:33.0354 0x2154 KtmRm - ok
13:51:33.0359 0x2154 LanmanServer - ok
13:51:33.0364 0x2154 LanmanWorkstation - ok
13:51:33.0371 0x2154 lfsvc - ok
13:51:33.0377 0x2154 LicenseManager - ok
13:51:33.0382 0x2154 lltdio - ok
13:51:33.0387 0x2154 lltdsvc - ok
13:51:33.0392 0x2154 lmhosts - ok
13:51:33.0399 0x2154 LSI_SAS - ok
13:51:33.0404 0x2154 LSI_SAS2i - ok
13:51:33.0409 0x2154 LSI_SAS3i - ok
13:51:33.0414 0x2154 LSI_SSS - ok
13:51:33.0420 0x2154 LSM - ok
13:51:33.0426 0x2154 luafv - ok
13:51:33.0432 0x2154 [ 60DC593BA44E433DF97EBC8940703D08, 253B6892D7FCBD647D6FA645670871A76A38CD379FCC1F66F1181949740C72EA ] ManyCam C:\WINDOWS\system32\DRIVERS\mcvidrv.sys
13:51:33.0455 0x2154 ManyCam - ok
13:51:33.0460 0x2154 MapsBroker - ok
13:51:33.0465 0x2154 [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
13:51:33.0479 0x2154 MBAMProtector - ok
13:51:33.0576 0x2154 [ AB176B9E59C0435499D83047D84EDD59, 85B826A3972CE9AD885313B69B9C60328B850257667D0EB65DDE890D0BB06361 ] MBAMScheduler D:\Programme\ Malwarebytes Anti-Malware \mbamscheduler.exe
13:51:33.0643 0x2154 MBAMScheduler - ok
13:51:33.0681 0x2154 [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService D:\Programme\ Malwarebytes Anti-Malware \mbamservice.exe
13:51:33.0737 0x2154 MBAMService - ok
13:51:33.0748 0x2154 [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
13:51:33.0766 0x2154 MBAMSwissArmy - ok
13:51:33.0773 0x2154 [ 08DECFCB9BA97786165A69AB1015BC30, EDC8C8447B57BD412E2DEBCA9B5B1B58C19D40105DC7CE9520DE214081696B05 ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
13:51:33.0788 0x2154 MBAMWebAccessControl - ok
13:51:33.0793 0x2154 [ 7382E4A888A7D4333DFF8A30B6850EE9, 3F63680A96438DF841FD46F99DA9670520ED3295176820DEDC9D5C770CA659D0 ] mcaudrv_simple C:\WINDOWS\system32\drivers\mcaudrv_x64.sys
13:51:33.0814 0x2154 mcaudrv_simple - ok
13:51:33.0818 0x2154 megasas - ok
13:51:33.0824 0x2154 megasr - ok
13:51:33.0828 0x2154 MessagingService - ok
13:51:33.0844 0x2154 mlx4_bus - ok
13:51:33.0849 0x2154 MMCSS - ok
13:51:33.0854 0x2154 Modem - ok
13:51:33.0860 0x2154 monitor - ok
13:51:33.0865 0x2154 mouclass - ok
13:51:33.0873 0x2154 mouhid - ok
13:51:33.0877 0x2154 mountmgr - ok
13:51:33.0885 0x2154 [ 5961C5D8EDD2E2A3B99F1782AE1AC21F, C383A4724A335737C4C7C3211AFCFB82D373267EC634BC47EE078A1C66E1F62A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:51:33.0917 0x2154 MozillaMaintenance - ok
13:51:33.0922 0x2154 mpsdrv - ok
13:51:33.0927 0x2154 MpsSvc - ok
13:51:33.0932 0x2154 MRxDAV - ok
13:51:33.0938 0x2154 mrxsmb - ok
13:51:33.0944 0x2154 mrxsmb10 - ok
13:51:33.0949 0x2154 mrxsmb20 - ok
13:51:33.0954 0x2154 MsBridge - ok
13:51:33.0959 0x2154 MSDTC - ok
13:51:33.0968 0x2154 Msfs - ok
13:51:33.0974 0x2154 msgpiowin32 - ok
13:51:33.0979 0x2154 mshidkmdf - ok
13:51:33.0983 0x2154 mshidumdf - ok
13:51:33.0989 0x2154 msisadrv - ok
13:51:33.0993 0x2154 MSiSCSI - ok
13:51:33.0998 0x2154 msiserver - ok
13:51:34.0002 0x2154 MSKSSRV - ok
13:51:34.0008 0x2154 MsLldp - ok
13:51:34.0012 0x2154 MSPCLOCK - ok
13:51:34.0018 0x2154 MSPQM - ok
13:51:34.0024 0x2154 MsRPC - ok
13:51:34.0031 0x2154 mssmbios - ok
13:51:34.0038 0x2154 MSTEE - ok
13:51:34.0043 0x2154 MTConfig - ok
13:51:34.0048 0x2154 Mup - ok
13:51:34.0054 0x2154 mvumis - ok
13:51:34.0060 0x2154 NativeWifiP - ok
13:51:34.0066 0x2154 [ 873005BF5DE7EEC41FCE697CB0FC5FF2, 7C72B3FE77CBD177116C7033EAE72708BD3B38F8AE455E2560E9D306127BCDAB ] nbdrv C:\WINDOWS\system32\DRIVERS\nbdrv.sys
13:51:34.0090 0x2154 nbdrv - ok
13:51:34.0095 0x2154 NcaSvc - ok
13:51:34.0098 0x2154 NcbService - ok
13:51:34.0104 0x2154 NcdAutoSetup - ok
13:51:34.0109 0x2154 ndfltr - ok
13:51:34.0115 0x2154 NDIS - ok
13:51:34.0120 0x2154 NdisCap - ok
13:51:34.0125 0x2154 NdisImPlatform - ok
13:51:34.0129 0x2154 NdisTapi - ok
13:51:34.0135 0x2154 Ndisuio - ok
13:51:34.0140 0x2154 NdisVirtualBus - ok
13:51:34.0145 0x2154 NdisWan - ok
13:51:34.0151 0x2154 ndiswanlegacy - ok
