API tools faq
paste
Guest User

Untitled

a guest
Jul 6th, 2018
4,589
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 48.75 KB | None | 0 0
raw download clone embed print report
  1. Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20.06.2018
  2. durchgeführt von Pati & Krystian (06-07-2018 14:19:00)
  3. Gestartet von C:\Users\Pati & Krystian\Downloads
  4. Windows 10 Home Version 1803 17134.112 (X64) (2018-05-19 23:29:23)
  5. Start-Modus: Normal
  6. ==========================================================
  7.  
  8.  
  9. ==================== Konten: =============================
  10.  
  11. Administrator (S-1-5-21-4100461449-3338348580-375247465-500 - Administrator - Disabled)
  12. DefaultAccount (S-1-5-21-4100461449-3338348580-375247465-503 - Limited - Disabled)
  13. Gast (S-1-5-21-4100461449-3338348580-375247465-501 - Limited - Disabled)
  14. Pati & Krystian (S-1-5-21-4100461449-3338348580-375247465-1001 - Administrator - Enabled) => C:\Users\Pati & Krystian
  15. postgres (S-1-5-21-4100461449-3338348580-375247465-1003 - Limited - Enabled) => C:\Users\postgres
  16. WDAGUtilityAccount (S-1-5-21-4100461449-3338348580-375247465-504 - Limited - Disabled)
  17.  
  18. ==================== Sicherheits-Center ========================
  19.  
  20. (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
  21.  
  22. AV: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {EA21BCE8-A461-99C3-3A0D-4C964E75494E}
  23. AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  24. AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
  25. AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
  26. AS: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {51405D0C-825B-964D-00BD-77E435F203F3}
  27. AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  28.  
  29. ==================== Installierte Programme ======================
  30.  
  31. (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
  32.  
  33. 7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
  34. Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 18.011.20040 - Adobe Systems Incorporated)
  35. Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.5.1 - Adobe Systems Incorporated)
  36. Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
  37. Apple Application Support (32-bit) (HKLM-x32\...\{543F829B-4591-4B2F-AF63-6E6E6AE59EB2}) (Version: 6.4 - Apple Inc.)
  38. Apple Application Support (64-bit) (HKLM\...\{0ECA3BB5-4410-414B-B226-241FF1C12CD0}) (Version: 6.4 - Apple Inc.)
  39. Apple Mobile Device Support (HKLM\...\{64695C4A-C68F-46B5-A734-50EBF124A68E}) (Version: 11.3.3.4 - Apple Inc.)
  40. Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
  41. Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 1.0.1 - Bitdefender)
  42. Bitdefender Antivirus Free (HKLM\...\{1FCCF41D-5F00-4FE2-9653-162D0486C8B4}) (Version: 1.0.11.16 - Bitdefender)
  43. Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
  44. CCleaner (HKLM\...\CCleaner) (Version: 5.42 - Piriform)
  45. Deluge 1.3.15 (HKLM-x32\...\Deluge) (Version: - )
  46. Epic Games Launcher (HKLM-x32\...\{93BFE5DF-776E-436F-8693-DF1F72C0E3C1}) (Version: 1.1.151.0 - Epic Games, Inc.)
  47. Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
  48. f.lux (HKU\S-1-5-21-4100461449-3338348580-375247465-1001\...\Flux) (Version: - f.lux Software LLC)
  49. Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
  50. Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
  51. Holdem Manager 2 (HKLM-x32\...\HoldemManager2) (Version: - )
  52. Holdem Manager 3 (HKLM-x32\...\{F1A0512A-1DDC-4C61-887E-20A9F271703A}) (Version: 3.0.5345.0 - Max Value Software)
  53. iCloud (HKLM\...\{C8127F91-0244-4FF0-8014-0C432E15E09D}) (Version: 7.5.0.34 - Apple Inc.)
  54. iTunes (HKLM\...\{EA44188A-5042-4CFB-8F8D-AF048872B7A7}) (Version: 12.7.5.9 - Apple Inc.)
  55. Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
  56. JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
  57. Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
  58. Lightworks (HKLM-x32\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 14.0.0.0 - EditShare)
  59. Malwarebytes (wersja 3.5.1.2522) (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
  60. Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.10228.20080 - Microsoft Corporation)
  61. Microsoft OneDrive (HKU\S-1-5-21-4100461449-3338348580-375247465-1001\...\OneDriveSetup.exe) (Version: 18.091.0506.0007 - Microsoft Corporation)
  62. Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
  63. Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
  64. Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
  65. Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
  66. Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
  67. Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
  68. Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
  69. Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
  70. Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
  71. Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
  72. Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
  73. Mozilla Firefox 58.0.2 (x64 pl) (HKLM\...\Mozilla Firefox 58.0.2 (x64 pl)) (Version: 58.0.2 - Mozilla)
  74. Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.2 - Mozilla)
  75. NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - )
  76. Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10228.20080 - Microsoft Corporation) Hidden
  77. Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10228.20080 - Microsoft Corporation) Hidden
  78. Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10228.20080 - Microsoft Corporation) Hidden
  79. Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.10228.20080 - Microsoft Corporation) Hidden
  80. PokerStars.uk (HKLM-x32\...\PokerStars.uk) (Version: - PokerStars.uk)
  81. PostgreSQL 8.4 (HKLM-x32\...\PostgreSQL 8.4) (Version: 8.4 - PostgreSQL Global Development Group)
  82. PowerISO (HKLM-x32\...\PowerISO) (Version: 7.2 - Power Software Ltd)
  83. Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.28162 - Realtek Semiconduct Corp.)
