Trojaner-Board - TR/Downloader.Gen

Vielen Dank schonmal! :)

FRST.txt:

Code:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:24-10-2015

durchgeführt von Jean (Administrator) auf SHAWN (24-10-2015 21:55:49)

Gestartet von C:\Users\Jean\Desktop

Geladene Profile: Jean (Verfügbare Profile: Jean)

Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)

Internet Explorer Version 11 (Standard-Browser: Chrome)

Start-Modus: Normal

Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Prozesse (Nicht auf der Ausnahmeliste) =================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe

(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe

() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe

(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe

(Toshiba Corporation) C:\Program Files\Toshiba\Teco\TecoService.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHSrv.exe

(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\igfxsrvc.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe

() C:\Windows\SysWOW64\UMonit64.exe

(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe

(TOSHIBA Corporation) C:\Program Files\Toshiba\Teco\TecoResident.exe

(TOSHIBA Corporation) C:\Program Files\Toshiba\Hotkey\TCrdMain_Win8.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Spotify Ltd) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicatorCom.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe

(Creative Technology Ltd.) C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe

(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHWMsg.exe

(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

(Creative Technology Ltd.) C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 

==================== Registry (Nicht auf der Ausnahmeliste) ===========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
 

HKLM\...\Run: [] => [X]

HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [894048 2013-01-12] (Conexant Systems, Inc.)

HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)

HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA Corporation)

HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-14] (TOSHIBA Corporation)

HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-18] (TOSHIBA Corporation)

HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296520 2013-09-12] (TOSHIBA Corporation)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-01] (NVIDIA Corporation)

HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart

HKLM\...\Run: [Creative SB Monitoring Utility] => RunDll32 sbavmon.dll,SBAVMonitor

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778864 2014-08-06] (Synaptics Incorporated)

HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)

HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782520 2015-09-24] (Avira Operations GmbH & Co. KG)

HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe [241789 2010-02-18] (Creative Technology Ltd)

HKLM-x32\...\Run: [Module Loader] => C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe [57344 2007-07-23] (Creative Technology Ltd.)

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized

HKLM-x32\...\Run: [ITSecMng] => C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [80840 2011-04-01] (TOSHIBA CORPORATION)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-3242844674-1499826838-3910466137-1002\...\Run: [HP Photosmart 5520 series (NET)] => C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)

HKU\S-1-5-21-3242844674-1499826838-3910466137-1002\...\Run: [msnmsgr] => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

HKU\S-1-5-21-3242844674-1499826838-3910466137-1002\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1199576 2013-11-24] (Spotify Ltd)

HKU\S-1-5-21-3242844674-1499826838-3910466137-1002\...\Run: [GoogleChromeAutoLaunch_76F2AE789A64FBA063F2980B364474D8] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848 2015-10-09] (Google Inc.)

HKU\S-1-5-21-3242844674-1499826838-3910466137-1002\...\MountPoints2: {f63fe9d4-311a-11e5-828c-c454440695f7} - "E:\LaunchU3.exe" -a

HKU\S-1-5-21-3242844674-1499826838-3910466137-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [133632 2014-10-29] (Microsoft Corporation)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\phase-6 Reminder.lnk [2015-06-06]

ShortcutTarget: phase-6 Reminder.lnk -> C:\Program Files (x86)\phase-6\phase-6\reminder\reminder.exe (phase-6)

Startup: C:\Users\Jean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - .lnk [2014-09-23]

ShortcutTarget: Tintenwarnungen überwachen - .lnk -> C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

Startup: C:\Users\Jean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Photosmart 5520 series (Netzwerk).lnk [2015-10-23]

ShortcutTarget: Tintenwarnungen überwachen - HP Photosmart 5520 series (Netzwerk).lnk -> C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
 

==================== Internet (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
 

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

Tcpip\..\Interfaces\{1EA62D28-66C6-4934-947F-36CB65AE809C}: [DhcpNameServer] 192.168.2.1

Tcpip\..\Interfaces\{4B9244CF-DCF8-4E20-BA14-17AEFF843C2C}: [DhcpNameServer] 192.168.2.1
 

Internet Explorer:

==================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=art&q=

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=art&q=

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q=

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q=

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=

HKU\S-1-5-21-3242844674-1499826838-3910466137-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q=

HKU\S-1-5-21-3242844674-1499826838-3910466137-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=art&q=

HKU\S-1-5-21-3242844674-1499826838-3910466137-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=

HKU\S-1-5-21-3242844674-1499826838-3910466137-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://toshiba.eu/symbaloo_c

HKU\S-1-5-21-3242844674-1499826838-3910466137-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/symbaloo_c

HKU\S-1-5-21-3242844674-1499826838-3910466137-1002\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=

SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 

SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-08-09] (Oracle Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-09] (Oracle Corporation)

DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab

DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab

DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab

Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll Keine Datei

Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll Keine Datei

Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll Keine Datei

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll Keine Datei
 

FireFox:

========

FF ProfilePath: C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\bqd3aupo.default

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-24] ()

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-24] ()

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-09] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-09] (Oracle Corporation)

FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Keine Datei]

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)

FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-05-12] ()

FF Extension: Adblock Plus - C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\bqd3aupo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-10-23]

FF HKLM-x32\...\Firefox\Extensions: [addnFF@AdTech.com] - C:\Program Files (x86)\Addons\firefox.xpi

FF Extension: Kein Name - C:\Program Files (x86)\Addons\firefox.xpi [2014-12-09] [ist nicht signiert]
 

Chrome: 

=======

CHR StartupUrls: Default -> "hxxp://www.sweet-page.com/?type=hp&ts=1393748215&from=cor&uid=TOSHIBAXMQ01ABD075_Z3DLTSY3TXXZ3DLTSY3T"

CHR Session Restore: Default -> ist aktiviert.

CHR Profile: C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2015-10-07]

CHR Extension: (Avira Browserschutz) - C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-10-23]

CHR Extension: (AdBlock) - C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-10-16]

CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-03]

CHR Extension: (Google Quick Scroll) - C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc [2015-10-23]

CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx <nicht gefunden>
 

==================== Dienste (Nicht auf der Ausnahmeliste) ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [932912 2015-09-24] (Avira Operations GmbH & Co. KG)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-09-24] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-09-24] (Avira Operations GmbH & Co. KG)

S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1147720 2015-10-14] (Avira Operations GmbH & Co. KG)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-10-01] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]

S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2014-04-18] (Creative Labs) [Datei ist nicht signiert]

S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-04-18] (Creative Labs) [Datei ist nicht signiert]

R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [Datei ist nicht signiert]

R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19792 2013-09-10] ()

R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-01] (NVIDIA Corporation)

S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]

R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [Datei ist nicht signiert]

S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)

R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-03] (Intel Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)

R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-01] (NVIDIA Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22997648 2015-05-01] (NVIDIA Corporation)

S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)

S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2013-07-19] (Toshiba Europe GmbH)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
 

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4226560 2014-10-17] (Qualcomm Atheros Communications, Inc.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137800 2015-09-24] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-08-05] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)

R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [74440 2015-09-24] (Avira Operations GmbH & Co. KG)

S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)

S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)

S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)

S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)

U5 GeneStor; C:\Windows\System32\Drivers\GeneStor.sys [105704 2013-08-16] (GenesysLogic)

R3 ksaud; C:\Windows\system32\drivers\ksaud.sys [1588608 2011-09-13] (Creative Technology Ltd.)

R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)

R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)

R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-01] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)

S3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation                           )

R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2014-08-06] (Synaptics Incorporated)

R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows (R) Win 7 DDK provider)

S3 Tosrfcom; kein ImagePath

S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52592 2014-10-16] (Cisco Systems, Inc.)

S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)

S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

S1 wStLibG64; system32\drivers\wStLibG64.sys [X]
 

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 

==================== Ein Monat: Erstellte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2015-10-24 21:55 - 2015-10-24 21:55 - 00024809 _____ C:\Users\Jean\Desktop\FRST.txt

2015-10-24 20:54 - 2015-10-24 20:54 - 02196480 _____ (Farbar) C:\Users\Jean\Desktop\FRST64.exe

2015-10-24 20:43 - 2015-10-24 21:55 - 00000000 ____D C:\FRST

2015-10-24 16:03 - 2015-10-24 19:14 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3242844674-1499826838-3910466137-1002

2015-10-24 16:02 - 2015-10-24 21:32 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2015-10-24 16:02 - 2015-10-24 16:02 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

2015-10-24 14:44 - 2015-10-24 14:44 - 138748076 _____ C:\Users\Jean\Downloads\Hardwell On Air 240.mp4

2015-10-24 14:39 - 2015-10-24 14:39 - 01223782 _____ C:\Users\Jean\Downloads\12066682_890338241044116_1406562715_n.mp4

2015-10-24 14:38 - 2015-10-24 14:38 - 02570379 _____ C:\Users\Jean\Downloads\11989547_10153257187018546_1508542313_n.mp4

2015-10-24 14:36 - 2015-10-24 14:36 - 07962251 _____ C:\Users\Jean\Downloads\12026225_1046433348721295_116260988_n.mp4

2015-10-24 14:35 - 2015-10-24 14:35 - 01481076 _____ C:\Users\Jean\Downloads\12005160_10153227930960679_1760550972_n.mp4

2015-10-23 13:06 - 2015-10-23 13:06 - 00000306 __RSH C:\ProgramData\ntuser.pol

2015-10-23 13:06 - 2015-10-23 13:06 - 00000000 ____D C:\Users\Jean\AppData\Roaming\NewNotepad

2015-10-23 13:06 - 2015-10-23 13:06 - 00000000 ____D C:\Program Files (x86)\Addons

2015-10-22 17:08 - 2015-10-21 10:28 - 08771780 _____ C:\Users\Jean\Downloads\03 Never Love Again (feat. Jussie Sm.m4a

2015-10-22 17:08 - 2015-10-21 10:28 - 07573039 _____ C:\Users\Jean\Downloads\01 Mimosa (feat. Jamila Velazquez, R.m4a

2015-10-22 17:08 - 2015-10-21 10:28 - 06084505 _____ C:\Users\Jean\Downloads\04 Mona Lisa (feat. Kelly Rowland).m4a

2015-10-22 17:08 - 2015-10-21 10:28 - 05124428 _____ C:\Users\Jean\Downloads\02 Why Go (feat. Bre-Z).m4a

2015-10-19 11:29 - 2015-10-19 11:29 - 30463465 _____ C:\Users\Jean\Downloads\Justin Bieber - What Do You Mean (ELIAS Remix).mp4

2015-10-18 20:54 - 2015-10-19 12:34 - 08767236 _____ C:\Users\Jean\Downloads\01 Battle Cry (feat. Jussie Smollett.m4a

2015-10-18 20:54 - 2015-10-17 10:08 - 08431726 _____ C:\Users\Jean\Downloads\04 Lago Azul (feat. Jamila Velazquez.m4a

2015-10-18 20:54 - 2015-10-17 10:08 - 07979347 _____ C:\Users\Jean\Downloads\02 When Love Finds U (feat. Jussie S.m4a

2015-10-18 20:54 - 2015-10-17 10:08 - 06921482 _____ C:\Users\Jean\Downloads\03 Ain't About the Money (feat. Juss.m4a

2015-10-17 22:00 - 2015-10-17 22:00 - 05484244 _____ C:\Users\Jean\Downloads\Don Diablo.mp4

2015-10-17 21:56 - 2015-10-17 21:57 - 03970705 _____ C:\Users\Jean\Downloads\12126511_10153217964285679_1071212778_n.mp4

2015-10-17 21:52 - 2015-10-17 21:52 - 06301060 _____ C:\Users\Jean\Downloads\R3hab  (1).mp4

2015-10-17 21:51 - 2015-10-17 21:51 - 04532745 _____ C:\Users\Jean\Downloads\R3hab.mp4

2015-10-17 19:58 - 2015-10-17 19:58 - 01046579 _____ C:\Users\Jean\Downloads\11971343_10153696501128236_1794576065_n.mp4

2015-10-17 18:50 - 2015-10-17 18:50 - 01539841 _____ C:\Users\Jean\Downloads\12131446_700093693423504_308423752_n.mp4

2015-10-17 14:29 - 2015-10-17 14:29 - 140289192 _____ C:\Users\Jean\Downloads\Hardwell On Air 239.mp4

2015-10-17 13:59 - 2015-10-17 14:00 - 02682489 _____ C:\Users\Jean\Downloads\12125013_10153734761406661_1398385658_n.mp4

2015-10-17 13:54 - 2015-10-17 13:55 - 39837720 _____ C:\Users\Jean\Downloads\Julian Calor - Childhood (Original Mix).wav

2015-10-15 22:19 - 2015-10-18 20:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2015-10-15 10:37 - 2015-09-19 05:18 - 00035384 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe

2015-10-15 10:37 - 2015-09-18 15:42 - 01290752 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll

2015-10-15 10:37 - 2015-09-18 15:42 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2015-10-15 10:37 - 2015-09-18 15:42 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll

2015-10-15 10:37 - 2015-09-18 15:42 - 00699904 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll

2015-10-15 10:37 - 2015-09-18 15:42 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll

2015-10-15 10:37 - 2015-09-18 15:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll

2015-10-14 21:39 - 2015-10-14 21:40 - 69129478 _____ C:\Users\Jean\Downloads\18_ILLUMINATE.wav

2015-10-14 15:28 - 2015-09-29 14:31 - 07457624 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2015-10-14 15:28 - 2015-09-29 14:31 - 01658536 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi

