| |
| |||||||
Log-Analyse und Auswertung: Browser leitet automatisch auf Werbe-Seiten weiter - Win 8Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
07.03.2016, 18:23
| #5 |
| |  Browser leitet automatisch auf Werbe-Seiten weiter - Win 8 Moin, Danke soweit! ADW Cleaner Code:
ATTFilter # AdwCleaner v5.100 - Bericht erstellt am 07/03/2016 um 11:52:43
# Aktualisiert am 06/03/2016 von Xplode
# Datenbank : 2016-03-06.3 [Server]
# Betriebssystem : Windows 8.1 Pro (x64)
# Benutzername : JaafarPC - JAAFAR
# Gestartet von : C:\Users\JaafarPC\Desktop\AdwCleaner_5.100.exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
Dienst Gefunden : vToolbarUpdater40.2.6
***** [ Ordner ] *****
Ordner Gefunden : C:\Program Files (x86)\Common Files\AVG Secure Search
Ordner Gefunden : C:\Program Files\Common Files\AVG Secure Search
Ordner Gefunden : C:\ProgramData\AVG Secure Search
Ordner Gefunden : C:\ProgramData\AVG Security Toolbar
Ordner Gefunden : C:\Users\JaafarPC\AppData\Roaming\SimpleFiles
***** [ Dateien ] *****
Datei Gefunden : C:\Users\JaafarPC\AppData\Roaming\Mozilla\Firefox\Profiles\ac5xqhhp.default\extensions\Avg@toolbar.xpi
Datei Gefunden : C:\Users\JaafarPC\AppData\Roaming\Mozilla\Firefox\Profiles\ac5xqhhp.default\searchplugins\avg-secure-search.xml
***** [ DLL ] *****
***** [ Verknüpfungen ] *****
Verknüpfung Infiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk ( "hxxp://esurf.biz/?ssid=1457034362&a=1003679&src=sh&uuid=eb24b82b-2caa-4eab-ab29-b2a69bedbf02" )
Verknüpfung Infiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk ( "hxxp://esurf.biz/?ssid=1457034362&a=1003679&src=sh&uuid=eb24b82b-2caa-4eab-ab29-b2a69bedbf02" )
Verknüpfung Infiziert : C:\Users\JaafarPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( "hxxp://esurf.biz/?ssid=1457034362&a=1003679&src=sh&uuid=eb24b82b-2caa-4eab-ab29-b2a69bedbf02" )
Verknüpfung Infiziert : C:\Users\JaafarPC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk ( "hxxp://esurf.biz/?ssid=1457034362&a=1003679&src=sh&uuid=eb24b82b-2caa-4eab-ab29-b2a69bedbf02" )
Verknüpfung Infiziert : C:\Users\JaafarPC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( "hxxp://esurf.biz/?ssid=1457034362&a=1003679&src=sh&uuid=eb24b82b-2caa-4eab-ab29-b2a69bedbf02" )
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
Schlüssel Gefunden : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : HKCU\Software\SimpleFiles
Schlüssel Gefunden : HKLM\SOFTWARE\SimpleFiles
Daten Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://mysearch.avg.com/?cid={01210D33-31F9-4C1A-B24E-BD31DB419F77}&mid=caad0b45d6ef47cca1f5d1543b7b7afe-a7245077da129bfe9a1c504698f51dcf7bb56711&lang=en&ds=AVG&coid=avgtbavg&cmpid=0116piz&pr=fr&d=2016-03-03 01:20:25&v=4.2.6.552&pid=wtu&sg=&sap=hp
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
***** [ Internetbrowser ] *****
*************************
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S1].txt - [4967 Bytes] - [07/03/2016 11:52:43]
########## EOF - C:\Program Files (x86)\AdwCleaner\AdwCleaner[S1].txt - [5060 Bytes] ##########
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 07.03.2016 Suchlaufzeit: 12:06 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2016.03.07.03 Rootkit-Datenbank: v2016.02.27.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: JaafarPC Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 338302 Abgelaufene Zeit: 5 Min., 53 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.3 (02.09.2016)
Operating System: Windows 8.1 Pro x64
Ran by JaafarPC (Administrator) on 07.03.2016 at 18:11:50,94
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07.03.2016 at 18:14:27,34
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01 durchgeführt von JaafarPC (Administrator) auf JAAFAR (07-03-2016 18:18:40) Gestartet von C:\Users\JaafarPC\Downloads Geladene Profile: JaafarPC (Verfügbare Profile: JaafarPC) Platform: Windows 8.1 Pro (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Synchro Arts Ltd) C:\Program Files (x86)\Common Files\Synchro Arts Shared\License.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2015-10-13] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161728 2015-11-12] (IvoSoft) HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-26] (Adobe Systems Incorporated) HKLM\...\Run: [julapan.exe] => C:\Windows\system32\julapan.exe [514792 2015-09-16] (ESI Audiotechnik GmbH) HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [179624 2016-02-18] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3862440 2016-02-24] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8641240 2016-02-12] (Piriform Ltd) HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-10] (Skype Technologies S.A.) HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation) HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\Run: [AdobeBridge] => [X] ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-11-12] (IvoSoft) ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-11-12] (IvoSoft) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-03-04] ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{ADE801C5-7412-468D-8993-C2E8BDF3F287}: [DhcpNameServer] 192.168.1.1 ManualProxies: Internet Explorer: ================== HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/ BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-11-12] (IvoSoft) BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.) BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2015-11-12] (IvoSoft) BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-11-12] (IvoSoft) BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.) BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2015-11-12] (IvoSoft) Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-11-12] (IvoSoft) Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-11-12] (IvoSoft) FireFox: ======== FF ProfilePath: C:\Users\JaafarPC\AppData\Roaming\Mozilla\Firefox\Profiles\ac5xqhhp.default FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-13] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-13] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-03] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-03] (Google Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems) FF Extension: Adblock Plus - C:\Users\JaafarPC\AppData\Roaming\Mozilla\Firefox\Profiles\ac5xqhhp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-03-03] FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-03-03] [ist nicht signiert] Chrome: ======= CHR StartupUrls: Default -> "hxxp://www.zeit.de/" CHR Profile: C:\Users\JaafarPC\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Präsentationen) - C:\Users\JaafarPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-03] CHR Extension: (Google