| Elaine1993 | 03.11.2015 20:39 |
Frst.txt Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-10-2015
durchgeführt von **** auf **** (03-11-2015 20:23:06)
Gestartet von C:\Users\****\Downloads
Geladene Profile: UpdatusUser & **** & **** (Verfügbare Profile: UpdatusUser & **** & ****)
Platform: Windows 8 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 10 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtrksrv.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Intel Corporation) C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Windows\SysWOW64\UMonit64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_226.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_226.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.17516_none_6276a5b950d43361\TiWorker.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Windows\SysWOW64\UMonit64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3350760 2015-06-24] (ELAN Microelectronics Corp.)
HKLM\...\Run: [UMonit64] => C:\windows\SysWOW64\UMonit64.exe [53248 2013-05-09] ()
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2565472 2013-04-22] (TOSHIBA Corporation)
HKLM\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe [1549392 2013-03-05] (TOSHIBA Corporation)
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [172896 2013-04-10] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2013-04-15] (Intel Corporation)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2012-07-21] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [467360 2013-03-08] (TOSHIBA)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-09-21] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [782520 2015-10-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2304837460-40177880-2168194466-1001\...\Run: [] => [X]
HKU\S-1-5-21-2304837460-40177880-2168194466-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [57987712 2015-09-28] (Skype Technologies S.A.)
HKU\S-1-5-21-2304837460-40177880-2168194466-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\scrnsave.scr [11264 2012-07-26] (Microsoft Corporation)
HKU\S-1-5-21-2304837460-40177880-2168194466-1003\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [57987712 2015-09-28] (Skype Technologies S.A.)
HKU\S-1-5-21-2304837460-40177880-2168194466-1003\...\MountPoints2: {dc8f091f-7aec-11e3-be8f-5c514f355344} - "E:\Start.exe"
HKU\S-1-5-21-2304837460-40177880-2168194466-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\scrnsave.scr [11264 2012-07-26] (Microsoft Corporation)
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [245872 2013-04-07] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [201576 2013-04-07] (NVIDIA Corporation)
Startup: D:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2013-09-20]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\..\Interfaces\{59504A3E-F8B2-4AB9-AC65-93F9B27571C7}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9BE98274-0149-47D8-9E5D-2AD0955731C6}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-2304837460-40177880-2168194466-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://toshiba13.msn.com/?pc=TEJB
HKU\S-1-5-21-2304837460-40177880-2168194466-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TEJB
HKU\S-1-5-21-2304837460-40177880-2168194466-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://toshiba.eu/symbaloo_c
HKU\S-1-5-21-2304837460-40177880-2168194466-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/symbaloo_c
HKU\S-1-5-21-2304837460-40177880-2168194466-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bluewin.ch
HKU\S-1-5-21-2304837460-40177880-2168194466-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TEJB
HKU\S-1-5-21-2304837460-40177880-2168194466-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/symbaloo_c
HKU\S-1-5-21-2304837460-40177880-2168194466-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.cit-austria.at/index.php/de/
HKU\S-1-5-21-2304837460-40177880-2168194466-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.cit-austria.at/index.php/de/
HKU\S-1-5-21-2304837460-40177880-2168194466-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TEJB
HKU\S-1-5-21-2304837460-40177880-2168194466-1003\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/symbaloo_c
SearchScopes: HKU\S-1-5-21-2304837460-40177880-2168194466-1002 -> DefaultScope {0E9BD327-ACCF-40CF-98EA-76FC959C2195} URL =
SearchScopes: HKU\S-1-5-21-2304837460-40177880-2168194466-1002 -> {0E9BD327-ACCF-40CF-98EA-76FC959C2195} URL =
SearchScopes: HKU\S-1-5-21-2304837460-40177880-2168194466-1003 -> DefaultScope {0E9BD327-ACCF-40CF-98EA-76FC959C2195} URL =
SearchScopes: HKU\S-1-5-21-2304837460-40177880-2168194466-1003 -> {0E9BD327-ACCF-40CF-98EA-76FC959C2195} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-09-29] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll [2015-10-21] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-21] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-21] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-21] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-2304837460-40177880-2168194466-1003 -> Kein Name - {41564952-412D-5637-00A7-7A786E7484D7} - Keine Datei
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\8zc1fats.default
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-17] ()
FF Plugin: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-21] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw.dll [2012-04-26] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-08] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-21] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-09-20] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2013-09-06] (Nero AG)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [932912 2015-10-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [461672 2015-10-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [461672 2015-10-05] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1147720 2015-10-05] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [240360 2015-09-21] (Avira Operations GmbH & Co. KG)
R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [283296 2013-11-11] (Intel Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2780856 2015-10-07] (Microsoft Corporation)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [16720 2013-07-12] ()
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [147688 2015-06-24] (ELAN Microelectronics Corp.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-08] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtrksrv.exe [161736 2013-05-06] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-05-31] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-08] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [Datei ist nicht signiert]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [Datei ist nicht signiert]
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2013-07-18] (Toshiba Europe GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137800 2015-10-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-10-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-10-05] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [74440 2015-10-05] (Avira Operations GmbH & Co. KG)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2012-09-20] (Broadcom Corporation)
R3 ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [30808 2015-06-24] (ELAN Microelectronic Corp.)
