| |
| |||||||
Log-Analyse und Auswertung: Browser leitet automatisch auf Werbe-Seiten weiter - Win 8Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
06.03.2016, 12:52
| #1 |
| |  Browser leitet automatisch auf Werbe-Seiten weiter - Win 8 Hey! Firefox leitet ab und an (jedes 5. mal ca.) auf Seiten weiter, die ich nicht angewählt habe. Ich suche bspw. etwas bei google und werde, durch das Ausführen der Googlesuche, auf "hxxp://lp.stargames.com/" , "Flirt-fever" oder "hxxp://note.pcreviewsfree.xyz/" (trotz Adblocker) weitergeleitet. Ich habe nach dem Aufsetzen des Systems das System mit Spybot immunisiert. AVG zeigte mir 2 Infizierungen mit "Trojan" im Namen an, welche ich "entfernt" habe, seitdem findet AVG keine Infizierungen mehr, das Problem besteht dennoch weiterhin. Hijackthis hat keine großartigen Mängel angezeigt - ich habe eine Toolbar entfernt. Danke schon mal für jegliche Hilfe! FRST: FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
durchgeführt von JaafarPC (Administrator) auf JAAFAR (06-03-2016 12:48:24)
Gestartet von C:\Users\JaafarPC\Downloads
Geladene Profile: JaafarPC (Verfügbare Profile: JaafarPC)
Platform: Windows 8.1 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Synchro Arts Ltd) C:\Program Files (x86)\Common Files\Synchro Arts Shared\License.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.6\ToolbarUpdater.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.6\loggingserver.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(ESI Audiotechnik GmbH) C:\Windows\System32\julapan.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Audition CC 2015\32\dynamiclinkmanager.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Audition CC 2015\Adobe Audition CC.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Audition CC 2015\32\Adobe QT32 Server.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2015-10-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161728 2015-11-12] (IvoSoft)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-26] (Adobe Systems Incorporated)
HKLM\...\Run: [julapan.exe] => C:\Windows\system32\julapan.exe [514792 2015-09-16] (ESI Audiotechnik GmbH)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [179624 2016-02-18] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3862440 2016-02-24] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2874440 2016-03-03] ()
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8641240 2016-02-12] (Piriform Ltd)
HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation)
HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\Run: [AdobeBridge] => [X]
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-11-12] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-11-12] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-03-04]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
AutoConfigURL: [S-1-5-21-229030632-1578635348-2299778840-1001] => hxxp://un-stop.com/wpad.dat?52994ff01437a42cdb21e99ca8aa84c77069265
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ADE801C5-7412-468D-8993-C2E8BDF3F287}: [DhcpNameServer] 192.168.1.1
ManualProxies: 0hxxp://un-stop.com/wpad.dat?52994ff01437a42cdb21e99ca8aa84c77069265
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKU\S-1-5-21-229030632-1578635348-2299778840-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={01210D33-31F9-4C1A-B24E-BD31DB419F77}&mid=caad0b45d6ef47cca1f5d1543b7b7afe-a7245077da129bfe9a1c504698f51dcf7bb56711&lang=en&ds=AVG&coid=avgtbavg&cmpid=0116piz&pr=fr&d=2016-03-03 01:20:25&v=4.2.6.552&pid=wtu&sg=&sap=hp
SearchScopes: HKU\S-1-5-21-229030632-1578635348-2299778840-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={01210D33-31F9-4C1A-B24E-BD31DB419F77}&mid=caad0b45d6ef47cca1f5d1543b7b7afe-a7245077da129bfe9a1c504698f51dcf7bb56711&lang=en&ds=AVG&coid=avgtbavg&cmpid=0116piz&pr=fr&d=2016-03-03 01:20:25&v=4.2.6.552&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-11-12] (IvoSoft)
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.2.6.552\AVG Web TuneUp.dll [2016-03-03] (AVG)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2015-11-12] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-11-12] (IvoSoft)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.2.6.552\AVG Web TuneUp.dll [2016-03-03] (AVG)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2015-11-12] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-11-12] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-11-12] (IvoSoft)
FireFox:
========
FF ProfilePath: C:\Users\JaafarPC\AppData\Roaming\Mozilla\Firefox\Profiles\ac5xqhhp.default
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.2.6\\npsitesafety.dll [Keine Datei]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-03] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
FF SearchPlugin: C:\Users\JaafarPC\AppData\Roaming\Mozilla\Firefox\Profiles\ac5xqhhp.default\searchplugins\avg-secure-search.xml [2016-03-03]
FF Extension: AVG Web TuneUp - C:\Users\JaafarPC\AppData\Roaming\Mozilla\Firefox\Profiles\ac5xqhhp.default\Extensions\avg@toolbar.xpi [2016-03-03]
FF Extension: Adblock Plus - C:\Users\JaafarPC\AppData\Roaming\Mozilla\Firefox\Profiles\ac5xqhhp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-03-03]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-03-03] [ist nicht signiert]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.zeit.de/"
CHR Profile: C:\Users\JaafarPC\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\JaafarPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-03]
CHR Extension: (Google Docs) - C:\Users\JaafarPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-03]
CHR Extension: (Google Drive) - C:\Users\JaafarPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-03]
CHR Extension: (YouTube) - C:\Users\JaafarPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-03]
CHR Extension: (Adblock Plus) - C:\Users\JaafarPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-03]
CHR Extension: (Google Tabellen) - C:\Users\JaafarPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-03]
CHR Extension: (Google Docs Offline) - C:\Users\JaafarPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-03]
CHR Extension: (Audio EQ) - C:\Users\JaafarPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfafdlnjaliaghpjdajmlcnnblkgcefh [2016-03-03]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\JaafarPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-03-03]
CHR Extension: (Google Mail) - C:\Users\JaafarPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-03]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [604144 2016-02-24] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3934184 2016-02-24] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1045928 2016-02-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [561104 2016-02-24] (AVG Technologies CZ, s.r.o.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2015-10-13] (NVIDIA Corporation)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-10-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2015-10-13] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 Synchro Arts License Manager; C:\Program Files (x86)\Common Files\Synchro Arts Shared\License.exe [175488 2008-02-22] (Synchro Arts Ltd) [Datei ist nicht signiert]