Docs) - C:\Users\JaafarPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-03] CHR Extension: (Google Drive) - C:\Users\JaafarPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-03] CHR Extension: (YouTube) - C:\Users\JaafarPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-03] CHR Extension: (Adblock Plus) - C:\Users\JaafarPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-03] CHR Extension: (Google Tabellen) - C:\Users\JaafarPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-03] CHR Extension: (Google Docs Offline) - C:\Users\JaafarPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-03] CHR Extension: (Audio EQ) - C:\Users\JaafarPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfafdlnjaliaghpjdajmlcnnblkgcefh [2016-03-03] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\JaafarPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-03-03] CHR Extension: (Google Mail) - C:\Users\JaafarPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-03] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [604144 2016-02-24] (AVG Technologies CZ, s.r.o.) R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3934184 2016-02-24] (AVG Technologies CZ, s.r.o.) R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1045928 2016-02-18] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [561104 2016-02-24] (AVG Technologies CZ, s.r.o.) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2015-10-13] (NVIDIA Corporation) R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [Datei ist nicht signiert] R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert] R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-10-13] (NVIDIA Corporation) S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2015-10-13] (NVIDIA Corporation) R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert] R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.) R2 Synchro Arts License Manager; C:\Program Files (x86)\Common Files\Synchro Arts Shared\License.exe [175488 2008-02-22] (Synchro Arts Ltd) [Datei ist nicht signiert] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-05-12] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-05-12] (Microsoft Corporation) R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1215560 2016-03-03] () ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.) R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [315312 2016-01-26] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272304 2016-01-26] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378288 2016-02-03] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [269232 2016-02-15] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-12-04] (AVG Technologies CZ, s.r.o.) R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [23472 2016-01-08] (AVG Technologies CZ, s.r.o.) R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [315840 2015-12-16] (AVG Technologies CZ, s.r.o.) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R1 Jula.sys; C:\Windows\system32\DRIVERS\Jula.sys [62696 2015-09-16] (ESI Audiotechnik GmbH) R3 JulaWDM.sys; C:\Windows\system32\DRIVERS\JulaWDM.sys [45288 2015-09-16] (ESI Audiotechnik GmbH) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-03-07] (Malwarebytes) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-10-13] (NVIDIA Corporation) S3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-10-13] (NVIDIA Corporation) R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44024 2015-05-12] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [264000 2015-05-12] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-05-12] (Microsoft Corporation) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-03-07 18:17 - 2016-03-07 18:17 - 00001141 _____ C:\Users\JaafarPC\Desktop\FRST64 - Verknüpfung.lnk 2016-03-07 18:14 - 2016-03-07 18:14 - 00000550 _____ C:\Users\JaafarPC\Desktop\JRT.txt 2016-03-07 18:11 - 2016-03-07 18:11 - 00001188 _____ C:\Users\JaafarPC\Desktop\mbam.txt 2016-03-07 18:08 - 2016-03-07 11:53 - 00005175 _____ C:\Users\JaafarPC\Desktop\AdwCleaner[S1].txt 2016-03-07 18:05 - 2016-03-07 18:05 - 01609216 _____ (Malwarebytes) C:\Users\JaafarPC\Downloads\JRT.exe 2016-03-07 18:05 - 2016-03-07 18:05 - 01609216 _____ (Malwarebytes) C:\Users\JaafarPC\Desktop\JRT.exe 2016-03-07 17:59 - 2016-03-07 17:58 - 01524224 _____ C:\Users\JaafarPC\Desktop\adwcleaner_5.101.exe 2016-03-07 17:58 - 2016-03-07 17:58 - 01524224 _____ C:\Users\JaafarPC\Downloads\adwcleaner_5.101.exe 2016-03-07 13:17 - 2016-03-07 13:17 - 00000000 ____D C:\Users\JaafarPC\Desktop\Neuer Ordner 2016-03-07 13:14 - 2016-03-07 13:15 - 68824271 _____ C:\Users\JaafarPC\Downloads\Faierabend EP.rar 2016-03-07 11:53 - 2016-03-07 18:04 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-03-07 11:53 - 2016-03-07 11:53 - 00001114 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-03-07 11:53 - 2016-03-07 11:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-03-07 11:53 - 2016-03-07 11:53 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-03-07 11:53 - 2016-03-07 11:53 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-03-07 11:53 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-03-07 11:53 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2016-03-07 11:53 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2016-03-07 11:52 - 2016-03-07 18:00 - 00000000 ____D C:\Program Files (x86)\AdwCleaner 2016-03-07 11:52 - 2016-03-07 11:52 - 22908888 _____ (Malwarebytes ) C:\Users\JaafarPC\Downloads\mbam-setup-2.2.0.1024.exe 2016-03-07 11:52 - 2016-03-07 11:52 - 01524224 _____ C:\Users\JaafarPC\Downloads\AdwCleaner_5.100.exe 2016-03-07 11:52 - 2016-03-07 11:52 - 01507550 _____ C:\Users\JaafarPC\Desktop\AdwCleaner_5.100.rar 2016-03-06 23:51 - 2016-03-07 00:50 - 901840203 _____ C:\Users\JaafarPC\Desktop\The.Wakin.Ded.S02E01.UNC.Ger.DL.BRip.x264-GNB.mkv.crdownload 2016-03-06 17:57 - 2016-03-06 18:01 - 00225410 _____ C:\TDSSKiller.3.1.0.9_06.03.2016_17.57.14_log.txt 2016-03-06 17:57 - 2016-03-06 17:57 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\JaafarPC\Downloads\tdsskiller3109.exe 2016-03-06 16:56 - 2016-03-06 16:56 - 07376493 _____ C:\Users\JaafarPC\Downloads\BERUF AKTUELL 2015_2016.pdf 2016-03-06 13:45 - 2016-03-06 13:45 - 00000000 ____D C:\Users\JaafarPC\AppData\LocalLow\Adobe 2016-03-06 13:43 - 2016-03-06 13:44 - 00000000 ____D C:\Users\JaafarPC\Downloads\24062015UAP15 2016-03-06 13:14 - 2016-03-06 13:14 - 125368516 _____ C:\Users\JaafarPC\Downloads\AdobeAudition-8.0.0-Trial-8.1.0.zip 2016-03-06 13:01 - 2016-03-06 13:01 - 00001322 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Update Management Tool.lnk 2016-03-06 13:01 - 2016-03-06 13:01 - 00001310 _____ C:\Users\Public\Desktop\Adobe Update Management