13:51:34.0156 0x2154 ndproxy - ok
13:51:34.0161 0x2154 Ndu - ok
13:51:34.0205 0x2154 [ 5E84EDE47F715B6248B39E70229F8497, BFB4C7066F2459F60F1C2C50B743E1D02793A769F00D49626F125A6A754F9DE8 ] NetBalancerService D:\Programme\NetBalancer\SeriousBit.NetBalancer.Service.exe
13:51:34.0235 0x2154 NetBalancerService - ok
13:51:34.0240 0x2154 NetBIOS - ok
13:51:34.0248 0x2154 NetBT - ok
13:51:34.0255 0x2154 Netlogon - ok
13:51:34.0260 0x2154 Netman - ok
13:51:34.0268 0x2154 netprofm - ok
13:51:34.0273 0x2154 NetSetupSvc - ok
13:51:34.0280 0x2154 NetTcpPortSharing - ok
13:51:34.0288 0x2154 NgcCtnrSvc - ok
13:51:34.0294 0x2154 NgcSvc - ok
13:51:34.0302 0x2154 NlaSvc - ok
13:51:34.0306 0x2154 Npfs - ok
13:51:34.0312 0x2154 npggsvc - ok
13:51:34.0318 0x2154 npsvctrig - ok
13:51:34.0323 0x2154 nsi - ok
13:51:34.0328 0x2154 nsiproxy - ok
13:51:34.0336 0x2154 NTFS - ok
13:51:34.0341 0x2154 Null - ok
13:51:34.0346 0x2154 nvraid - ok
13:51:34.0351 0x2154 nvstor - ok
13:51:34.0358 0x2154 nv_agp - ok
13:51:34.0363 0x2154 OneSyncSvc - ok
13:51:34.0448 0x2154 [ A309633A4BA2DE3FC30468C3103E0BA5, 530C707A4FCD36A45E9D370D20105356C8019DE41EF1C1F1A728A523D5FBEE25 ] Origin Client Service D:\Programme\Origin\OriginClientService.exe
13:51:34.0583 0x2154 Origin Client Service - ok
13:51:34.0594 0x2154 [ 11E0B35479C895888BA3D7F619DCFFF3, 6ED82C19898101EC00BD64A9F90595C3D20AD2D2902AA8765B740FB3B9312DDF ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:51:34.0617 0x2154 ose64 - ok
13:51:34.0672 0x2154 [ 4E05A50D300FF558613064C92F0667AC, F853F386AFB02C06CC84EDA9A2256F9B4734EB1D50725EB6CA34F7D53AD21E79 ] OverwolfUpdater D:\Programme\Overwolf\OverwolfUpdater.exe
13:51:35.0010 0x29ac Object required for P2P: [ C6B53600271EA23A03D5C23316407013 ] GalaxyCommunication
13:51:35.0363 0x2154 OverwolfUpdater - ok
13:51:35.0373 0x2154 p2pimsvc - ok
13:51:35.0381 0x2154 p2psvc - ok
13:51:35.0391 0x2154 Parport - ok
13:51:35.0398 0x2154 partmgr - ok
13:51:35.0403 0x2154 PcaSvc - ok
13:51:35.0408 0x2154 pci - ok
13:51:35.0414 0x2154 pciide - ok
13:51:35.0419 0x2154 pcmcia - ok
13:51:35.0424 0x2154 pcw - ok
13:51:35.0430 0x2154 pdc - ok
13:51:35.0435 0x2154 PEAUTH - ok
13:51:35.0440 0x2154 percsas2i - ok
13:51:35.0445 0x2154 percsas3i - ok
13:51:35.0461 0x2154 PerfHost - ok
13:51:35.0472 0x2154 PhoneSvc - ok
13:51:35.0478 0x2154 PimIndexMaintenanceSvc - ok
13:51:35.0494 0x2154 pla - ok
13:51:35.0498 0x2154 PlugPlay - ok
13:51:35.0504 0x2154 PnkBstrA - ok
13:51:35.0509 0x2154 PNRPAutoReg - ok
13:51:35.0515 0x2154 PNRPsvc - ok
13:51:35.0520 0x2154 PolicyAgent - ok
13:51:35.0527 0x2154 Power - ok
13:51:35.0532 0x2154 PptpMiniport - ok
13:51:35.0598 0x2154 [ 959F94AD1255BC749884EDDD14EC29C4, 2CD6DA9778EA36FA0B4080F6DB1C634712238E014E47546403CD3CDB35A1DCA8 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
13:51:35.0731 0x2154 PrintNotify - ok
13:51:35.0742 0x2154 Processor - ok
13:51:35.0747 0x2154 ProfSvc - ok
13:51:35.0752 0x2154 Psched - ok
13:51:35.0757 0x2154 QWAVE - ok
13:51:35.0763 0x2154 QWAVEdrv - ok
13:51:35.0767 0x2154 RasAcd - ok
13:51:35.0773 0x2154 RasAgileVpn - ok
13:51:35.0777 0x2154 RasAuto - ok
13:51:35.0782 0x2154 Rasl2tp - ok
13:51:35.0787 0x2154 RasMan - ok
13:51:35.0793 0x2154 RasPppoe - ok
13:51:35.0797 0x2154 RasSstp - ok
13:51:35.0802 0x2154 rdbss - ok
13:51:35.0811 0x2154 rdpbus - ok
13:51:35.0815 0x2154 RDPDR - ok
13:51:35.0826 0x2154 RdpVideoMiniport - ok
13:51:35.0831 0x2154 rdyboost - ok
13:51:35.0836 0x2154 ReFSv1 - ok
13:51:35.0842 0x2154 RemoteAccess - ok
13:51:35.0846 0x2154 RemoteRegistry - ok
13:51:35.0851 0x2154 RetailDemo - ok
13:51:35.0857 0x2154 RpcEptMapper - ok
13:51:35.0863 0x2154 RpcLocator - ok
13:51:35.0868 0x2154 RpcSs - ok
13:51:35.0874 0x2154 rspndr - ok
13:51:35.0897 0x2154 [ 6969DAC0C978A78E63DE59C6D5E2421C, 424DB0E2C185294D2C6646F53A83FC4A232939622B557845DF2E3F73BFC355AB ] rt640x64 C:\WINDOWS\System32\drivers\rt640x64.sys