R2 vToolbarUpdater40.2.6; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.6\ToolbarUpdater.exe [1949768 2016-03-03] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-05-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-05-12] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1215560 2016-03-03] ()
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [315312 2016-01-26] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272304 2016-01-26] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378288 2016-02-03] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [269232 2016-02-15] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-12-04] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [23472 2016-01-08] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [315840 2015-12-16] (AVG Technologies CZ, s.r.o.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 Jula.sys; C:\Windows\system32\DRIVERS\Jula.sys [62696 2015-09-16] (ESI Audiotechnik GmbH)
R3 JulaWDM.sys; C:\Windows\system32\DRIVERS\JulaWDM.sys [45288 2015-09-16] (ESI Audiotechnik GmbH)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-10-13] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-10-13] (NVIDIA Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44024 2015-05-12] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [264000 2015-05-12] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-05-12] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-03-06 12:48 - 2016-03-06 12:48 - 00020631 _____ C:\Users\JaafarPC\Downloads\FRST.txt
2016-03-06 12:40 - 2016-03-06 12:40 - 00000000 ____D C:\Windows\system32\appmgmt
2016-03-06 12:39 - 2016-03-06 12:48 - 00000000 ____D C:\FRST
2016-03-06 12:38 - 2016-03-06 12:38 - 02374144 _____ (Farbar) C:\Users\JaafarPC\Downloads\FRST64.exe
2016-03-06 12:03 - 2016-03-06 12:04 - 00000000 ____D C:\Users\JaafarPC\Downloads\backups
2016-03-06 11:59 - 2016-03-06 11:59 - 00388608 _____ (Trend Micro Inc.) C:\Users\JaafarPC\Downloads\HijackThis_2.0.5.exe
2016-03-04 16:51 - 2016-03-04 17:40 - 00000000 ____D C:\Users\JaafarPC\Desktop\vc
2016-03-04 16:46 - 2016-03-04 16:52 - 00000000 ____D C:\Users\JaafarPC\Desktop\vocalign
2016-03-04 15:06 - 2016-03-04 15:06 - 00000000 ____D C:\Users\JaafarPC\AppData\Roaming\HP
2016-03-04 15:06 - 2016-03-04 15:06 - 00000000 ____D C:\Users\JaafarPC\AppData\Local\HP
2016-03-04 15:06 - 2016-03-04 15:06 - 00000000 ____D C:\ProgramData\WEBREG
2016-03-04 15:05 - 2016-03-04 15:05 - 00000000 ____D C:\Windows\LastGood
2016-03-04 15:05 - 2016-03-04 15:05 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2016-03-04 15:00 - 2016-03-04 15:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-03-04 15:00 - 2016-03-04 15:00 - 00001377 _____ C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk
2016-03-04 15:00 - 2016-03-04 15:00 - 00001080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk
2016-03-04 15:00 - 2016-03-04 15:00 - 00000000 ____D C:\Users\JaafarPC\AppData\Roaming\HpUpdate
2016-03-04 15:00 - 2016-03-04 15:00 - 00000000 ____D C:\ProgramData\HP Product Assistant
2016-03-04 14:59 - 2016-03-04 15:00 - 00000000 ____D C:\Program Files (x86)\HP
2016-03-04 14:59 - 2016-03-04 14:59 - 00000000 ____D C:\Windows\SysWOW64\spool
2016-03-04 14:57 - 2016-03-04 15:06 - 00257117 _____ C:\Windows\hpoins21.dat
2016-03-04 14:57 - 2016-03-04 15:06 - 00000000 ____D C:\ProgramData\HP
2016-03-04 14:57 - 2012-10-14 14:33 - 00006174 ____N C:\Windows\hpomdl21.dat
2016-03-04 14:57 - 2012-08-21 07:55 - 01421312 _____ (Hewlett-Packard Co.) C:\Windows\system32\hpotiop5.dll
2016-03-04 14:57 - 2009-07-14 02:41 - 00046080 _____ (Hewlett-Packard Corporation) C:\Windows\system32\hpz3lw71.dll
2016-03-04 14:57 - 2009-07-08 11:51 - 00938496 _____ (Hewlett-Packard) C:\Windows\system32\hpowiax5.dll
2016-03-04 14:57 - 2009-07-08 11:51 - 00540672 _____ (Hewlett-Packard) C:\Windows\system32\hppldcoi.dll
2016-03-04 14:57 - 2009-07-08 11:51 - 00505344 _____ (Hewlett-Packard Co.) C:\Windows\system32\hpovst12.dll
2016-03-04 13:29 - 2016-03-04 13:29 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-03-03 23:38 - 2016-03-03 23:38 - 00000424 _____ C:\Users\JaafarPC\Desktop\Dieser PC.lnk
2016-03-03 23:14 - 2016-03-03 23:18 - 00000000 ____D C:\Windows\LOG
2016-03-03 23:12 - 2016-03-03 23:12 - 00000000 ____D C:\Users\JaafarPC\Desktop\backups
2016-03-03 22:56 - 2016-03-03 22:56 - 00044032 ___SH C:\Users\JaafarPC\Desktop\Thumbs.db
2016-03-03 22:54 - 2016-03-03 22:54 - 00000000 ____D C:\Users\JaafarPC\Desktop\Desktop & Verschiedenes
2016-03-03 22:53 - 2016-03-03 22:53 - 00047104 ___SH C:\Users\JaafarPC\Documents\Thumbs.db
2016-03-03 22:53 - 2016-03-03 22:53 - 00001074 _____ C:\Users\JaafarPC\Desktop\Adobe Kram.lnk
2016-03-03 22:49 - 2016-03-03 22:56 - 00000000 ____D C:\Users\JaafarPC\Desktop\Orga & Aktuelles
2016-03-03 22:38 - 2016-03-04 15:17 - 00000000 ____D C:\Users\JaafarPC\Desktop\Programme
2016-03-03 22:23 - 2016-03-03 22:23 - 00000000 ____D C:\Program Files\Synchro Arts Ltd
2016-03-03 22:06 - 2016-03-03 22:06 - 00000000 ____D C:\VstPlugins
2016-03-03 21:46 - 2016-03-03 21:46 - 00000000 ____D C:\Users\JaafarPC\AppData\Roaming\Waves Audio
2016-03-03 21:41 - 2016-03-03 21:41 - 00000000 ____D C:\Users\Public\Waves Audio
2016-03-03 21:41 - 2011-07-01 12:31 - 02181120 _____ (Propellerhead Software AB) C:\Windows\system32\ReWire.dll
2016-03-03 21:41 - 2011-07-01 12:30 - 01431552 _____ (Propellerhead Software AB) C:\Windows\SysWOW64\ReWire.dll
2016-03-03 21:39 - 2016-03-03 22:23 - 00000000 ____D C:\Program Files\Common Files\VST3
2016-03-03 21:39 - 2016-03-03 21:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves
2016-03-03 21:39 - 2016-03-03 21:40 - 00000000 ____D C:\Program Files (x86)\Waves
2016-03-03 21:39 - 2016-03-03 21:39 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-03-03 21:39 - 2016-03-03 21:39 - 00000000 ____D C:\Program Files\VSTPlugIns
2016-03-03 21:39 - 2016-03-03 21:39 - 00000000 ____D C:\Program Files\Common Files\Propellerhead Software
2016-03-03 21:39 - 2016-03-03 21:39 - 00000000 ____D C:\Program Files (x86)\VSTPlugIns
2016-03-03 21:39 - 2007-11-21 05:34 - 00007744 _____ (Altiris) C:\Windows\SysWOW64\HookDll.dll
2016-03-03 21:39 - 2005-12-15 21:30 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71.dll
2016-03-03 21:36 - 2016-03-03 21:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jBridge
2016-03-03 21:36 - 2016-03-03 21:36 - 00000000 ____D C:\Program Files\JBridge
2016-03-03 21:18 - 2016-03-03 21:18 - 00000097 _____ C:\Users\JaafarPC\WaveShell-VST 9.1.64.txt