  84. Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8372 - Realtek Semiconductor Corp.)
  85. Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
  86. Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.1 - Synaptics Incorporated)
  87. TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.8 - TeamSpeak Systems GmbH)
  88. VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
  89. Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
  90.  
  91. ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
  92.  
  93. (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
  94.  
  95. CustomCLSID: HKU\S-1-5-21-4100461449-3338348580-375247465-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
  96. CustomCLSID: HKU\S-1-5-21-4100461449-3338348580-375247465-1001_Classes\CLSID\{c31ca596-532d-a36f-e223-ce16b9ac70a56}\InprocServer32 -> 0xC904A1D63190D3012D09EA72F5E9D3010B0000000E00000000000000 => Keine Datei
  97. ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
  98. ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-05-23] (Apple Inc.)
  99. ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2018-06-15] (Power Software Ltd)
  100. ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
  101. ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
  102. ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2018-06-15] (Power Software Ltd)
  103. ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
  104. ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-04] (Intel Corporation)
  105. ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-15] (NVIDIA Corporation)
  106. ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
  107. ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
  108. ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2018-06-15] (Power Software Ltd)
  109.  
  110. ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
  111.  
  112. (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
  113.  
  114. Task: {03C1F0A5-9182-4D34-8DFC-778AA183720D} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
  115. Task: {25769286-4217-4D72-8050-D4143D1059ED} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-06-20] (Microsoft Corporation)
  116. Task: {257D83C2-D7F7-4E98-96AA-D0924C4551AC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
  117. Task: {34002836-1506-4BC1-A332-45FDA5367DE2} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-06-29] (Microsoft Corporation)
  118. Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
  119. Task: {760E658D-292F-40FB-B513-5DBF18255E10} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-06-29] (Microsoft Corporation)
  120. Task: {94C015B0-3E4C-4885-B9C8-C6940F634453} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-06-29] (Microsoft Corporation)
  121. Task: {A70CDD6C-E197-4B8E-B090-8B3529F20250} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe [2018-06-29] (Microsoft Corporation)
  122. Task: {C7D0C89F-42EF-4E70-9EC1-119DD68F6385} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
  123. Task: {DDE5E332-52BC-4880-BAC0-79AE74FF791F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-06-20] (Microsoft Corporation)
  124. Task: {E21F5AA7-62C2-48B1-913F-F85A539817EB} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-06-29] (Microsoft Corporation)
  125. Task: {E6BD830C-20C7-48F2-8E21-DAE2FFA5CE56} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2018-05-16] (Bitdefender)
  126. Task: {F2DE3140-CF59-4E49-8B4D-A38979D364D3} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-04-12] (Piriform Ltd)
  127. Task: {F3C6B9F6-3E04-45CC-829A-D03F5779A293} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
  128.  
  129. (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
  130.  
  131.  
  132. ==================== Verknüpfungen & WMI ========================
  133.  
  134. (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
  135.  
  136.  
  137. Shortcut: C:\Users\Pati & Krystian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Holdem Manager 3\Copy HM3 Log files to Desktop.lnk -> C:\Program Files (x86)\Holdem Manager 3\HM3_Utilities\HM3CopyLogFiles.bat ()
  138.  
  139. ==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
  140.  