S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [97000 2013-05-17] (GenesysLogic)
S3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [113608 2013-05-06] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21048 2013-05-31] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21048 2013-05-31] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-05-31] ()
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [3648480 2013-10-08] (Intel Corporation)
S3 Secdrv; C:\windows\SysWOW64\drivers\SECDRV.SYS [11616 2001-08-25] () [Datei ist nicht signiert]
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2013-10-05] (Duplex Secure Ltd.)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [31120 2013-05-15] (Windows (R) Win 7 DDK provider)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [206744 2013-06-21] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-06] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [281944 2015-07-06] (Microsoft Corporation)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-10-21] ()
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-28 15:48 - 2015-10-28 15:48 - 00000000 ____D D:\Users\****\Desktop\Lernpraktikum 3
2015-10-28 15:44 - 2015-11-03 15:22 - 00000000 ____D D:\Users\****\Desktop\SHLR
2015-10-28 15:35 - 2015-10-28 15:35 - 00000000 ____D D:\Users\****\Desktop\Testverfahren
2015-10-25 16:14 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_1.dll
2015-10-25 16:14 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_1.dll
2015-10-25 16:14 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_1.dll
2015-10-25 16:14 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_1.dll
2015-10-25 16:14 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_0.dll
2015-10-25 16:14 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_0.dll
2015-10-25 16:14 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_4.dll
2015-10-25 16:14 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_4.dll
2015-10-25 16:14 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_38.dll
2015-10-25 16:14 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_38.dll
2015-10-25 16:14 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_38.dll
2015-10-25 16:14 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_38.dll
2015-10-25 16:14 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_38.dll
2015-10-25 16:14 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_38.dll
2015-10-25 16:14 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_0.dll
2015-10-25 16:14 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_0.dll
2015-10-25 16:14 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_0.dll
2015-10-25 16:14 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_0.dll
2015-10-25 16:14 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_3.dll
2015-10-25 16:14 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_3.dll
2015-10-25 16:14 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_37.dll
2015-10-25 16:14 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_37.dll
2015-10-25 16:14 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_37.dll
2015-10-25 16:14 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_37.dll
2015-10-25 16:14 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_37.dll
2015-10-25 16:14 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_37.dll
2015-10-25 16:14 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_10.dll
2015-10-25 16:14 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_10.dll
2015-10-25 16:14 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_2.dll
2015-10-25 16:14 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_2.dll
2015-10-25 16:14 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_36.dll
2015-10-25 16:14 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_36.dll
2015-10-25 16:14 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_36.dll
2015-10-25 16:14 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_36.dll
2015-10-25 16:14 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_36.dll
2015-10-25 16:14 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_36.dll
2015-10-25 12:12 - 2015-10-25 12:12 - 00000000 ____D C:\EEK
2015-10-24 23:28 - 2015-10-24 23:28 - 00000221 _____ D:\Users\****\Desktop\Tom Clancy's Rainbow Six 3 Gold Edition.url
2015-10-21 15:57 - 2015-10-21 15:57 - 05695079 _____ D:\Users\****\Downloads\LNW SHLR.zip
2015-10-21 14:19 - 2015-10-21 14:19 - 00094656 _____ (CACE Technologies) C:\windows\system32\WPRO_41_2001woem.tmp
2015-10-21 13:20 - 2015-10-21 13:22 - 00000000 ____D C:\AdwCleaner
2015-10-21 12:34 - 2015-10-05 08:50 - 00109272 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2015-10-21 12:34 - 2015-10-05 08:50 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-10-21 12:34 - 2015-10-05 08:50 - 00025816 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2015-10-21 12:33 - 2015-10-21 12:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-10-19 20:01 - 2015-10-19 20:01 - 00003084 _____ C:\windows\System32\Tasks\{61806F2D-D2FB-4BC3-8D1E-3E4C535B123C}
2015-10-19 19:49 - 2015-10-19 19:53 - 215891200 _____ D:\Users\****\Downloads\avira_antivirus_de-de.exe