2015-10-14 15:28 - 2015-09-29 14:31 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe

2015-10-14 15:28 - 2015-09-29 14:31 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi

2015-10-14 15:28 - 2015-09-29 14:31 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe

2015-10-14 15:28 - 2015-09-24 18:42 - 00348672 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll

2015-10-14 15:28 - 2015-09-24 18:40 - 00737280 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll

2015-10-14 15:28 - 2015-08-27 04:43 - 22372152 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2015-10-14 15:28 - 2015-08-27 04:42 - 19795904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll

2015-10-14 15:28 - 2015-08-07 23:40 - 01736520 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

2015-10-14 15:28 - 2015-08-07 23:40 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll

2015-10-14 15:28 - 2015-08-07 23:40 - 01134752 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll

2015-10-14 15:28 - 2015-08-07 23:40 - 00686960 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll

2015-10-14 15:28 - 2015-08-07 23:40 - 00507176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll

2015-10-14 15:28 - 2015-08-07 16:13 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll

2015-10-14 15:28 - 2015-08-06 19:05 - 00669184 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx

2015-10-14 15:28 - 2015-08-06 18:47 - 04710400 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll

2015-10-14 15:28 - 2015-08-06 18:37 - 00536576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx

2015-10-14 15:28 - 2015-08-06 18:18 - 04068352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll

2015-10-14 15:27 - 2015-09-10 20:02 - 25851392 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2015-10-14 15:27 - 2015-09-10 19:19 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2015-10-14 15:27 - 2015-09-10 19:18 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2015-10-14 15:27 - 2015-09-10 19:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2015-10-14 15:27 - 2015-09-10 19:14 - 05990400 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2015-10-14 15:27 - 2015-09-10 19:09 - 20358144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2015-10-14 15:27 - 2015-09-10 19:06 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2015-10-14 15:27 - 2015-09-10 19:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2015-10-14 15:27 - 2015-09-10 18:51 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2015-10-14 15:27 - 2015-09-10 18:39 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2015-10-14 15:27 - 2015-09-10 18:37 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2015-10-14 15:27 - 2015-09-10 18:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2015-10-14 15:27 - 2015-09-10 18:35 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2015-10-14 15:27 - 2015-09-10 18:33 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2015-10-14 15:27 - 2015-09-10 18:28 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll

2015-10-14 15:27 - 2015-09-10 18:28 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2015-10-14 15:27 - 2015-09-10 18:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2015-10-14 15:27 - 2015-09-10 18:24 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2015-10-14 15:27 - 2015-09-10 18:21 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2015-10-14 15:27 - 2015-09-10 18:19 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2015-10-14 15:27 - 2015-09-10 18:19 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2015-10-14 15:27 - 2015-09-10 18:19 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2015-10-14 15:27 - 2015-09-10 18:17 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2015-10-14 15:27 - 2015-09-10 18:17 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2015-10-14 15:27 - 2015-09-10 18:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2015-10-14 15:27 - 2015-09-10 18:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2015-10-14 15:27 - 2015-09-10 18:02 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2015-10-14 15:27 - 2015-09-10 18:01 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll

2015-10-14 15:27 - 2015-09-10 18:00 - 12853760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2015-10-14 15:27 - 2015-09-10 17:57 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2015-10-14 15:27 - 2015-09-10 17:57 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2015-10-14 15:27 - 2015-09-10 17:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2015-10-14 15:27 - 2015-09-10 17:55 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2015-10-14 15:27 - 2015-09-10 17:55 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2015-10-14 15:27 - 2015-09-10 17:45 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2015-10-14 15:27 - 2015-09-10 17:34 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2015-10-14 15:27 - 2015-09-10 17:31 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2015-10-14 15:27 - 2015-09-10 17:27 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2015-10-14 15:27 - 2015-09-10 17:26 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2015-10-14 15:26 - 2015-09-29 14:29 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe

2015-10-14 15:26 - 2015-09-28 20:45 - 03705344 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

2015-10-14 15:26 - 2015-09-28 20:26 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll

2015-10-14 15:26 - 2015-09-28 20:25 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll

2015-10-14 15:26 - 2015-09-28 20:25 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll

2015-10-14 15:26 - 2015-09-28 20:25 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

2015-10-14 15:26 - 2015-09-28 20:22 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll

2015-10-14 15:26 - 2015-09-28 20:22 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll

2015-10-14 15:26 - 2015-09-28 20:22 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

2015-10-14 15:26 - 2015-09-28 20:15 - 02243072 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll

2015-10-14 15:26 - 2015-09-28 20:13 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll

2015-10-14 15:26 - 2015-09-28 20:12 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll

2015-10-14 15:26 - 2015-08-22 15:42 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll

2015-10-14 15:26 - 2015-08-22 15:42 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll

2015-10-14 15:26 - 2015-08-22 15:42 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll

2015-10-14 15:26 - 2015-08-22 15:42 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll

2015-10-14 15:26 - 2015-08-22 15:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll

2015-10-14 15:26 - 2015-08-22 15:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll

2015-10-14 15:26 - 2015-08-22 15:42 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll

2015-10-14 15:26 - 2015-08-22 15:42 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll

2015-10-14 15:26 - 2015-08-22 15:42 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll

2015-10-14 15:26 - 2015-08-22 15:42 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll

2015-10-14 15:26 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll

2015-10-14 15:26 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll

2015-10-14 15:26 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll

2015-10-14 15:26 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll

2015-10-14 15:26 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll

2015-10-14 15:26 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll

2015-10-14 15:26 - 2015-08-22 15:35 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll

2015-10-14 15:26 - 2015-08-22 15:35 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll

2015-10-14 15:26 - 2015-08-22 15:35 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll

2015-10-14 15:26 - 2015-08-22 15:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll

2015-10-14 15:26 - 2015-08-22 15:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll

2015-10-14 15:26 - 2015-08-22 15:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll

2015-10-14 15:26 - 2015-08-22 15:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll

2015-10-14 15:26 - 2015-08-22 15:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll

2015-10-14 15:26 - 2015-08-22 15:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll

2015-10-14 15:26 - 2015-08-22 15:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll

2015-10-14 15:26 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll

2015-10-14 15:26 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll

2015-10-14 15:26 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll

2015-10-14 15:26 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll

2015-10-14 15:26 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll

2015-10-14 15:26 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll

2015-10-14 15:26 - 2015-07-16 20:58 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\NcdAutoSetup.dll

2015-10-10 22:09 - 2015-10-10 22:10 - 01356779 _____ C:\Users\Jean\Downloads\12075414_915030535237087_215207771_n (1).mp4

2015-10-10 22:08 - 2015-10-10 22:08 - 01080382 _____ C:\Users\Jean\Downloads\11803067_503546819817746_1577302184_n.mp4

2015-10-10 22:07 - 2015-10-10 22:07 - 01193594 _____ C:\Users\Jean\Downloads\12077907_690514827751419_468816679_n.mp4

2015-10-10 22:07 - 2015-10-10 22:07 - 00387820 _____ C:\Users\Jean\Downloads\12054837_961058430617682_2044296104_n.mp4

2015-10-10 22:06 - 2015-10-10 22:06 - 03940627 _____ C:\Users\Jean\Downloads\12126553_10153206799940679_985208360_n.mp4

2015-10-10 22:04 - 2015-10-10 22:04 - 01147775 _____ C:\Users\Jean\Downloads\11945421_10207854799947375_1150338054_n (1).mp4

2015-10-09 16:14 - 2015-10-15 09:45 - 00000000 ____D C:\Users\Jean\Downloads\Empire Season 1

2015-10-09 15:22 - 2015-10-09 15:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TopDDL Serial Generator

2015-10-09 15:21 - 2015-10-23 13:06 - 00003808 _____ C:\Windows\System32\Tasks\2pP

2015-10-09 15:21 - 2015-10-23 13:06 - 00000000 ____D C:\ProgramData\Convertor

2015-10-09 15:21 - 2015-10-09 15:21 - 00000000 ____D C:\Users\Jean\AppData\Roaming\PlusN

2015-10-09 15:20 - 2015-10-09 15:20 - 03531374 _____ C:\Users\Jean\AppData\Local\curl.zip

2015-10-09 15:20 - 2015-10-09 15:20 - 00001091 _____ C:\Users\Jean\Desktop\DocToPDFConverter.lnk

2015-10-09 15:20 - 2015-10-09 15:20 - 00000000 ____D C:\Users\Jean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DocToPDFConverter

2015-10-09 15:20 - 2015-10-09 15:20 - 00000000 ____D C:\Users\Jean\AppData\Roaming\DocToPDFConverter

2015-10-09 15:20 - 2015-10-09 15:20 - 00000000 ____D C:\Users\Jean\AppData\Local\cu

2015-10-09 01:11 - 2015-10-09 01:12 - 08627050 _____ C:\Users\Jean\Downloads\12037506_10153203781740679_1401979162_n.mp4

2015-10-09 01:10 - 2015-10-09 01:10 - 00663160 _____ C:\Users\Jean\Downloads\12010088_1221914421212870_1672415050_n.mp4

2015-10-09 01:09 - 2015-10-09 01:09 - 00248628 _____ C:\Users\Jean\Downloads\12073807_763419957137364_1970909174_n.mp4

2015-10-09 01:08 - 2015-10-09 01:09 - 11857925 _____ C:\Users\Jean\Downloads\12090375_1222349621169350_961484305_n.mp4

2015-10-09 00:36 - 2015-10-09 00:37 - 15654781 _____ C:\Users\Jean\Downloads\Empire - Snitch Bitch feat. Terrence Howard.mp4

2015-10-08 20:35 - 2015-10-08 20:36 - 21499129 _____ C:\Users\Jean\Downloads\Empire Cast - Snitch Bitch (feat. Terrence Howard and Petey Pablo) [Audio].mp4

2015-10-08 20:31 - 2015-10-08 20:31 - 16743865 _____ C:\Users\Jean\Downloads\Empire Cast - Ain't About The Money (feat. Jussie Smollett and Yazz) [Lyric Video].mp4

2015-10-08 20:28 - 2015-10-08 20:28 - 05743186 _____ C:\Users\Jean\Downloads\Yazz - Dynasty feat. Timbaland Audio.mp4

2015-10-08 20:21 - 2015-10-08 20:22 - 40488102 _____ C:\Users\Jean\Downloads\Empire - Dynasty Hakeem ft Timbaland.mp4

2015-10-08 20:21 - 2015-10-08 20:22 - 11644550 _____ C:\Users\Jean\Downloads\Empire - Dynasty Hakeem ft Timbaland (1).mp4

2015-10-07 23:40 - 2015-10-07 23:40 - 11473284 _____ C:\Users\Jean\Downloads\Empire Cast - Do It (Feat.Becky G) (2).mp4

2015-10-07 23:39 - 2015-10-07 23:40 - 11473284 _____ C:\Users\Jean\Downloads\Empire Cast - Do It (Feat.Becky G) (1).mp4

2015-10-07 23:19 - 2015-10-07 23:19 - 03615191 _____ C:\Users\Jean\Downloads\Empire Cast - Do It (Feat.Becky G).mp4

2015-10-05 17:24 - 2015-10-05 17:28 - 184878066 _____ C:\Users\Jean\Downloads\Welcome to KSHMR Vol. 6.mp4

2015-10-04 22:09 - 2015-10-04 22:10 - 258852618 _____ C:\Users\Jean\Downloads\Spinnin' Records ADE 2015 - Night Mix.mp4

2015-10-04 17:15 - 2015-10-04 17:15 - 10848989 _____ C:\Users\Jean\Downloads\The Wave vs. Push Play (3dgarFast Bootleg).rar

2015-10-04 17:15 - 2015-10-04 17:15 - 07689342 _____ C:\Users\Jean\Downloads\Lose That Timecode For Real (3dgarFast MASHUP).rar

2015-10-04 17:10 - 2015-10-04 17:12 - 459989369 _____ C:\Users\Jean\Downloads\#WEAREFAMILY (Mashup Compilation) By 3dgarFast.rar

2015-10-04 01:09 - 2015-10-04 01:10 - 09852561 _____ C:\Users\Jean\Downloads\12045982_10153194670375679_13244121_n.mp4

2015-10-03 18:49 - 2015-10-03 18:49 - 01147775 _____ C:\Users\Jean\Downloads\11945421_10207854799947375_1150338054_n.mp4

2015-10-03 17:38 - 2015-10-03 17:38 - 01128462 _____ C:\Users\Jean\Downloads\11946096_10153193194250679_1069288703_n.mp4

2015-10-01 19:45 - 2015-10-01 19:45 - 08862572 _____ C:\Users\Jean\Downloads\11092229_1688704568031628_508825457_n.mp4

2015-10-01 19:40 - 2015-10-01 19:40 - 01356779 _____ C:\Users\Jean\Downloads\12075414_915030535237087_215207771_n.mp4

2015-10-01 19:38 - 2015-10-01 19:38 - 00929019 _____ C:\Users\Jean\Downloads\11866625_10156117719155298_41690444_n.mp4

2015-09-30 18:38 - 2015-09-30 18:44 - 96566718 _____ C:\Users\Jean\Downloads\W&W Set.mp4

2015-09-29 13:03 - 2015-09-29 13:03 - 35379357 _____ C:\Users\Jean\Downloads\Viel Spaß mit Vincent Pfäfflin - TV total.mp4