13:51:35.0948 0x2154 rt640x64 - ok
13:51:35.0971 0x2154 [ EF91E0806C01806C3CF62AF006901127, 1F49D57B6598EF0923DF70FD31B755B29D5ED4D38840D7619D3399B759FD579F ] RTL8167 C:\WINDOWS\system32\DRIVERS\Rt64win7.sys
13:51:36.0023 0x2154 RTL8167 - ok
13:51:36.0031 0x2154 [ C66F68E501687573B6EAA66F3F0AB285, C028CD68C4C41D3B388681FD577176F94EF2BCE8C1C5E3EBB4CA18F7E20BA715 ] rtlss C:\WINDOWS\System32\Drivers\rtlss.sys
13:51:36.0054 0x2154 rtlss - ok
13:51:36.0127 0x2154 [ 844CB9DBE08797A2A875DF9E2AF108D7, 53463064C2F34DB9C5E1484FA370AC00C4A3486713EC80E2323B07150A27DD1F ] RtlWlanu C:\WINDOWS\System32\drivers\rtwlanu.sys
13:51:36.0275 0x2154 RtlWlanu - ok
13:51:36.0287 0x2154 s3cap - ok
13:51:36.0292 0x2154 SamSs - ok
13:51:36.0303 0x2154 [ A96A6B13ADE213E57F488718CE6C51BC, 0E5DE674CC80A4B3D0131EAD65D15F121E362A5B01FBC92EEA78C6AA5D73ACEB ] SAVAdminService C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
13:51:36.0350 0x2154 SAVAdminService - ok
13:51:36.0358 0x2154 [ 389609560D81988DA2B78F7AFE1384F0, 3AE26F2E4018D45027AA0DE09A0E58BF5F93A7E036AB73188B57C530869B0189 ] SAVOnAccess C:\WINDOWS\system32\DRIVERS\savonaccess.sys
13:51:36.0376 0x2154 SAVOnAccess - ok
13:51:36.0383 0x2154 [ EF41D930DBD91684640390EFC623CC4F, 02D0F6C4229F567745FC6E4C500062771345EC904CC6CD14514C75748C46C90A ] SAVService C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
13:51:36.0465 0x2154 SAVService - ok
13:51:36.0473 0x2154 [ 5A4DE7A65657965208296635F2C01E94, 8028303C7098B2C42DF6172DB39070AD4BF69B16E19EBC85B9AD6865C732C322 ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys
13:51:36.0501 0x2154 SbieDrv - ok
13:51:36.0507 0x2154 [ 75AE2224F4427B737C1DEF1A4F2DFDA8, 71C4B60B0C1AC4A5684C6718A65C4275ECEE300C99085E4490934DDB0DC3784E ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe
13:51:36.0817 0x2154 SbieSvc - ok
13:51:36.0825 0x2154 sbp2port - ok
13:51:36.0833 0x2154 SCardSvr - ok
13:51:36.0841 0x2154 ScDeviceEnum - ok
13:51:36.0849 0x2154 scfilter - ok
13:51:36.0858 0x2154 Schedule - ok
13:51:36.0864 0x2154 SCPolicySvc - ok
13:51:36.0871 0x2154 sdbus - ok
13:51:36.0876 0x2154 [ 75B98959013B22F8F40C08095B8AB73C, EF608EFBF72AF48EFC9352FCEDF0523BDBA6055612FFD22654E3B241AA9C8033 ] sdcfilter C:\WINDOWS\system32\DRIVERS\sdcfilter.sys
13:51:36.0899 0x2154 sdcfilter - ok
13:51:36.0904 0x2154 SDRSVC - ok
13:51:36.0909 0x2154 sdstor - ok
13:51:36.0913 0x2154 seclogon - ok
13:51:36.0919 0x2154 SENS - ok
13:51:36.0923 0x2154 SensorDataService - ok
13:51:36.0929 0x2154 SensorService - ok
13:51:36.0934 0x2154 SensorsSimulatorDriver - ok
13:51:36.0940 0x2154 SensrSvc - ok
13:51:36.0946 0x2154 SerCx - ok
13:51:36.0952 0x2154 SerCx2 - ok
13:51:36.0956 0x2154 Serenum - ok
13:51:36.0962 0x2154 Serial - ok
13:51:36.0967 0x2154 sermouse - ok
13:51:36.0977 0x2154 SessionEnv - ok
13:51:36.0984 0x2154 sfloppy - ok
13:51:36.0988 0x2154 SharedAccess - ok
13:51:36.0994 0x2154 ShellHWDetection - ok
13:51:36.0998 0x2154 SiSRaid2 - ok
13:51:37.0004 0x2154 SiSRaid4 - ok
13:51:37.0009 0x2154 smphost - ok
13:51:37.0014 0x2154 SmsRouter - ok
13:51:37.0023 0x2154 SNMPTRAP - ok
13:51:37.0036 0x2154 [ 61A8AD202BF438D9A4BDADAA6AE4C9BB, D8FBC9F088686FDEB8A72D5294F1D94543E9F9CDA4B575F034A287CE30F9E125 ] Sophos AutoUpdate Service C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
13:51:37.0083 0x2154 Sophos AutoUpdate Service - ok
13:51:37.0093 0x2154 [ 25E219807DDD9D6E3F6755361FED65D6, 47162ED76E607C66DDBC30CD6A183995CDA662FE63F28B7D09EA0FA27EA7B9FA ] Sophos MCS Agent C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsAgent.exe
13:51:37.0221 0x2154 Sophos MCS Agent - ok
13:51:37.0240 0x2154 [ 93BC9C07ABCEF9DF8564D3570F6F5C6A, A3F4B3E4AE8EECB532F41454B0A19D147ED87810C3A9B724BCA4C29F810FDCF4 ] Sophos MCS Client C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsClient.exe
13:51:37.0291 0x2154 Sophos MCS Client - ok