2015-10-17 15:21 - 2015-10-17 15:21 - 00000000 ____D D:\Users\****\AppData\Roaming\Avira
2015-10-17 15:20 - 2015-10-05 14:51 - 00148632 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2015-10-17 15:20 - 2015-10-05 14:51 - 00137800 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2015-10-17 15:20 - 2015-10-05 14:51 - 00074440 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2015-10-17 15:20 - 2015-10-05 14:51 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avkmgr.sys
2015-10-17 15:11 - 2015-10-17 15:11 - 04562576 _____ (Avira Operations GmbH & Co. KG) D:\Users\****\Downloads\avira_de_av_56225718ec0b0__ws.exe
2015-10-16 11:48 - 2015-10-16 11:48 - 00001607 _____ D:\Users\****\Desktop\papascheeseria_backup_****_day12.papa
2015-10-16 11:37 - 2015-10-17 15:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-15 16:41 - 2015-10-15 16:41 - 00000219 _____ D:\Users\****\Desktop\Day of Defeat Source.url
2015-10-15 15:28 - 2015-09-18 16:09 - 00032432 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2015-10-15 15:28 - 2015-09-18 14:30 - 01290752 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-10-15 15:28 - 2015-09-18 14:30 - 00766464 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-10-15 15:28 - 2015-09-18 14:30 - 00699904 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-10-15 15:28 - 2015-09-18 14:30 - 00503296 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-10-15 15:28 - 2015-09-18 14:30 - 00073216 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-10-15 15:28 - 2015-09-18 14:10 - 01163776 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-10-14 19:14 - 2015-10-14 19:14 - 00000000 ____D D:\Users\****\AppData\Local\CEF
2015-10-13 18:56 - 2015-07-22 23:09 - 00984448 _____ (Microsoft Corporation) C:\windows\system32\ucrtbase.dll
2015-10-13 18:56 - 2015-07-22 23:09 - 00901264 _____ (Microsoft Corporation) C:\windows\SysWOW64\ucrtbase.dll
2015-10-13 18:56 - 2015-07-22 23:09 - 00066400 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-13 18:56 - 2015-07-22 23:09 - 00063840 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-13 18:56 - 2015-07-22 23:09 - 00022368 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-13 18:56 - 2015-07-22 23:09 - 00020832 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-13 18:56 - 2015-07-22 23:09 - 00019808 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-13 18:56 - 2015-07-22 23:09 - 00019808 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-13 18:56 - 2015-07-22 23:09 - 00017760 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-13 18:56 - 2015-07-22 23:09 - 00017760 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-13 18:56 - 2015-07-22 23:09 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-13 18:56 - 2015-07-22 23:09 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-13 18:56 - 2015-07-22 23:09 - 00016224 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-13 18:56 - 2015-07-22 23:09 - 00016224 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-13 18:56 - 2015-07-22 23:09 - 00015712 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-13 18:56 - 2015-07-22 23:09 - 00015712 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-13 18:56 - 2015-07-22 23:09 - 00014176 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-13 18:56 - 2015-07-22 23:09 - 00014176 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-13 18:56 - 2015-07-22 23:09 - 00013664 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-13 18:56 - 2015-07-22 23:09 - 00013664 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-13 18:56 - 2015-07-22 23:09 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-13 18:56 - 2015-07-22 23:09 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-13 18:56 - 2015-07-22 23:09 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-13 18:56 - 2015-07-22 23:09 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-13 18:56 - 2015-07-22 23:09 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-13 18:56 - 2015-07-22 23:09 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-13 18:56 - 2015-07-22 23:09 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-13 18:56 - 2015-07-22 23:09 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-13 18:56 - 2015-07-22 23:09 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-13 18:56 - 2015-07-22 23:09 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-13 18:56 - 2015-07-22 23:09 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-13 18:56 - 2015-07-22 23:09 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-13 18:56 - 2015-07-22 23:09 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-13 18:56 - 2015-07-22 23:09 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-13 18:56 - 2015-07-22 23:09 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-13 18:56 - 2015-07-22 23:09 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-13 18:55 - 2015-10-02 00:55 - 01043968 _____ (Microsoft Corporation) C:\windows\system32\usercpl.dll
2015-10-13 18:55 - 2015-10-02 00:55 - 00588800 _____ (Microsoft Corporation) C:\windows\system32\SHCore.dll