  141. 2018-01-05 01:14 - 2018-01-05 01:14 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
  142. 2018-03-16 15:19 - 2018-03-16 15:19 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
  143. 2018-07-04 07:41 - 2018-07-04 08:39 - 000278280 _____ () C:\Program Files\Bitdefender Antivirus Free\txmlutil.dll
  144. 2018-07-04 07:41 - 2018-07-04 07:51 - 000992704 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\OTEngines_02639_001\ashttpbr.mdl
  145. 2018-07-04 07:41 - 2018-07-04 07:51 - 000543344 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\OTEngines_02639_001\ashttpdsp.mdl
  146. 2018-07-04 07:41 - 2018-07-04 07:51 - 003228632 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\OTEngines_02639_001\ashttpph.mdl
  147. 2018-07-04 07:41 - 2018-07-04 07:51 - 001527808 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\OTEngines_02639_001\ashttprbl.mdl
  148. 2018-07-06 09:55 - 2018-05-30 09:22 - 002493648 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
  149. 2018-07-06 09:56 - 2018-04-25 13:16 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
  150. 2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
  151. 2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
  152. 2018-04-12 00:34 - 2018-04-12 00:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
  153. 2018-06-13 07:49 - 2018-06-08 09:56 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
  154. 2018-05-22 07:18 - 2018-05-22 07:18 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
  155. 2018-05-22 07:18 - 2018-05-22 07:18 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
  156. 2018-05-22 07:18 - 2018-05-22 07:18 - 022374400 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkyWrap.dll
  157. 2018-05-22 07:18 - 2018-05-22 07:18 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\skypert.dll
  158. 2018-05-22 07:18 - 2018-05-22 07:18 - 000654848 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
  159. 2018-06-27 12:36 - 2018-06-27 12:37 - 027126784 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
  160. 2018-06-27 12:36 - 2018-06-27 12:37 - 000306176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.10711.0_x64__8wekyb3d8bbwe\SharedUI.dll
  161. 2018-06-27 12:36 - 2018-06-27 12:36 - 006735872 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.10711.0_x64__8wekyb3d8bbwe\EntCommon.dll
  162. 2018-01-12 15:15 - 2018-01-12 15:16 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.10711.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
  163. 2018-06-27 12:36 - 2018-06-27 12:36 - 009360384 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.10711.0_x64__8wekyb3d8bbwe\EntPlat.dll
  164. 2018-06-09 14:30 - 2018-06-09 14:31 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
  165. 2018-06-09 14:30 - 2018-06-09 14:31 - 067232256 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
  166. 2018-01-12 16:22 - 2018-01-12 16:25 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
  167. 2018-05-05 05:52 - 2018-05-05 05:54 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll
  168. 2018-05-30 18:15 - 2018-05-30 18:18 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
  169. 2018-05-30 18:15 - 2018-05-30 18:16 - 004214784 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
  170. 2018-05-30 18:15 - 2018-05-30 18:18 - 000035840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
  171. 2018-04-05 20:47 - 2018-04-05 20:50 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
  172. 2018-06-09 14:30 - 2018-06-09 14:32 - 014851072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
  173. 2018-05-30 18:15 - 2018-05-30 18:16 - 004058624 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\MediaEngine.dll
  174. 2018-06-09 14:30 - 2018-06-09 14:30 - 003266048 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
  175. 2018-05-30 18:15 - 2018-05-30 18:18 - 001393664 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
  176. 2018-05-30 18:15 - 2018-05-30 18:18 - 004218080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
  177. 2018-05-30 18:15 - 2018-05-30 18:18 - 000872448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
  178. 2018-06-09 14:30 - 2018-06-09 14:32 - 000165376 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\SKU.dll
  179. 2018-05-30 18:15 - 2018-05-30 18:16 - 000103424 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\BendRealityNode.dll
  180. 2018-04-05 20:47 - 2018-04-05 20:50 - 000043008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
  181. 2018-06-27 12:34 - 2018-06-27 12:35 - 000093696 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11805.1001.42.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
  182. 2018-06-27 12:34 - 2018-06-27 12:35 - 002447072 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11805.1001.42.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
  183. 2018-06-27 12:34 - 2018-06-27 12:35 - 007813632 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11805.1001.42.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
  184. 2018-05-20 00:53 - 2018-05-20 00:53 - 004193792 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1805.1201.0_x64__8wekyb3d8bbwe\Calculator.exe
  185. 2018-05-02 16:29 - 2018-05-02 16:29 - 000634880 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1805.1201.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
  186. 2018-01-18 08:37 - 2014-07-22 10:00 - 000172032 _____ () c:\postgreSQL\bin\LIBPQ.dll
  187. 2018-01-18 08:38 - 2012-08-14 14:19 - 000999424 _____ () c:\postgreSQL\bin\libxml2.dll
  188.  
  189. ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
  190.  
  191. (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
  192.  
  193. AlternateDataStreams: C:\Users\Public\AppData:CSM [476]
  194.  
  195. ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
  196.  
  197. (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
  198.  
  199. HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
  200. HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
  201.  
  202. ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
  203.  
  204. (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
  205.  
  206.  
  207. ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
  208.  
  209. (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
  210.  
  211.  
  212. ==================== Hosts Inhalt: ===============================
  213.  
  214. (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
  215.  
  216. 2017-09-29 14:46 - 2018-07-01 13:40 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
  217.  
  218.  
  219. ==================== Andere Bereiche ============================
  220.  
  221. (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
  222.  