13:51:37.0304 0x2154 [ CE9EA0AEF9A8A2E86CDCC7B76ECD97E1, F0EACC60C6912C58B596D4EE6D218772BD8C8FC6E652CFF6A2B08395896B0D6C ] Sophos Web Control Service C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
13:51:37.0375 0x2154 Sophos Web Control Service - ok
13:51:37.0382 0x2154 [ FFD056D55C46946ACA218F0A61DA2743, A9E3910EBEFC8674704F42C6D43A12A521C212B911D46FCD669D8AAFA8381C55 ] SophosBootDriver C:\WINDOWS\system32\DRIVERS\SophosBootDriver.sys
13:51:37.0403 0x2154 SophosBootDriver - ok
13:51:37.0408 0x2154 spaceport - ok
13:51:37.0413 0x2154 SpbCx - ok
13:51:37.0419 0x2154 Spooler - ok
13:51:37.0424 0x2154 sppsvc - ok
13:51:37.0430 0x2154 [ 8FD8EE71D7D639F85805EEE4ADB2AA15, 027E680BE49F705843B0117A72FAFC7681798B99685B91989928EF03767CD7A5 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
13:51:37.0449 0x2154 SQLWriter - ok
13:51:37.0454 0x2154 srv - ok
13:51:37.0458 0x2154 srv2 - ok
13:51:37.0464 0x2154 srvnet - ok
13:51:37.0469 0x2154 SSDPSRV - ok
13:51:37.0474 0x2154 SstpSvc - ok
13:51:37.0485 0x2154 [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
13:51:37.0515 0x2154 ssudmdm - ok
13:51:37.0519 0x2154 StateRepository - ok
13:51:37.0538 0x2154 [ 591249EA969797C2A24629AF7C71A6F8, 61F28FB495657916514DE2A7FFD4AD833A1B2BBA5591616BE0C9CCD7DAFA40B7 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
13:51:37.0601 0x2154 Steam Client Service - ok
13:51:37.0607 0x2154 stexstor - ok
13:51:37.0613 0x2154 stisvc - ok
13:51:37.0618 0x2154 storahci - ok
13:51:37.0623 0x2154 storflt - ok
13:51:37.0629 0x2154 stornvme - ok
13:51:37.0634 0x2154 storqosflt - ok
13:51:37.0640 0x2154 StorSvc - ok
13:51:37.0647 0x2154 storufs - ok
13:51:37.0653 0x2154 storvsc - ok
13:51:37.0660 0x2154 svsvc - ok
13:51:37.0667 0x2154 swenum - ok
13:51:37.0674 0x2154 [ 6E08BD408572E27A6BD1ED615A2AFA84, FACA5D621F34B6DA9B18096D817531A268EC1DC07B03B68D740BC8095EB1083C ] swi_callout C:\WINDOWS\system32\DRIVERS\swi_callout.sys
13:51:37.0699 0x2154 swi_callout - ok
13:51:37.0709 0x2154 [ 395E6CF07B90379442B555F28A7CF857, D2C9B4826284B52DB95715038F7ECF47AF03500B280CA4FE6DBD6FA83F943AAF ] swi_filter C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe
13:51:37.0876 0x2154 swi_filter - ok
13:51:37.0942 0x2154 [ 3355E3E4F86C67BDD342EF211602C9AC, 232EAFCD8DC793AABCCEFD4EC72267F7045315CF6C5D6826BF24E31C580922DB ] swi_service C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
13:51:38.0069 0x2154 swi_service - ok
13:51:38.0080 0x2154 swprv - ok
13:51:38.0132 0x2154 [ DC675E90D41B261D78E04877F3A8B51D, DE6B1E245B3AC10FBD0ACAA4817CD92946319648329C5F9537EB38CB24D2B41D ] Synergy D:\Programme\Synergy\synergyd.exe
13:51:38.0155 0x2154 Synergy - ok
13:51:38.0161 0x2154 Synth3dVsc - ok
13:51:38.0166 0x2154 SysMain - ok
13:51:38.0171 0x2154 SystemEventsBroker - ok
13:51:38.0177 0x2154 TabletInputService - ok
13:51:38.0183 0x2154 [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901 C:\WINDOWS\System32\drivers\tap0901.sys
13:51:38.0207 0x2154 tap0901 - ok
13:51:38.0212 0x2154 TapiSrv - ok
13:51:38.0218 0x2154 [ B0181B7C8F1495AC45F3A834CEDD2772, 7B07ED181CE7B8206171B02B468C2DFF8381FF33AB52BCA6806DE3C0119DEE4D ] tapse01 C:\WINDOWS\System32\drivers\tapse01.sys
13:51:38.0242 0x2154 tapse01 - ok
13:51:38.0247 0x2154 Tcpip - ok
13:51:38.0252 0x2154 Tcpip6 - ok
13:51:38.0260 0x2154 tcpipreg - ok
13:51:38.0268 0x2154 tdx - ok
13:51:38.0275 0x2154 [ 950AD1AE7498A492126FB9F9B2E27DB5, C4C9A972015F567FC87A4094C86835B2DD3476426AB8B40CD4872A725CA89CFC ] Te.Service C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe
13:51:38.0291 0x2154 Te.Service - detected UnsignedFile.Multi.Generic ( 1 )
13:51:38.0599 0x29ac Object send P2P result: true
13:51:40.0799 0x2154 Detect skipped due to KSN trusted
13:51:40.0799 0x2154 Te.Service - ok
13:51:40.0940 0x2154 [ E72B44F86082DFE649CD991E3CD2F8B6, C5A1E53E41E48D3465A7D96886A1E5D1C3145C7E1A40FB74E3A05EDC2DA04F84 ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