2015-10-13 18:55 - 2015-09-29 04:33 - 06971224 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-10-13 18:55 - 2015-09-29 03:02 - 00961536 _____ (Microsoft Corporation) C:\windows\SysWOW64\usercpl.dll
2015-10-13 18:55 - 2015-09-29 03:02 - 00452608 _____ (Microsoft Corporation) C:\windows\SysWOW64\SHCore.dll
2015-10-13 18:55 - 2015-09-29 03:01 - 00668160 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-10-13 18:55 - 2015-09-22 18:53 - 01405408 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2015-10-13 18:55 - 2015-09-22 18:53 - 01273184 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2015-10-13 18:55 - 2015-09-18 14:32 - 14290944 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-10-13 18:54 - 2015-09-18 14:32 - 13775360 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-10-13 18:54 - 2015-09-18 14:32 - 02866176 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-10-13 18:54 - 2015-09-18 14:32 - 02056704 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-10-13 18:54 - 2015-09-18 14:32 - 01763328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-10-13 18:54 - 2015-09-18 14:32 - 01181696 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-10-13 18:54 - 2015-09-18 14:32 - 00737280 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2015-10-13 18:54 - 2015-09-18 14:32 - 00715264 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-10-13 18:54 - 2015-09-18 14:32 - 00525824 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-10-13 18:54 - 2015-09-18 14:32 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-10-13 18:54 - 2015-09-18 14:32 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-10-13 18:54 - 2015-09-18 14:32 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-10-13 18:54 - 2015-09-18 14:30 - 19280896 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-10-13 18:54 - 2015-09-18 14:30 - 15416320 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-10-13 18:54 - 2015-09-18 14:30 - 03960832 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-10-13 18:54 - 2015-09-18 14:30 - 02656768 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-10-13 18:54 - 2015-09-18 14:30 - 02239488 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-10-13 18:54 - 2015-09-18 14:30 - 01409024 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-10-13 18:54 - 2015-09-18 14:30 - 00949760 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2015-10-13 18:54 - 2015-09-18 14:30 - 00857600 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-10-13 18:54 - 2015-09-18 14:30 - 00603648 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-10-13 18:54 - 2015-09-18 14:30 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-10-13 18:54 - 2015-09-18 14:30 - 00097280 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-10-13 18:53 - 2015-08-01 15:50 - 17562112 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2015-10-13 18:53 - 2015-08-01 14:56 - 19778048 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2015-10-06 12:05 - 2015-10-06 12:05 - 00000000 ____D D:\Users\****\AppData\Roaming\Opera Software
2015-10-06 12:05 - 2015-10-06 12:05 - 00000000 ____D D:\Users\****\AppData\Local\Opera Software
2015-10-04 20:47 - 2015-10-04 20:47 - 00002315 _____ D:\Users\****\Desktop\papasdonuteria_backup_****_day91.papa
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-03 20:23 - 2013-11-18 17:56 - 00000000 ____D C:\FRST
2015-11-03 20:23 - 2013-09-27 20:50 - 00000000 ____D D:\Users\****\AppData\Roaming\Skype
2015-11-03 20:23 - 2013-09-23 13:46 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-11-03 20:02 - 2012-07-26 09:12 - 00000000 ____D C:\windows\system32\sru
2015-11-03 19:58 - 2013-09-19 16:36 - 00000000 ____D D:\Users\****\AppData\Local\Adobe
2015-11-03 19:41 - 2014-12-26 16:52 - 00003886 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2015-11-03 19:41 - 2013-09-19 15:24 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-11-03 19:39 - 2013-08-27 09:48 - 01200779 _____ C:\windows\WindowsUpdate.log
2015-11-03 11:22 - 2013-09-19 16:34 - 00000000 ____D D:\Users\****\AppData\Local\Packages
2015-11-02 19:24 - 2013-09-19 16:40 - 00003596 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2304837460-40177880-2168194466-1003
2015-11-02 10:52 - 2012-07-26 09:12 - 00000000 ____D C:\windows\AUInstallAgent
2015-10-28 15:40 - 2013-09-20 07:01 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-10-27 09:45 - 2013-10-05 13:33 - 00000000 ____D D:\Users\****\AppData\Local\CrashDumps
2015-10-26 22:27 - 2012-08-01 17:38 - 00753134 _____ C:\windows\system32\perfh007.dat
2015-10-26 22:27 - 2012-08-01 17:38 - 00155826 _____ C:\windows\system32\perfc007.dat
2015-10-26 22:27 - 2012-07-26 08:28 - 01745416 _____ C:\windows\system32\PerfStringBackup.INI
2015-10-25 17:15 - 2014-08-26 16:58 - 00000000 ____D C:\Program Files (x86)\Steam
2015-10-25 16:14 - 2013-09-19 15:43 - 00358562 _____ C:\windows\DirectX.log
2015-10-25 12:44 - 2014-11-21 22:57 - 00000000 ___HD C:\$Windows.~BT
2015-10-24 23:28 - 2015-03-22 20:02 - 00000000 ____D D:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-10-24 11:30 - 2013-09-19 09:59 - 00003596 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2304837460-40177880-2168194466-1002