  223. HKU\S-1-5-21-4100461449-3338348580-375247465-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Pati & Krystian\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\IMG_3816.JPG
  224. HKU\S-1-5-21-4100461449-3338348580-375247465-1003\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
  225. DNS Servers: 192.168.0.1
  226. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
  227. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
  228. Windows Firewall ist aktiviert.
  229.  
  230. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
  231.  
  232. HKLM\...\StartupApproved\StartupFolder: => "ScpToolkit Tray Notifications.lnk"
  233. HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
  234. HKLM\...\StartupApproved\Run: => "iTunesHelper"
  235. HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
  236. HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
  237. HKU\S-1-5-21-4100461449-3338348580-375247465-1001\...\StartupApproved\Run: => "AceStream"
  238. HKU\S-1-5-21-4100461449-3338348580-375247465-1001\...\StartupApproved\Run: => "OneDrive"
  239. HKU\S-1-5-21-4100461449-3338348580-375247465-1001\...\StartupApproved\Run: => "Discord"
  240. HKU\S-1-5-21-4100461449-3338348580-375247465-1001\...\StartupApproved\Run: => "HoldemManager.Server"
  241. HKU\S-1-5-21-4100461449-3338348580-375247465-1001\...\StartupApproved\Run: => "iCloudPhotos"
  242. HKU\S-1-5-21-4100461449-3338348580-375247465-1001\...\StartupApproved\Run: => "ApplePhotoStreams"
  243. HKU\S-1-5-21-4100461449-3338348580-375247465-1001\...\StartupApproved\Run: => "iCloudDrive"
  244. HKU\S-1-5-21-4100461449-3338348580-375247465-1001\...\StartupApproved\Run: => "iCloudServices"
  245. HKU\S-1-5-21-4100461449-3338348580-375247465-1001\...\StartupApproved\Run: => "FACEIT"
  246. HKU\S-1-5-21-4100461449-3338348580-375247465-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
  247. HKU\S-1-5-21-4100461449-3338348580-375247465-1001\...\StartupApproved\Run: => "vidnotifier.exe"
  248. HKU\S-1-5-21-4100461449-3338348580-375247465-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
  249.  
  250. ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
  251.  
  252. (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
  253.  
  254. FirewallRules: [{DCC64EF3-112F-498D-A78C-B5C6DA462D84}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
  255. FirewallRules: [{F3E61A1F-BB07-4D9A-A687-C077FABA7589}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
  256. FirewallRules: [{2217BC20-46EB-4C7B-A006-2AC31E552F1E}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe
  257. FirewallRules: [{64287812-E8C9-4745-AE25-BFD22E66E989}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe
  258. FirewallRules: [{542C0F05-47F5-4489-BA9D-C2DDEE916260}] => (Allow) C:\Program Files\Lightworks\lightworks.exe
  259. FirewallRules: [{6B3F1AFD-2C3F-4B66-83EB-7B3763DC84CD}] => (Allow) C:\Program Files\Lightworks\lightworks.exe
  260. FirewallRules: [{7B48B8E6-63D9-4A1A-A21B-136C7207B79A}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe
  261. FirewallRules: [{03F2D2EF-6DF6-4EB7-9E03-F3E57BC4805E}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe
  262. FirewallRules: [{43E21725-F6D5-412B-BD46-0DF9557F8FD7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
  263. FirewallRules: [{907378D6-570D-4CB7-8DCF-6EC7EE149456}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
  264. FirewallRules: [{87F2D123-EB97-46E7-A099-069B64687A27}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
  265. FirewallRules: [{756FC7B9-5C7C-4231-AC1B-E108D50C09DA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
  266. FirewallRules: [{A3A4ADF5-0EB4-4654-953B-B4BD63DD15E1}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
  267. FirewallRules: [{FFEF005D-C3D3-414B-B15C-034513146737}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
  268. FirewallRules: [{61614750-D7F9-4752-A3F4-25275FF338F6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
  269. FirewallRules: [{DC03B85A-B88E-41F0-94E6-9E3649E2FD45}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
  270. FirewallRules: [UDP Query User{B4798005-3CE0-44AB-B555-3D695FE4D849}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
  271. FirewallRules: [TCP Query User{B912FF38-FA30-4401-8B4A-A2B3467C0A35}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
  272. FirewallRules: [{A2279BCF-1DE9-44FC-ACB3-A46EAD36F4DC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
  273. FirewallRules: [{307B02C0-AE70-4F4A-85D7-D4FF4E0E2ACE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
  274. FirewallRules: [{287D18F6-D193-402F-BA16-66B7EA6393C4}] => (Allow) LPort=5432
  275. FirewallRules: [{77F7118E-AE90-4E1C-B989-1000ABA2EE85}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
  276. FirewallRules: [{4CF6DF10-861B-4157-80A2-B56077C6CFD3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