2015-09-29 13:02 - 2015-09-29 13:02 - 13086235 _____ C:\Users\Jean\Downloads\WWW.DOWNVIDS.NET-Sixpacks und Intelligenz vereint - TV total.mp4

2015-09-28 23:45 - 2015-09-28 23:45 - 00495313 _____ C:\Users\Jean\Downloads\10989830_1014217905285302_407449398_n.mp4

2015-09-28 23:40 - 2015-09-28 23:40 - 07510543 _____ C:\Users\Jean\Downloads\DELAC - Stranger Dance (Beatsession Remix).mp4

2015-09-28 10:58 - 2015-09-28 10:58 - 83277889 _____ C:\Users\Jean\Downloads\Mightyfools (DJ-set) - Bij Igmar.mp4

2015-09-27 20:06 - 2015-09-27 20:06 - 02988434 _____ C:\Users\Jean\Downloads\11866756_10153183984225679_1060750856_n.mp4

2015-09-27 00:26 - 2015-09-27 00:27 - 13221973 _____ C:\Users\Jean\Downloads\11866856_1124418684253568_554559855_n.mp4

2015-09-27 00:25 - 2015-09-27 00:26 - 01095641 _____ C:\Users\Jean\Downloads\12021190_10153098268271981_1367128582_n.mp4

2015-09-27 00:24 - 2015-09-27 00:24 - 03155352 _____ C:\Users\Jean\Downloads\11914291_10153171259765679_954477928_n.mp4

2015-09-27 00:21 - 2015-09-27 00:22 - 00758738 _____ C:\Users\Jean\Downloads\11929530_1624059124515930_902920052_n.mp4

2015-09-26 23:40 - 2015-09-26 23:48 - 50118910 _____ C:\Users\Jean\Downloads\House Every Weekend (Mike Mago Remix).wav

2015-09-26 18:13 - 2015-09-26 18:14 - 92966250 _____ C:\Users\Jean\Downloads\MOTi (DJ-set) - Bij Igmar.mp4

2015-09-26 13:21 - 2015-09-26 13:21 - 11151357 _____ C:\Users\Jean\Downloads\No Mondays feat. Monstère - Let It Be You (Preview).mp4

2015-09-25 11:54 - 2015-03-27 17:50 - 03888920 _____ (Piriform Ltd) C:\Users\Jean\Downloads\recuva.exe

2015-09-25 11:53 - 2015-03-27 17:50 - 04938520 _____ (Piriform Ltd) C:\Users\Jean\Downloads\recuva64.exe

2015-09-24 20:20 - 2015-09-24 20:21 - 01063243 _____ C:\Users\Jean\Downloads\11925431_10153177433380679_1385038000_n.mp4

2015-09-24 20:18 - 2015-09-24 20:18 - 02318056 _____ C:\Users\Jean\Downloads\12023556_10153178858110679_1658389714_n.mp4

2015-09-24 20:16 - 2015-09-24 20:25 - 53275353 _____ C:\Users\Jean\Downloads\11946674_1082797711752581_626938223_n.mp4

2015-09-24 20:16 - 2015-09-24 20:17 - 02316923 _____ C:\Users\Jean\Downloads\12005299_1532185153738345_1602378357_n.mp4

2015-09-24 00:16 - 2015-09-24 00:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
 

==================== Ein Monat: Geänderte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2015-10-24 21:55 - 2014-03-03 01:22 - 50121216 ___SH C:\Users\Jean\Downloads\Thumbs.db

2015-10-24 21:19 - 2014-01-02 21:09 - 01714969 _____ C:\Windows\WindowsUpdate.log

2015-10-24 21:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru

2015-10-24 18:56 - 2014-03-02 07:10 - 00003770 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{85F9AC9E-552E-4C3C-8183-96B3B7AA0414}

2015-10-24 16:02 - 2015-09-16 12:03 - 00000000 ____D C:\Users\Jean\AppData\Local\Adobe

2015-10-24 10:38 - 2013-08-22 16:46 - 02627474 _____ C:\Windows\setupact.log

2015-10-23 13:06 - 2013-08-22 17:36 - 00000000 ___HD C:\Windows\system32\GroupPolicy

2015-10-23 13:06 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy

2015-10-23 11:44 - 2014-03-02 07:06 - 00000000 __RDO C:\Users\Jean\SkyDrive

2015-10-23 11:25 - 2014-01-02 21:37 - 215085314 _____ C:\Users\Public\CAFADEBUG.log

2015-10-23 11:02 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness

2015-10-22 17:09 - 2014-03-02 20:28 - 00000000 ____D C:\Users\Jean\AppData\Roaming\vlc

2015-10-22 15:21 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp

2015-10-18 20:25 - 2015-04-04 21:15 - 00000000 ___SD C:\Windows\system32\GWX

2015-10-18 20:22 - 2013-11-24 18:53 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI

2015-10-18 20:22 - 2013-08-28 11:59 - 00765582 _____ C:\Windows\system32\perfh007.dat

2015-10-18 20:22 - 2013-08-28 11:59 - 00159366 _____ C:\Windows\system32\perfc007.dat

2015-10-18 20:14 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2015-10-18 20:12 - 2015-04-11 20:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2015-10-18 20:12 - 2013-11-25 03:39 - 00448666 _____ C:\Windows\PFRO.log

2015-10-18 20:11 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI

2015-10-18 20:08 - 2015-04-04 21:15 - 00000000 ___SD C:\Windows\SysWOW64\GWX

2015-10-18 20:08 - 2014-12-11 09:57 - 00000000 ____D C:\Windows\system32\appraiser

2015-10-18 20:08 - 2014-07-15 13:54 - 00000000 ___SD C:\Windows\system32\CompatTel

2015-10-18 20:08 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData

2015-10-16 15:40 - 2014-05-25 18:10 - 00000000 ____D C:\ProgramData\Microsoft Help

2015-10-16 15:38 - 2014-03-02 17:56 - 00000000 ____D C:\Windows\system32\MRT

2015-10-16 15:30 - 2014-03-02 17:56 - 143481208 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2015-10-16 06:51 - 2015-03-18 11:35 - 00810488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2015-10-16 06:51 - 2015-03-18 11:35 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2015-10-15 20:22 - 2014-03-02 07:24 - 00002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2015-10-15 10:08 - 2014-12-17 15:21 - 00000000 ____D C:\Users\Jean\Documents\Audacity

2015-10-15 10:08 - 2014-05-22 21:09 - 00000000 ____D C:\Users\Jean\AppData\Roaming\Audacity

2015-10-13 22:58 - 2014-03-03 01:22 - 00000000 ____D C:\Users\Jean\AppData\Roaming\foobar2000

2015-10-09 15:29 - 2014-04-13 20:35 - 00000000 ____D C:\Program Files\WinRAR

2015-10-09 15:17 - 2014-04-13 20:35 - 00000000 ____D C:\Users\Jean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

2015-10-09 15:17 - 2014-04-13 20:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

2015-10-06 17:16 - 2015-07-15 12:38 - 06606465 _____ C:\Users\Jean\Downloads\01_Live_Forever_feat_Faydee.m4a

2015-09-27 19:49 - 2014-05-29 15:20 - 02461696 ___SH C:\Users\Jean\Documents\Thumbs.db

2015-09-24 00:16 - 2015-05-05 12:52 - 00002033 _____ C:\Users\Public\Desktop\Avira Antivirus.lnk

2015-09-24 00:14 - 2014-03-08 21:14 - 00137800 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys

2015-09-24 00:14 - 2014-03-08 21:14 - 00074440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
 

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
 

2015-10-09 15:20 - 2015-10-09 15:20 - 3531374 _____ () C:\Users\Jean\AppData\Local\curl.zip

2014-07-02 20:45 - 2014-07-02 20:45 - 0000057 _____ () C:\ProgramData\Ament.ini

2014-04-18 18:43 - 2010-06-29 09:04 - 0001772 _____ () C:\ProgramData\cfSB1095.ini
 

Einige Dateien in TEMP:

====================

C:\Users\Jean\AppData\Local\Temp\avgnt.exe
 
 

==================== Bamital & volsnap =================
 

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
 

C:\Windows\system32\winlogon.exe => Datei ist digital signiert

C:\Windows\system32\wininit.exe => Datei ist digital signiert

C:\Windows\explorer.exe => Datei ist digital signiert

C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert

C:\Windows\system32\svchost.exe => Datei ist digital signiert

C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert

C:\Windows\system32\services.exe => Datei ist digital signiert

C:\Windows\system32\User32.dll => Datei ist digital signiert

C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert

C:\Windows\system32\userinit.exe => Datei ist digital signiert

C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert

C:\Windows\system32\rpcss.dll => Datei ist digital signiert

C:\Windows\system32\dnsapi.dll => Datei ist digital signiert

C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert

C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
 
 

LastRegBack: 2015-08-01 10:27
 

==================== Ende von FRST.txt ============================

Addition.txt:

Code:

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:24-10-2015

durchgeführt von Jean (2015-10-24 21:56:16)

Gestartet von C:\Users\Jean\Desktop

Windows 8.1 (X64) (2014-03-02 05:02:35)

Start-Modus: Normal

==========================================================
 
 

==================== Konten: =============================
 

Administrator (S-1-5-21-3242844674-1499826838-3910466137-500 - Administrator - Disabled)

Gast (S-1-5-21-3242844674-1499826838-3910466137-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-3242844674-1499826838-3910466137-1004 - Limited - Enabled)

Jean (S-1-5-21-3242844674-1499826838-3910466137-1002 - Administrator - Enabled) => C:\Users\Jean
 

==================== Sicherheits-Center ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
 

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 

==================== Installierte Programme ======================
 

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
 

Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)

Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden

Amazon 1Button App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.4 - Amazon)

ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach)

Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)

Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)

Avira (HKLM-x32\...\{9bd9b85e-7792-483b-a318-cc51ff0877ed}) (Version: 1.1.22.50000 - Avira Operations GmbH & Co. KG)

Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.210 - Avira Operations GmbH & Co. KG)

AVS Video Editor 7.0 (HKLM-x32\...\AVS Video Editor_is1) (Version: 7.0.1.258 - Online Media Technologies Ltd.)

Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden

Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v9.10.32(T) - TOSHIBA CORPORATION)

Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.05187 - Cisco Systems, Inc.)

Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.05187 - Cisco Systems, Inc.) Hidden

Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.2.0 - Conexant)

Creative Audio-Systemsteuerung (HKLM-x32\...\AudioCS) (Version: 3.00 - Creative Technology Limited)

Creative Systeminformationen (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

DocToPDFConverter (HKU\S-1-5-21-3242844674-1499826838-3910466137-1002\...\DocToPDFConverter) (Version: 01.00.00.00 - VolatoTech)

Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.01 - Creative Technology Limited)

DTS Sound (HKLM-x32\...\{2DFA9084-CEB3-4A48-B9F7-9038FEF1B8F4}) (Version: 1.01.2700 - DTS, Inc.)

Empress of the Deep - The Darkest Secret (x32 Version: 2.2.0.98 - WildTangent) Hidden

EndNote X7 (HKLM-x32\...\{86B3F2D6-AC2B-0017-8AE1-F2F77F781B0C}) (Version: 17.1.0.7705 - Thomson Reuters)

FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)

FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )

foobar2000 v1.3.1 (HKLM-x32\...\foobar2000) (Version: 1.3.1 - Peter Pawlowski)

Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Free Studio version 2014 (HKLM-x32\...\Free Studio_is1) (Version: 6.2.11.225 - DVDVideoSoft Ltd.)

Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.0.8 - Genesys Logic)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.71 - Google Inc.)

Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden

HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)

HP Photosmart 5520 series - Grundlegende Software für das Gerät (HKLM\...\{4F396B08-301D-4E53-A372-95A7E93ABD04}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

HP Photosmart 5520 series Hilfe (HKLM-x32\...\{640A03B3-4E6B-4440-A350-E6A8D6348F12}) (Version: 27.0.0 - Hewlett Packard)

HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)

IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)

Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)

Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)

Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)

Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden

Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)

Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden

Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )

Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden

MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)

Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM-x32\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)

Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)

Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)

Microsoft SkyDrive (HKU\S-1-5-21-3242844674-1499826838-3910466137-1002\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d07b0db5-8dad-40e1-be90-88026298a46b}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{2749c485-3a8b-4533-92ff-7cf6e8221cff}) (Version: 11.0.61030.0 - Microsoft Corporation)

Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Mozilla Firefox 41.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla)

NAVIGON Fresh 3.5.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.5.1 - NAVIGON)

NVIDIA GeForce Experience 2.4.3.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.3.22 - NVIDIA Corporation)

NVIDIA Grafiktreiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)

NVIDIA PhysX-Systemsoftware 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)

Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden

phase-6 2.1.2.1b (HKLM-x32\...\phase-6) (Version: 2.1.2.1b - phase-6)

PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )

Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden

Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden

Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.306 - Qualcomm Atheros)

Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)

QuickTime (HKLM-x32\...\QuickTime) (Version:  - )

ResearchSoft Direct Export Helper (HKLM-x32\...\ResearchSoft Direct Export Helper) (Version:  - Thomson Reuters)

scilab-5.5.1 (64-bit) (HKLM\...\scilab-5.5.1 (64-bit)_is1) (Version:  - Scilab Enterprises)

SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden

SHIELD Wireless Controller Driver (Version: 2.4.3.22 - NVIDIA Corporation) Hidden

Sound Blaster X-Fi Surround 5.1 Pro (HKLM-x32\...\{0A9DA353-D0CD-4922-A54B-2F5F4EC90986}) (Version: 1.0 - Creative Technology Limited)