2016-03-03 21:18 - 2012-04-11 03:27 - 00003584 _____ C:\Users\JaafarPC\WaveShell-VST 9.1.64.dll
2016-03-03 21:17 - 2016-03-03 21:17 - 00001222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves System guide.lnk
2016-03-03 21:17 - 2016-03-03 21:17 - 00001018 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Readme for Diamond 5.2.lnk
2016-03-03 21:17 - 2016-03-03 21:17 - 00000988 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves on the internet.lnk
2016-03-03 21:17 - 2016-03-03 21:17 - 00000953 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves 5.2 Release Notes.lnk
2016-03-03 21:16 - 2006-11-06 13:22 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2016-03-03 21:16 - 2006-11-06 13:22 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2016-03-03 21:04 - 2016-03-03 21:04 - 00000000 ____D C:\Users\JaafarPC\bridging files - jbridge
2016-03-03 20:51 - 2016-03-03 20:51 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-03-03 20:49 - 2016-03-03 20:51 - 00000000 ____D C:\Users\JaafarPC\AppData\Roaming\SimpleFiles
2016-03-03 20:22 - 2016-03-03 20:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synchro Arts Ltd
2016-03-03 20:21 - 2016-03-03 22:17 - 00000000 ____D C:\Program Files (x86)\Synchro Arts Ltd
2016-03-03 20:20 - 2016-03-03 20:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixMeister
2016-03-03 20:20 - 2016-03-03 20:20 - 00000000 ____D C:\Program Files (x86)\MixMeister BPM Analyzer
2016-03-03 20:15 - 2016-03-03 22:54 - 00000000 ____D C:\Users\JaafarPC\Documents\Adobe Kram
2016-03-03 19:43 - 2016-03-03 19:43 - 00000000 ____D C:\Users\Public\Documents\Adobe
2016-03-03 19:42 - 2016-03-03 19:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESI
2016-03-03 19:42 - 2016-03-03 19:42 - 00000000 ____D C:\Program Files\ESI
2016-03-03 19:42 - 2016-03-03 19:42 - 00000000 ____D C:\Program Files\DIFX
2016-03-03 19:42 - 2015-09-16 10:25 - 00514792 _____ (ESI Audiotechnik GmbH) C:\Windows\system32\julapan.exe
2016-03-03 19:42 - 2015-09-16 10:25 - 00126696 _____ (ESI Audiotechnik GmbH) C:\Windows\system32\julaASIO.dll
2016-03-03 19:42 - 2015-09-16 10:25 - 00111336 _____ (ESI Audiotechnik GmbH) C:\Windows\SysWOW64\julaASIO32.dll
2016-03-03 19:42 - 2015-09-16 10:25 - 00062696 _____ (ESI Audiotechnik GmbH) C:\Windows\system32\Drivers\Jula.sys
2016-03-03 19:42 - 2015-09-16 10:25 - 00045288 _____ (ESI Audiotechnik GmbH) C:\Windows\system32\Drivers\JulaWDM.sys
2016-03-03 19:25 - 2016-03-03 19:25 - 00001511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CC 2015.lnk
2016-03-03 19:25 - 2016-03-03 19:25 - 00000000 ____D C:\ProgramData\ALM
2016-03-03 19:18 - 2016-03-03 19:18 - 00001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2015.lnk
2016-03-03 19:13 - 2016-03-03 19:13 - 00003504 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-JAAFAR-JaafarPC
2016-03-03 19:13 - 2016-03-03 19:13 - 00000000 ____D C:\Users\JaafarPC\AppData\Roaming\NVIDIA
2016-03-03 19:12 - 2016-03-03 22:36 - 00000000 ____D C:\Users\JaafarPC\Documents\Adobe
2016-03-03 19:12 - 2016-03-03 19:12 - 00001056 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.lnk
2016-03-03 19:11 - 2016-03-03 19:24 - 00001558 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2016-03-03 19:09 - 2016-03-03 19:09 - 00001046 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CC (64bit).lnk
2016-03-03 19:07 - 2016-03-03 19:43 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-03-03 19:07 - 2016-03-03 19:25 - 00000000 ____D C:\Program Files\Adobe
2016-03-03 19:07 - 2016-03-03 19:18 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-03-03 19:07 - 2016-03-03 19:07 - 00001089 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition CC 2015.lnk
2016-03-03 19:07 - 2012-06-22 03:01 - 00056336 ____N (Corel Corporation) C:\Windows\system32\Drivers\PxHlpa64.sys
2016-03-03 19:07 - 2012-04-24 03:01 - 00011376 ____N (Corel Corporation) C:\Windows\system32\Drivers\cdralw2k.sys
2016-03-03 19:07 - 2012-04-24 03:01 - 00010864 ____N (Corel Corporation) C:\Windows\system32\Drivers\cdr4_xp.sys
2016-03-03 19:06 - 2016-03-03 19:06 - 00000000 ____D C:\ProgramData\Package Cache
2016-03-03 19:06 - 2016-03-03 19:06 - 00000000 ____D C:\Program Files (x86)\My Company Name
2016-03-03 18:57 - 2016-03-06 02:00 - 00000000 ____D C:\Users\JaafarPC\AppData\Local\Adobe
2016-03-03 18:57 - 2016-03-04 09:58 - 00000000 ____D C:\ProgramData\Adobe
2016-03-03 17:13 - 2016-03-03 17:13 - 00000000 ____D C:\Users\JaafarPC\AppData\Roaming\Macromedia
2016-03-03 17:07 - 2016-03-03 17:07 - 00000000 ____D C:\Users\JaafarPC\AppData\Local\Steam
2016-03-03 17:07 - 2016-03-03 17:07 - 00000000 ____D C:\Users\JaafarPC\AppData\Local\CEF
2016-03-03 17:06 - 2016-03-06 03:30 - 00000000 ____D C:\Program Files (x86)\Steam
2016-03-03 17:06 - 2016-03-03 17:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-03-03 16:39 - 2016-03-03 16:39 - 00000000 ____D C:\Users\JaafarPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2016-03-03 16:38 - 2016-03-03 23:17 - 00000000 ____D C:\Users\JaafarPC\AppData\Local\JDownloader 2.0
2016-03-03 15:38 - 2016-03-03 15:38 - 00000000 ____D C:\Users\JaafarPC\AppData\Roaming\vlc
2016-03-03 15:38 - 2016-03-03 15:38 - 00000000 ____D C:\Users\JaafarPC\AppData\Roaming\ClassicShell
2016-03-03 08:29 - 2016-03-03 08:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-03-03 08:29 - 2016-03-03 08:29 - 00000000 ____D C:\Program Files\VideoLAN
2016-03-03 08:16 - 2016-03-03 08:16 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2016-03-03 08:16 - 2016-03-03 08:16 - 00000000 ____D C:\Users\Public\Documents\Logishrd
2016-03-03 08:16 - 2016-03-03 08:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2016-03-03 08:16 - 2016-03-03 08:16 - 00000000 ____D C:\ProgramData\Logishrd
2016-03-03 08:15 - 2016-03-03 08:16 - 00000000 ____D C:\Program Files\Common Files\LogiShrd
2016-03-03 08:15 - 2016-03-03 08:15 - 00000000 ____D C:\Users\JaafarPC\AppData\Roaming\Logitech
2016-03-03 08:15 - 2016-03-03 08:15 - 00000000 ____D C:\Users\JaafarPC\AppData\Roaming\Logishrd
2016-03-03 08:15 - 2016-03-03 08:15 - 00000000 ____D C:\Program Files\Logitech
2016-03-03 08:10 - 2016-03-06 12:48 - 00000000 ____D C:\Users\JaafarPC\AppData\Roaming\Skype
2016-03-03 08:10 - 2016-03-03 08:10 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-03-03 08:10 - 2016-03-03 08:10 - 00000000 ____D C:\Users\JaafarPC\Tracing
2016-03-03 08:10 - 2016-03-03 08:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-03-03 08:09 - 2016-03-03 08:10 - 00000000 ____D C:\ProgramData\Skype
2016-03-03 08:07 - 2016-03-03 08:07 - 00002792 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-03-03 08:07 - 2016-03-03 08:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-03-03 08:07 - 2016-03-03 08:07 - 00000000 ____D C:\Program Files\CCleaner
2016-03-03 08:04 - 2016-03-04 14:02 - 00000075 _____ C:\Users\JaafarPC\Desktop\Neues Textdokument.txt