2015-10-21 14:19 - 2013-08-27 09:58 - 00034752 _____ C:\windows\system32\Drivers\WPRO_41_2001.sys
2015-10-21 14:18 - 2013-07-20 01:31 - 00429260 _____ C:\windows\PFRO.log
2015-10-21 14:18 - 2012-07-26 08:22 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-10-21 12:34 - 2014-05-10 22:45 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-21 07:28 - 2015-09-21 20:07 - 00000000 ____D D:\Users\****\.oracle_jre_usage
2015-10-21 07:27 - 2014-08-08 13:41 - 00000000 ____D C:\Program Files (x86)\Java
2015-10-21 07:27 - 2013-09-19 15:38 - 00110176 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll
2015-10-21 07:27 - 2013-09-19 15:37 - 00000000 ____D C:\Program Files\Java
2015-10-20 17:46 - 2012-07-26 08:59 - 00000000 ____D C:\windows\CbsTemp
2015-10-19 20:04 - 2015-09-12 12:39 - 00000000 ____D C:\Program Files (x86)\Opera
2015-10-17 21:18 - 2012-07-26 09:12 - 00000000 ____D C:\windows\rescache
2015-10-17 16:23 - 2013-09-23 13:46 - 00003772 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-10-17 15:40 - 2014-12-12 00:02 - 00000000 ____D C:\windows\system32\appraiser
2015-10-17 15:40 - 2014-07-18 09:03 - 00000000 ___SD C:\windows\system32\CompatTel
2015-10-17 15:20 - 2013-09-22 13:12 - 00000000 ____D C:\Program Files (x86)\Avira
2015-10-17 15:13 - 2013-09-20 21:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-17 15:13 - 2012-07-26 06:26 - 00262144 ___SH C:\windows\system32\config\BBI
2015-10-16 07:35 - 2014-11-13 10:21 - 00809944 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-10-16 07:35 - 2014-11-13 10:21 - 00176096 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-14 23:30 - 2012-07-26 09:12 - 00000000 ___RD C:\windows\ToastData
2015-10-14 21:30 - 2013-09-19 11:03 - 00000000 ____D C:\windows\system32\MRT
2015-10-14 21:25 - 2013-09-19 11:03 - 143481208 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-10-06 12:00 - 2014-09-16 10:54 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-10-06 11:59 - 2014-04-11 22:28 - 00003722 _____ C:\windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2015-10-06 11:59 - 2014-04-11 22:28 - 00003476 _____ C:\windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-02-08 01:44 - 2014-02-08 01:47 - 0027060 _____ () C:\Users\****\AppData\Local\WiDiSetupLog.20140208.014457.wdl
Einige Dateien in TEMP:
====================
D:\Users\****\AppData\Local\Temp\avgnt.exe
D:\Users\****\AppData\Local\Temp\drm_dyndata_7380012.dll
D:\Users\****\AppData\Local\Temp\hcuninstaller_20150222_181314_5336.exe
D:\Users\****\AppData\Local\Temp\jre-8u60-windows-au.exe
D:\Users\****\AppData\Local\Temp\jre-8u65-windows-au.exe
D:\Users\****\AppData\Local\Temp\MGS2B.exe
D:\Users\****\AppData\Local\Temp\MGS362E.exe
D:\Users\****\AppData\Local\Temp\MGS75CF.exe
D:\Users\****\AppData\Local\Temp\MGSBBF4.exe
D:\Users\****\AppData\Local\Temp\MGSCBCA.exe
D:\Users\****\AppData\Local\Temp\MGSD1DB.exe
D:\Users\****\AppData\Local\Temp\MGSD8C8.exe
D:\Users\****\AppData\Local\Temp\MGSF9CB.exe
D:\Users\****\AppData\Local\Temp\SkypeSetup.exe
D:\Users\****\AppData\Local\Temp\vlc-2.1.5-win64.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-10-25 12:48
==================== Ende von FRST.txt ============================
Komischerweise war das Häkchen für den Addition.txt raus, musste einen neuen Scan machen, um den zu kriegen. Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:31-10-2015
durchgeführt von **** (2015-11-03 20:34:50)
Gestartet von C:\Users\****\Downloads
Windows 8 (X64) (2013-09-19 08:52:03)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2304837460-40177880-2168194466-500 - Administrator - Disabled)
**** (S-1-5-21-2304837460-40177880-2168194466-1002 - Administrator - Enabled) => C:\Users\****
**** (S-1-5-21-2304837460-40177880-2168194466-1003 - Limited - Enabled) => D:\Users\****
Gast (S-1-5-21-2304837460-40177880-2168194466-501 - Limited - Disabled)
UpdatusUser (S-1-5-21-2304837460-40177880-2168194466-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.6.0.5970 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.210 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{d6a7cfcc-1f1c-4638-8f9e-0f184696fcdb}) (Version: 1.1.48.9049 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.48.9049 - Avira Operations GmbH & Co. KG) Hidden
BioShock (HKLM-x32\...\Steam App 7670) (Version: - 2K Boston)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
Crysis(R) (HKLM-x32\...\{000E79B7-E725-4F01-870A-C12942B7F8E4}) (Version: 1.00.0000 - Electronic Arts)
Crysis® 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.0.0.0 - Electronic Arts)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Day of Defeat: Source (HKLM-x32\...\Steam App 300) (Version: - Valve)
Die ersten 10 Jahre (HKLM-x32\...\{1C12B0B2-91FB-439A-A64D-1A239F0B7FAB}) (Version: 1.00.0000 - )
Dot4 (HKLM\...\{DD411225-A527-4C56-91BE-15D888B3CCDE}) (Version: 1.0.0.0 - HP)
DTS Studio Sound (HKLM-x32\...\{791692AD-63B2-4A87-A097-4E8DD3CE4BC9}) (Version: 1.00.0090 - DTS, Inc.)
ELAN Touchpad 15.8.3.2_X64_WHQL (HKLM\...\Elantech) (Version: 15.8.3.2 - ELAN Microelectronic Corp.)