  277. FirewallRules: [{24072076-0D79-47C5-88EF-40E775462DD5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
  278. FirewallRules: [{6B9C6F05-FDA9-4E4C-9C80-C7E0A2EAA4B8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
  279. FirewallRules: [UDP Query User{03FD713A-2D08-4FCF-B51F-79DA934BBCD5}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
  280. FirewallRules: [TCP Query User{D227890A-7FC4-4FA6-B3E3-A2250DC11906}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
  281. FirewallRules: [UDP Query User{8A10CACD-8592-4212-A935-6CA148BE888E}C:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe
  282. FirewallRules: [TCP Query User{A15D838B-33D5-436B-9419-AE38854C63C4}C:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe
  283. FirewallRules: [TCP Query User{C3BA8CB9-35EB-4BFA-9D97-A3BAC6272845}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
  284. FirewallRules: [UDP Query User{BED66C56-2A17-4D68-8A88-74E9E3F5A5E0}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
  285. FirewallRules: [TCP Query User{E474311A-01DC-419F-A8A2-DEAB3088CA07}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
  286. FirewallRules: [UDP Query User{E746B34C-284E-4768-8D71-16AB06E88EA5}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
  287. FirewallRules: [TCP Query User{6AA0AB8C-28B1-4F80-B18E-23B955B0D680}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
  288. FirewallRules: [UDP Query User{2CB8C41E-7FFD-4056-8A43-843668A5E6F9}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
  289. FirewallRules: [{C49F488C-693C-4E82-88D1-F8D27EFF2F0F}] => (Allow) C:\Program Files\iTunes\iTunes.exe
  290. FirewallRules: [TCP Query User{F2E1492B-4DFE-4BBF-809E-41E6D6BE4A0D}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
  291. FirewallRules: [UDP Query User{A85618B5-E65C-412C-B308-9E7E2D044801}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
  292. FirewallRules: [{D4F32C3A-045D-409C-8DF5-5D3F378DE9B8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  293. FirewallRules: [{0AF7DE9E-B17E-4B19-A0BC-4707E382BD0D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe
  294. FirewallRules: [{83749E8F-DB61-4A31-B7E1-8C0E57AEA88F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe
  295. FirewallRules: [{A3C9F753-270C-4E0E-8B45-6DA97C32BFEA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe
  296. FirewallRules: [{BBEDA45A-F57B-4203-97F1-435827A5B897}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe
  297. FirewallRules: [{002CF790-EF0D-4B4E-BD8A-71653A6F4458}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe
  298. FirewallRules: [{AADD2B5A-B3EF-4861-849C-83984D72A851}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe
  299. FirewallRules: [{F5031B75-C492-49D6-A18A-7EFCAF02791B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe
  300. FirewallRules: [{2E0FD89A-B5A6-49D6-9E74-4D6793BCE4B5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe
  301. FirewallRules: [{6303FB5D-D036-40C2-BC89-79EB0ED27E69}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
  302. FirewallRules: [{BC817E22-9B25-4A92-8E91-FF1C94932A95}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
  303. FirewallRules: [TCP Query User{9A8DB8AB-CEE7-4A56-B768-F1AC9427F012}C:\users\pati & krystian\downloads\tjoc- r beta 0.1.0\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) C:\users\pati & krystian\downloads\tjoc- r beta 0.1.0\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe
  304. FirewallRules: [UDP Query User{5866205F-CCFE-47AC-BFBA-7B16B0543203}C:\users\pati & krystian\downloads\tjoc- r beta 0.1.0\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) C:\users\pati & krystian\downloads\tjoc- r beta 0.1.0\windowsnoeditor\engine\binaries\win64\ue4game-win64-shipping.exe
  305. FirewallRules: [{F88F13E8-E9C0-4F2B-8F24-3D56B95F3F01}] => (Allow) LPort=1688
  306.  
  307. ==================== Wiederherstellungspunkte =========================
  308.  
  309. 13-06-2018 07:46:31 Windows Update
  310. 27-06-2018 17:17:42 Geplanter Prüfpunkt
  311. 02-07-2018 09:39:25 Windows Update
  312. 04-07-2018 07:23:06 Driver Booster : Realtek PCIe GBE Family Controller
  313. 06-07-2018 09:49:32 Removed Holdem Manager 3
  314.  
  315. ==================== Fehlerhafte Geräte im Gerätemanager =============
  316.  
  317. Name:
  318. Description:
  319. Class Guid:
  320. Manufacturer:
  321. Service:
  322. Problem: : The drivers for this device are not installed. (Code 28)
  323. Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
  324.  
  325.  
  326. ==================== Fehlereinträge in der Ereignisanzeige: =========================
  327.  
  328. Applikationsfehler:
  329. ==================
  330. Error: (07/06/2018 10:49:10 AM) (Source: PostgreSQL) (EventID: 0) (User: )
  331. Description: 2018-07-06 10:49:10 BSTFATAL: the database system is starting up
  332.  