2016-03-03 07:47 - 2016-03-03 07:47 - 00000000 ____D C:\Users\JaafarPC\Desktop\uni
2016-03-03 07:44 - 2016-03-03 23:09 - 00000000 ____D C:\Program Files\Windows KMS Activator Ultimate 2016 v2.7
2016-03-03 07:44 - 2016-03-03 07:44 - 00000000 ____D C:\Users\JaafarPC\AppData\Roaming\WinRAR
2016-03-03 07:43 - 2016-03-03 07:43 - 00000000 ____D C:\Users\JaafarPC\Documents\- Anderes
2016-03-03 04:14 - 2016-03-03 20:48 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-03 04:13 - 2016-03-06 12:18 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-03 04:13 - 2016-03-06 04:18 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-03 04:13 - 2016-03-03 04:51 - 00000000 ____D C:\Users\JaafarPC\AppData\Local\Google
2016-03-03 04:13 - 2016-03-03 04:14 - 00000000 ____D C:\Program Files (x86)\Google
2016-03-03 04:13 - 2016-03-03 04:13 - 00004100 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-03-03 04:13 - 2016-03-03 04:13 - 00003864 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-03-03 04:09 - 2013-08-22 14:25 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20160303-040957.backup
2016-03-03 04:02 - 2016-03-06 12:39 - 00000000 ____D C:\Users\JaafarPC\AppData\Local\ClassicShell
2016-03-03 04:01 - 2016-03-03 04:01 - 00000000 ____D C:\ProgramData\ClassicShell
2016-03-03 03:59 - 2016-03-03 03:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
2016-03-03 03:59 - 2016-03-03 03:59 - 00000000 ____D C:\Program Files\Classic Shell
2016-03-03 01:29 - 2016-03-03 01:32 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-03-03 01:29 - 2016-03-03 01:29 - 00001403 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-03-03 01:29 - 2016-03-03 01:29 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-03-03 01:29 - 2016-03-03 01:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-03-03 01:29 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2016-03-03 01:20 - 2016-03-03 01:20 - 00000000 ____D C:\Users\JaafarPC\AppData\Local\AVG Web TuneUp
2016-03-03 01:20 - 2016-03-03 01:20 - 00000000 ____D C:\ProgramData\AVG Web TuneUp
2016-03-03 01:20 - 2016-03-03 01:20 - 00000000 ____D C:\ProgramData\AVG Security Toolbar
2016-03-03 01:20 - 2016-03-03 01:20 - 00000000 ____D C:\ProgramData\AVG Secure Search
2016-03-03 01:20 - 2016-03-03 01:20 - 00000000 ____D C:\Program Files\Common Files\AVG Secure Search
2016-03-03 01:20 - 2016-03-03 01:20 - 00000000 ____D C:\Program Files\AVG Web TuneUp
2016-03-03 01:20 - 2016-03-03 01:20 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2016-03-03 01:14 - 2016-03-03 01:31 - 00000000 ____D C:\Program Files\Common Files\AV
2016-03-03 01:14 - 2016-03-03 01:14 - 00000000 ____D C:\Users\JaafarPC\AppData\Roaming\AVG
2016-03-03 01:13 - 2016-03-06 12:06 - 00000000 ____D C:\ProgramData\MFAData
2016-03-03 01:13 - 2016-03-03 01:13 - 00000000 ___HD C:\$AVG
2016-03-03 01:13 - 2016-03-03 01:13 - 00000000 ____D C:\Users\JaafarPC\AppData\Roaming\TuneUp Software
2016-03-03 01:13 - 2016-03-03 01:13 - 00000000 ____D C:\Users\JaafarPC\AppData\Local\MFAData
2016-03-03 01:13 - 2016-03-03 01:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-03-03 01:13 - 2016-03-03 01:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-03-03 01:12 - 2016-03-03 01:13 - 00000000 ____D C:\ProgramData\Avg
2016-03-03 01:12 - 2016-03-03 01:13 - 00000000 ____D C:\Program Files (x86)\AVG
2016-03-03 01:10 - 2016-03-03 01:14 - 00000000 ____D C:\Users\JaafarPC\AppData\Local\Avg
2016-03-03 01:10 - 2016-03-03 01:13 - 00000000 ____D C:\Users\JaafarPC\AppData\Local\AvgSetupLog
2016-03-03 01:06 - 2016-03-03 01:06 - 00000000 ____D C:\Users\JaafarPC\AppData\Local\NVIDIA Corporation
2016-03-03 01:05 - 2016-03-03 01:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-03-03 01:05 - 2016-03-03 01:05 - 00000000 ____D C:\Users\JaafarPC\AppData\Local\NVIDIA
2016-03-03 01:05 - 2016-03-03 01:05 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2016-03-03 01:05 - 2015-10-13 20:00 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-03-03 01:05 - 2015-10-13 20:00 - 01514528 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-03-03 01:05 - 2015-10-13 20:00 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-03-03 01:05 - 2015-10-13 20:00 - 01278920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-03-03 01:05 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2016-03-03 01:05 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2016-03-03 01:05 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2016-03-03 01:05 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2016-03-03 01:05 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2016-03-03 01:05 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2016-03-03 01:04 - 2016-03-03 01:04 - 00000000 ____D C:\Windows\LastGood.Tmp
2016-03-03 01:04 - 2015-10-13 16:26 - 00608048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-03-03 01:03 - 2015-10-13 20:00 - 31514288 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-03-03 01:03 - 2015-10-13 20:00 - 24199344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-03-03 01:03 - 2015-10-13 20:00 - 22993200 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2016-03-03 01:03 - 2015-10-13 20:00 - 18634072 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-03-03 01:03 - 2015-10-13 20:00 - 17559432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-03-03 01:03 - 2015-10-13 20:00 - 16128576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-03-03 01:03 - 2015-10-13 20:00 - 15293104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2016-03-03 01:03 - 2015-10-13 20:00 - 14497568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-03-03 01:03 - 2015-10-13 20:00 - 13916600 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-03-03 01:03 - 2015-10-13 20:00 - 13828224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-03-03 01:03 - 2015-10-13 20:00 - 12898992 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-03-03 01:03 - 2015-10-13 20:00 - 11272048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-03-03 01:03 - 2015-10-13 20:00 - 11209376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-03-03 01:03 - 2015-10-13 20:00 - 04245624 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-03-03 01:03 - 2015-10-13 20:00 - 03986608 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-03-03 01:03 - 2015-10-13 20:00 - 03209920 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-03-03 01:03 - 2015-10-13 20:00 - 02823992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-03-03 01:03 - 2015-10-13 20:00 - 01908528 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434192.dll
2016-03-03 01:03 - 2015-10-13 20:00 - 01556656 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434192.dll