13:51:41.0657 0x2154 TeamViewer - ok
13:51:41.0674 0x2154 terminpt - ok
13:51:41.0678 0x2154 TermService - ok
13:51:41.0684 0x2154 Themes - ok
13:51:41.0689 0x2154 TieringEngineService - ok
13:51:41.0694 0x2154 tiledatamodelsvc - ok
13:51:41.0699 0x2154 TimeBroker - ok
13:51:41.0704 0x2154 TPM - ok
13:51:41.0709 0x2154 TrkWks - ok
13:51:41.0713 0x2154 TrustedInstaller - ok
13:51:41.0721 0x2154 tsusbflt - ok
13:51:41.0726 0x2154 TsUsbGD - ok
13:51:41.0731 0x2154 tunnel - ok
13:51:41.0736 0x2154 tzautoupdate - ok
13:51:41.0742 0x2154 uagp35 - ok
13:51:41.0746 0x2154 UASPStor - ok
13:51:41.0752 0x2154 UcmCx0101 - ok
13:51:41.0757 0x2154 UcmUcsi - ok
13:51:41.0762 0x2154 Ucx01000 - ok
13:51:41.0768 0x2154 UdeCx - ok
13:51:41.0772 0x2154 udfs - ok
13:51:41.0777 0x2154 UEFI - ok
13:51:41.0782 0x2154 Ufx01000 - ok
13:51:41.0788 0x2154 UfxChipidea - ok
13:51:41.0793 0x2154 ufxsynopsys - ok
13:51:41.0803 0x2154 UI0Detect - ok
13:51:41.0808 0x2154 uliagpkx - ok
13:51:41.0813 0x2154 umbus - ok
13:51:41.0820 0x2154 UmPass - ok
13:51:41.0825 0x2154 UmRdpService - ok
13:51:41.0830 0x2154 UnistoreSvc - ok
13:51:41.0846 0x2154 upnphost - ok
13:51:41.0853 0x2154 UrsChipidea - ok
13:51:41.0857 0x2154 UrsCx01000 - ok
13:51:41.0862 0x2154 UrsSynopsys - ok
13:51:41.0868 0x2154 usbccgp - ok
13:51:41.0872 0x2154 usbcir - ok
13:51:41.0877 0x2154 usbehci - ok
13:51:41.0882 0x2154 usbhub - ok
13:51:41.0889 0x2154 USBHUB3 - ok
13:51:41.0893 0x2154 usbohci - ok
13:51:41.0900 0x2154 usbprint - ok
13:51:41.0904 0x2154 usbscan - ok
13:51:41.0910 0x2154 usbser - ok
13:51:41.0916 0x2154 USBSTOR - ok
13:51:41.0922 0x2154 usbuhci - ok
13:51:41.0926 0x2154 USBXHCI - ok
13:51:41.0933 0x2154 UserDataSvc - ok
13:51:41.0948 0x2154 UserManager - ok
13:51:41.0954 0x2154 UsoSvc - ok
13:51:41.0958 0x2154 VaultSvc - ok
13:51:41.0980 0x2154 [ C261181C2F59ED42A71D76CF702B8CB3, CDCAFBB4EC0FC80C55E559DF4A36F30F137C788268BB0BD54E0406AABF92C7E4 ] VBoxDrv C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys
13:51:42.0039 0x2154 VBoxDrv - ok
13:51:42.0051 0x2154 [ ABB918FECFD7D19B090580D265B8B81E, D9F9119004E18FCB702913D8886682301C69955780CD44B329CC98C8B01F5F51 ] VBoxNetLwf C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys
13:51:42.0080 0x2154 VBoxNetLwf - ok
13:51:42.0088 0x2154 [ BC72D35ABDFE0F7F70D77F04C81D1567, C60B2BC9A3ECED25E6878E739FAF4C297FDB5DCB2D920238BA90C64AF1478CE9 ] VBoxUSBMon C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys
13:51:42.0116 0x2154 VBoxUSBMon - ok
13:51:42.0122 0x2154 [ 3C8E2C591345F38149C69FE8E5DF8C90, 9F4BB9BDA09CB2E99A6A888B288F322AE5C460B5D124CD714C6F00FF5029144B ] VClone C:\WINDOWS\System32\drivers\VClone.sys
13:51:42.0145 0x2154 VClone - ok
13:51:42.0152 0x2154 vdrvroot - ok
13:51:42.0158 0x2154 vds - ok
13:51:42.0166 0x2154 [ C0BB7F0C789AC778549DCC20B18A8DC0, 6C985B008488EB9766C4CE6709C37AF6ECCEDA7A69EB45627B1871D891D925DF ] veracrypt C:\WINDOWS\system32\drivers\veracrypt.sys
13:51:42.0193 0x2154 veracrypt - ok
13:51:42.0198 0x2154 VerifierExt - ok
13:51:42.0203 0x2154 vhdmp - ok
13:51:42.0209 0x2154 vhf - ok
13:51:42.0266 0x2154 [ 225E1E03B2AABE2D493FCDB459303701, 6123280A48E973AC9696954879CF5F791E6D52CBE0BD07F291437D1A82413891 ] VMAuthdService D:\Programme\VMware\vmware-authd.exe
13:51:42.0307 0x2154 VMAuthdService - ok
13:51:42.0312 0x2154 vmbus - ok
13:51:42.0317 0x2154 VMBusHID - ok
13:51:42.0324 0x2154 [ BE8E5E5D53ACF71D4E8E686B68C99B04, 4F30A360095FCB2627068FA6A65A951688058E8FDDF5CE895E2AE39500A413B1 ] vmci C:\WINDOWS\system32\drivers\vmci.sys
13:51:42.0340 0x2154 vmci - ok
13:51:42.0345 0x2154 vmicguestinterface - ok
13:51:42.0350 0x2154 vmicheartbeat - ok
13:51:42.0356 0x2154 vmickvpexchange - ok
13:51:42.0361 0x2154 vmicrdv - ok
13:51:42.0366 0x2154 vmicshutdown - ok
13:51:42.0372 0x2154 vmictimesync - ok
13:51:42.0376 0x2154 vmicvmsession - ok
13:51:42.0382 0x2154 vmicvss - ok