  333. Error: (07/06/2018 10:47:07 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1512) (User: NT AUTHORITY)
  334. Description: Windows cannot unload your registry file. The memory used by the registry has not been freed. This problem is often caused by services running as a user account. Try configuring services to run in either the LocalService or NetworkService account.
  335.  
  336. DETAIL - Zugriff verweigert
  337.  
  338. Error: (07/06/2018 10:47:07 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1512) (User: NT AUTHORITY)
  339. Description: Windows cannot unload your registry file. The memory used by the registry has not been freed. This problem is often caused by services running as a user account. Try configuring services to run in either the LocalService or NetworkService account.
  340.  
  341. DETAIL - Zugriff verweigert
  342.  
  343. Error: (07/06/2018 09:57:27 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
  344. Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
  345.  
  346. Details:
  347. AddWin32ServiceFiles: Unable to back up image of service NVIDIA Display Driver Service since QueryServiceConfig API failed
  348.  
  349. System Error:
  350. Das System kann die angegebene Datei nicht finden.
  351. .
  352.  
  353. Error: (07/06/2018 08:45:23 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-0F1FTS5)
  354. Description: httphttp-2147467263
  355.  
  356. Error: (07/06/2018 08:45:23 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-0F1FTS5)
  357. Description: httphttp-2147467263
  358.  
  359. Error: (07/06/2018 08:45:23 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-0F1FTS5)
  360. Description: httphttp-2147467263
  361.  
  362. Error: (07/05/2018 10:08:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
  363. Description: Task Scheduling Error: m->NextScheduledSPRetry 10031
  364.  
  365.  
  366. Systemfehler:
  367. =============
  368. Error: (07/06/2018 02:16:02 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-0F1FTS5)
  369. Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
  370. {D63B10C5-BB46-4990-A94F-E40B9D520160}
  371. and APPID
  372. {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
  373. to the user DESKTOP-0F1FTS5\Pati & Krystian SID (S-1-5-21-4100461449-3338348580-375247465-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
  374.  
  375. Error: (07/06/2018 10:52:12 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
  376. Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
  377. Windows.SecurityCenter.WscBrokerManager
  378. and APPID
  379. Unavailable
  380. to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
  381.  
  382. Error: (07/06/2018 10:49:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
  383. Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error:
  384. The service did not respond to the start or control request in a timely fashion.
  385.  
  386. Error: (07/06/2018 10:49:41 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
  387. Description: A timeout was reached (30000 milliseconds) while waiting for the FontCache3.0.0.0 service to connect.
  388.  
  389. Error: (07/06/2018 07:29:34 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
  390. Description: The Anwendungsspezifisch permission settings do not grant Lokal Aktivierung permission for the COM Server application with CLSID
  391. {D63B10C5-BB46-4990-A94F-E40B9D520160}
  392. and APPID
  393. {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
  394. to the user NT-AUTORITÄT\Lokaler Dienst SID (S-1-5-19) from address LocalHost (unter Verwendung von LRPC) running in the application container Nicht verfügbar SID (Nicht verfügbar). This security permission can be modified using the Component Services administrative tool.
  395.  
  396. Error: (07/06/2018 07:27:17 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-0F1FTS5)
  397. Description: The Anwendungsspezifisch permission settings do not grant Lokal Aktivierung permission for the COM Server application with CLSID
  398. {D63B10C5-BB46-4990-A94F-E40B9D520160}
  399. and APPID
  400. {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
  401. to the user DESKTOP-0F1FTS5\Pati & Krystian SID (S-1-5-21-4100461449-3338348580-375247465-1001) from address LocalHost (unter Verwendung von LRPC) running in the application container Nicht verfügbar SID (Nicht verfügbar). This security permission can be modified using the Component Services administrative tool.
  402.  
  403. Error: (07/06/2018 07:23:22 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
  404. Description: The Anwendungsspezifisch permission settings do not grant Lokal Aktivierung permission for the COM Server application with CLSID
  405. {D63B10C5-BB46-4990-A94F-E40B9D520160}
  406. and APPID
  407. {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
  408. to the user NT-AUTORITÄT\Lokaler Dienst SID (S-1-5-19) from address LocalHost (unter Verwendung von LRPC) running in the application container Nicht verfügbar SID (Nicht verfügbar). This security permission can be modified using the Component Services administrative tool.
  409.  
  410. Error: (07/05/2018 10:00:43 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-0F1FTS5)
  411. Description: The Anwendungsspezifisch permission settings do not grant Lokal Aktivierung permission for the COM Server application with CLSID
  412. {D63B10C5-BB46-4990-A94F-E40B9D520160}
  413. and APPID
  414. {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
  415. to the user DESKTOP-0F1FTS5\Pati & Krystian SID (S-1-5-21-4100461449-3338348580-375247465-1001) from address LocalHost (unter Verwendung von LRPC) running in the application container Nicht verfügbar SID (Nicht verfügbar). This security permission can be modified using the Component Services administrative tool.