Tool.lnk 2016-03-06 13:01 - 2016-03-06 13:01 - 00000000 ____D C:\Program Files (x86)\Adobe 2016-03-06 12:59 - 2016-03-06 13:00 - 00000000 ____D C:\Users\JaafarPC\Downloads\~~120PatUniAdo~~ 2016-03-06 12:48 - 2016-03-07 18:18 - 00016554 _____ C:\Users\JaafarPC\Downloads\FRST.txt 2016-03-06 12:48 - 2016-03-06 12:50 - 00052137 _____ C:\Users\JaafarPC\Downloads\Addition.txt 2016-03-06 12:40 - 2016-03-06 12:40 - 00000000 ____D C:\Windows\system32\appmgmt 2016-03-06 12:39 - 2016-03-07 18:18 - 00000000 ____D C:\FRST 2016-03-06 12:38 - 2016-03-06 12:38 - 02374144 _____ (Farbar) C:\Users\JaafarPC\Downloads\FRST64.exe 2016-03-06 12:03 - 2016-03-06 12:04 - 00000000 ____D C:\Users\JaafarPC\Downloads\backups 2016-03-06 11:59 - 2016-03-06 11:59 - 00388608 _____ (Trend Micro Inc.) C:\Users\JaafarPC\Downloads\HijackThis_2.0.5.exe 2016-03-04 16:51 - 2016-03-04 17:40 - 00000000 ____D C:\Users\JaafarPC\Desktop\vc 2016-03-04 16:46 - 2016-03-04 16:52 - 00000000 ____D C:\Users\JaafarPC\Desktop\vocalign 2016-03-04 15:06 - 2016-03-04 15:06 - 00000000 ____D C:\Users\JaafarPC\AppData\Roaming\HP 2016-03-04 15:06 - 2016-03-04 15:06 - 00000000 ____D C:\Users\JaafarPC\AppData\Local\HP 2016-03-04 15:06 - 2016-03-04 15:06 - 00000000 ____D C:\ProgramData\WEBREG 2016-03-04 15:05 - 2016-03-04 15:05 - 00000000 ____D C:\Windows\LastGood 2016-03-04 15:05 - 2016-03-04 15:05 - 00000000 ____D C:\ProgramData\Hewlett-Packard 2016-03-04 15:00 - 2016-03-04 15:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2016-03-04 15:00 - 2016-03-04 15:00 - 00001377 _____ C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk 2016-03-04 15:00 - 2016-03-04 15:00 - 00001080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk 2016-03-04 15:00 - 2016-03-04 15:00 - 00000000 ____D C:\Users\JaafarPC\AppData\Roaming\HpUpdate 2016-03-04 15:00 - 2016-03-04 15:00 - 00000000 ____D C:\ProgramData\HP Product Assistant 2016-03-04 14:59 - 2016-03-04 15:00 - 00000000 ____D C:\Program Files (x86)\HP 2016-03-04 14:59 - 2016-03-04 14:59 - 00000000 ____D C:\Windows\SysWOW64\spool 2016-03-04 14:57 - 2016-03-04 15:06 - 00257117 _____ C:\Windows\hpoins21.dat 2016-03-04 14:57 - 2016-03-04 15:06 - 00000000 ____D C:\ProgramData\HP 2016-03-04 14:57 - 2012-10-14 14:33 - 00006174 ____N C:\Windows\hpomdl21.dat 2016-03-04 14:57 - 2012-08-21 07:55 - 01421312 _____ (Hewlett-Packard Co.) C:\Windows\system32\hpotiop5.dll 2016-03-04 14:57 - 2009-07-14 02:41 - 00046080 _____ (Hewlett-Packard Corporation) C:\Windows\system32\hpz3lw71.dll 2016-03-04 14:57 - 2009-07-08 11:51 - 00938496 _____ (Hewlett-Packard) C:\Windows\system32\hpowiax5.dll 2016-03-04 14:57 - 2009-07-08 11:51 - 00540672 _____ (Hewlett-Packard) C:\Windows\system32\hppldcoi.dll 2016-03-04 14:57 - 2009-07-08 11:51 - 00505344 _____ (Hewlett-Packard Co.) C:\Windows\system32\hpovst12.dll 2016-03-04 13:29 - 2016-03-04 13:29 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2016-03-03 23:38 - 2016-03-03 23:38 - 00000424 _____ C:\Users\JaafarPC\Desktop\Dieser PC.lnk 2016-03-03 23:14 - 2016-03-03 23:18 - 00000000 ____D C:\Windows\LOG 2016-03-03 22:56 - 2016-03-07 17:57 - 00092672 ___SH C:\Users\JaafarPC\Desktop\Thumbs.db 2016-03-03 22:54 - 2016-03-03 22:54 - 00000000 ____D C:\Users\JaafarPC\Desktop\Desktop & Verschiedenes 2016-03-03 22:53 - 2016-03-03 22:53 - 00047104 ___SH C:\Users\JaafarPC\Documents\Thumbs.db 2016-03-03 22:53 - 2016-03-03 22:53 - 00001074 _____ C:\Users\JaafarPC\Desktop\Adobe Kram.lnk 2016-03-03 22:49 - 2016-03-03 22:56 - 00000000 ____D C:\Users\JaafarPC\Desktop\Orga & Aktuelles 2016-03-03 22:38 - 2016-03-04 15:17 - 00000000 ____D C:\Users\JaafarPC\Desktop\Programme 2016-03-03 22:23 - 2016-03-03 22:23 - 00000000 ____D C:\Program Files\Synchro Arts Ltd 2016-03-03 22:06 - 2016-03-03 22:06 - 00000000 ____D C:\VstPlugins 2016-03-03 21:46 - 2016-03-03 21:46 - 00000000 ____D C:\Users\JaafarPC\AppData\Roaming\Waves Audio 2016-03-03 21:41 - 2016-03-03 21:41 - 00000000 ____D C:\Users\Public\Waves Audio 2016-03-03 21:41 - 2011-07-01 12:31 - 02181120 _____ (Propellerhead Software AB) C:\Windows\system32\ReWire.dll 2016-03-03 21:41 - 2011-07-01 12:30 - 01431552 _____ (Propellerhead Software AB) C:\Windows\SysWOW64\ReWire.dll 2016-03-03 21:39 - 2016-03-03 22:23 - 00000000 ____D C:\Program Files\Common Files\VST3 2016-03-03 21:39 - 2016-03-03 21:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves 2016-03-03 21:39 - 2016-03-03 21:40 - 00000000 ____D C:\Program Files (x86)\Waves 2016-03-03 21:39 - 2016-03-03 21:39 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-03-03 21:39 - 2016-03-03 21:39 - 00000000 ____D C:\Program Files\VSTPlugIns 2016-03-03 21:39 - 2016-03-03 21:39 - 00000000 ____D C:\Program Files\Common Files\Propellerhead Software 2016-03-03 21:39 - 2016-03-03 21:39 - 00000000 ____D C:\Program Files (x86)\VSTPlugIns 2016-03-03 21:39 - 2007-11-21 05:34 - 00007744 _____ (Altiris) C:\Windows\SysWOW64\HookDll.dll 2016-03-03 21:39 - 2005-12-15 21:30 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71.dll 2016-03-03 21:36 - 2016-03-03 21:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jBridge 2016-03-03 21:36 - 2016-03-03 21:36 - 00000000 ____D C:\Program Files\JBridge 2016-03-03 21:18 - 2016-03-03 21:18 - 00000097 _____ C:\Users\JaafarPC\WaveShell-VST 9.1.64.txt 2016-03-03 21:18 - 2012-04-11 03:27 - 00003584 _____ C:\Users\JaafarPC\WaveShell-VST 9.1.64.dll 2016-03-03 21:17 - 2016-03-03 21:17 - 00001222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves System guide.lnk 2016-03-03 21:17 - 2016-03-03 21:17 - 00001018 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Readme for Diamond 5.2.lnk 2016-03-03 21:17 - 2016-03-03 21:17 - 00000988 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves on the internet.lnk 2016-03-03 21:17 - 2016-03-03 21:17 - 00000953 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves 5.2 Release Notes.lnk 2016-03-03 21:16 - 2006-11-06 13:22 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll 2016-03-03 21:16 - 2006-11-06 13:22 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll 2016-03-03 21:04 - 2016-03-03 21:04 - 00000000 ____D C:\Users\JaafarPC\bridging files - jbridge 2016-03-03 20:51 - 2016-03-03 20:51 - 00000000 ____D C:\ProgramData\boost_interprocess 2016-03-03 20:22 - 2016-03-03 20:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synchro Arts Ltd 2016-03-03 20:21 - 2016-03-03 22:17 - 00000000 ____D C:\Program Files (x86)\Synchro Arts Ltd 2016-03-03 20:20 - 2016-03-03 20:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixMeister 2016-03-03 20:20 - 2016-03-03 20:20 - 00000000 ____D C:\Program Files (x86)\MixMeister BPM Analyzer 2016-03-03 20:15 - 2016-03-03 22:54 - 00000000 ____D C:\Users\JaafarPC\Documents\Adobe Kram 2016-03-03 19:43 - 