SoundDownloader (HKLM-x32\...\SoundDownloader_is1) (Version:  - )

Spotify (HKLM-x32\...\Spotify) (Version: 0.8.5.1333.g822e0de8 - Spotify AB)

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.10.51 - Synaptics Incorporated)

TOSHIBA Addendum (HKLM-x32\...\{C1569944-FAD6-4B3B-85E5-C213C2FF8EFC}) (Version: 1.00 - TOSHIBA)

TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.02.01.6407 - Toshiba Corporation)

TOSHIBA Display Utility (HKLM\...\{5F6AC07E-50EF-422E-B56E-6521E5B35139}) (Version: 1.1.12.0 - Toshiba Corporation)

TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.2.0.6404 - Toshiba Corporation)

TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0001.6403 - Toshiba Corporation)

TOSHIBA Gesture Controller (HKLM-x32\...\{8C5B4504-3996-4F30-8F01-DA7A8455430B}) (Version: 4.0.110.2 - Toshiba Corporation)

TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)

TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{26BB68BB-CF93-4A12-BC6D-A3B6F53AC8D9}) (Version: 5.0.1.0 - Toshiba Corporation)

TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.9.09.6400 - Toshiba Corporation)

TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.1.02.55065006 - Toshiba Corporation)

TOSHIBA Service Station (HKLM\...\{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}) (Version: 2.6.8 - Toshiba Corporation)

TOSHIBA Start Screen Option (HKLM\...\{06B71035-F19F-4F76-9875-FFCCD4FC3F83}) (Version: 1.00.00.6403 - Toshiba Corporation)

TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0030 - Toshiba Corporation)

TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.1.2.32001 - Toshiba Corporation)

Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.5.0 - Toshiba Europe GmbH)

TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.49.124  - Toshiba Corporation)

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)

Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)

Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)

Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden

Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden

VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)

VSDC Free Video Editor Version 2.3.1.339 (HKLM-x32\...\VSDC Free Video Editor_is1) (Version: 2.3.1.339 - Flash-Integro LLC)

WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)

WildTangent Games App (Toshiba Games) (x32 Version: 4.0.9.7 - WildTangent) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)

WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)

WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

WordToPDF 2.9 (HKLM-x32\...\WordToPDF_is1) (Version: 2.9 - Mario Noack)
 

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 

==================== Wiederherstellungspunkte =========================
 

16-10-2015 15:27:13 Windows Update

22-10-2015 15:19:09 Windows Update

24-10-2015 15:52:30 Removed Advanced Archive Password Recovery
 

==================== Hosts Inhalt: ===============================
 

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
 

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
 

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - \Microsoft\Windows\Application Experience\AitAgent -> Keine Datei <==== ACHTUNG

Task: {1274336E-AB06-46B6-A48C-0671C5557CC6} - \Microsoft\Windows\TaskScheduler\Maintenance Configurator -> Keine Datei <==== ACHTUNG

Task: {1687544D-7247-4F5A-965A-A6E920E55278} - \Microsoft\Windows\TaskScheduler\Manual Maintenance -> Keine Datei <==== ACHTUNG

Task: {46C2B252-ADD7-4C9F-85B8-8AB7FC2AB064} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-10-16] (Microsoft Corporation)

Task: {550A92A6-FE5A-4C3C-A0BF-4E1E1897C6A2} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-07-31] (TOSHIBA Corporation)

Task: {5D738904-8FD9-4D2A-98E5-D3032F5672E4} - System32\Tasks\2pP => C:\ProgramData\Convertor\Convertor.exe [2015-10-22] (Don HO don.h@free.fr) <==== ACHTUNG

Task: {69A91ED7-B2D3-42C8-96D2-9D21225D8B32} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-24] (Adobe Systems Incorporated)

Task: {6B2492E9-5E25-4844-AE28-060913D98A25} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2013-07-19] (Toshiba Europe GmbH)

Task: {6F02587F-8A2B-4552-97F6-DEEF229E335B} - \Microsoft\Windows\TaskScheduler\Idle Maintenance -> Keine Datei <==== ACHTUNG

Task: {B7992938-01F1-4F40-A0EC-0D23D2F0F152} - \Microsoft\Windows\TaskScheduler\Regular Maintenance -> Keine Datei <==== ACHTUNG

Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - \Microsoft\Windows\SettingSync\BackupTask -> Keine Datei <==== ACHTUNG

Task: {EBC8E186-BD86-4A0D-9B4C-7FFF473D5302} - \DriverMgr -> Keine Datei <==== ACHTUNG

Task: {FB485CD0-25BA-4460-8AD3-2E9186EDA350} - \WinKit -> Keine Datei <==== ACHTUNG
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
 

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
 

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
 

2013-09-10 22:54 - 2013-09-10 22:54 - 00019792 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe

2014-01-02 21:09 - 2015-04-09 02:58 - 00012104 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll

2014-01-02 21:10 - 2015-04-08 23:30 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2014-01-02 21:22 - 2013-08-28 18:08 - 00053248 _____ () C:\Windows\SysWOW64\UMonit64.exe

2012-07-19 04:38 - 2012-07-19 04:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll

2014-04-18 18:44 - 2009-12-29 16:52 - 00089088 _____ () C:\Windows\SYSTEM32\CmdRtr64.DLL

2014-04-18 18:44 - 2010-07-22 16:46 - 00237056 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL

2014-10-16 02:48 - 2014-10-16 02:48 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll

2014-01-02 21:02 - 2013-09-03 17:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

2015-05-17 19:29 - 2015-05-01 18:52 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll

2014-01-02 21:09 - 2015-04-09 02:58 - 00012104 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll

2015-10-15 20:22 - 2015-10-09 02:53 - 01532744 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.71\libglesv2.dll

2015-10-15 20:22 - 2015-10-09 02:53 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.71\libegl.dll

2015-10-16 12:55 - 2015-10-15 13:20 - 16493256 _____ () C:\Users\Jean\AppData\Local\Google\Chrome\User Data\PepperFlash\19.0.0.226\pepflashplayer.dll
 

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
 
 

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
 

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
 
 

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
 
 

==================== Andere Bereiche ============================
 

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 

HKU\S-1-5-21-3242844674-1499826838-3910466137-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Toshiba\Standard.jpg

DNS Servers: 192.168.2.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall ist aktiviert.
 

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
 

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 
 

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139

FirewallRules: [{2CD07E91-45BA-4E3F-A259-C895FCE18E87}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe

FirewallRules: [{34BE7119-A0FC-4FE4-86DF-363A4CECB88F}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe

FirewallRules: [{AF34F286-D165-4CF3-9D93-EDBDC2DFA5E4}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe

FirewallRules: [{0CAA4BEA-7B40-4551-938E-6094F6A62B0E}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe

FirewallRules: [{B85BB08D-0EFC-4F45-9401-E7F323943D55}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

FirewallRules: [{F22EA710-BEED-4718-8237-36594D31B56F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

FirewallRules: [{8C56B56E-0055-49DA-BE6D-3197D3916B37}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe

FirewallRules: [{743DF7B2-EF99-4086-83DA-F01F064186B9}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe

FirewallRules: [{F0DEFC75-7176-4184-8D4B-0C689A3D6EBC}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe

FirewallRules: [{E4D8D86B-0A41-476A-B54E-6B7F544C1611}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe

FirewallRules: [{C1E30624-8878-4524-BAD3-F9799C73596C}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe

FirewallRules: [{436CA98D-DF07-400A-BDD8-1753FB1F3449}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe

FirewallRules: [{274BB186-812C-4B14-BB3E-5E50A0429FDF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

FirewallRules: [{ACF9F482-E67E-4749-91EA-D9D6CDCA2020}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

FirewallRules: [{1CDF67C6-763D-4242-9A8E-6C8238D885A8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe

FirewallRules: [{97628362-61E0-428E-91BC-24655695BEDD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe

FirewallRules: [{86E7131B-29D2-4239-8EA0-94303E61B1F4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{D1B08E6D-CB43-46AC-A0EC-8354B7340644}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{58C932A1-E772-4426-98A4-B69BAFB15A39}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\DeviceSetup.exe

FirewallRules: [{DD5811C1-D723-46CC-AABC-5671880D1CE5}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicator.exe

FirewallRules: [{318AE829-50B1-47E2-B067-7A0B293EE971}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicatorCom.exe

FirewallRules: [TCP Query User{1E5F3335-23ED-42ED-A0F1-B383DB4CBE9C}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Block) C:\program files (x86)\mediamonkey\mediamonkey.exe

FirewallRules: [UDP Query User{DCC6E28F-EE98-4FDF-BE40-EAAB6E905F99}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Block) C:\program files (x86)\mediamonkey\mediamonkey.exe

FirewallRules: [{6C027350-77BE-44EA-85C5-B5404031F964}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

FirewallRules: [{99F8BF38-BE92-49D9-99C4-209288AF5977}] => (Allow) LPort=2869

FirewallRules: [{52ABB139-94F3-4C1E-8583-7FF5D6931A94}] => (Allow) LPort=1900

FirewallRules: [{42EB1674-441C-4B95-BC39-E786F8A14861}] => (Allow) C:\Users\Jean\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe

FirewallRules: [{28455395-936B-4D2A-9CD3-57ACFF90001A}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

FirewallRules: [{85051D11-9B00-462B-9CC5-A30ED09457C4}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\VideoEditor.exe

FirewallRules: [{5E57AAFC-2FA4-48BC-A04F-FEE8C17312E6}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\VideoEditor.exe

FirewallRules: [{AF258BA3-C1B8-471C-A275-EAAA90751076}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\Updater.exe

FirewallRules: [{45D6A796-5A8E-43F6-A165-86C7687A6C7C}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\Updater.exe

FirewallRules: [{D134182B-DA35-47CD-95E8-CE726ED302F8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{56C2D26E-1DF3-4FB2-BD34-F33727CEA78C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{DF0FE9A3-608A-4CE1-9FBD-2BD54053D847}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 

==================== Fehlerhafte Geräte im Gerätemanager =============
 

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64

Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Cisco Systems

Service: vpnva

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 

==================== Fehlereinträge in der Ereignisanzeige: =========================
 

Applikationsfehler:

==================

Error: (10/24/2015 04:15:24 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Programm LiveComm.exe, Version 17.5.9600.20911 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
 

Prozess-ID: 23bc
 

Startzeit: 01d10e65ad97daa0
 

Endzeit: 4294967295
 

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe
 

Berichts-ID: a36eb686-7a59-11e5-82a6-c454440695f7
 

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe
 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
 

Error: (10/24/2015 11:45:24 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )

Description: NvStreamSvcFailed continue stopping. [6]
 

Error: (10/23/2015 11:22:51 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )

Description: NvStreamSvcFailed continue stopping. [6]
 

Error: (10/23/2015 05:22:39 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )

Description: NvStreamSvcFailed continue stopping. [6]
 

Error: (10/23/2015 01:09:00 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )

Description: NvStreamSvcFailed continue stopping. [6]
 

Error: (10/23/2015 11:43:40 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: nvstreamsvc.exe, Version: 4.1.1953.6972, Zeitstempel: 0x5541bef1

Name des fehlerhaften Moduls: nvstreamsvc.exe, Version: 4.1.1953.6972, Zeitstempel: 0x5541bef1

Ausnahmecode: 0xc0000005

Fehleroffset: 0x0000000000687be2

ID des fehlerhaften Prozesses: 0x49c0

Startzeit der fehlerhaften Anwendung: 0xnvstreamsvc.exe0

Pfad der fehlerhaften Anwendung: nvstreamsvc.exe1

Pfad des fehlerhaften Moduls: nvstreamsvc.exe2

Berichtskennung: nvstreamsvc.exe3

Vollständiger Name des fehlerhaften Pakets: nvstreamsvc.exe4

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: nvstreamsvc.exe5
 

Error: (10/23/2015 10:50:34 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )

Description: NvStreamSvcFailed continue stopping. [0]
 

Error: (10/23/2015 12:30:03 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )

Description: NvStreamSvcFailed continue stopping. [6]
 

Error: (10/22/2015 04:40:05 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )

Description: NvStreamSvcFailed continue stopping. [0]
 

Error: (10/22/2015 10:56:38 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )

Description: NvStreamSvcFailed continue stopping. [6]
 
 

Systemfehler:

=============

Error: (10/18/2015 08:07:28 PM) (Source: DCOM) (EventID: 10010) (User: SHAWN)

Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
 

Error: (10/18/2015 08:07:28 PM) (Source: DCOM) (EventID: 10010) (User: SHAWN)

Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
 

Error: (10/18/2015 08:07:28 PM) (Source: DCOM) (EventID: 10010) (User: SHAWN)

Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
 

Error: (10/18/2015 08:07:28 PM) (Source: DCOM) (EventID: 10010) (User: SHAWN)

Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
 

Error: (10/18/2015 08:07:28 PM) (Source: DCOM) (EventID: 10010) (User: SHAWN)

Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
 

Error: (10/17/2015 06:52:30 AM) (Source: Service Control Manager) (EventID: 7011) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst AudioEndpointBuilder erreicht.
 

Error: (10/17/2015 06:52:00 AM) (Source: Service Control Manager) (EventID: 7011) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst WlanSvc erreicht.
 

Error: (10/14/2015 03:30:30 PM) (Source: Service Control Manager) (EventID: 7011) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst AudioEndpointBuilder erreicht.
 

Error: (10/14/2015 03:30:00 PM) (Source: Service Control Manager) (EventID: 7011) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst WlanSvc erreicht.
 

Error: (10/11/2015 11:10:37 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)

Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 20.
 