2016-03-03 01:03 - 2015-10-13 20:00 - 00944304 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-03-03 01:03 - 2015-10-13 20:00 - 00907440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-03-03 01:03 - 2015-10-13 20:00 - 00903472 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-03-03 01:03 - 2015-10-13 20:00 - 00869040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-03-03 01:03 - 2015-10-13 20:00 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-03-03 01:03 - 2015-10-13 20:00 - 00035472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-03-03 01:03 - 2015-10-13 20:00 - 00032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-03-03 00:53 - 2016-03-03 20:48 - 00001361 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-03-03 00:53 - 2016-03-03 01:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-03-03 00:53 - 2016-03-03 01:01 - 00000000 ____D C:\Users\JaafarPC\AppData\Local\Mozilla
2016-03-03 00:53 - 2016-03-03 00:55 - 00000000 ____D C:\Users\JaafarPC\AppData\Roaming\Mozilla
2016-03-03 00:53 - 2016-03-03 00:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-03 00:52 - 2016-03-03 00:52 - 00000000 __SHD C:\Users\JaafarPC\AppData\LocalLow\EmieUserList
2016-03-03 00:52 - 2016-03-03 00:52 - 00000000 __SHD C:\Users\JaafarPC\AppData\LocalLow\EmieSiteList
2016-03-03 00:52 - 2016-03-03 00:52 - 00000000 __SHD C:\Users\JaafarPC\AppData\LocalLow\EmieBrowserModeList
2016-03-03 00:52 - 2016-03-03 00:52 - 00000000 __SHD C:\Users\JaafarPC\AppData\Local\EmieUserList
2016-03-03 00:52 - 2016-03-03 00:52 - 00000000 __SHD C:\Users\JaafarPC\AppData\Local\EmieSiteList
2016-03-03 00:52 - 2016-03-03 00:52 - 00000000 __SHD C:\Users\JaafarPC\AppData\Local\EmieBrowserModeList
2016-03-03 00:51 - 2016-03-04 13:17 - 00000000 ____D C:\ProgramData\NVIDIA
2016-03-03 00:51 - 2016-03-03 01:05 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-03-03 00:50 - 2016-03-03 01:06 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-03-03 00:50 - 2016-03-03 01:05 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-03-03 00:50 - 2015-10-13 20:00 - 00074032 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2016-03-03 00:50 - 2015-10-13 20:00 - 00059568 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2016-03-03 00:50 - 2015-10-13 18:26 - 06783280 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-03-03 00:50 - 2015-10-13 18:26 - 03522168 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-03-03 00:50 - 2015-10-13 18:26 - 02557616 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-03-03 00:50 - 2015-10-13 18:26 - 00933168 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-03-03 00:50 - 2015-10-13 18:26 - 00384176 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-03-03 00:50 - 2015-10-13 18:26 - 00062584 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-03-03 00:50 - 2015-10-13 17:19 - 05972783 _____ C:\Windows\system32\nvcoproc.bin
2016-03-03 00:42 - 2016-03-03 23:20 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-229030632-1578635348-2299778840-1001
2016-03-03 00:36 - 2016-03-03 22:56 - 00000000 ____D C:\Users\JaafarPC\AppData\Local\Packages
2016-03-03 00:36 - 2016-03-03 21:23 - 00000000 ____D C:\Users\JaafarPC\AppData\Local\VirtualStore
2016-03-03 00:36 - 2016-03-03 21:18 - 00000000 ____D C:\Users\JaafarPC
2016-03-03 00:36 - 2016-03-03 20:48 - 00001652 _____ C:\Users\JaafarPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-03-03 00:36 - 2016-03-03 20:19 - 00000000 ____D C:\Users\JaafarPC\AppData\Roaming\Adobe
2016-03-03 00:36 - 2016-03-03 00:36 - 00000020 ___SH C:\Users\JaafarPC\ntuser.ini
2016-03-03 00:36 - 2016-03-03 00:36 - 00000000 _SHDL C:\Users\JaafarPC\Vorlagen
2016-03-03 00:36 - 2016-03-03 00:36 - 00000000 _SHDL C:\Users\JaafarPC\Startmenü
2016-03-03 00:36 - 2016-03-03 00:36 - 00000000 _SHDL C:\Users\JaafarPC\Netzwerkumgebung
2016-03-03 00:36 - 2016-03-03 00:36 - 00000000 _SHDL C:\Users\JaafarPC\Lokale Einstellungen
2016-03-03 00:36 - 2016-03-03 00:36 - 00000000 _SHDL C:\Users\JaafarPC\Eigene Dateien
2016-03-03 00:36 - 2016-03-03 00:36 - 00000000 _SHDL C:\Users\JaafarPC\Druckumgebung
2016-03-03 00:36 - 2016-03-03 00:36 - 00000000 _SHDL C:\Users\JaafarPC\Documents\Eigene Videos
2016-03-03 00:36 - 2016-03-03 00:36 - 00000000 _SHDL C:\Users\JaafarPC\Documents\Eigene Musik
2016-03-03 00:36 - 2016-03-03 00:36 - 00000000 _SHDL C:\Users\JaafarPC\Documents\Eigene Bilder
2016-03-03 00:36 - 2016-03-03 00:36 - 00000000 _SHDL C:\Users\JaafarPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-03-03 00:36 - 2016-03-03 00:36 - 00000000 _SHDL C:\Users\JaafarPC\AppData\Local\Verlauf
2016-03-03 00:36 - 2016-03-03 00:36 - 00000000 _SHDL C:\Users\JaafarPC\AppData\Local\Anwendungsdaten
2016-03-03 00:36 - 2016-03-03 00:36 - 00000000 _SHDL C:\Users\JaafarPC\Anwendungsdaten
2016-03-03 00:36 - 2016-03-03 00:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-03-03 00:36 - 2016-03-03 00:36 - 00000000 ____D C:\Program Files\WinRAR
2016-03-03 00:36 - 2015-04-30 10:07 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-03-03 00:36 - 2014-11-21 04:42 - 00000369 _____ C:\Users\JaafarPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2016-03-03 00:36 - 2014-11-21 04:42 - 00000369 _____ C:\Users\JaafarPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2016-03-03 00:35 - 2016-03-03 00:35 - 00000000 ____D C:\Windows\CSC
2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Videos
2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Users\Default\Vorlagen
2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Users\Default\Startmenü
2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Programme
2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\ProgramData\Vorlagen
2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\ProgramData\Startmenü
2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\ProgramData\Dokumente
2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Dokumente und Einstellungen
2016-03-03 00:30 - 2016-03-03 00:30 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-03-03 00:28 - 2016-03-03 19:34 - 00000000 ____D C:\Windows\Panther
2016-02-15 16:38 - 2016-02-15 16:38 - 00269232 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-03-05 04:03 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2016-03-04 20:09 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2016-03-04 16:33 - 2014-11-21 04:35 - 01686150 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-04 16:33 - 2014-11-21 03:45 - 00726688 _____ C:\Windows\system32\perfh007.dat
2016-03-04 16:33 - 2014-11-21 03:45 - 00151380 _____ C:\Windows\system32\perfc007.dat
2016-03-04 15:06 - 2013-08-22 14:25 - 00000127 _____ C:\Windows\win.ini
2016-03-04 13:17 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-03 23:29 - 2015-05-12 20:32 - 00000000 ___SD C:\Windows\system32\GWX
2016-03-03 23:19 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-03-03 22:56 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-03 22:56 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2016-03-03 19:30 - 2013-08-22 15:44 - 05004024 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-03 19:06 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-03-03 02:10 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppCompat
2016-03-03 01:15 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-03-03 01:13 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2016-03-03 00:50 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\Help
2016-03-03 00:33 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows NT
2016-03-03 00:28 - 2013-08-22 16:36 - 00262144 _____ C:\Windows\system32\config\BCD-Template
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2012-09-01 16:00 - 2012-09-01 16:00 - 1966592 _____ (Waves Audio Ltd.) C:\Program Files\WaveShell-VST 9.1_x64.dll
2012-09-01 16:00 - 2012-09-01 16:00 - 1490944 _____ (Waves Audio Ltd.) C:\Program Files (x86)\WaveShell-VST 9.1.dll
2016-03-04 14:57 - 2016-03-04 15:06 - 0000837 _____ () C:\ProgramData\hpzinstall.log
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\JaafarPC\WaveShell-VST 9.1.64.dll
Einige Dateien in TEMP:
====================
C:\Users\JaafarPC\AppData\Local\Temp\ICReinstall_keygen-step-2.exe
C:\Users\JaafarPC\AppData\Local\Temp\JDSetup131014930675387574.exe
C:\Users\JaafarPC\AppData\Local\Temp\LMkRstPt.exe
C:\Users\JaafarPC\AppData\Local\Temp\nvStInst.exe
C:\Users\JaafarPC\AppData\Local\Temp\proxy_vole6598543556777062445.dll
C:\Users\JaafarPC\AppData\Local\Temp\proxy_vole9188899059640561267.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-03-03 00:29
==================== Ende von FRST.txt ============================
Addition.txtFRST Additions Logfile: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von JaafarPC (2016-03-06 12:48:54)
Gestartet von C:\Users\JaafarPC\Downloads
Windows 8.1 Pro (X64) (2016-03-02 23:36:50)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-229030632-1578635348-2299778840-500 - Administrator - Disabled)
Gast (S-1-5-21-229030632-1578635348-2299778840-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-229030632-1578635348-2299778840-1003 - Limited - Enabled)
JaafarPC (S-1-5-21-229030632-1578635348-2299778840-1001 - Administrator - Enabled) => C:\Users\JaafarPC
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Audition CC 2015 (HKLM-x32\...\{839A3566-AED6-4787-A849-5CBE2B1DC6AE}) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Illustrator CC 2015 (HKLM-x32\...\{5680D629-B263-49CC-821E-3CEBD4507B51}) (Version: 19.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 - Adobe Systems Incorporated)
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
AVG (HKLM\...\AvgZen) (Version: 1.41.1.56922 - AVG Technologies)
AVG (Version: 16.51.7496 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4537 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.51.7496 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.2.6.552 - AVG Technologies)
AVG Zen (Version: 1.41.29 - AVG Technologies) Hidden
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
C6200 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
C6200_Help (x32 Version: 100.0.206.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.15 - Piriform)
Classic Shell (HKLM\...\{D4B3454F-7529-4F5F-851D-2C36933F7D64}) (Version: 4.2.5 - IvoSoft)
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden
FMW 1 (Version: 1.62.2 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.75 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart All-In-One Driver Software (HKLM\...\{A96C5DB7-40F9-46DD-B36F-9E657D1D9E04}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
JBridge (HKLM-x32\...\JBridge) (Version: - JBridge)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Juli@ PCI Driver version v1.2.1.0 (HKLM\...\{2C649BA4-D482-408F-9148-2EC10E1E3193}_is1) (Version: v1.2.1.0 - ESI-Audiotechnik)
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
MarketResearch (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MixMeister BPM Analyzer 1.0 (HKLM-x32\...\MixMeister BPM Analyzer_is1) (Version: - MixMeister Technology LLC)
Mozilla Firefox 44.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 de)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2 - Mozilla)
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.92 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.92 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
PS_AIO_02_ProductContext (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
PS_AIO_02_Software (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
PS_AIO_02_Software_Min (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.2 - VideoLAN)
VocALign Pro 4 VST (64bit) (HKLM\...\{17F13CFE-9956-4688-A875-F00B2EC3C312}) (Version: 4.2.3 - Synchro Arts Ltd)
VocALign Project (HKLM-x32\...\{7E7F3882-48B3-424B-9BE2-D257D1319C59}) (Version: 2.9.1 - Synchro Arts Ltd)
Waves Complete V9r5 (HKLM-x32\...\{91000001-C561-4E32-99EB-3C5AD3683A70}) (Version: 9.1.1 - Waves)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Driver Package - ESI (Jula.sys) MEDIA (09/16/2015 1.2.1.0) (HKLM\...\9351121A70A5DD84065790FA90941B0BB03521DA) (Version: 09/16/2015 1.2.1.0 - ESI)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {4CC57155-A3B0-406D-8F7B-CF27DE98607A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-03] (Google Inc.)
Task: {7453DA2A-2CF3-4550-817D-D1B6F8FFC49F} - System32\Tasks\AdobeAAMUpdater-1.0-JAAFAR-JaafarPC => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-05-26] (Adobe Systems Incorporated)
Task: {A0FE36C0-BAA1-4330-AFC8-971BF3970D9C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-03] (Google Inc.)
Task: {BE09FC54-A89E-49A5-AF6F-8D39063A8541} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-02-12] (Piriform Ltd)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\JaafarPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://esurf.biz/?ssid=1457034362&a=1003679&src=sh&uuid=eb24b82b-2caa-4eab-ab29-b2a69bedbf02"
ShortcutWithArgument: C:\Users\JaafarPC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://esurf.biz/?ssid=1457034362&a=1003679&src=sh&uuid=eb24b82b-2caa-4eab-ab29-b2a69bedbf02"
ShortcutWithArgument: C:\Users\JaafarPC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://esurf.biz/?ssid=1457034362&a=1003679&src=sh&uuid=eb24b82b-2caa-4eab-ab29-b2a69bedbf02"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://esurf.biz/?ssid=1457034362&a=1003679&src=sh&uuid=eb24b82b-2caa-4eab-ab29-b2a69bedbf02"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "hxxp://esurf.biz/?ssid=1457034362&a=1003679&src=sh&uuid=eb24b82b-2caa-4eab-ab29-b2a69bedbf02"
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-03-03 01:20 - 2016-03-03 01:20 - 01215560 ____N () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2016-03-03 00:50 - 2015-10-13 18:26 - 00125616 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-03-03 01:20 - 2016-03-03 01:20 - 00192584 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.6\loggingserver.exe