13:51:42.0387 0x2154 [ B6DE5224D881BF17ADDE4C88AE553423, AC9C113080313855BC93E99BEFAC4B942E93D8E4CF024607F596CA9D7F8F8A14 ] vmkbd C:\WINDOWS\system32\drivers\VMkbd.sys
13:51:42.0408 0x2154 vmkbd - ok
13:51:42.0415 0x2154 [ A3412EC3FF7A5AC2CA3A3951476BFA9C, 8A3D241168205B6B5348F44DF89875067CDD5B29BE8CF14ADA8403225AE2A379 ] VMnetAdapter C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys
13:51:42.0435 0x2154 VMnetAdapter - ok
13:51:42.0441 0x2154 [ F76AD463DBE8D30CB715A09DF9FF2BE9, 5B2184582496ED0EE8582C6AD3BCF49674690C585439B6F57B43ADC12DF941F6 ] VMnetBridge C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys
13:51:42.0463 0x2154 VMnetBridge - ok
13:51:42.0481 0x2154 [ 98E73D79FCD3D48E31EE999B5DF1B0ED, FBDC884BD9376C7E8727BACCF6482207166634F4B2644C8C794295094B29426E ] VMnetDHCP C:\WINDOWS\SysWOW64\vmnetdhcp.exe
13:51:42.0667 0x2154 VMnetDHCP - ok
13:51:42.0673 0x2154 [ B564A598B9B31E9358B2D6C9BC96D710, 19A9EFC08AE11A31169F712C577EBAFFF0A37311271FD46F02873286C8281DB7 ] VMnetuserif C:\WINDOWS\system32\drivers\vmnetuserif.sys
13:51:42.0694 0x2154 VMnetuserif - ok
13:51:42.0714 0x2154 [ 15D702F235BD1077007A180EEFB9DBB8, 610794EB9AF68789F46D193EF11B406D190096DF9EC557563798D625806D5704 ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
13:51:42.0752 0x2154 VMUSBArbService - ok
13:51:42.0768 0x2154 [ 0769FDF4C15D9EDD3CAAC148A8EDC2E5, 65E5CA9461C47491E83EBD755C10AE1665E71D2B73F2CE97A59B9E7380D42E8D ] VMware NAT Service C:\WINDOWS\SysWOW64\vmnat.exe
13:51:43.0003 0x2154 VMware NAT Service - ok
13:51:43.0009 0x2154 [ 8FCCBE30DC217C244CE38DD7F9B673C3, C1E6E65A435D764695C4B9411ED623D626D8A744E3E09752FBB66260D9ACE8D6 ] vmx86 C:\WINDOWS\system32\drivers\vmx86.sys
13:51:43.0029 0x2a90 Object required for P2P: [ DC675E90D41B261D78E04877F3A8B51D ] Synergy
13:51:43.0037 0x2154 vmx86 - ok
13:51:43.0043 0x2154 volmgr - ok
13:51:43.0049 0x2154 volmgrx - ok
13:51:43.0054 0x2154 volsnap - ok
13:51:43.0059 0x2154 vpci - ok
13:51:43.0064 0x2154 vsmraid - ok
13:51:43.0071 0x2154 [ 1C7DC94FDCABD06D24C3A532DC33FB34, 5403724E70ABBE1070958CA58496DB2237F35CAB37296E1ECB64D4A0FE432AC1 ] vsock C:\WINDOWS\system32\drivers\vsock.sys
13:51:43.0087 0x2154 vsock - ok
13:51:43.0092 0x2154 VSS - ok
13:51:43.0149 0x2154 [ 19D2D8B9F506193A191A8CFD14435ED1, 3359D167B314E14D6E99CA5C79BB5A1C2CEE88823346DD96C4F1B7CD4A2A5D2E ] VSStandardCollectorService140 D:\Programme\Visual Studio\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe
13:51:43.0187 0x2154 VSStandardCollectorService140 - ok
13:51:43.0195 0x2154 VSTXRAID - ok
13:51:43.0202 0x2154 vwifibus - ok
13:51:43.0210 0x2154 vwififlt - ok
13:51:43.0217 0x2154 vwifimp - ok
13:51:43.0225 0x2154 W32Time - ok
13:51:43.0231 0x2154 WacomPen - ok
13:51:43.0235 0x2154 WalletService - ok
13:51:43.0243 0x2154 wanarp - ok
13:51:43.0247 0x2154 wanarpv6 - ok
13:51:43.0252 0x2154 wbengine - ok
13:51:43.0259 0x2154 WbioSrvc - ok
13:51:43.0264 0x2154 Wcmsvc - ok
13:51:43.0270 0x2154 wcncsvc - ok
13:51:43.0276 0x2154 WcsPlugInService - ok
13:51:43.0280 0x2154 WdBoot - ok
13:51:43.0286 0x2154 Wdf01000 - ok
13:51:43.0291 0x2154 WdFilter - ok
13:51:43.0296 0x2154 WdiServiceHost - ok
13:51:43.0301 0x2154 WdiSystemHost - ok
13:51:43.0308 0x2154 wdiwifi - ok
13:51:43.0313 0x2154 WdNisDrv - ok
13:51:43.0317 0x2154 WdNisSvc - ok
13:51:43.0324 0x2154 WebClient - ok
13:51:43.0329 0x2154 Wecsvc - ok
13:51:43.0333 0x2154 WEPHOSTSVC - ok
13:51:43.0340 0x2154 wercplsupport - ok
13:51:43.0346 0x2154 WerSvc - ok
13:51:43.0351 0x2154 WFPLWFS - ok
13:51:43.0357 0x2154 WiaRpc - ok
13:51:43.0362 0x2154 WIMMount - ok
13:51:43.0365 0x2154 WinDefend - ok
13:51:43.0370 0x2154 WinDivert1.1 - ok
13:51:43.0381 0x2154 WindowsTrustedRT - ok
13:51:43.0386 0x2154 WindowsTrustedRTProxy - ok
13:51:43.0393 0x2154 WinHttpAutoProxySvc - ok
13:51:43.0397 0x2154 WinMad - ok
13:51:43.0404 0x2154 Winmgmt - ok
13:51:43.0410 0x2154 WinRM - ok
13:51:43.0419 0x2154 WINUSB - ok