2016-03-03 19:43 - 00000000 ____D C:\Users\Public\Documents\Adobe 2016-03-03 19:42 - 2016-03-03 19:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESI 2016-03-03 19:42 - 2016-03-03 19:42 - 00000000 ____D C:\Program Files\ESI 2016-03-03 19:42 - 2016-03-03 19:42 - 00000000 ____D C:\Program Files\DIFX 2016-03-03 19:42 - 2015-09-16 10:25 - 00514792 _____ (ESI Audiotechnik GmbH) C:\Windows\system32\julapan.exe 2016-03-03 19:42 - 2015-09-16 10:25 - 00126696 _____ (ESI Audiotechnik GmbH) C:\Windows\system32\julaASIO.dll 2016-03-03 19:42 - 2015-09-16 10:25 - 00111336 _____ (ESI Audiotechnik GmbH) C:\Windows\SysWOW64\julaASIO32.dll 2016-03-03 19:42 - 2015-09-16 10:25 - 00062696 _____ (ESI Audiotechnik GmbH) C:\Windows\system32\Drivers\Jula.sys 2016-03-03 19:42 - 2015-09-16 10:25 - 00045288 _____ (ESI Audiotechnik GmbH) C:\Windows\system32\Drivers\JulaWDM.sys 2016-03-03 19:25 - 2016-03-03 19:25 - 00001511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CC 2015.lnk 2016-03-03 19:25 - 2016-03-03 19:25 - 00000000 ____D C:\ProgramData\ALM 2016-03-03 19:18 - 2016-03-03 19:18 - 00001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2015.lnk 2016-03-03 19:13 - 2016-03-03 19:13 - 00003504 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-JAAFAR-JaafarPC 2016-03-03 19:13 - 2016-03-03 19:13 - 00000000 ____D C:\Users\JaafarPC\AppData\Roaming\NVIDIA 2016-03-03 19:12 - 2016-03-03 22:36 - 00000000 ____D C:\Users\JaafarPC\Documents\Adobe 2016-03-03 19:12 - 2016-03-03 19:12 - 00001056 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.lnk 2016-03-03 19:11 - 2016-03-03 19:24 - 00001558 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk 2016-03-03 19:09 - 2016-03-03 19:09 - 00001046 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CC (64bit).lnk 2016-03-03 19:07 - 2016-03-06 13:39 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2016-03-03 19:07 - 2016-03-06 13:16 - 00000000 ____D C:\Program Files\Adobe 2016-03-03 19:07 - 2016-03-03 19:18 - 00000000 ____D C:\Program Files\Common Files\Adobe 2016-03-03 19:07 - 2016-03-03 19:07 - 00001089 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition CC 2015.lnk 2016-03-03 19:07 - 2012-06-22 03:01 - 00056336 ____N (Corel Corporation) C:\Windows\system32\Drivers\PxHlpa64.sys 2016-03-03 19:07 - 2012-04-24 03:01 - 00011376 ____N (Corel Corporation) C:\Windows\system32\Drivers\cdralw2k.sys 2016-03-03 19:07 - 2012-04-24 03:01 - 00010864 ____N (Corel Corporation) C:\Windows\system32\Drivers\cdr4_xp.sys 2016-03-03 19:06 - 2016-03-03 19:06 - 00000000 ____D C:\ProgramData\Package Cache 2016-03-03 19:06 - 2016-03-03 19:06 - 00000000 ____D C:\Program Files (x86)\My Company Name 2016-03-03 18:57 - 2016-03-07 14:22 - 00000000 ____D C:\Users\JaafarPC\AppData\Local\Adobe 2016-03-03 18:57 - 2016-03-04 09:58 - 00000000 ____D C:\ProgramData\Adobe 2016-03-03 17:13 - 2016-03-03 17:13 - 00000000 ____D C:\Users\JaafarPC\AppData\Roaming\Macromedia 2016-03-03 17:07 - 2016-03-03 17:07 - 00000000 ____D C:\Users\JaafarPC\AppData\Local\Steam 2016-03-03 17:07 - 2016-03-03 17:07 - 00000000 ____D C:\Users\JaafarPC\AppData\Local\CEF 2016-03-03 17:06 - 2016-03-07 03:28 - 00000000 ____D C:\Program Files (x86)\Steam 2016-03-03 17:06 - 2016-03-03 17:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2016-03-03 16:39 - 2016-03-03 16:39 - 00000000 ____D C:\Users\JaafarPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader 2016-03-03 16:38 - 2016-03-06 13:49 - 00000000 ____D C:\Users\JaafarPC\AppData\Local\JDownloader 2.0 2016-03-03 15:38 - 2016-03-03 15:38 - 00000000 ____D C:\Users\JaafarPC\AppData\Roaming\vlc 2016-03-03 15:38 - 2016-03-03 15:38 - 00000000 ____D C:\Users\JaafarPC\AppData\Roaming\ClassicShell 2016-03-03 08:29 - 2016-03-03 08:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2016-03-03 08:29 - 2016-03-03 08:29 - 00000000 ____D C:\Program Files\VideoLAN 2016-03-03 08:16 - 2016-03-03 08:16 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys 2016-03-03 08:16 - 2016-03-03 08:16 - 00000000 ____D C:\Users\Public\Documents\Logishrd 2016-03-03 08:16 - 2016-03-03 08:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech 2016-03-03 08:16 - 2016-03-03 08:16 - 00000000 ____D C:\ProgramData\Logishrd 2016-03-03 08:15 - 2016-03-03 08:16 - 00000000 ____D C:\Program Files\Common Files\LogiShrd 2016-03-03 08:15 - 2016-03-03 08:15 - 00000000 ____D C:\Users\JaafarPC\AppData\Roaming\Logitech 2016-03-03 08:15 - 2016-03-03 08:15 - 00000000 ____D C:\Users\JaafarPC\AppData\Roaming\Logishrd 2016-03-03 08:15 - 2016-03-03 08:15 - 00000000 ____D C:\Program Files\Logitech 2016-03-03 08:10 - 2016-03-07 17:58 - 00000000 ____D C:\Users\JaafarPC\AppData\Roaming\Skype 2016-03-03 08:10 - 2016-03-03 08:10 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-03-03 08:10 - 2016-03-03 08:10 - 00000000 ____D C:\Users\JaafarPC\Tracing 2016-03-03 08:10 - 2016-03-03 08:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2016-03-03 08:09 - 2016-03-03 08:10 - 00000000 ____D C:\ProgramData\Skype 2016-03-03 08:07 - 2016-03-03 08:07 - 00002792 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2016-03-03 08:07 - 2016-03-03 08:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2016-03-03 08:07 - 2016-03-03 08:07 - 00000000 ____D C:\Program Files\CCleaner 2016-03-03 08:04 - 2016-03-04 14:02 - 00000075 _____ C:\Users\JaafarPC\Desktop\Neues Textdokument.txt 2016-03-03 07:49 - 2010-05-24 23:44 - 1000927628 _____ C:\Users\JaafarPC\Desktop\Fertiges Musikvideo.avi 2016-03-03 07:47 - 2016-03-03 07:47 - 00000000 ____D C:\Users\JaafarPC\Desktop\uni 2016-03-03 07:44 - 2016-03-07 12:03 - 00000000 ____D C:\Program Files\Windows KMS Activator Ultimate 2016 v2.7 2016-03-03 07:44 - 2016-03-03 07:44 - 00000000 ____D C:\Users\JaafarPC\AppData\Roaming\WinRAR 2016-03-03 07:43 - 2016-03-03 07:43 - 00000000 ____D C:\Users\JaafarPC\Documents\- Anderes 2016-03-03 04:14 - 2016-03-07 11:54 - 00001310 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-03-03 04:13 - 2016-03-07 18:18 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-03-03 04:13 - 2016-03-07 12:04 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-03-03 04:13 - 2016-03-03 04:51 - 00000000 ____D C:\Users\JaafarPC\AppData\Local\Google 2016-03-03 04:13 - 2016-03-03 04:14 - 00000000 ____D C:\Program Files (x86)\Google 2016-03-03 04:13 - 2016-03-03 04:13 - 00004100 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2016-03-03 04:13 - 2016-03-03 04:13 - 00003864 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2016-03-03 04:09 - 2013-08-22 14:25 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20160303-040957.backup 2016-03-03 04:02 - 2016-03-07 18:17 - 00000000 ____D C:\Users\JaafarPC\AppData\Local\ClassicShell 2016-03-03 04:01 - 2016-03-03 