Fiesta Online DE (HKLM-x32\...\Fiesta Online DE) (Version: 1.05.023 - Gamigo games)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Genesys Logic USB2.0 Card Reader (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.0.4 - Genesys Logic)
GIMP 2.8.8 (HKLM\...\GIMP-2_is1) (Version: 2.8.8 - The GIMP Team)
Hamachi 1.0.3.0 (HKLM-x32\...\Hamachi) (Version: - )
Intel AppUp(R) center (HKLM-x32\...\Intel AppUp(R) center 43952) (Version: 3.9.0.43952.6 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3224 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{B0366D1E-F89B-4584-B427-ED8E8C41877C}) (Version: 4.1.42.2308 - Intel)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{F949AE30-83D1-41B2-92D2-F44478DD058A}) (Version: 4.2.24.0 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) 4.0 (HKLM-x32\...\{F55120B4-60FC-4617-B00F-A343403D9F2B}) (Version: 3.0.1319.03 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Java 8 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Age of Empires Gold (HKLM-x32\...\Age of Empires Gold 1.0) (Version: - )
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version: - )
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4763.1003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-2304837460-40177880-2168194466-1002\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 41.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla)
Nero Multimedia Suite 12 Suite S (HKLM-x32\...\{0F0F8B5B-BAFA-43FC-9CCE-75FB503301BB}) (Version: 12.0.00500 - Nero AG)
Nero Prerequisite Installer 2.0 (HKLM-x32\...\{0DBC021C-95D9-435A-A4B0-E6515AFD1A71}) (Version: 12.0.01000 - Nero AG)
NVIDIA Graphics Driver 311.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.51 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.4.21.2812 - Electronic Arts, Inc.)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6968 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.5.1333.g822e0de8 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tom Clancy's Rainbow Six 3: Gold Edition (HKLM-x32\...\Steam App 19830) (Version: - Red Storm Entertainment)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.01.02.6405 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{B6619F14-F766-4000-BC8A-522D4CC4E44F}) (Version: 1.0.4.5 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.6.6402 - Toshiba Corporation)
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.51.8.2C - TOSHIBA CORPORATION)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6630.6403 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.14 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{59358FD4-252B-4B38-AB81-955C491A494F}) (Version: 2.0.0.7C - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.9.04.6402 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.0.01.55004008 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.7.0 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{6499E894-43F8-458B-AE35-724F4732BCDE}) (Version: 2.5.6 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0024 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.0.9.32002 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.5.0 - Toshiba Europe GmbH)
Utility Common Driver (x32 Version: 1.0.53.1 - Compal) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
19-10-2015 19:58:43 Removed Bonjour
24-10-2015 11:58:20 Windows Update
25-10-2015 16:13:34 DirectX wurde installiert
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {2108A250-1BB7-47AC-ADAC-EF77A6B56E50} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17] (Adobe Systems Incorporated)
Task: {2D6FF6E8-32D2-4EB6-8E2D-D901F0A0A9F5} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-07-09] (Realtek Semiconductor)
Task: {5FD42410-184E-4871-A63E-483D155FB1FB} - System32\Tasks\UMonitor Task => C:\windows\system32\UMonit64.exe
Task: {63A93CA9-24CB-47DF-9CC5-D146E85DDF70} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {7D769F7E-B734-4507-A4D7-E4F2DF4B50A4} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {95E47C83-051B-4DBB-8428-1A8DCCEB00FE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {97DD55E0-8453-4505-80B8-0237A3742097} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {C776E640-D105-4033-B258-2ABBA10BC9D7} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-03-19] (TOSHIBA Corporation)
Task: {DCBE01FA-D9DB-49F9-9E03-3D1ECBC55052} - System32\Tasks\{61806F2D-D2FB-4BC3-8D1E-3E4C535B123C} => pcalua.exe -a C:\windows\system32\pbsvc.exe -c -u
Task: {E7BF011C-EAF0-473F-8780-91ECD03913BC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2015-10-14] (Microsoft Corporation)
Task: {F754C4B7-E972-45BE-B571-8091CFCA967A} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2013-07-18] (Toshiba Europe GmbH)
Task: {FE30503E-753C-4187-A875-E7C5C989FB05} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-07-12 19:01 - 2013-07-12 19:01 - 00016720 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2013-05-31 00:46 - 2013-05-31 00:46 - 00182760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-05-31 00:46 - 2013-05-31 00:46 - 00060392 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2014-03-21 21:00 - 2015-10-07 19:28 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-08-27 10:03 - 2013-05-09 10:38 - 00053248 _____ () C:\Windows\SysWOW64\UMonit64.exe
2012-07-19 02:38 - 2012-07-19 02:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2014-07-03 12:20 - 2014-07-03 12:20 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-03 12:19 - 2014-07-03 12:19 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-08-27 09:44 - 2013-05-08 21:23 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-11-18 16:06 - 2014-11-18 16:06 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll
2014-11-18 16:06 - 2014-11-18 16:06 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2304837460-40177880-2168194466-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\****\AppData\Local\Microsoft\Windows\Themes\Community\DesktopBackground\5_ravishekhar-backlitflowers.jpg
HKU\S-1-5-21-2304837460-40177880-2168194466-1003\Control Panel\Desktop\\Wallpaper -> D:\Users\****\AppData\Local\Microsoft\Windows\Themes\Fischland\DesktopBackground\20_markusjanse_darß.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: NAUpdate => 2
HKU\S-1-5-21-2304837460-40177880-2168194466-1003\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{59012C8C-C288-4FED-A182-06FD76FD2EFF}] => (Allow) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