2016-03-03 01:20 - 2016-03-03 01:20 - 02874440 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2015-05-26 12:51 - 2015-05-26 12:51 - 03499008 _____ () C:\Program Files\Adobe\Adobe Audition CC 2015\DNxHDCodec.dll
2016-03-03 21:40 - 2012-06-28 14:01 - 00101376 _____ () C:\Program Files (x86)\Waves\Plug-Ins\REQ.bundle\Contents\Win64\GenericMultiCoreProcessor.dll
2016-03-03 21:40 - 2012-06-28 14:00 - 00071168 _____ () C:\Program Files (x86)\Waves\Plug-Ins\Q10.bundle\Contents\Win64\GenericMultiCoreProcessor.dll
2016-03-03 08:01 - 2013-02-16 00:16 - 01770496 _____ () C:\Users\JaafarPC\Documents\Adobe Kram\-Waves, VSTs\molot\Molot03-x64.dll
2016-03-03 21:40 - 2012-06-28 13:48 - 00157184 _____ () C:\Program Files (x86)\Waves\Plug-Ins\JJP-Vocals.bundle\Contents\Win64\GenericMultiCoreProcessor.dll
2016-03-03 21:39 - 2012-06-28 13:51 - 00111616 _____ () C:\Program Files (x86)\Waves\Plug-Ins\ArtistDLLV9.1\0825308982.bundle\Contents\Win64\GenericMultiCoreProcessor.dll
2016-03-03 21:39 - 2012-06-28 13:58 - 00171520 _____ () C:\Program Files (x86)\Waves\Plug-Ins\ArtistDLLV9.1\1397506888.bundle\Contents\Win64\GenericMultiCoreProcessor.dll
2016-03-03 21:39 - 2012-06-28 14:02 - 00079872 _____ () C:\Program Files (x86)\Waves\Plug-Ins\ArtistDLLV9.1\1380205907.bundle\Contents\Win64\GenericMultiCoreProcessor.dll
2016-03-03 21:39 - 2012-06-28 13:56 - 00090624 _____ () C:\Program Files (x86)\Waves\Plug-Ins\ArtistDLLV9.1\1178814532.bundle\Contents\Win64\GenericMultiCoreProcessor.dll
2016-03-03 21:39 - 2012-06-28 14:01 - 00101376 _____ () C:\Program Files (x86)\Waves\Plug-Ins\ArtistDLLV9.1\1380861265.bundle\Contents\Win64\GenericMultiCoreProcessor.dll
2016-03-03 21:39 - 2012-06-28 14:01 - 00121856 _____ () C:\Program Files (x86)\Waves\Plug-Ins\ArtistDLLV9.1\1381388866.bundle\Contents\Win64\GenericMultiCoreProcessor.dll
2016-03-03 21:39 - 2012-06-28 13:50 - 00067584 _____ () C:\Program Files (x86)\Waves\Plug-Ins\ArtistDLLV9.1\1163284300.bundle\Contents\Win64\GenericMultiCoreProcessor.dll
2016-03-03 21:39 - 2012-06-28 14:02 - 00098304 _____ () C:\Program Files (x86)\Waves\Plug-Ins\ArtistDLLV9.1\1398100052.bundle\Contents\Win64\GenericMultiCoreProcessor.dll
2016-03-03 21:39 - 2012-06-28 13:58 - 00153600 _____ () C:\Program Files (x86)\Waves\Plug-Ins\ArtistDLLV9.1\1464091212.bundle\Contents\Win64\GenericMultiCoreProcessor.dll
2016-03-03 21:39 - 2012-06-28 13:48 - 00072192 _____ () C:\Program Files (x86)\Waves\Plug-Ins\ArtistDLLV9.1\1246384195.bundle\Contents\Win64\GenericMultiCoreProcessor.dll
2016-03-03 21:39 - 2012-06-28 14:00 - 00071168 _____ () C:\Program Files (x86)\Waves\Plug-Ins\ArtistDLLV9.1\1162948912.bundle\Contents\Win64\GenericMultiCoreProcessor.dll
2016-03-03 21:39 - 2012-06-28 14:02 - 00259072 _____ () C:\Program Files (x86)\Waves\Plug-Ins\ArtistDLLV9.1\1397575761.bundle\Contents\Win64\GenericMultiCoreProcessor.dll
2016-03-03 21:39 - 2012-06-28 14:00 - 00184320 _____ () C:\Program Files (x86)\Waves\Plug-Ins\ArtistDLLV9.1\1278287904.bundle\Contents\Win64\GenericMultiCoreProcessor.dll
2016-03-03 21:40 - 2012-06-28 13:47 - 00156160 _____ () C:\Program Files (x86)\Waves\Plug-Ins\Maserati GRP.bundle\Contents\Win64\GenericMultiCoreProcessor.dll
2016-03-03 21:39 - 2012-06-28 13:58 - 00072192 _____ () C:\Program Files (x86)\Waves\Plug-Ins\ArtistDLLV9.1\1230393164.bundle\Contents\Win64\GenericMultiCoreProcessor.dll
2016-03-03 21:39 - 2012-06-28 13:55 - 00169984 _____ () C:\Program Files (x86)\Waves\Plug-Ins\ArtistDLLV9.1\1347170625.bundle\Contents\Win64\GenericMultiCoreProcessor.dll
2016-03-03 21:39 - 2012-06-28 13:57 - 00084992 _____ () C:\Program Files (x86)\Waves\Plug-Ins\ArtistDLLV9.1\1447251280.bundle\Contents\Win64\GenericMultiCoreProcessor.dll
2016-03-03 21:39 - 2012-06-28 13:58 - 00145408 _____ () C:\Program Files (x86)\Waves\Plug-Ins\ArtistDLLV9.1\1397506895.bundle\Contents\Win64\GenericMultiCoreProcessor.dll
2016-03-03 21:39 - 2012-06-28 13:51 - 00187904 _____ () C:\Program Files (x86)\Waves\Plug-Ins\ArtistDLLV9.1\1279341121.bundle\Contents\Win64\GenericMultiCoreProcessor.dll
2016-03-03 21:39 - 2012-06-28 13:59 - 00085504 _____ () C:\Program Files (x86)\Waves\Plug-Ins\ArtistDLLV9.1\1145394002.bundle\Contents\Win64\GenericMultiCoreProcessor.dll
2016-03-03 21:39 - 2012-06-28 14:00 - 00076288 _____ () C:\Program Files (x86)\Waves\Plug-Ins\ArtistDLLV9.1\1128811570.bundle\Contents\Win64\GenericMultiCoreProcessor.dll
2016-03-03 04:14 - 2016-03-02 05:49 - 02140824 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.75\libglesv2.dll
2016-03-03 04:14 - 2016-03-02 05:49 - 00097944 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.75\libegl.dll
2016-03-03 01:29 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-03-03 01:29 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-03-03 01:29 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-03-03 01:29 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2016-03-03 01:29 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2016-03-03 01:20 - 2016-03-03 01:20 - 00533576 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.6\log4cplusU.dll
2016-03-03 01:12 - 2016-03-03 01:10 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2016-01-11 10:36 - 2016-01-11 10:36 - 00932032 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2016-03-03 17:07 - 2015-12-15 06:54 - 00782336 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-03-03 17:07 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-03-03 17:07 - 2016-02-04 22:02 - 02546768 _____ () C:\Program Files (x86)\Steam\video.dll
2016-03-03 17:07 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-03-03 17:07 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-03-03 17:07 - 2015-09-24 01:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-03-03 17:07 - 2015-09-24 01:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-03-03 17:07 - 2015-09-24 01:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-03-03 17:07 - 2015-09-24 01:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-03-03 17:07 - 2015-09-24 01:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-03-03 17:07 - 2016-02-04 22:01 - 00802896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-03 17:07 - 2015-12-30 02:51 - 00208896 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2016-03-03 17:07 - 2016-02-04 22:01 - 00139344 _____ () C:\Program Files (x86)\Steam\bin\audio.dll
2016-03-03 17:07 - 2014-11-11 19:48 - 00071680 _____ () C:\Program Files (x86)\Steam\bin\mssmp3.asi
2016-03-03 17:07 - 2014-11-11 19:48 - 00153088 _____ () C:\Program Files (x86)\Steam\bin\mssvoice.asi
2016-03-03 17:07 - 2016-01-06 02:52 - 48387872 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2016-03-03 17:07 - 2015-09-25 00:56 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Da befinden sich 7872 mehr Seiten.
IE restricted site: HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\123simsen.com -> www.123simsen.com
Da befinden sich 7872 mehr Seiten.