  416.  
  417.  
  418. Windows Defender:
  419. ===================================
  420. Date: 2018-07-04 07:43:37.153
  421. Description:
  422. Windows Defender Antivirus has detected malware or other potentially unwanted software.
  423. For more information please see the following:
  424. https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS.A&threatid=2147726953&enterprise=0
  425. Name: HackTool:Win32/AutoKMS.A
  426. ID: 2147726953
  427. Severity: Hoch
  428. Category: Tool
  429. Path: file:_C:\Program Files\KMSpico\KMSELDI.exe->[MSILRES:KMSELDI.SECOH-QAD.x64.dll];file:_C:\Program Files\KMSpico\Service_KMS.exe->[MSILRES:Service_KMS.SECOH-QAD.x64.dll]
  430. Detection Origin: Local machine
  431. Detection Type: Concrete
  432. Detection Source: Real-Time Protection
  433. Process Name: C:\Program Files\Bitdefender Antivirus Free\kitinstaller\BPInstaller.exe
  434. Signature Version: AV: 1.271.454.0, AS: 1.271.454.0, NIS: 1.271.454.0
  435. Engine Version: AM: 1.1.15000.2, NIS: 1.1.15000.2
  436.  
  437. Date: 2018-07-04 07:37:12.079
  438. Description:
  439. Windows Defender Antivirus has detected malware or other potentially unwanted software.
  440. For more information please see the following:
  441. https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS.A&threatid=2147726953&enterprise=0
  442. Name: HackTool:Win32/AutoKMS.A
  443. ID: 2147726953
  444. Severity: Hoch
  445. Category: Tool
  446. Path: file:_C:\Program Files\KMSpico\Service_KMS.exe->[MSILRES:Service_KMS.SECOH-QAD.x64.dll]
  447. Detection Origin: Local machine
  448. Detection Type: Concrete
  449. Detection Source: Real-Time Protection
  450. Process Name: C:\Program Files\Bitdefender Antivirus Free\kitinstaller\BPInstaller.exe
  451. Signature Version: AV: 1.271.454.0, AS: 1.271.454.0, NIS: 1.271.454.0
  452. Engine Version: AM: 1.1.15000.2, NIS: 1.1.15000.2
  453.  
  454. Date: 2018-07-04 07:36:40.294
  455. Description:
  456. Windows Defender Antivirus has detected malware or other potentially unwanted software.
  457. For more information please see the following:
  458. https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS.A&threatid=2147726953&enterprise=0
  459. Name: HackTool:Win32/AutoKMS.A
  460. ID: 2147726953
  461. Severity: Hoch
  462. Category: Tool
  463. Path: file:_C:\Program Files\KMSpico\Service_KMS.exe->[MSILRES:Service_KMS.SECOH-QAD.x64.dll]
  464. Detection Origin: Local machine
  465. Detection Type: Concrete
  466. Detection Source: Real-Time Protection
  467. Process Name: C:\Program Files\Bitdefender Antivirus Free\kitinstaller\BPInstaller.exe
  468. Signature Version: AV: 1.271.454.0, AS: 1.271.454.0, NIS: 1.271.454.0
  469. Engine Version: AM: 1.1.15000.2, NIS: 1.1.15000.2
  470.  
  471. Date: 2018-07-04 07:19:01.362
  472. Description:
  473. Windows Defender Antivirus has detected malware or other potentially unwanted software.
  474. For more information please see the following:
  475. https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS.A&threatid=2147726953&enterprise=0
  476. Name: HackTool:Win32/AutoKMS.A
  477. ID: 2147726953
  478. Severity: Hoch
  479. Category: Tool
  480. Path: file:_C:\Program Files\KMSpico\Service_KMS.exe->[MSILRES:Service_KMS.SECOH-QAD.x64.dll]
  481. Detection Origin: Local machine
  482. Detection Type: Concrete
  483. Detection Source: Real-Time Protection
  484. Process Name: C:\Program Files\KMSpico\Service_KMS.exe
  485. Signature Version: AV: 1.271.388.0, AS: 1.271.388.0, NIS: 1.271.388.0
  486. Engine Version: AM: 1.1.15000.2, NIS: 1.1.15000.2
  487.  