 

==================== Speicherinformationen =========================== 
 

Prozessor: Intel(R) Core(TM) i5-4200M CPU @ 2.50GHz

Prozentuale Nutzung des RAM: 58%

Installierter physikalischer RAM: 6068.27 MB

Verfügbarer physikalischer RAM: 2535.5 MB

Summe virtueller Speicher: 8628.27 MB

Verfügbarer virtueller Speicher: 3640.57 MB
 

==================== Laufwerke ================================
 

Drive c: (TI31250700A) (Fixed) (Total:686.84 GB) (Free:544.3 GB) NTFS
 

==================== MBR & Partitionstabelle ==================
 

========================================================

Disk: 0 (Size: 698.6 GB) (Disk ID: 00000000)
 

Partition: GPT.
 

==================== Ende von Addition.txt ============================

FRST.txt:

Code:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:25-10-2015 01

durchgeführt von Jean (Administrator) auf SHAWN (25-10-2015 16:33:56)

Gestartet von C:\Users\Jean\Desktop

Geladene Profile: Jean &  (Verfügbare Profile: Jean)

Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)

Internet Explorer Version 11 (Standard-Browser: Chrome)

Start-Modus: Normal

Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Prozesse (Nicht auf der Ausnahmeliste) =================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe

(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe

() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe

(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe

(Toshiba Corporation) C:\Program Files\Toshiba\Teco\TecoService.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxsrvc.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe

(TOSHIBA Corporation) C:\Program Files\Toshiba\Teco\TecoResident.exe

(TOSHIBA Corporation) C:\Program Files\Toshiba\Hotkey\TCrdMain_Win8.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe

(Spotify Ltd) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe

(Creative Technology Ltd.) C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe

(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicatorCom.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe

(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe

(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHSrv.exe

(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHWMsg.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(Creative Technology Ltd.) C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 

==================== Registry (Nicht auf der Ausnahmeliste) ===========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
 

HKLM\...\Run: [] => [X]

HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [894048 2013-01-12] (Conexant Systems, Inc.)

HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)

HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA Corporation)

HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-14] (TOSHIBA Corporation)

HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-18] (TOSHIBA Corporation)

HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296520 2013-09-12] (TOSHIBA Corporation)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-01] (NVIDIA Corporation)

HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart

HKLM\...\Run: [Creative SB Monitoring Utility] => RunDll32 sbavmon.dll,SBAVMonitor

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778864 2014-08-06] (Synaptics Incorporated)

HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)

HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782520 2015-09-23] (Avira Operations GmbH & Co. KG)

HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe [241789 2010-02-18] (Creative Technology Ltd)

HKLM-x32\...\Run: [Module Loader] => C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe [57344 2007-07-23] (Creative Technology Ltd.)

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized

HKLM-x32\...\Run: [ITSecMng] => C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [80840 2011-04-01] (TOSHIBA CORPORATION)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-3242844674-1499826838-3910466137-1002\...\Run: [HP Photosmart 5520 series (NET)] => C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)

HKU\S-1-5-21-3242844674-1499826838-3910466137-1002\...\Run: [msnmsgr] => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

HKU\S-1-5-21-3242844674-1499826838-3910466137-1002\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1199576 2013-11-24] (Spotify Ltd)

HKU\S-1-5-21-3242844674-1499826838-3910466137-1002\...\Run: [GoogleChromeAutoLaunch_76F2AE789A64FBA063F2980B364474D8] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848 2015-10-09] (Google Inc.)

HKU\S-1-5-21-3242844674-1499826838-3910466137-1002\...\MountPoints2: {f63fe9d4-311a-11e5-828c-c454440695f7} - "E:\LaunchU3.exe" -a

HKU\S-1-5-21-3242844674-1499826838-3910466137-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [133632 2014-10-29] (Microsoft Corporation)

HKU\S-1-5-21-3242844674-1499826838-3910466137-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [HP Photosmart 5520 series (NET)] => C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)

HKU\S-1-5-21-3242844674-1499826838-3910466137-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [msnmsgr] => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

HKU\S-1-5-21-3242844674-1499826838-3910466137-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1199576 2013-11-24] (Spotify Ltd)

HKU\S-1-5-21-3242844674-1499826838-3910466137-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleChromeAutoLaunch_76F2AE789A64FBA063F2980B364474D8] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848 2015-10-09] (Google Inc.)

HKU\S-1-5-21-3242844674-1499826838-3910466137-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {f63fe9d4-311a-11e5-828c-c454440695f7} - "E:\LaunchU3.exe" -a

HKU\S-1-5-21-3242844674-1499826838-3910466137-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [133632 2014-10-29] (Microsoft Corporation)

AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [175880 2015-04-09] (NVIDIA Corporation)

AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [154256 2015-04-09] (NVIDIA Corporation)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\phase-6 Reminder.lnk [2015-06-06]

ShortcutTarget: phase-6 Reminder.lnk -> C:\Program Files (x86)\phase-6\phase-6\reminder\reminder.exe (phase-6)

Startup: C:\Users\Jean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - .lnk [2014-09-23]

ShortcutTarget: Tintenwarnungen überwachen - .lnk -> C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

Startup: C:\Users\Jean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Photosmart 5520 series (Netzwerk).lnk [2015-10-24]

ShortcutTarget: Tintenwarnungen überwachen - HP Photosmart 5520 series (Netzwerk).lnk -> C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
 

==================== Internet (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
 

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

Tcpip\..\Interfaces\{1EA62D28-66C6-4934-947F-36CB65AE809C}: [DhcpNameServer] 192.168.2.1

Tcpip\..\Interfaces\{4B9244CF-DCF8-4E20-BA14-17AEFF843C2C}: [DhcpNameServer] 192.168.2.1
 

Internet Explorer:

==================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com

HKU\S-1-5-21-3242844674-1499826838-3910466137-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://toshiba.eu/symbaloo_c

HKU\S-1-5-21-3242844674-1499826838-3910466137-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/symbaloo_c

HKU\S-1-5-21-3242844674-1499826838-3910466137-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://toshiba.eu/symbaloo_c

HKU\S-1-5-21-3242844674-1499826838-3910466137-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/symbaloo_c

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-08-09] (Oracle Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-09] (Oracle Corporation)

DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab

DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab

DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab

Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll Keine Datei

Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll Keine Datei

Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll Keine Datei

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll Keine Datei
 

FireFox:

========

FF ProfilePath: C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\bqd3aupo.default

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-24] ()

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-24] ()

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-09] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-09] (Oracle Corporation)

FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Keine Datei]

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)

FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-05-12] ()

FF Extension: Adblock Plus - C:\Users\Jean\AppData\Roaming\Mozilla\Firefox\Profiles\bqd3aupo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-10-23]

FF HKLM-x32\...\Firefox\Extensions: [addnFF@AdTech.com] - C:\Program Files (x86)\Addons\firefox.xpi

FF Extension: Kein Name - C:\Program Files (x86)\Addons\firefox.xpi [2014-12-09] [ist nicht signiert]
 

Chrome: 

=======

CHR Session Restore: Default -> ist aktiviert.

CHR Profile: C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2015-10-07]

CHR Extension: (Avira Browserschutz) - C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-10-23]

CHR Extension: (AdBlock) - C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-10-15]

CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-03]

CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
 

==================== Dienste (Nicht auf der Ausnahmeliste) ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [932912 2015-09-23] (Avira Operations GmbH & Co. KG)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-09-23] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-09-23] (Avira Operations GmbH & Co. KG)

S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1147720 2015-10-14] (Avira Operations GmbH & Co. KG)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-10-01] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]

S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2014-04-18] (Creative Labs) [Datei ist nicht signiert]

S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-04-18] (Creative Labs) [Datei ist nicht signiert]

R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [Datei ist nicht signiert]

R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19792 2013-09-10] ()

R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-01] (NVIDIA Corporation)

S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]

R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [Datei ist nicht signiert]

S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)

R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-03] (Intel Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)

R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-01] (NVIDIA Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22997648 2015-05-01] (NVIDIA Corporation)

S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)

S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2013-07-19] (Toshiba Europe GmbH)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
 

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4226560 2014-10-16] (Qualcomm Atheros Communications, Inc.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137800 2015-09-23] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-08-05] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)

R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [74440 2015-09-23] (Avira Operations GmbH & Co. KG)

S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)

S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)

S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)

S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)

U5 GeneStor; C:\Windows\System32\Drivers\GeneStor.sys [105704 2013-08-16] (GenesysLogic)

R3 ksaud; C:\Windows\system32\drivers\ksaud.sys [1588608 2011-09-13] (Creative Technology Ltd.)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-10-25] (Malwarebytes)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)

R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)

R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)

R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-01] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)

S3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation                           )

R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2014-08-06] (Synaptics Incorporated)

R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows (R) Win 7 DDK provider)

S3 Tosrfcom; kein ImagePath

S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52592 2014-10-16] (Cisco Systems, Inc.)

S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)

S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
 

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 

==================== Ein Monat: Erstellte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2015-10-25 16:33 - 2015-10-25 16:34 - 00026127 _____ C:\Users\Jean\Desktop\FRST.txt

2015-10-25 16:27 - 2015-10-25 16:27 - 00000000 ____D C:\Users\Jean\Desktop\FRST-OlderVersion

2015-10-24 22:32 - 2015-10-24 22:32 - 00000000 ____D C:\Program Files (x86)\ESET

2015-10-24 21:31 - 2015-10-25 13:16 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2015-10-24 21:28 - 2015-10-24 21:28 - 00001129 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2015-10-24 21:28 - 2015-10-24 21:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2015-10-24 21:28 - 2015-10-24 21:28 - 00000000 ____D C:\ProgramData\Malwarebytes

2015-10-24 21:28 - 2015-10-24 21:28 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware

2015-10-24 21:28 - 2015-10-05 08:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys

2015-10-24 21:28 - 2015-10-05 08:50 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2015-10-24 21:28 - 2015-10-05 08:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys

2015-10-24 21:15 - 2015-10-24 21:16 - 00000000 ____D C:\AdwCleaner

2015-10-24 21:13 - 2015-10-24 21:14 - 02870984 _____ (ESET) C:\Users\Jean\Desktop\esetsmartinstaller_deu.exe

2015-10-24 21:12 - 2015-10-24 21:13 - 22908888 _____ (Malwarebytes ) C:\Users\Jean\Desktop\mbam-setup-2.2.0.1024.exe

2015-10-24 21:06 - 2015-10-24 21:06 - 01691648 _____ C:\Users\Jean\Desktop\AdwCleaner_5.014.exe

2015-10-24 19:54 - 2015-10-25 16:27 - 02196992 _____ (Farbar) C:\Users\Jean\Desktop\FRST64.exe

2015-10-24 19:43 - 2015-10-25 16:33 - 00000000 ____D C:\FRST

2015-10-24 15:03 - 2015-10-25 12:24 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3242844674-1499826838-3910466137-1002

2015-10-24 15:02 - 2015-10-25 16:32 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2015-10-24 15:02 - 2015-10-24 15:02 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

2015-10-24 13:39 - 2015-10-24 13:39 - 01223782 _____ C:\Users\Jean\Downloads\12066682_890338241044116_1406562715_n.mp4

2015-10-24 13:38 - 2015-10-24 13:38 - 02570379 _____ C:\Users\Jean\Downloads\11989547_10153257187018546_1508542313_n.mp4

2015-10-24 13:36 - 2015-10-24 13:36 - 07962251 _____ C:\Users\Jean\Downloads\12026225_1046433348721295_116260988_n.mp4

2015-10-24 13:35 - 2015-10-24 13:35 - 01481076 _____ C:\Users\Jean\Downloads\12005160_10153227930960679_1760550972_n.mp4

2015-10-23 12:06 - 2015-10-24 21:17 - 00000008 __RSH C:\ProgramData\ntuser.pol

2015-10-23 12:06 - 2015-10-23 12:06 - 00000000 ____D C:\Program Files (x86)\Addons

2015-10-22 16:08 - 2015-10-21 09:28 - 08771780 _____ C:\Users\Jean\Downloads\03 Never Love Again (feat. Jussie Sm.m4a

2015-10-22 16:08 - 2015-10-21 09:28 - 07573039 _____ C:\Users\Jean\Downloads\01 Mimosa (feat. Jamila Velazquez, R.m4a

2015-10-22 16:08 - 2015-10-21 09:28 - 06084505 _____ C:\Users\Jean\Downloads\04 Mona Lisa (feat. Kelly Rowland).m4a

2015-10-22 16:08 - 2015-10-21 09:28 - 05124428 _____ C:\Users\Jean\Downloads\02 Why Go (feat. Bre-Z).m4a

2015-10-19 10:29 - 2015-10-19 10:29 - 30463465 _____ C:\Users\Jean\Downloads\Justin Bieber - What Do You Mean (ELIAS Remix).mp4

2015-10-18 19:54 - 2015-10-19 11:34 - 08767236 _____ C:\Users\Jean\Downloads\01 Battle Cry (feat. Jussie Smollett.m4a

2015-10-18 19:54 - 2015-10-17 09:08 - 08431726 _____ C:\Users\Jean\Downloads\04 Lago Azul (feat. Jamila Velazquez.m4a

2015-10-18 19:54 - 2015-10-17 09:08 - 07979347 _____ C:\Users\Jean\Downloads\02 When Love Finds U (feat. Jussie S.m4a

2015-10-18 19:54 - 2015-10-17 09:08 - 06921482 _____ C:\Users\Jean\Downloads\03 Ain't About the Money (feat. Juss.m4a