13:51:43.0425 0x2154 WinVerbs - ok
13:51:43.0430 0x2154 WlanSvc - ok
13:51:43.0435 0x2154 wlidsvc - ok
13:51:43.0440 0x2154 WmiAcpi - ok
13:51:43.0448 0x2154 wmiApSrv - ok
13:51:43.0452 0x2154 WMPNetworkSvc - ok
13:51:43.0463 0x2154 [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof C:\WINDOWS\system32\drivers\Wof.sys
13:51:43.0673 0x2154 Wof - ok
13:51:43.0688 0x2154 workfolderssvc - ok
13:51:43.0696 0x2154 wpcfltr - ok
13:51:43.0705 0x2154 WPDBusEnum - ok
13:51:43.0711 0x2154 WpdUpFltr - ok
13:51:43.0716 0x2154 WpnService - ok
13:51:43.0722 0x2154 ws2ifsl - ok
13:51:43.0727 0x2154 wscsvc - ok
13:51:43.0732 0x2154 WSDPrintDevice - ok
13:51:43.0739 0x2154 WSearch - ok
13:51:43.0745 0x2154 WSService - ok
13:51:43.0751 0x2154 wuauserv - ok
13:51:43.0757 0x2154 WudfPf - ok
13:51:43.0761 0x2154 WUDFRd - ok
13:51:43.0766 0x2154 wudfsvc - ok
13:51:43.0772 0x2154 WUDFWpdFs - ok
13:51:43.0777 0x2154 WwanSvc - ok
13:51:43.0783 0x2154 XblAuthManager - ok
13:51:43.0789 0x2154 XblGameSave - ok
13:51:43.0794 0x2154 xboxgip - ok
13:51:43.0799 0x2154 XboxNetApiSvc - ok
13:51:43.0806 0x2154 xinputhid - ok
13:51:43.0814 0x2154 XSplit_Dummy - ok
13:51:43.0842 0x2154 ================ Scan global ===============================
13:51:43.0862 0x2154 [ Global ] - ok
13:51:43.0863 0x2154 ================ Scan MBR ==================================
13:51:43.0865 0x2154 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:51:43.0954 0x2154 \Device\Harddisk0\DR0 - ok
13:51:43.0977 0x2154 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
13:51:44.0047 0x2154 \Device\Harddisk1\DR1 - ok
13:51:44.0053 0x2154 [ 95CCC4DFCFB56093C9B019159268F03A ] \Device\Harddisk3\DR3
13:51:44.0146 0x2154 \Device\Harddisk3\DR3 - ok
13:51:44.0146 0x2154 ================ Scan VBR ==================================
13:51:44.0149 0x2154 [ 5763B6991C41E832EEC52143A786E2B0 ] \Device\Harddisk0\DR0\Partition1
13:51:44.0151 0x2154 \Device\Harddisk0\DR0\Partition1 - ok
13:51:44.0154 0x2154 [ BA549B2FBE1D3C214BBD52B875C4157E ] \Device\Harddisk0\DR0\Partition2
13:51:44.0155 0x2154 \Device\Harddisk0\DR0\Partition2 - ok
13:51:44.0159 0x2154 [ BD7FD0C25B193E8A1AC367628716C57F ] \Device\Harddisk1\DR1\Partition1
13:51:44.0200 0x2154 \Device\Harddisk1\DR1\Partition1 - ok
13:51:44.0201 0x2154 ================ Scan generic autorun ======================
13:51:44.0377 0x2154 [ 22EBD5AE3B3220D713E544D1D3AB3FEE, 9EF058B096DAA5C6242FBEB3DF509108180B1EB1EA252E63C437CF6C1B743BE0 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
13:51:44.0621 0x2154 RTHDVCPL - ok
13:51:44.0663 0x2154 [ 93787FF75E6323CF1D5467CA119CF76D, 9CBD2B9BF44FCE78AA87FD7A26A65AEE9DD04C43991142528F57FF9A0E2FC4A4 ] D:\Programme\Greenshot\Greenshot.exe
13:51:44.0757 0x2154 Greenshot - detected UnsignedFile.Multi.Generic ( 1 )
13:51:45.0572 0x2a90 Object send P2P result: true
13:51:47.0192 0x2154 Object required for P2P: [ 93787FF75E6323CF1D5467CA119CF76D ] D:\Programme\Greenshot\Greenshot.exe
13:51:49.0796 0x2154 Object send P2P result: true
13:51:49.0796 0x2154 Detect skipped due to KSN trusted
13:51:49.0796 0x2154 Greenshot - ok
13:51:49.0799 0x2154 [ 1E2B7E1F256CBC4B55DDD622FF5604EF, C25BF91080A382AAE78FB52C1E05737CC7ECE575D6243D0DC91769C4BAF36489 ] C:\Program Files (x86)\Raptr\raptrstub.exe
13:51:49.0830 0x2154 Raptr - ok
13:51:49.0936 0x2154 [ E76F43260D050DE1D5370AEF266EB3C8, DB30811E46BB55B03BEE97414A561B8DE2136E16764514CC3A4DF056BD5E0859 ] D:\Programme\EaseUS Partition Master 10.8\bin\EpmNews.exe
13:51:50.0068 0x2154 EaseUS EPM tray - ok
13:51:50.0090 0x2154 [ B8968E6FDADE1F0E4566E0A948A12176, 2677B3D16C1B090DDB07C2939A6B7D20B08364A2CBCA5A1A40575A5678C5498E ] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
13:51:50.0231 0x2154 BlueStacks Agent - ok
13:51:50.0246 0x2154 [ 1BFC269826DF9E8340796BFF5EBC6C87, 60817E6FA576E8981C15D4BA7BB031E6BAFA57F8DC8A438A2E1F8C137B289A3E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