  488. Date: 2018-07-04 07:18:14.454
  489. Description:
  490. Windows Defender Antivirus has detected malware or other potentially unwanted software.
  491. For more information please see the following:
  492. https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS.A&threatid=2147726953&enterprise=0
  493. Name: HackTool:Win32/AutoKMS.A
  494. ID: 2147726953
  495. Severity: Hoch
  496. Category: Tool
  497. Path: file:_C:\Program Files\KMSpico\KMSELDI.exe->[MSILRES:KMSELDI.SECOH-QAD.x64.dll];file:_C:\Windows\SECOH-QAD.dll
  498. Detection Origin: Local machine
  499. Detection Type: Concrete
  500. Detection Source: Real-Time Protection
  501. Process Name: C:\Program Files\KMSpico\Service_KMS.exe
  502. Signature Version: AV: 1.271.388.0, AS: 1.271.388.0, NIS: 1.271.388.0
  503. Engine Version: AM: 1.1.15000.2, NIS: 1.1.15000.2
  504.  
  505. Date: 2018-06-08 23:00:22.351
  506. Description:
  507. Windows Defender Antivirus has encountered an error trying to update signatures.
  508. New Signature Version:
  509. Previous Signature Version: 1.269.924.0
  510. Update Source: Microsoft Update Server
  511. Signature Type: AntiVirus
  512. Update Type: Full
  513. Current Engine Version:
  514. Previous Engine Version: 1.1.14901.4
  515. Error code: 0x80240016
  516. Error description: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support".
  517.  
  518. CodeIntegrity:
  519. ===================================
  520.  
  521. Date: 2018-07-06 10:51:11.361
  522. Description:
  523. Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Bitdefender Antivirus Free\vsservppl.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bitdefender Antivirus Free\agentctrl.exe that did not meet the Custom 3 / Antimalware signing level requirements.
  524.  
  525. Date: 2018-07-06 09:57:14.237
  526. Description:
  527. Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
  528.  
  529. Date: 2018-07-05 14:27:14.801
  530. Description:
  531. Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Bitdefender Antivirus Free\vsservppl.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bitdefender Antivirus Free\agentctrl.exe that did not meet the Custom 3 / Antimalware signing level requirements.
  532.  
  533. Date: 2018-07-04 14:42:51.052
  534. Description:
  535. Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Bitdefender Antivirus Free\vsservppl.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bitdefender Antivirus Free\agentctrl.exe that did not meet the Custom 3 / Antimalware signing level requirements.
  536.  
  537. Date: 2018-07-04 08:40:45.054
  538. Description:
  539. Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Bitdefender Agent\ProductAgentDP.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
  540.  
  541. Date: 2018-07-04 08:30:05.110
  542. Description:
  543. Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Bitdefender Antivirus Free\vsservppl.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bitdefender Antivirus Free\Signatures\EventCorrelator\ser_00020_001\core.dll that did not meet the Custom 3 / Antimalware signing level requirements.
  544.  
  545. Date: 2018-07-04 08:30:02.937
  546. Description:
  547. Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Bitdefender Antivirus Free\vsservppl.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bitdefender Antivirus Free\Signatures\EventCorrelator\ecam_00021_001\core.dll that did not meet the Custom 3 / Antimalware signing level requirements.
  548.  
  549. Date: 2018-07-04 08:09:16.600
  550. Description:
  551. Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Bitdefender Agent\ProductAgentDP.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
  552.  
  553. ==================== Speicherinformationen ===========================
  554.  
  555. Prozessor: Intel(R) Core(TM) i5-3337U CPU @ 1.80GHz
  556. Prozentuale Nutzung des RAM: 30%
  557. Installierter physikalischer RAM: 8070.8 MB
  558. Verfügbarer physikalischer RAM: 5593.21 MB
  559. Summe virtueller Speicher: 9350.8 MB
  560. Verfügbarer virtueller Speicher: 6308.88 MB
  561.  
  562. ==================== Laufwerke ================================
  563.  
  564. Drive c: () (Fixed) (Total:331.68 GB) (Free:139.97 GB) NTFS
  565. Drive d: (DATA) (Fixed) (Total:331.42 GB) (Free:257.71 GB) NTFS
  566.  
  567. \\?\Volume{d4443dea-92e8-41e7-a586-8cc3534fefad}\ (Windows RE tools) (Fixed) (Total:1.44 GB) (Free:0.66 GB) NTFS
  568. \\?\Volume{7d5849ae-9434-48f1-a917-237174ea33fb}\ () (Fixed) (Total:0.84 GB) (Free:0.34 GB) NTFS
  569. \\?\Volume{92ab1cc8-c445-4cf7-b27e-77df98f52916}\ (Recovery) (Fixed) (Total:32.63 GB) (Free:2.16 GB) NTFS
  570. \\?\Volume{40245c7f-a9d0-4878-974d-cb2eb188b94e}\ () (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32
  571.  
  572. ==================== MBR & Partitionstabelle ==================
  573.  
  574. ========================================================
  575. Disk: 0 (Size: 698.6 GB) (Disk ID: D3EF53DE)
  576.  
  577. Partition: GPT.
  578.  
  579. ==================== Ende von Addition.txt ============================
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!