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2016-03-03 19:53 - 00456107 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 3dns.adobe.com
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 3dns-5.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate.wip1.adobe.com
127.0.0.1 activate.wip2.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate.wip4.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-1.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 adobe-dns-4.adobe.com
127.0.0.1 adobeereg.com
127.0.0.1 ereg.adobe.com
127.0.0.1 ereg.wip.adobe.com
127.0.0.1 ereg.wip1.adobe.com
127.0.0.1 ereg.wip2.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 ereg.wip4.adobe.com
127.0.0.1 hl2rcv.adobe.com
127.0.0.1 practivate.adobe
127.0.0.1 practivate.adobe.com
127.0.0.1 practivate.adobe.ipp
127.0.0.1 practivate.adobe.newoa
Da befinden sich 15611 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-229030632-1578635348-2299778840-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"
HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\StartupApproved\Run: => "Steam"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{663FAFD4-9C53-4E07-99BC-6365553F9EF6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F0467BB5-D710-43E4-B1A9-5D20ED92EBA8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{16114020-C0DF-4021-B355-2F0D72E4F711}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{254EA03A-C209-41B5-9B1D-438FF08AAFFC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F46746B8-FF2E-49E2-AF11-00464F976BC1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{224CFA6C-1D0C-45E5-96D7-6647558136D3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{D32BF04E-871E-4B06-B96A-99D1A70C633D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{555457AD-9D97-47C5-9F14-6E53BDE46F3A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{52ECEFEA-C853-4926-A427-4F5EA46AB124}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{07CBBE74-71CB-4677-BE1A-053469954760}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{D63D9283-74D3-4B5E-B2C2-404227330C53}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{6D5386F0-4EC0-4965-8112-79648183DBC2}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{85CDDCAB-9692-41D6-84D7-88113E687632}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{127D75D3-E893-4DC4-9409-BB05DF7B62C6}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{2DFB2C1A-99AB-4DC6-A56D-4A80A71AF2DE}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{D6DA640E-FC74-4E66-86F6-00742AD2903B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{6DB999FB-DB88-4A24-8F85-C1A9008F09D9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{29E3EB8A-0FA4-4B38-9FF3-7A48B9FA903B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{82940EC0-2E77-4696-A212-DA41A5537304}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{88785A68-F5EA-485E-BE4E-212E43420654}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{AEBBB646-A11B-4066-A26F-6B435924E5A6}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{10310B69-F8F0-4A85-AD8A-F5898D61675B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{62AF5F0C-1EAF-4BDD-898B-C9C6B9AA1B1A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FEEA1416-87F4-4EDE-AC24-4CB23BE88800}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1735C845-AA32-4586-B8B5-215D1884F19E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{37DCBA5D-87E3-4C72-A665-70DD0583B5D7}] => (Allow) C:\Users\JaafarPC\AppData\Local\Temp\7zS0342\setup\hpznui40.exe
FirewallRules: [{A7F0C6A7-BD42-440D-93EB-6412F1D3C577}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{59D8BF2D-8F72-4775-A85D-20C224207FE5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{85A5527F-A340-4708-9C07-63CC06FE554A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{323184E8-392C-48D6-9853-0BCFC5A6545D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{D8A2572E-5EC1-4D30-89DF-E2321A3560A1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{4597658B-31C6-496C-A524-EE07572B7F5C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{70B010C1-0F64-4106-B10C-2E2E70EDDDCC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{874F7045-E286-49CB-9A3C-4745372FBC95}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{4BED7935-84CA-4776-A447-1CA036FCE417}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{A6B36555-2841-4BB2-AF17-8F125122677F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{1C9B2D0F-E1F2-41AB-B23B-81C588F9C85C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{1102A7AA-D57C-4EC2-B9E3-1A1B23981F39}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{5DF5CA5D-4D68-4038-9032-49B6564FC7C6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{C92A54C3-ACB9-4CB9-9B36-0ECEBAF3F345}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{F3DC64DC-71C5-49F3-A486-B143995DB340}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{3F6B286A-8C41-4756-982F-4CFCD08004B4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{9C2A885D-4AF9-4528-95A3-133252EEE048}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{B47314B4-4DDB-459F-BEBA-F347339B8669}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{6085DB09-5A36-4557-BF9D-37160C9A88DA}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Wiederherstellungspunkte =========================
03-03-2016 01:05:30 DirectX wurde installiert
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Photosmart C6200 series
Description: Photosmart C6200 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: NVIDIA Virtual Audio Device (Wave Extensible) (WDM)
Description: NVIDIA Virtual Audio Device (Wave Extensible) (WDM)
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: nvvad_WaveExtensible
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (03/06/2016 04:35:05 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" in Zeile WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (03/06/2016 04:35:05 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" in Zeile WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (03/06/2016 04:35:05 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" in Zeile WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (03/05/2016 03:59:14 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" in Zeile WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (03/05/2016 03:59:14 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" in Zeile WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (03/05/2016 03:59:14 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" in Zeile WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (03/04/2016 10:59:38 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" in Zeile WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (03/04/2016 10:59:38 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" in Zeile WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (03/04/2016 10:59:38 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" in Zeile WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (03/03/2016 11:20:48 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" in Zeile WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Systemfehler:
=============
Error: (03/06/2016 10:50:09 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.
Error: (03/06/2016 10:50:09 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.
Error: (03/06/2016 04:36:02 AM) (Source: DCOM) (EventID: 10010) (User: JAAFAR)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (03/06/2016 04:35:32 AM) (Source: DCOM) (EventID: 10010) (User: JAAFAR)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (03/05/2016 09:11:05 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.
Error: (03/05/2016 09:11:05 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.
Error: (03/05/2016 04:00:00 AM) (Source: DCOM) (EventID: 10010) (User: JAAFAR)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (03/05/2016 03:59:30 AM) (Source: DCOM) (EventID: 10010) (User: JAAFAR)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (03/04/2016 08:33:30 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.
Error: (03/04/2016 08:33:30 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.
CodeIntegrity:
===================================
Date: 2016-03-06 12:06:18.088
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-06 12:06:17.397
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-06 12:06:13.874
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-06 12:06:13.743
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-06 12:06:13.611
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-06 12:06:13.481
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-06 12:06:13.334
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-06 00:29:56.161
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-06 00:29:55.973
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-06 00:29:55.783
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Xeon(R) CPU X5450 @ 3.00GHz
Prozentuale Nutzung des RAM: 83%
Installierter physikalischer RAM: 6142.49 MB
Verfügbarer physikalischer RAM: 1013.22 MB
Summe virtueller Speicher: 7806.49 MB
Verfügbarer virtueller Speicher: 2741.11 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:111.45 GB) (Free:64.71 GB) NTFS
Drive d: (WINSETUP) (Removable) (Total:14.9 GB) (Free:10.88 GB) FAT32
Drive i: (System-reserviert) (Fixed) (Total:0.34 GB) (Free:0.06 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive j: () (Fixed) (Total:185.97 GB) (Free:181.98 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: E2931C00)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 186.3 GB) (Disk ID: 54901CBA)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=186 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 14.9 GB) (Disk ID: 757BD18E)
Partition 1: (Active) - (Size=14.9 GB) - (Type=0C)
==================== Ende von Addition.txt ============================
|
| Themen zu Browser leitet automatisch auf Werbe-Seiten weiter - Win 8 |
| adobe, antivirus, browser, cid, cpu, defender, desktop, dnsapi.dll, google, iexplore.exe, installation, launch, mozilla, photoshop, problem, proxy, prozesse, registry, rundll, safer networking, scan, secure search, security, services.exe, software, trojan, udp, warnung, windows |
Baum-Darstellung