13:51:50.0528 0x2154 SunJavaUpdateSched - ok
13:51:50.0547 0x2154 [ EA4F9B19B3614349C79CC97DCA4C23A8, EC330F2E4F002FE450CDC1FC84AC0122C21C7912A483A99143450822004795E3 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
13:51:50.0580 0x2154 StartCCC - ok
13:51:50.0677 0x2154 [ 3BD79A1F6D2EA0FDDEA3F8914B2A6A0C, 332E6806EFF846A2E6D0DC04A70D3503855DABFA83E6EC27F37E2D9103E80E51 ] D:\Programme\VirtualCloneDrive\VCDDaemon.exe
13:51:50.0733 0x2154 VirtualCloneDrive - ok
13:51:50.0762 0x2154 [ 525F5D4EC803FA5B03CF7E51FF7A71A1, 8A7961897469F1631CEE5AF66937ED73011928B627897C9794611A02912AB8F6 ] C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe
13:51:50.0887 0x2154 Sophos AutoUpdate Monitor - ok
13:51:50.0900 0x2154 OneDriveSetup - ok
13:51:50.0903 0x2154 OneDriveSetup - ok
13:51:50.0955 0x2154 [ 192B8235DEBCE406086D798874D57FEF, 5C82653D0255BE54B55E2A016D17068683375F88882B471B998C161ABD953F92 ] D:\Programme\WinPatrol\winpatrol.exe
13:51:50.0999 0x1fac Object required for P2P: [ C0BB7F0C789AC778549DCC20B18A8DC0 ] veracrypt
13:51:51.0022 0x2154 WinPatrol - ok
13:51:51.0307 0x2154 [ 3207A86C13347CE6DE26D06BCBFE0E02, A5F9B0B03844FA51B345BAAB16F7AD80272C061CE00447ACD1B8292B8C7D0C6E ] C:\Program Files (x86)\eM Client\MailClient.exe
13:51:52.0489 0x2154 eM Client - ok
13:51:52.0757 0x2154 [ F8C53D4AD87A2955C3DB857545B0E3DE, B3652296CB7C1310E8544539029DDD2BF8B6164E8ACEE7F3EBC936F83C80C7BC ] D:\Programme\FileHippo.com\FileHippo.AppManager.exe
13:51:53.0576 0x1fac Object send P2P result: true
13:51:53.0953 0x2154 FileHippo.com - ok
13:51:54.0004 0x2154 [ 8FE478638E87F790EF1BBE01BD60D22C, 71DC3E183BDBE5A3F38210B1B069522802288542E007F307D4E27940BF52F504 ] C:\Users\Fabian\AppData\Roaming\BitTorrent\BitTorrent.exe
13:51:55.0637 0x2154 BitTorrent - ok
13:51:55.0670 0x2154 [ FDE87ECFEBD958C22EE96C83C75CFD68, EA521538A177A676291DB9E5FA4373E799059E47D1A60C170FD6B69E7CD6F58E ] C:\Users\Fabian\AppData\Roaming\Spotify\SpotifyWebHelper.exe
13:51:55.0818 0x2154 Spotify Web Helper - ok
13:51:55.0837 0x2154 [ 85456F8A40C3248C63E34A733AE96833, 1548FB3A219363D552ED408E1A9067E5710E209CEF3803201B9931A131E4603C ] C:\Program Files\Sandboxie\SbieCtrl.exe
13:51:55.0876 0x2154 SandboxieControl - ok
13:51:55.0888 0x2154 [ 0A81DF13C4AEAC053C0DCE6240DC05D4, 13900D6FA1E9221236E79567DB0C6143AB7FECD4431CA295C33A039D1170E06B ] C:\Program Files\CyberGhost 5\CyberGhost.exe
13:51:55.0991 0x2154 CyberGhost - ok
13:51:55.0994 0x2154 Waiting for KSN requests completion. In queue: 14
13:51:56.0995 0x2154 Waiting for KSN requests completion. In queue: 14
13:51:57.0995 0x2154 Waiting for KSN requests completion. In queue: 14
13:51:59.0043 0x2154 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x62100 ( disabled : updated )
13:51:59.0045 0x2154 AV detected via SS2: Sophos Home, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\WSCClient.exe ( 10.5.1.0 ), 0x51000 ( enabled : updated )
13:51:59.0050 0x2154 Win FW state via NFP2: enabled ( trusted )
13:52:01.0562 0x2154 ============================================================
13:52:01.0562 0x2154 Scan finished
13:52:01.0562 0x2154 ============================================================
13:52:01.0578 0x230c Detected object count: 0
13:52:01.0579 0x230c Actual detected object count: 0
__________________ Mfg, Kaskadeking |
|
06.03.2016, 14:28
| #15 |
| /// TB-Ausbilder /// Anleitungs-Guru | Probleme mit Internetbrowser Jetzt bitte Suchscan durchführen: Schritt 1 ESET Online Scanner
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
| Themen zu Probleme mit Internetbrowser |
| bluestacks, bonjour, browser, dnsapi.dll, down, error, excel, firefox, flash player, google, home, installation, malware, mozilla, problem, prozess, prozesse, realtek, registry, scan, server, software, svchost.exe, system, taskmanager, ublock, ublock origin, windows, windowsapps, zugriff verweigert |
Linear-Darstellung