04:01 - 00000000 ____D C:\ProgramData\ClassicShell 2016-03-03 03:59 - 2016-03-03 03:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell 2016-03-03 03:59 - 2016-03-03 03:59 - 00000000 ____D C:\Program Files\Classic Shell 2016-03-03 01:29 - 2016-03-03 01:32 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2016-03-03 01:29 - 2016-03-03 01:29 - 00001403 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2016-03-03 01:29 - 2016-03-03 01:29 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2016-03-03 01:29 - 2016-03-03 01:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2016-03-03 01:29 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe 2016-03-03 01:20 - 2016-03-03 01:20 - 00000000 ____D C:\Users\JaafarPC\AppData\Local\AVG Web TuneUp 2016-03-03 01:20 - 2016-03-03 01:20 - 00000000 ____D C:\ProgramData\AVG Web TuneUp 2016-03-03 01:20 - 2016-03-03 01:20 - 00000000 ____D C:\Program Files\AVG Web TuneUp 2016-03-03 01:20 - 2016-03-03 01:20 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp 2016-03-03 01:14 - 2016-03-03 01:31 - 00000000 ____D C:\Program Files\Common Files\AV 2016-03-03 01:14 - 2016-03-03 01:14 - 00000000 ____D C:\Users\JaafarPC\AppData\Roaming\AVG 2016-03-03 01:13 - 2016-03-07 15:50 - 00000000 ____D C:\ProgramData\MFAData 2016-03-03 01:13 - 2016-03-03 01:13 - 00000000 ___HD C:\$AVG 2016-03-03 01:13 - 2016-03-03 01:13 - 00000000 ____D C:\Users\JaafarPC\AppData\Roaming\TuneUp Software 2016-03-03 01:13 - 2016-03-03 01:13 - 00000000 ____D C:\Users\JaafarPC\AppData\Local\MFAData 2016-03-03 01:13 - 2016-03-03 01:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen 2016-03-03 01:13 - 2016-03-03 01:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2016-03-03 01:12 - 2016-03-03 01:13 - 00000000 ____D C:\ProgramData\Avg 2016-03-03 01:12 - 2016-03-03 01:13 - 00000000 ____D C:\Program Files (x86)\AVG 2016-03-03 01:10 - 2016-03-03 01:14 - 00000000 ____D C:\Users\JaafarPC\AppData\Local\Avg 2016-03-03 01:10 - 2016-03-03 01:13 - 00000000 ____D C:\Users\JaafarPC\AppData\Local\AvgSetupLog 2016-03-03 01:06 - 2016-03-03 01:06 - 00000000 ____D C:\Users\JaafarPC\AppData\Local\NVIDIA Corporation 2016-03-03 01:05 - 2016-03-03 01:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2016-03-03 01:05 - 2016-03-03 01:05 - 00000000 ____D C:\Users\JaafarPC\AppData\Local\NVIDIA 2016-03-03 01:05 - 2016-03-03 01:05 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies 2016-03-03 01:05 - 2015-10-13 20:00 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2016-03-03 01:05 - 2015-10-13 20:00 - 01514528 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2016-03-03 01:05 - 2015-10-13 20:00 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2016-03-03 01:05 - 2015-10-13 20:00 - 01278920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2016-03-03 01:05 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll 2016-03-03 01:05 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll 2016-03-03 01:05 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll 2016-03-03 01:05 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll 2016-03-03 01:05 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2016-03-03 01:05 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll 2016-03-03 01:04 - 2016-03-03 01:04 - 00000000 ____D C:\Windows\LastGood.Tmp 2016-03-03 01:04 - 2015-10-13 16:26 - 00608048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2016-03-03 01:03 - 2015-10-13 20:00 - 31514288 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2016-03-03 01:03 - 2015-10-13 20:00 - 24199344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2016-03-03 01:03 - 2015-10-13 20:00 - 22993200 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2016-03-03 01:03 - 2015-10-13 20:00 - 18634072 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2016-03-03 01:03 - 2015-10-13 20:00 - 17559432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2016-03-03 01:03 - 2015-10-13 20:00 - 16128576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2016-03-03 01:03 - 2015-10-13 20:00 - 15293104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2016-03-03 01:03 - 2015-10-13 20:00 - 14497568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2016-03-03 01:03 - 2015-10-13 20:00 - 13916600 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2016-03-03 01:03 - 2015-10-13 20:00 - 13828224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2016-03-03 01:03 - 2015-10-13 20:00 - 12898992 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2016-03-03 01:03 - 2015-10-13 20:00 - 11272048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2016-03-03 01:03 - 2015-10-13 20:00 - 11209376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2016-03-03 01:03 - 2015-10-13 20:00 - 04245624 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2016-03-03 01:03 - 2015-10-13 20:00 - 03986608 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2016-03-03 01:03 - 2015-10-13 20:00 - 03209920 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2016-03-03 01:03 - 2015-10-13 20:00 - 02823992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2016-03-03 01:03 - 2015-10-13 20:00 - 01908528 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434192.dll 2016-03-03 01:03 - 2015-10-13 20:00 - 01556656 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434192.dll 2016-03-03 01:03 - 2015-10-13 20:00 - 00944304 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2016-03-03 01:03 - 2015-10-13 20:00 - 00907440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2016-03-03 01:03 - 2015-10-13 20:00 - 00903472 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2016-03-03 01:03 - 2015-10-13 20:00 - 00869040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2016-03-03 01:03 - 2015-10-13 20:00 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2016-03-03 01:03 - 2015-10-13 20:00 - 00035472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll 2016-03-03 01:03 - 2015-10-13 20:00 - 00032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2016-03-03 00:53 - 2016-03-07 11:54 - 00001073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-03-03 00:53 - 2016-03-03 01:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-03-03 00:53 - 2016-03-03 01:01 - 00000000 ____D C:\Users\JaafarPC\AppData\Local\Mozilla 2016-03-03 00:53 - 2016-03-03 00:55 - 00000000 ____D C:\Users\JaafarPC\AppData\Roaming\Mozilla 2016-03-03 00:53 - 2016-03-03 00:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-03-03 00:52 - 2016-03-03 00:52 - 00000000 __SHD C:\Users\JaafarPC\AppData\LocalLow\EmieUserList 2016-03-03 00:52 - 2016-03-03 00:52 - 00000000 __SHD C:\Users\JaafarPC\AppData\LocalLow\EmieSiteList 2016-03-03 00:52 - 2016-03-03 00:52 - 00000000 __SHD