2015-10-17 21:00 - 2015-10-17 21:00 - 05484244 _____ C:\Users\Jean\Downloads\Don Diablo.mp4

2015-10-17 20:56 - 2015-10-17 20:57 - 03970705 _____ C:\Users\Jean\Downloads\12126511_10153217964285679_1071212778_n.mp4

2015-10-17 20:52 - 2015-10-17 20:52 - 06301060 _____ C:\Users\Jean\Downloads\R3hab  (1).mp4

2015-10-17 20:51 - 2015-10-17 20:51 - 04532745 _____ C:\Users\Jean\Downloads\R3hab.mp4

2015-10-17 18:58 - 2015-10-17 18:58 - 01046579 _____ C:\Users\Jean\Downloads\11971343_10153696501128236_1794576065_n.mp4

2015-10-17 17:50 - 2015-10-17 17:50 - 01539841 _____ C:\Users\Jean\Downloads\12131446_700093693423504_308423752_n.mp4

2015-10-17 13:29 - 2015-10-17 13:29 - 140289192 _____ C:\Users\Jean\Downloads\Hardwell On Air 239.mp4

2015-10-17 12:59 - 2015-10-17 13:00 - 02682489 _____ C:\Users\Jean\Downloads\12125013_10153734761406661_1398385658_n.mp4

2015-10-17 12:54 - 2015-10-17 12:55 - 39837720 _____ C:\Users\Jean\Downloads\Julian Calor - Childhood (Original Mix).wav

2015-10-15 21:19 - 2015-10-18 19:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2015-10-15 09:37 - 2015-09-19 04:18 - 00035384 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe

2015-10-15 09:37 - 2015-09-18 14:42 - 01290752 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll

2015-10-15 09:37 - 2015-09-18 14:42 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2015-10-15 09:37 - 2015-09-18 14:42 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll

2015-10-15 09:37 - 2015-09-18 14:42 - 00699904 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll

2015-10-15 09:37 - 2015-09-18 14:42 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll

2015-10-15 09:37 - 2015-09-18 14:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll

2015-10-14 20:39 - 2015-10-14 20:40 - 69129478 _____ C:\Users\Jean\Downloads\18_ILLUMINATE.wav

2015-10-14 14:28 - 2015-09-29 13:31 - 07457624 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2015-10-14 14:28 - 2015-09-29 13:31 - 01658536 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi

2015-10-14 14:28 - 2015-09-29 13:31 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe

2015-10-14 14:28 - 2015-09-29 13:31 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi

2015-10-14 14:28 - 2015-09-29 13:31 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe

2015-10-14 14:28 - 2015-09-24 17:42 - 00348672 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll

2015-10-14 14:28 - 2015-09-24 17:40 - 00737280 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll

2015-10-14 14:28 - 2015-08-27 03:43 - 22372152 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2015-10-14 14:28 - 2015-08-27 03:42 - 19795904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll

2015-10-14 14:28 - 2015-08-07 22:40 - 01736520 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

2015-10-14 14:28 - 2015-08-07 22:40 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll

2015-10-14 14:28 - 2015-08-07 22:40 - 01134752 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll

2015-10-14 14:28 - 2015-08-07 22:40 - 00686960 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll

2015-10-14 14:28 - 2015-08-07 22:40 - 00507176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll

2015-10-14 14:28 - 2015-08-07 15:13 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll

2015-10-14 14:28 - 2015-08-06 18:05 - 00669184 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx

2015-10-14 14:28 - 2015-08-06 17:47 - 04710400 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll

2015-10-14 14:28 - 2015-08-06 17:37 - 00536576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx

2015-10-14 14:28 - 2015-08-06 17:18 - 04068352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll

2015-10-14 14:27 - 2015-09-10 19:02 - 25851392 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2015-10-14 14:27 - 2015-09-10 18:19 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2015-10-14 14:27 - 2015-09-10 18:18 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2015-10-14 14:27 - 2015-09-10 18:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2015-10-14 14:27 - 2015-09-10 18:14 - 05990400 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2015-10-14 14:27 - 2015-09-10 18:09 - 20358144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2015-10-14 14:27 - 2015-09-10 18:06 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2015-10-14 14:27 - 2015-09-10 18:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2015-10-14 14:27 - 2015-09-10 17:51 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2015-10-14 14:27 - 2015-09-10 17:39 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2015-10-14 14:27 - 2015-09-10 17:37 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2015-10-14 14:27 - 2015-09-10 17:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2015-10-14 14:27 - 2015-09-10 17:35 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2015-10-14 14:27 - 2015-09-10 17:33 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2015-10-14 14:27 - 2015-09-10 17:28 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll

2015-10-14 14:27 - 2015-09-10 17:28 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2015-10-14 14:27 - 2015-09-10 17:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2015-10-14 14:27 - 2015-09-10 17:24 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2015-10-14 14:27 - 2015-09-10 17:21 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2015-10-14 14:27 - 2015-09-10 17:19 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2015-10-14 14:27 - 2015-09-10 17:19 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2015-10-14 14:27 - 2015-09-10 17:19 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2015-10-14 14:27 - 2015-09-10 17:17 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2015-10-14 14:27 - 2015-09-10 17:17 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2015-10-14 14:27 - 2015-09-10 17:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2015-10-14 14:27 - 2015-09-10 17:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2015-10-14 14:27 - 2015-09-10 17:02 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2015-10-14 14:27 - 2015-09-10 17:01 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll

2015-10-14 14:27 - 2015-09-10 17:00 - 12853760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2015-10-14 14:27 - 2015-09-10 16:57 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2015-10-14 14:27 - 2015-09-10 16:57 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2015-10-14 14:27 - 2015-09-10 16:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2015-10-14 14:27 - 2015-09-10 16:55 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2015-10-14 14:27 - 2015-09-10 16:55 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2015-10-14 14:27 - 2015-09-10 16:45 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2015-10-14 14:27 - 2015-09-10 16:34 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2015-10-14 14:27 - 2015-09-10 16:31 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2015-10-14 14:27 - 2015-09-10 16:27 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2015-10-14 14:27 - 2015-09-10 16:26 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2015-10-14 14:26 - 2015-09-29 13:29 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe

2015-10-14 14:26 - 2015-09-28 19:45 - 03705344 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

2015-10-14 14:26 - 2015-09-28 19:26 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll

2015-10-14 14:26 - 2015-09-28 19:25 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll

2015-10-14 14:26 - 2015-09-28 19:25 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll

2015-10-14 14:26 - 2015-09-28 19:25 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

2015-10-14 14:26 - 2015-09-28 19:22 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll

2015-10-14 14:26 - 2015-09-28 19:22 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll

2015-10-14 14:26 - 2015-09-28 19:22 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

2015-10-14 14:26 - 2015-09-28 19:15 - 02243072 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll

2015-10-14 14:26 - 2015-09-28 19:13 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll

2015-10-14 14:26 - 2015-09-28 19:12 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll

2015-10-14 14:26 - 2015-08-22 14:42 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll

2015-10-14 14:26 - 2015-08-22 14:42 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll

2015-10-14 14:26 - 2015-08-22 14:42 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll

2015-10-14 14:26 - 2015-08-22 14:42 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll

2015-10-14 14:26 - 2015-08-22 14:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll

2015-10-14 14:26 - 2015-08-22 14:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll

2015-10-14 14:26 - 2015-08-22 14:42 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll

2015-10-14 14:26 - 2015-08-22 14:42 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll

2015-10-14 14:26 - 2015-08-22 14:42 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll

2015-10-14 14:26 - 2015-08-22 14:42 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll

2015-10-14 14:26 - 2015-08-22 14:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll

2015-10-14 14:26 - 2015-08-22 14:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll

2015-10-14 14:26 - 2015-08-22 14:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll

2015-10-14 14:26 - 2015-08-22 14:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll

2015-10-14 14:26 - 2015-08-22 14:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll

2015-10-14 14:26 - 2015-08-22 14:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll

2015-10-14 14:26 - 2015-08-22 14:35 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll

2015-10-14 14:26 - 2015-08-22 14:35 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll

2015-10-14 14:26 - 2015-08-22 14:35 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll

2015-10-14 14:26 - 2015-08-22 14:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll

2015-10-14 14:26 - 2015-08-22 14:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll

2015-10-14 14:26 - 2015-08-22 14:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll

2015-10-14 14:26 - 2015-08-22 14:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll

2015-10-14 14:26 - 2015-08-22 14:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll

2015-10-14 14:26 - 2015-08-22 14:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll

2015-10-14 14:26 - 2015-08-22 14:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll

2015-10-14 14:26 - 2015-08-22 14:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll

2015-10-14 14:26 - 2015-08-22 14:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll

2015-10-14 14:26 - 2015-08-22 14:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll

2015-10-14 14:26 - 2015-08-22 14:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll

2015-10-14 14:26 - 2015-08-22 14:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll

2015-10-14 14:26 - 2015-08-22 14:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll

2015-10-14 14:26 - 2015-07-16 19:58 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\NcdAutoSetup.dll

2015-10-10 21:09 - 2015-10-10 21:10 - 01356779 _____ C:\Users\Jean\Downloads\12075414_915030535237087_215207771_n (1).mp4

2015-10-10 21:08 - 2015-10-10 21:08 - 01080382 _____ C:\Users\Jean\Downloads\11803067_503546819817746_1577302184_n.mp4

2015-10-10 21:07 - 2015-10-10 21:07 - 01193594 _____ C:\Users\Jean\Downloads\12077907_690514827751419_468816679_n.mp4

2015-10-10 21:07 - 2015-10-10 21:07 - 00387820 _____ C:\Users\Jean\Downloads\12054837_961058430617682_2044296104_n.mp4

2015-10-10 21:06 - 2015-10-10 21:06 - 03940627 _____ C:\Users\Jean\Downloads\12126553_10153206799940679_985208360_n.mp4

2015-10-10 21:04 - 2015-10-10 21:04 - 01147775 _____ C:\Users\Jean\Downloads\11945421_10207854799947375_1150338054_n (1).mp4

2015-10-09 15:14 - 2015-10-15 08:45 - 00000000 ____D C:\Users\Jean\Downloads\Empire Season 1

2015-10-09 14:22 - 2015-10-09 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TopDDL Serial Generator

2015-10-09 14:20 - 2015-10-09 14:20 - 03531374 _____ C:\Users\Jean\AppData\Local\curl.zip

2015-10-09 14:20 - 2015-10-09 14:20 - 00000000 ____D C:\Users\Jean\AppData\Local\cu

2015-10-09 00:11 - 2015-10-09 00:12 - 08627050 _____ C:\Users\Jean\Downloads\12037506_10153203781740679_1401979162_n.mp4

2015-10-09 00:10 - 2015-10-09 00:10 - 00663160 _____ C:\Users\Jean\Downloads\12010088_1221914421212870_1672415050_n.mp4

2015-10-09 00:09 - 2015-10-09 00:09 - 00248628 _____ C:\Users\Jean\Downloads\12073807_763419957137364_1970909174_n.mp4

2015-10-09 00:08 - 2015-10-09 00:09 - 11857925 _____ C:\Users\Jean\Downloads\12090375_1222349621169350_961484305_n.mp4

2015-10-08 23:36 - 2015-10-08 23:37 - 15654781 _____ C:\Users\Jean\Downloads\Empire - Snitch Bitch feat. Terrence Howard.mp4

2015-10-08 19:35 - 2015-10-08 19:36 - 21499129 _____ C:\Users\Jean\Downloads\Empire Cast - Snitch Bitch (feat. Terrence Howard and Petey Pablo) [Audio].mp4

2015-10-08 19:31 - 2015-10-08 19:31 - 16743865 _____ C:\Users\Jean\Downloads\Empire Cast - Ain't About The Money (feat. Jussie Smollett and Yazz) [Lyric Video].mp4

2015-10-08 19:28 - 2015-10-08 19:28 - 05743186 _____ C:\Users\Jean\Downloads\Yazz - Dynasty feat. Timbaland Audio.mp4

2015-10-08 19:21 - 2015-10-08 19:22 - 40488102 _____ C:\Users\Jean\Downloads\Empire - Dynasty Hakeem ft Timbaland.mp4

2015-10-08 19:21 - 2015-10-08 19:22 - 11644550 _____ C:\Users\Jean\Downloads\Empire - Dynasty Hakeem ft Timbaland (1).mp4

2015-10-07 22:40 - 2015-10-07 22:40 - 11473284 _____ C:\Users\Jean\Downloads\Empire Cast - Do It (Feat.Becky G) (2).mp4

2015-10-07 22:39 - 2015-10-07 22:40 - 11473284 _____ C:\Users\Jean\Downloads\Empire Cast - Do It (Feat.Becky G) (1).mp4

2015-10-07 22:19 - 2015-10-07 22:19 - 03615191 _____ C:\Users\Jean\Downloads\Empire Cast - Do It (Feat.Becky G).mp4

2015-10-05 16:24 - 2015-10-05 16:28 - 184878066 _____ C:\Users\Jean\Downloads\Welcome to KSHMR Vol. 6.mp4

2015-10-04 21:09 - 2015-10-04 21:10 - 258852618 _____ C:\Users\Jean\Downloads\Spinnin' Records ADE 2015 - Night Mix.mp4

2015-10-04 16:15 - 2015-10-04 16:15 - 10848989 _____ C:\Users\Jean\Downloads\The Wave vs. Push Play (3dgarFast Bootleg).rar