FirewallRules: [{029A59DE-ECF0-4826-B459-709EBC7BAA47}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{6652A905-F6E0-4AA7-883B-E368D6EFCE86}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{A558FCA4-6542-47A5-BDB5-872ACEAD1A94}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{F1D45DEE-A135-479A-B213-08E074C7FC20}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{C364F7E3-AD77-4935-A6AC-7FA1963C007F}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{B14EE70F-EB93-4AA8-A475-F8348769C5E3}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{9BA12533-E996-4392-BA73-4DEB96387C7F}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{D3A1459E-886A-44CE-A882-CA30BFEED086}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{9108053D-050C-49B6-95B6-05FC561A2C41}] => (Allow) C:\Users\****\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{1570F90D-BFFF-4D9C-8875-A723E4E90445}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{5A1B3C09-1EB2-40B2-BBD8-D8F4F0997881}] => (Allow) LPort=2869
FirewallRules: [{FD18AFC0-862F-4299-9E16-F5FF78D2C08D}] => (Allow) LPort=1900
FirewallRules: [{CC1DEC79-499D-428B-BC54-4B3F61D170D6}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{5C2C3711-7B04-49EE-AF4F-8720E9890EE4}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{81C895BA-C759-4571-95C2-A720D118B1B0}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{D86160F0-ABEB-4203-AA98-F0247840547E}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [TCP Query User{5540095B-93B3-4840-BD18-F10717D38E4A}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{4C11D051-F0B1-46B0-917E-FC822255DF2C}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{92415757-E29E-42B9-BF4D-5B68A9654115}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{A8874DAB-E0C8-4200-B9FA-835165C233AC}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{8854E884-065F-494C-BE7C-C7B863EFE0E2}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe
FirewallRules: [{095C6388-6A96-4B14-BDD5-9735CD224F29}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe
FirewallRules: [{6617E290-92C4-4947-9A63-E95C726A951E}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe
FirewallRules: [{014FDAA0-4090-422D-B226-AE6DD3E37115}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe
FirewallRules: [{AA6D706B-8BDD-4E02-A8CC-97BDDF51795D}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\Crysis.exe
FirewallRules: [{E46B3704-7114-453D-A6FB-40A80C675F48}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\Crysis.exe
FirewallRules: [{10789E22-FE0A-4736-85C6-9562BB4B14C0}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\CrysisDedicatedServer.exe
FirewallRules: [{7C2879A3-4DA4-4040-923E-7B6A3F34FAE2}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\CrysisDedicatedServer.exe
FirewallRules: [{7D881C36-4F8F-43DB-9EF3-A0A1607E8A68}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{BA8BA6D7-AEC8-47F8-ADC2-CD600C31CE77}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{02335AD2-B4BA-4DBA-AD7C-4412733A4B8A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{FCC6EB57-128D-4879-AC37-E868A90A9DAD}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{E77B865A-3DF2-4A85-B111-532D806D5584}C:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe] => (Allow) C:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe
FirewallRules: [UDP Query User{52419AE9-E72E-48E4-ADFD-2FBCC1BD33E1}C:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe] => (Allow) C:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe
FirewallRules: [{8C0B893E-8B48-46E7-BBB5-570046F2B732}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{10624356-48DB-4687-8DF6-11D81CCF7E0B}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{0F56B907-FC86-4FDC-9EB9-C832C4AF54CE}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe
FirewallRules: [{DF8E2171-20F6-4F24-91A1-6304E94B895E}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe
FirewallRules: [TCP Query User{F8A1332D-C566-4EF0-976D-1C2161DE0FF3}C:\program files (x86)\phenomedia\die ersten 10 jahre\moorhuhn kart 3\moorhuhn_kart3.exe] => (Allow) C:\program files (x86)\phenomedia\die ersten 10 jahre\moorhuhn kart 3\moorhuhn_kart3.exe
FirewallRules: [UDP Query User{6165D383-12F8-46EB-B2E6-B073B83BD4FA}C:\program files (x86)\phenomedia\die ersten 10 jahre\moorhuhn kart 3\moorhuhn_kart3.exe] => (Allow) C:\program files (x86)\phenomedia\die ersten 10 jahre\moorhuhn kart 3\moorhuhn_kart3.exe
FirewallRules: [TCP Query User{5774C14F-3EC8-4240-A934-63291DF67622}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe
FirewallRules: [UDP Query User{FACE02CE-2356-45AD-B6F2-56347FA4A17C}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe
FirewallRules: [{5E43BACA-7E33-4956-B7BA-57F3A2DF37DA}] => (Block) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe
FirewallRules: [{548026C0-A694-403B-A45E-0E846F1650AB}] => (Block) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe
FirewallRules: [{BDA18EE5-D11B-43D7-B853-45148D3B78F5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A9B79233-309B-46A9-9A8E-D74F7FC81B5B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{381FC49D-94F2-4650-82B5-5ABD5ECED955}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{8A6AD4EC-06DE-4C56-BD39-2448216C7E77}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{61489A16-B8B5-4C9C-96A3-3169DF16C53E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{B248ED68-3780-4E15-98D2-DEDA10238A78}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{D2F7F695-CDD9-408F-9658-945552170773}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{624DB779-7756-436E-83ED-369E651AEDD9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{8715184E-CBC1-4283-BC74-AF647A95B5C1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{470D31E5-8C62-4419-B0B7-78E1F618D10C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{706B57D0-7D11-499B-917A-EB41897BB414}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{848C73D6-47DE-4E39-8B04-4F410CAFAA66}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{EA5BD16E-8B4A-466F-B37D-D279E6A382B5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Day of Defeat Source\hl2.exe
FirewallRules: [{D6DDB5E9-9F75-4F55-9531-242E5FD3A99A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Day of Defeat Source\hl2.exe
FirewallRules: [{7BBC9D7C-5C10-4629-94D7-4455B7526576}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rainbow Six 3 Gold\system\RavenShield.exe
FirewallRules: [{465FFDA1-0B28-40FC-92FB-888A83F2F204}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rainbow Six 3 Gold\system\RavenShield.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/03/2015 08:00:20 PM) (Source: MsiInstaller) (EventID: 1023) (User: ****)
Description: Produkt: Adobe Acrobat Reader DC - Deutsch - Update "{AC76BA86-7AD7-0000-2550-AC0F094E6D00}" konnte nicht installiert werden. Fehlercode 1625. Weitere Informationen sind in der Protokolldatei D:\Users\****\AppData\Local\Temp\MSIa5670.LOG enthalten.