C:\Users\JaafarPC\AppData\LocalLow\EmieBrowserModeList 2016-03-03 00:52 - 2016-03-03 00:52 - 00000000 __SHD C:\Users\JaafarPC\AppData\Local\EmieUserList 2016-03-03 00:52 - 2016-03-03 00:52 - 00000000 __SHD C:\Users\JaafarPC\AppData\Local\EmieSiteList 2016-03-03 00:52 - 2016-03-03 00:52 - 00000000 __SHD C:\Users\JaafarPC\AppData\Local\EmieBrowserModeList 2016-03-03 00:51 - 2016-03-07 12:04 - 00000000 ____D C:\ProgramData\NVIDIA 2016-03-03 00:51 - 2016-03-03 01:05 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2016-03-03 00:50 - 2016-03-03 01:06 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2016-03-03 00:50 - 2016-03-03 01:05 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2016-03-03 00:50 - 2015-10-13 20:00 - 00074032 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2016-03-03 00:50 - 2015-10-13 20:00 - 00059568 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2016-03-03 00:50 - 2015-10-13 18:26 - 06783280 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2016-03-03 00:50 - 2015-10-13 18:26 - 03522168 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2016-03-03 00:50 - 2015-10-13 18:26 - 02557616 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2016-03-03 00:50 - 2015-10-13 18:26 - 00933168 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2016-03-03 00:50 - 2015-10-13 18:26 - 00384176 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2016-03-03 00:50 - 2015-10-13 18:26 - 00062584 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2016-03-03 00:50 - 2015-10-13 17:19 - 05972783 _____ C:\Windows\system32\nvcoproc.bin 2016-03-03 00:42 - 2016-03-07 12:15 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-229030632-1578635348-2299778840-1001 2016-03-03 00:36 - 2016-03-07 11:54 - 00001013 _____ C:\Users\JaafarPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-03-03 00:36 - 2016-03-06 13:45 - 00000000 ____D C:\Users\JaafarPC\AppData\Roaming\Adobe 2016-03-03 00:36 - 2016-03-03 22:56 - 00000000 ____D C:\Users\JaafarPC\AppData\Local\Packages 2016-03-03 00:36 - 2016-03-03 21:23 - 00000000 ____D C:\Users\JaafarPC\AppData\Local\VirtualStore 2016-03-03 00:36 - 2016-03-03 21:18 - 00000000 ____D C:\Users\JaafarPC 2016-03-03 00:36 - 2016-03-03 00:36 - 00000020 ___SH C:\Users\JaafarPC\ntuser.ini 2016-03-03 00:36 - 2016-03-03 00:36 - 00000000 _SHDL C:\Users\JaafarPC\Vorlagen 2016-03-03 00:36 - 2016-03-03 00:36 - 00000000 _SHDL C:\Users\JaafarPC\Startmenü 2016-03-03 00:36 - 2016-03-03 00:36 - 00000000 _SHDL C:\Users\JaafarPC\Netzwerkumgebung 2016-03-03 00:36 - 2016-03-03 00:36 - 00000000 _SHDL C:\Users\JaafarPC\Lokale Einstellungen 2016-03-03 00:36 - 2016-03-03 00:36 - 00000000 _SHDL C:\Users\JaafarPC\Eigene Dateien 2016-03-03 00:36 - 2016-03-03 00:36 - 00000000 _SHDL C:\Users\JaafarPC\Druckumgebung 2016-03-03 00:36 - 2016-03-03 00:36 - 00000000 _SHDL C:\Users\JaafarPC\Documents\Eigene Videos 2016-03-03 00:36 - 2016-03-03 00:36 - 00000000 _SHDL C:\Users\JaafarPC\Documents\Eigene Musik 2016-03-03 00:36 - 2016-03-03 00:36 - 00000000 _SHDL C:\Users\JaafarPC\Documents\Eigene Bilder 2016-03-03 00:36 - 2016-03-03 00:36 - 00000000 _SHDL C:\Users\JaafarPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2016-03-03 00:36 - 2016-03-03 00:36 - 00000000 _SHDL C:\Users\JaafarPC\AppData\Local\Verlauf 2016-03-03 00:36 - 2016-03-03 00:36 - 00000000 _SHDL C:\Users\JaafarPC\AppData\Local\Anwendungsdaten 2016-03-03 00:36 - 2016-03-03 00:36 - 00000000 _SHDL C:\Users\JaafarPC\Anwendungsdaten 2016-03-03 00:36 - 2016-03-03 00:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-03-03 00:36 - 2016-03-03 00:36 - 00000000 ____D C:\Program Files\WinRAR 2016-03-03 00:36 - 2015-04-30 10:07 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2016-03-03 00:36 - 2014-11-21 04:42 - 00000369 _____ C:\Users\JaafarPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk 2016-03-03 00:36 - 2014-11-21 04:42 - 00000369 _____ C:\Users\JaafarPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk 2016-03-03 00:35 - 2016-03-03 00:35 - 00000000 ____D C:\Windows\CSC 2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Videos 2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik 2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder 2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Users\Default\Vorlagen 2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Users\Default\Startmenü 2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung 2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen 2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Users\Default\Eigene Dateien 2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Users\Default\Druckumgebung 2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos 2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik 2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder 2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf 2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten 2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten 2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos 2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik 2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder 2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf 2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten 2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Programme 2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\ProgramData\Vorlagen 2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\ProgramData\Startmenü 2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme 2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\ProgramData\Dokumente 2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten 2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien 2016-03-03 00:33 - 2016-03-03 00:33 - 00000000 _SHDL C:\Dokumente und Einstellungen 2016-03-03 00:30 - 2016-03-03 00:30 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2016-03-03 00:28 - 2016-03-03 19:34 - 00000000 ____D C:\Windows\Panther 2016-02-15 16:38 - 2016-02-15 16:38 - 00269232 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-03-07 12:11 - 2014-11-21 04:35 - 01686150 _____ C:\Windows\system32\PerfStringBackup.INI 2016-03-07 12:11 - 2014-11-21 03:45 - 00726688 _____ C:\Windows\system32\perfh007.dat 2016-03-07 12:11 - 2014-11-21 03:45 - 00151380 _____ C:\Windows\system32\perfc007.dat 2016-03-07 12:11 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf 2016-03-07 12:04 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\MediaViewer 2016-03-07 12:04 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-03-07 11:55 - 2013-08-22 15:44 - 05004048 _____ C:\Windows\system32\FNTCACHE.DAT 2016-03-05 04:03 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache 2016-03-04 15:06 - 2013-08-22 14:25 - 00000127 _____ C:\Windows\win.ini 2016-03-03 23:29 - 2015-05-12 20:32 - 00000000 ___SD C:\Windows\system32\GWX 2016-03-03 23:19 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2016-03-03 22:56 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps 2016-03-03 22:56 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness 2016-03-03 19:06 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2016-03-03 02:10 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppCompat 2016-03-03 01:15 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM 2016-03-03 01:13 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\ELAMBKUP 2016-03-03 00:50 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\Help 2016-03-03 00:33 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows NT 2016-03-03 00:28 - 2013-08-22 16:36 - 00262144 _____ C:\Windows\system32\config\BCD-Template ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2012-09-01 16:00 - 2012-09-01 16:00 - 1966592 _____ (Waves Audio Ltd.) C:\Program Files\WaveShell-VST 9.1_x64.dll 2012-09-01 16:00 - 2012-09-01 16:00 - 1490944 _____ (Waves Audio Ltd.) C:\Program Files (x86)\WaveShell-VST 9.1.dll 2016-03-04 14:57 - 2016-03-04 15:06 - 0000837 _____ () C:\ProgramData\hpzinstall.log Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\JaafarPC\WaveShell-VST 9.1.64.dll Einige Dateien in TEMP: ==================== C:\Users\JaafarPC\AppData\Local\Temp\JDSetup131014930675387574.exe C:\Users\JaafarPC\AppData\Local\Temp\LMkRstPt.exe C:\Users\JaafarPC\AppData\Local\Temp\nvStInst.exe C:\Users\JaafarPC\AppData\Local\Temp\proxy_vole6598543556777062445.dll C:\Users\JaafarPC\AppData\Local\Temp\proxy_vole9188899059640561267.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-03-03 00:29 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von JaafarPC (2016-03-07 18:19:05)
Gestartet von C:\Users\JaafarPC\Downloads
Windows 8.1 Pro (X64) (2016-03-02 23:36:50)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-229030632-1578635348-2299778840-500 - Administrator - Disabled)
Gast (S-1-5-21-229030632-1578635348-2299778840-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-229030632-1578635348-2299778840-1003 - Limited - Enabled)
JaafarPC (S-1-5-21-229030632-1578635348-2299778840-1001 - Administrator - Enabled) => C:\Users\JaafarPC
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Audition CC 2015 (HKLM-x32\...\{839A3566-AED6-4787-A849-5CBE2B1DC6AE}) (Version: 8.1.0 - Adobe Systems Incorporated)
Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Illustrator CC 2015 (HKLM-x32\...\{5680D629-B263-49CC-821E-3CEBD4507B51}) (Version: 19.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Update Management Tool (HKLM-x32\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 7.1 - PainteR)
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
AVG (HKLM\...\AvgZen) (Version: 1.41.1.56922 - AVG Technologies)
AVG (Version: 16.51.7496 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4540 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.51.7496 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.2.6.552 - AVG Technologies)
AVG Zen (Version: 1.41.29 - AVG Technologies) Hidden
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
C6200 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
C6200_Help (x32 Version: 100.0.206.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.15 - Piriform)
Classic Shell (HKLM\...\{D4B3454F-7529-4F5F-851D-2C36933F7D64}) (Version: 4.2.5 - IvoSoft)
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden
FMW 1 (Version: 1.62.2 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.75 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart All-In-One Driver Software (HKLM\...\{A96C5DB7-40F9-46DD-B36F-9E657D1D9E04}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
JBridge (HKLM-x32\...\JBridge) (Version: - JBridge)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Juli@ PCI Driver version v1.2.1.0 (HKLM\...\{2C649BA4-D482-408F-9148-2EC10E1E3193}_is1) (Version: v1.2.1.0 - ESI-Audiotechnik)
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MarketResearch (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MixMeister BPM Analyzer 1.0 (HKLM-x32\...\MixMeister BPM Analyzer_is1) (Version: - MixMeister Technology LLC)
Mozilla Firefox 44.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 de)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2 - Mozilla)
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.92 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.92 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
PS_AIO_02_ProductContext (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
PS_AIO_02_Software (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
PS_AIO_02_Software_Min (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.2 - VideoLAN)
VocALign Pro 4 VST (64bit) (HKLM\...\{17F13CFE-9956-4688-A875-F00B2EC3C312}) (Version: 4.2.3 - Synchro Arts Ltd)
VocALign Project (HKLM-x32\...\{7E7F3882-48B3-424B-9BE2-D257D1319C59}) (Version: 2.9.1 - Synchro Arts Ltd)
Waves Complete V9r5 (HKLM-x32\...\{91000001-C561-4E32-99EB-3C5AD3683A70}) (Version: 9.1.1 - Waves)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Driver Package - ESI (Jula.sys) MEDIA (09/16/2015 1.2.1.0) (HKLM\...\9351121A70A5DD84065790FA90941B0BB03521DA) (Version: 09/16/2015 1.2.1.0 - ESI)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {4CC57155-A3B0-406D-8F7B-CF27DE98607A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-03] (Google Inc.)
Task: {7453DA2A-2CF3-4550-817D-D1B6F8FFC49F} - System32\Tasks\AdobeAAMUpdater-1.0-JAAFAR-JaafarPC => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-05-26] (Adobe Systems Incorporated)
Task: {A0FE36C0-BAA1-4330-AFC8-971BF3970D9C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-03] (Google Inc.)
Task: {BE09FC54-A89E-49A5-AF6F-8D39063A8541} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-02-12] (Piriform Ltd)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-03-03 01:20 - 2016-03-03 01:20 - 01215560 ____N () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2016-03-03 04:14 - 2016-03-02 05:49 - 02140824 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.75\libglesv2.dll
2016-03-03 04:14 - 2016-03-02 05:49 - 00097944 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.75\libegl.dll
2016-03-03 01:29 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-03-03 01:29 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-03-03 01:29 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-03-03 01:29 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2016-03-03 01:29 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Da befinden sich 7872 mehr Seiten.