2015-10-04 16:15 - 2015-10-04 16:15 - 07689342 _____ C:\Users\Jean\Downloads\Lose That Timecode For Real (3dgarFast MASHUP).rar

2015-10-04 16:10 - 2015-10-04 16:12 - 459989369 _____ C:\Users\Jean\Downloads\#WEAREFAMILY (Mashup Compilation) By 3dgarFast.rar

2015-10-04 00:09 - 2015-10-04 00:10 - 09852561 _____ C:\Users\Jean\Downloads\12045982_10153194670375679_13244121_n.mp4

2015-10-03 17:49 - 2015-10-03 17:49 - 01147775 _____ C:\Users\Jean\Downloads\11945421_10207854799947375_1150338054_n.mp4

2015-10-03 16:38 - 2015-10-03 16:38 - 01128462 _____ C:\Users\Jean\Downloads\11946096_10153193194250679_1069288703_n.mp4

2015-10-01 18:45 - 2015-10-01 18:45 - 08862572 _____ C:\Users\Jean\Downloads\11092229_1688704568031628_508825457_n.mp4

2015-10-01 18:40 - 2015-10-01 18:40 - 01356779 _____ C:\Users\Jean\Downloads\12075414_915030535237087_215207771_n.mp4

2015-10-01 18:38 - 2015-10-01 18:38 - 00929019 _____ C:\Users\Jean\Downloads\11866625_10156117719155298_41690444_n.mp4

2015-09-30 17:38 - 2015-09-30 17:44 - 96566718 _____ C:\Users\Jean\Downloads\W&W Set.mp4

2015-09-29 12:03 - 2015-09-29 12:03 - 35379357 _____ C:\Users\Jean\Downloads\Viel Spaß mit Vincent Pfäfflin - TV total.mp4

2015-09-29 12:02 - 2015-09-29 12:02 - 13086235 _____ C:\Users\Jean\Downloads\WWW.DOWNVIDS.NET-Sixpacks und Intelligenz vereint - TV total.mp4

2015-09-28 22:45 - 2015-09-28 22:45 - 00495313 _____ C:\Users\Jean\Downloads\10989830_1014217905285302_407449398_n.mp4

2015-09-28 22:40 - 2015-09-28 22:40 - 07510543 _____ C:\Users\Jean\Downloads\DELAC - Stranger Dance (Beatsession Remix).mp4

2015-09-28 09:58 - 2015-09-28 09:58 - 83277889 _____ C:\Users\Jean\Downloads\Mightyfools (DJ-set) - Bij Igmar.mp4

2015-09-27 19:06 - 2015-09-27 19:06 - 02988434 _____ C:\Users\Jean\Downloads\11866756_10153183984225679_1060750856_n.mp4

2015-09-26 23:26 - 2015-09-26 23:27 - 13221973 _____ C:\Users\Jean\Downloads\11866856_1124418684253568_554559855_n.mp4

2015-09-26 23:25 - 2015-09-26 23:26 - 01095641 _____ C:\Users\Jean\Downloads\12021190_10153098268271981_1367128582_n.mp4

2015-09-26 23:24 - 2015-09-26 23:24 - 03155352 _____ C:\Users\Jean\Downloads\11914291_10153171259765679_954477928_n.mp4

2015-09-26 23:21 - 2015-09-26 23:22 - 00758738 _____ C:\Users\Jean\Downloads\11929530_1624059124515930_902920052_n.mp4

2015-09-26 22:40 - 2015-09-26 22:48 - 50118910 _____ C:\Users\Jean\Downloads\House Every Weekend (Mike Mago Remix).wav

2015-09-26 17:13 - 2015-09-26 17:14 - 92966250 _____ C:\Users\Jean\Downloads\MOTi (DJ-set) - Bij Igmar.mp4

2015-09-26 12:21 - 2015-09-26 12:21 - 11151357 _____ C:\Users\Jean\Downloads\No Mondays feat. Monstère - Let It Be You (Preview).mp4

2015-09-25 10:54 - 2015-03-27 16:50 - 03888920 _____ (Piriform Ltd) C:\Users\Jean\Downloads\recuva.exe

2015-09-25 10:53 - 2015-03-27 16:50 - 04938520 _____ (Piriform Ltd) C:\Users\Jean\Downloads\recuva64.exe
 

==================== Ein Monat: Geänderte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2015-10-25 16:30 - 2014-03-02 06:10 - 00003770 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{85F9AC9E-552E-4C3C-8183-96B3B7AA0414}

2015-10-25 16:02 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\sru

2015-10-25 15:34 - 2014-01-02 20:09 - 01842938 _____ C:\Windows\WindowsUpdate.log

2015-10-25 12:59 - 2014-03-03 00:22 - 50221568 ___SH C:\Users\Jean\Downloads\Thumbs.db

2015-10-25 11:39 - 2014-03-02 06:24 - 00002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2015-10-25 10:06 - 2013-08-22 15:46 - 02628286 _____ C:\Windows\setupact.log

2015-10-24 22:26 - 2014-03-02 06:06 - 00000000 __RDO C:\Users\Jean\SkyDrive

2015-10-24 22:25 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2015-10-24 22:24 - 2014-01-02 20:37 - 215181102 _____ C:\Users\Public\CAFADEBUG.log

2015-10-24 22:24 - 2013-11-25 02:39 - 00450998 _____ C:\Windows\PFRO.log

2015-10-24 22:24 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI

2015-10-24 15:02 - 2015-09-16 11:03 - 00000000 ____D C:\Users\Jean\AppData\Local\Adobe

2015-10-23 12:06 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy

2015-10-23 10:02 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness

2015-10-22 16:09 - 2014-03-02 19:28 - 00000000 ____D C:\Users\Jean\AppData\Roaming\vlc

2015-10-22 14:21 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp

2015-10-18 19:25 - 2015-04-04 20:15 - 00000000 ___SD C:\Windows\system32\GWX

2015-10-18 19:22 - 2013-11-24 17:53 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI

2015-10-18 19:22 - 2013-08-28 10:59 - 00765582 _____ C:\Windows\system32\perfh007.dat

2015-10-18 19:22 - 2013-08-28 10:59 - 00159366 _____ C:\Windows\system32\perfc007.dat

2015-10-18 19:12 - 2015-04-11 19:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2015-10-18 19:08 - 2015-04-04 20:15 - 00000000 ___SD C:\Windows\SysWOW64\GWX

2015-10-18 19:08 - 2014-12-11 08:57 - 00000000 ____D C:\Windows\system32\appraiser

2015-10-18 19:08 - 2014-07-15 12:54 - 00000000 ___SD C:\Windows\system32\CompatTel

2015-10-18 19:08 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ToastData

2015-10-16 14:40 - 2014-05-25 17:10 - 00000000 ____D C:\ProgramData\Microsoft Help

2015-10-16 14:38 - 2014-03-02 16:56 - 00000000 ____D C:\Windows\system32\MRT

2015-10-16 14:30 - 2014-03-02 16:56 - 143481208 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2015-10-16 05:51 - 2015-03-18 10:35 - 00810488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2015-10-16 05:51 - 2015-03-18 10:35 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2015-10-15 09:08 - 2014-12-17 14:21 - 00000000 ____D C:\Users\Jean\Documents\Audacity

2015-10-15 09:08 - 2014-05-22 20:09 - 00000000 ____D C:\Users\Jean\AppData\Roaming\Audacity

2015-10-13 21:58 - 2014-03-03 00:22 - 00000000 ____D C:\Users\Jean\AppData\Roaming\foobar2000

2015-10-09 14:29 - 2014-04-13 19:35 - 00000000 ____D C:\Program Files\WinRAR

2015-10-09 14:17 - 2014-04-13 19:35 - 00000000 ____D C:\Users\Jean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

2015-10-09 14:17 - 2014-04-13 19:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

2015-10-06 16:16 - 2015-07-15 11:38 - 06606465 _____ C:\Users\Jean\Downloads\01_Live_Forever_feat_Faydee.m4a

2015-09-27 18:49 - 2014-05-29 14:20 - 02461696 ___SH C:\Users\Jean\Documents\Thumbs.db
 

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
 

2015-10-09 14:20 - 2015-10-09 14:20 - 3531374 _____ () C:\Users\Jean\AppData\Local\curl.zip

2014-07-02 19:45 - 2014-07-02 19:45 - 0000057 _____ () C:\ProgramData\Ament.ini

2014-04-18 17:43 - 2010-06-29 08:04 - 0001772 _____ () C:\ProgramData\cfSB1095.ini
 

Einige Dateien in TEMP:

====================

C:\Users\Jean\AppData\Local\Temp\avgnt.exe

C:\Users\Jean\AppData\Local\Temp\sqlite3.dll
 
 

==================== Bamital & volsnap =================
 

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
 

C:\Windows\system32\winlogon.exe => Datei ist digital signiert

C:\Windows\system32\wininit.exe => Datei ist digital signiert

C:\Windows\explorer.exe => Datei ist digital signiert

C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert

C:\Windows\system32\svchost.exe => Datei ist digital signiert

C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert

C:\Windows\system32\services.exe => Datei ist digital signiert

C:\Windows\system32\User32.dll => Datei ist digital signiert

C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert

C:\Windows\system32\userinit.exe => Datei ist digital signiert

C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert

C:\Windows\system32\rpcss.dll => Datei ist digital signiert

C:\Windows\system32\dnsapi.dll => Datei ist digital signiert

C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert

C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
 
 

LastRegBack: 2015-08-01 09:27
 

==================== Ende von FRST.txt ============================

Addition.txt:

Code:

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:25-10-2015 01

durchgeführt von Jean (2015-10-25 16:34:28)

Gestartet von C:\Users\Jean\Desktop

Windows 8.1 (X64) (2014-03-02 05:02:35)

Start-Modus: Normal

==========================================================
 
 

==================== Konten: =============================
 

Administrator (S-1-5-21-3242844674-1499826838-3910466137-500 - Administrator - Disabled)

Gast (S-1-5-21-3242844674-1499826838-3910466137-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-3242844674-1499826838-3910466137-1004 - Limited - Enabled)

Jean (S-1-5-21-3242844674-1499826838-3910466137-1002 - Administrator - Enabled) => C:\Users\Jean
 

==================== Sicherheits-Center ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
 

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 

==================== Installierte Programme ======================
 

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
 

Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)

Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden

ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach)

Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)

Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)

Avira (HKLM-x32\...\{9bd9b85e-7792-483b-a318-cc51ff0877ed}) (Version: 1.1.22.50000 - Avira Operations GmbH & Co. KG)

Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.210 - Avira Operations GmbH & Co. KG)

AVS Video Editor 7.0 (HKLM-x32\...\AVS Video Editor_is1) (Version: 7.0.1.258 - Online Media Technologies Ltd.)

Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden

Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v9.10.32(T) - TOSHIBA CORPORATION)

Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.05187 - Cisco Systems, Inc.)

Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.05187 - Cisco Systems, Inc.) Hidden

Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.2.0 - Conexant)

Creative Audio-Systemsteuerung (HKLM-x32\...\AudioCS) (Version: 3.00 - Creative Technology Limited)

Creative Systeminformationen (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.01 - Creative Technology Limited)

DTS Sound (HKLM-x32\...\{2DFA9084-CEB3-4A48-B9F7-9038FEF1B8F4}) (Version: 1.01.2700 - DTS, Inc.)

Empress of the Deep - The Darkest Secret (x32 Version: 2.2.0.98 - WildTangent) Hidden

EndNote X7 (HKLM-x32\...\{86B3F2D6-AC2B-0017-8AE1-F2F77F781B0C}) (Version: 17.1.0.7705 - Thomson Reuters)

ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )

FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)

FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )

foobar2000 v1.3.1 (HKLM-x32\...\foobar2000) (Version: 1.3.1 - Peter Pawlowski)

Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Free Studio version 2014 (HKLM-x32\...\Free Studio_is1) (Version: 6.2.11.225 - DVDVideoSoft Ltd.)

Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.0.8 - Genesys Logic)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)

Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden

HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)

HP Photosmart 5520 series - Grundlegende Software für das Gerät (HKLM\...\{4F396B08-301D-4E53-A372-95A7E93ABD04}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

HP Photosmart 5520 series Hilfe (HKLM-x32\...\{640A03B3-4E6B-4440-A350-E6A8D6348F12}) (Version: 27.0.0 - Hewlett Packard)

HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)

IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)

Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)

Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)

Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)

Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden

Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)

Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden

Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )

Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden

Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)

MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)

Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM-x32\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)

Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)

Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)

Microsoft SkyDrive (HKU\S-1-5-21-3242844674-1499826838-3910466137-1002\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)

Microsoft SkyDrive (HKU\S-1-5-21-3242844674-1499826838-3910466137-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d07b0db5-8dad-40e1-be90-88026298a46b}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{2749c485-3a8b-4533-92ff-7cf6e8221cff}) (Version: 11.0.61030.0 - Microsoft Corporation)

Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Mozilla Firefox 41.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla)

NAVIGON Fresh 3.5.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.5.1 - NAVIGON)

NVIDIA GeForce Experience 2.4.3.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.3.22 - NVIDIA Corporation)

NVIDIA Grafiktreiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)

NVIDIA PhysX-Systemsoftware 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)

Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden

phase-6 2.1.2.1b (HKLM-x32\...\phase-6) (Version: 2.1.2.1b - phase-6)

PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )

Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden

Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden

Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.306 - Qualcomm Atheros)

Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)

QuickTime (HKLM-x32\...\QuickTime) (Version:  - )

ResearchSoft Direct Export Helper (HKLM-x32\...\ResearchSoft Direct Export Helper) (Version:  - Thomson Reuters)

scilab-5.5.1 (64-bit) (HKLM\...\scilab-5.5.1 (64-bit)_is1) (Version:  - Scilab Enterprises)

SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden

SHIELD Wireless Controller Driver (Version: 2.4.3.22 - NVIDIA Corporation) Hidden

Sound Blaster X-Fi Surround 5.1 Pro (HKLM-x32\...\{0A9DA353-D0CD-4922-A54B-2F5F4EC90986}) (Version: 1.0 - Creative Technology Limited)

SoundDownloader (HKLM-x32\...\SoundDownloader_is1) (Version:  - )

Spotify (HKLM-x32\...\Spotify) (Version: 0.8.5.1333.g822e0de8 - Spotify AB)

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.10.51 - Synaptics Incorporated)

TOSHIBA Addendum (HKLM-x32\...\{C1569944-FAD6-4B3B-85E5-C213C2FF8EFC}) (Version: 1.00 - TOSHIBA)

TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.02.01.6407 - Toshiba Corporation)

TOSHIBA Display Utility (HKLM\...\{5F6AC07E-50EF-422E-B56E-6521E5B35139}) (Version: 1.1.12.0 - Toshiba Corporation)

TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.2.0.6404 - Toshiba Corporation)

TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0001.6403 - Toshiba Corporation)

TOSHIBA Gesture Controller (HKLM-x32\...\{8C5B4504-3996-4F30-8F01-DA7A8455430B}) (Version: 4.0.110.2 - Toshiba Corporation)

TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)

TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{26BB68BB-CF93-4A12-BC6D-A3B6F53AC8D9}) (Version: 5.0.1.0 - Toshiba Corporation)

TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.9.09.6400 - Toshiba Corporation)

TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.1.02.55065006 - Toshiba Corporation)

TOSHIBA Service Station (HKLM\...\{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}) (Version: 2.6.8 - Toshiba Corporation)

TOSHIBA Start Screen Option (HKLM\...\{06B71035-F19F-4F76-9875-FFCCD4FC3F83}) (Version: 1.00.00.6403 - Toshiba Corporation)

TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0030 - Toshiba Corporation)

TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.1.2.32001 - Toshiba Corporation)

Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.5.0 - Toshiba Europe GmbH)

TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.49.124  - Toshiba Corporation)

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)

Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)

Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)

Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden

Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden

VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)

VSDC Free Video Editor Version 2.3.1.339 (HKLM-x32\...\VSDC Free Video Editor_is1) (Version: 2.3.1.339 - Flash-Integro LLC)

WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)

WildTangent Games App (Toshiba Games) (x32 Version: 4.0.9.7 - WildTangent) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)

WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)

WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

WordToPDF 2.9 (HKLM-x32\...\WordToPDF_is1) (Version: 2.9 - Mario Noack)
 

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 

==================== Wiederherstellungspunkte =========================
 
 

==================== Hosts Inhalt: ===============================
 

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
 

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
 

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - \Microsoft\Windows\Application Experience\AitAgent -> Keine Datei <==== ACHTUNG

Task: {1274336E-AB06-46B6-A48C-0671C5557CC6} - \Microsoft\Windows\TaskScheduler\Maintenance Configurator -> Keine Datei <==== ACHTUNG

Task: {1687544D-7247-4F5A-965A-A6E920E55278} - \Microsoft\Windows\TaskScheduler\Manual Maintenance -> Keine Datei <==== ACHTUNG

Task: {46C2B252-ADD7-4C9F-85B8-8AB7FC2AB064} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-10-16] (Microsoft Corporation)

Task: {550A92A6-FE5A-4C3C-A0BF-4E1E1897C6A2} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-07-31] (TOSHIBA Corporation)

Task: {5D738904-8FD9-4D2A-98E5-D3032F5672E4} - \2pP -> Keine Datei <==== ACHTUNG

Task: {69A91ED7-B2D3-42C8-96D2-9D21225D8B32} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-24] (Adobe Systems Incorporated)

Task: {6B2492E9-5E25-4844-AE28-060913D98A25} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2013-07-19] (Toshiba Europe GmbH)

Task: {6F02587F-8A2B-4552-97F6-DEEF229E335B} - \Microsoft\Windows\TaskScheduler\Idle Maintenance -> Keine Datei <==== ACHTUNG

Task: {B7992938-01F1-4F40-A0EC-0D23D2F0F152} - \Microsoft\Windows\TaskScheduler\Regular Maintenance -> Keine Datei <==== ACHTUNG

Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - \Microsoft\Windows\SettingSync\BackupTask -> Keine Datei <==== ACHTUNG
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
 

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
 

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
 

2014-01-02 20:09 - 2015-04-09 01:58 - 00012104 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll

2014-01-02 20:10 - 2015-04-08 22:30 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2013-09-10 21:54 - 2013-09-10 21:54 - 00019792 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe

2012-07-19 03:38 - 2012-07-19 03:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll

2014-04-18 17:44 - 2009-12-29 15:52 - 00089088 _____ () C:\Windows\SYSTEM32\CmdRtr64.DLL

2014-04-18 17:44 - 2010-07-22 15:46 - 00237056 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL

2014-10-16 01:48 - 2014-10-16 01:48 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll

2015-05-17 18:29 - 2015-05-01 17:52 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll

2015-10-15 19:22 - 2015-10-09 01:53 - 01532744 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.71\libglesv2.dll

2015-10-15 19:22 - 2015-10-09 01:53 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.71\libegl.dll

2014-01-02 20:09 - 2015-04-09 01:58 - 00012104 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll

2014-01-02 20:02 - 2013-09-03 16:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
 

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
 
 

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
 

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
 
 

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
 
 

==================== Andere Bereiche ============================
 

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 

HKU\S-1-5-21-3242844674-1499826838-3910466137-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Toshiba\Standard.jpg

HKU\S-1-5-21-3242844674-1499826838-3910466137-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Toshiba\Standard.jpg

DNS Servers: 192.168.2.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall ist aktiviert.
 

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
 

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 
 

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139

FirewallRules: [{2CD07E91-45BA-4E3F-A259-C895FCE18E87}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe

FirewallRules: [{34BE7119-A0FC-4FE4-86DF-363A4CECB88F}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe

FirewallRules: [{AF34F286-D165-4CF3-9D93-EDBDC2DFA5E4}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe

FirewallRules: [{0CAA4BEA-7B40-4551-938E-6094F6A62B0E}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe

FirewallRules: [{B85BB08D-0EFC-4F45-9401-E7F323943D55}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

FirewallRules: [{F22EA710-BEED-4718-8237-36594D31B56F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

FirewallRules: [{8C56B56E-0055-49DA-BE6D-3197D3916B37}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe

FirewallRules: [{743DF7B2-EF99-4086-83DA-F01F064186B9}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe

FirewallRules: [{F0DEFC75-7176-4184-8D4B-0C689A3D6EBC}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe

FirewallRules: [{E4D8D86B-0A41-476A-B54E-6B7F544C1611}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe

FirewallRules: [{C1E30624-8878-4524-BAD3-F9799C73596C}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe

FirewallRules: [{436CA98D-DF07-400A-BDD8-1753FB1F3449}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe

FirewallRules: [{274BB186-812C-4B14-BB3E-5E50A0429FDF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

FirewallRules: [{ACF9F482-E67E-4749-91EA-D9D6CDCA2020}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

FirewallRules: [{1CDF67C6-763D-4242-9A8E-6C8238D885A8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe

FirewallRules: [{97628362-61E0-428E-91BC-24655695BEDD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe

FirewallRules: [{86E7131B-29D2-4239-8EA0-94303E61B1F4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{D1B08E6D-CB43-46AC-A0EC-8354B7340644}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{58C932A1-E772-4426-98A4-B69BAFB15A39}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\DeviceSetup.exe

FirewallRules: [{DD5811C1-D723-46CC-AABC-5671880D1CE5}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicator.exe

FirewallRules: [{318AE829-50B1-47E2-B067-7A0B293EE971}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicatorCom.exe

FirewallRules: [TCP Query User{1E5F3335-23ED-42ED-A0F1-B383DB4CBE9C}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Block) C:\program files (x86)\mediamonkey\mediamonkey.exe

FirewallRules: [UDP Query User{DCC6E28F-EE98-4FDF-BE40-EAAB6E905F99}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Block) C:\program files (x86)\mediamonkey\mediamonkey.exe

FirewallRules: [{6C027350-77BE-44EA-85C5-B5404031F964}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

FirewallRules: [{99F8BF38-BE92-49D9-99C4-209288AF5977}] => (Allow) LPort=2869

FirewallRules: [{52ABB139-94F3-4C1E-8583-7FF5D6931A94}] => (Allow) LPort=1900

FirewallRules: [{42EB1674-441C-4B95-BC39-E786F8A14861}] => (Allow) C:\Users\Jean\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe

FirewallRules: [{28455395-936B-4D2A-9CD3-57ACFF90001A}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

FirewallRules: [{85051D11-9B00-462B-9CC5-A30ED09457C4}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\VideoEditor.exe

FirewallRules: [{5E57AAFC-2FA4-48BC-A04F-FEE8C17312E6}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\VideoEditor.exe

FirewallRules: [{AF258BA3-C1B8-471C-A275-EAAA90751076}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\Updater.exe

FirewallRules: [{45D6A796-5A8E-43F6-A165-86C7687A6C7C}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\Updater.exe

FirewallRules: [{D134182B-DA35-47CD-95E8-CE726ED302F8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{56C2D26E-1DF3-4FB2-BD34-F33727CEA78C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{649FE1DB-D210-433A-B039-4AD9987C3527}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 

==================== Fehlerhafte Geräte im Gerätemanager =============
 

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64

Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Cisco Systems

Service: vpnva

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 

==================== Fehlereinträge in der Ereignisanzeige: =========================
 

Applikationsfehler:

==================

Error: (10/25/2015 01:50:04 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )

Description: NvStreamSvcFailed continue stopping. [6]
 

Error: (10/25/2015 01:10:56 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Programm LiveComm.exe, Version 17.5.9600.20911 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
 

Prozess-ID: 2f88
 

Startzeit: 01d10f1d742ea801
 

Endzeit: 4294967295
 

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe
 

Berichts-ID: 681474c4-7b11-11e5-82a8-c454440695f7
 

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe
 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
 

Error: (10/25/2015 10:10:26 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Programm LiveComm.exe, Version 17.5.9600.20911 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
 

Prozess-ID: 7e4
 

Startzeit: 01d10eb972ca9fd6
 

Endzeit: 4294967295
 

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe
 

Berichts-ID: 368f8465-7af8-11e5-82a8-c454440695f7
 

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe
 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
 

Error: (10/25/2015 10:06:30 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )

Description: NvStreamSvcFailed continue stopping. [0]
 

Error: (10/25/2015 01:01:10 AM) (Source: SideBySide) (EventID: 78) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
 

Error: (10/24/2015 10:32:24 PM) (Source: SideBySide) (EventID: 78) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
 

Error: (10/24/2015 10:32:05 PM) (Source: SideBySide) (EventID: 78) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
 

Error: (10/24/2015 10:31:59 PM) (Source: SideBySide) (EventID: 78) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
 

Error: (10/24/2015 09:14:05 PM) (Source: SideBySide) (EventID: 78) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
 

Error: (10/24/2015 03:15:24 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Programm LiveComm.exe, Version 17.5.9600.20911 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
 

Prozess-ID: 23bc
 

Startzeit: 01d10e65ad97daa0
 

Endzeit: 4294967295
 

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe
 

Berichts-ID: a36eb686-7a59-11e5-82a6-c454440695f7
 

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe
 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
 
 

Systemfehler:

=============

Error: (10/24/2015 10:34:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1275
 

Error: (10/24/2015 10:34:29 PM) (Source: Application Popup) (EventID: 1060) (User: )

Description: \??\C:\Users\Jean\AppData\Local\Temp\ehdrv.sys
 

Error: (10/24/2015 10:34:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1275
 

Error: (10/24/2015 10:34:28 PM) (Source: Application Popup) (EventID: 1060) (User: )

Description: \??\C:\Users\Jean\AppData\Local\Temp\ehdrv.sys
 

Error: (10/24/2015 10:34:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1275
 

Error: (10/24/2015 10:34:28 PM) (Source: Application Popup) (EventID: 1060) (User: )

Description: \??\C:\Users\Jean\AppData\Local\Temp\ehdrv.sys
 

Error: (10/24/2015 09:17:20 PM) (Source: Service Control Manager) (EventID: 7032) (User: )

Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 

%%1056
 

Error: (10/24/2015 09:16:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Dienst "TMachInfo" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 

Error: (10/24/2015 09:16:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Dienst "TPCH Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 

Error: (10/24/2015 09:16:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
 
 

==================== Speicherinformationen =========================== 
 

Prozessor: Intel(R) Core(TM) i5-4200M CPU @ 2.50GHz

Prozentuale Nutzung des RAM: 67%

Installierter physikalischer RAM: 6068.27 MB

Verfügbarer physikalischer RAM: 1993.1 MB

Summe virtueller Speicher: 8628.27 MB

Verfügbarer virtueller Speicher: 3291.41 MB
 

==================== Laufwerke ================================
 

Drive c: (TI31250700A) (Fixed) (Total:686.84 GB) (Free:551.13 GB) NTFS
 

==================== MBR & Partitionstabelle ==================
 

========================================================

Disk: 0 (Size: 698.6 GB) (Disk ID: 00000000)
 

Partition: GPT.
 

==================== Ende von Addition.txt ============================