Error: (11/02/2015 06:51:26 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (10/29/2015 02:25:42 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (10/27/2015 09:56:25 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (10/27/2015 09:45:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WINWORD.EXE, Version: 15.0.4753.1003, Zeitstempel: 0x55f34d8b
Name des fehlerhaften Moduls: mso.dll, Version: 0.0.0.0, Zeitstempel: 0x55f351b9
Ausnahmecode: 0xc0000602
Fehleroffset: 0x011eacfd
ID des fehlerhaften Prozesses: 0x1cf4
Startzeit der fehlerhaften Anwendung: 0xWINWORD.EXE0
Pfad der fehlerhaften Anwendung: WINWORD.EXE1
Pfad des fehlerhaften Moduls: WINWORD.EXE2
Berichtskennung: WINWORD.EXE3
Vollständiger Name des fehlerhaften Pakets: WINWORD.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: WINWORD.EXE5
Error: (10/25/2015 04:13:55 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.
System Error:
0xC0000039 (unresolvable).
Error: (10/25/2015 01:46:14 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ****)
Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2147024891. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (10/24/2015 11:58:20 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.
System Error:
0xC0000039 (unresolvable).
Error: (10/24/2015 11:58:20 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.
System Error:
0xC0000039 (unresolvable).
Error: (10/24/2015 11:55:37 AM) (Source: $(ProductName) Service Host) (EventID: 0) (User: )
Description: Fehler beim Verarbeiten von Sitzungsänderung. System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
bei System.Timers.Timer.set_Enabled(Boolean value)
bei System.Timers.Timer.Stop()
bei Avira.OE.WinCore.SystemTimersBasedTimer.Stop()
bei Avira.OE.WinCore.DelayedTimer.Stop()
bei Avira.OE.WinCore.RecurrentUserProfileUpdater.ResetTimerForUser(String currentLoggedUser, TimeSpan updateInterval)
bei Avira.OE.WinCore.RecurrentUserProfileUpdater.CommunicatorOnOnUserStatusSet(Object sender, UserStatusSetEventArgs userStatusSetEventArgs)
bei Avira.OE.WinCore.EventHandlerExtensions.SafeInvoke[T](EventHandler`1 evt, Object sender, T e)
bei Avira.OE.Communicator.Communicator.SessionChanged(Session newActiveSession, Session previousActiveSession)
bei Avira.OE.Communicator.Communicator.OnActiveSessionChanged(Object sender, ActiveSessionChangedEventArgs activeSessionChangedEventArgs)
bei Avira.OE.WinCore.EventHandlerExtensions.SafeInvoke[T](EventHandler`1 evt, Object sender, T e)
bei...
Systemfehler:
=============
Error: (11/03/2015 05:44:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Avira Echtzeit-Scanner" wurde unerwartet beendet. Dies ist bereits 8 Mal passiert.
Error: (11/03/2015 01:18:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Avira Echtzeit-Scanner" wurde unerwartet beendet. Dies ist bereits 7 Mal passiert.
Error: (11/03/2015 12:22:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Avira Echtzeit-Scanner" wurde unerwartet beendet. Dies ist bereits 6 Mal passiert.
Error: (11/03/2015 10:41:52 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Avira Echtzeit-Scanner" wurde unerwartet beendet. Dies ist bereits 5 Mal passiert.
Error: (11/03/2015 10:14:25 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Avira Echtzeit-Scanner" wurde unerwartet beendet. Dies ist bereits 4 Mal passiert.
Error: (11/02/2015 08:16:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Avira Echtzeit-Scanner" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.
Error: (11/02/2015 08:06:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/02/2015 08:06:42 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (11/02/2015 11:55:00 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/02/2015 11:54:57 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Prozentuale Nutzung des RAM: 52%
Installierter physikalischer RAM: 8107.71 MB
Verfügbarer physikalischer RAM: 3821.49 MB
Summe virtueller Speicher: 9467.71 MB
Verfügbarer virtueller Speicher: 4272 MB
==================== Laufwerke ================================
Drive c: (System) (Fixed) (Total:343.86 GB) (Free:228.03 GB) NTFS
Drive d: (Daten) (Fixed) (Total:341.63 GB) (Free:308.73 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt ============================
Und sorry, dass ich so spät antworte >_>" ... |
FRST 32-Bit | FRST 64-Bit
Emsisoft Emergency Kit herunter.