IE restricted site: HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\123simsen.com -> www.123simsen.com
Da befinden sich 7872 mehr Seiten.
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2016-03-03 19:53 - 00456107 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 3dns.adobe.com
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 3dns-5.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate.wip1.adobe.com
127.0.0.1 activate.wip2.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate.wip4.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-1.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 adobe-dns-4.adobe.com
127.0.0.1 adobeereg.com
127.0.0.1 ereg.adobe.com
127.0.0.1 ereg.wip.adobe.com
127.0.0.1 ereg.wip1.adobe.com
127.0.0.1 ereg.wip2.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 ereg.wip4.adobe.com
127.0.0.1 hl2rcv.adobe.com
127.0.0.1 practivate.adobe
127.0.0.1 practivate.adobe.com
127.0.0.1 practivate.adobe.ipp
127.0.0.1 practivate.adobe.newoa
Da befinden sich 15611 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-229030632-1578635348-2299778840-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"
HKU\S-1-5-21-229030632-1578635348-2299778840-1001\...\StartupApproved\Run: => "Steam"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{663FAFD4-9C53-4E07-99BC-6365553F9EF6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F0467BB5-D710-43E4-B1A9-5D20ED92EBA8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{16114020-C0DF-4021-B355-2F0D72E4F711}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{254EA03A-C209-41B5-9B1D-438FF08AAFFC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F46746B8-FF2E-49E2-AF11-00464F976BC1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{224CFA6C-1D0C-45E5-96D7-6647558136D3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{D32BF04E-871E-4B06-B96A-99D1A70C633D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{555457AD-9D97-47C5-9F14-6E53BDE46F3A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{52ECEFEA-C853-4926-A427-4F5EA46AB124}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{07CBBE74-71CB-4677-BE1A-053469954760}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{D63D9283-74D3-4B5E-B2C2-404227330C53}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{6D5386F0-4EC0-4965-8112-79648183DBC2}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{85CDDCAB-9692-41D6-84D7-88113E687632}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{127D75D3-E893-4DC4-9409-BB05DF7B62C6}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{2DFB2C1A-99AB-4DC6-A56D-4A80A71AF2DE}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{D6DA640E-FC74-4E66-86F6-00742AD2903B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{6DB999FB-DB88-4A24-8F85-C1A9008F09D9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{29E3EB8A-0FA4-4B38-9FF3-7A48B9FA903B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{82940EC0-2E77-4696-A212-DA41A5537304}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{88785A68-F5EA-485E-BE4E-212E43420654}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{AEBBB646-A11B-4066-A26F-6B435924E5A6}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{10310B69-F8F0-4A85-AD8A-F5898D61675B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{62AF5F0C-1EAF-4BDD-898B-C9C6B9AA1B1A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FEEA1416-87F4-4EDE-AC24-4CB23BE88800}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1735C845-AA32-4586-B8B5-215D1884F19E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{37DCBA5D-87E3-4C72-A665-70DD0583B5D7}] => (Allow) C:\Users\JaafarPC\AppData\Local\Temp\7zS0342\setup\hpznui40.exe
FirewallRules: [{A7F0C6A7-BD42-440D-93EB-6412F1D3C577}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{59D8BF2D-8F72-4775-A85D-20C224207FE5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{85A5527F-A340-4708-9C07-63CC06FE554A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{323184E8-392C-48D6-9853-0BCFC5A6545D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{D8A2572E-5EC1-4D30-89DF-E2321A3560A1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{4597658B-31C6-496C-A524-EE07572B7F5C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{70B010C1-0F64-4106-B10C-2E2E70EDDDCC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{874F7045-E286-49CB-9A3C-4745372FBC95}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{4BED7935-84CA-4776-A447-1CA036FCE417}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{A6B36555-2841-4BB2-AF17-8F125122677F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{1C9B2D0F-E1F2-41AB-B23B-81C588F9C85C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{1102A7AA-D57C-4EC2-B9E3-1A1B23981F39}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{5DF5CA5D-4D68-4038-9032-49B6564FC7C6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{C92A54C3-ACB9-4CB9-9B36-0ECEBAF3F345}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{F3DC64DC-71C5-49F3-A486-B143995DB340}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{3F6B286A-8C41-4756-982F-4CFCD08004B4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{9C2A885D-4AF9-4528-95A3-133252EEE048}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{B47314B4-4DDB-459F-BEBA-F347339B8669}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{6085DB09-5A36-4557-BF9D-37160C9A88DA}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Wiederherstellungspunkte =========================
03-03-2016 01:05:30 DirectX wurde installiert
07-03-2016 18:11:51 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Photosmart C6200 series
Description: Photosmart C6200 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Photosmart C6200 series
Description: Photosmart C6200 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: NVIDIA Virtual Audio Device (Wave Extensible) (WDM)
Description: NVIDIA Virtual Audio Device (Wave Extensible) (WDM)
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: nvvad_WaveExtensible
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (03/07/2016 06:11:52 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (03/07/2016 12:04:29 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [0]
Error: (03/07/2016 12:04:29 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to open Audio Capture session [6]
Error: (03/07/2016 11:55:31 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [0]
Error: (03/07/2016 11:55:31 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to open Audio Capture session [6]
Error: (03/07/2016 04:03:19 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" in Zeile WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (03/07/2016 04:03:19 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" in Zeile WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (03/07/2016 04:03:19 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" in Zeile WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (03/06/2016 04:35:05 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" in Zeile WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (03/06/2016 04:35:05 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" in Zeile WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Systemfehler:
=============
Error: (03/07/2016 06:12:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/07/2016 06:12:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/07/2016 02:21:46 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.
Error: (03/07/2016 02:21:46 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.
Error: (03/07/2016 02:21:46 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.
Error: (03/07/2016 02:21:46 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.
Error: (03/07/2016 12:04:30 PM) (Source: bowser) (EventID: 8016) (User: )
Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "O2" zum Namen "JAAFAR" auf Transport "NetBT_Tcpip_{ADE801C5-7412-468D-8993-C2E8BDF3F287}". Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist.
Error: (03/07/2016 11:56:48 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "O2",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{ADE801C5-7412-468D-8993-C2E8BDF3F287}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (03/07/2016 11:55:32 AM) (Source: bowser) (EventID: 8016) (User: )
Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "O2" zum Namen "JAAFAR" auf Transport "NetBT_Tcpip_{ADE801C5-7412-468D-8993-C2E8BDF3F287}". Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist.
Error: (03/07/2016 11:54:46 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {A677570A-2BA2-4E9A-B2E2-8A02CD8B4FD3}
CodeIntegrity:
===================================
Date: 2016-03-07 15:51:00.632
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-07 15:50:59.407
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-07 15:50:56.025
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-07 15:50:55.862
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-07 15:50:55.701
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-07 15:50:55.539
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-07 15:50:55.378
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-07 12:04:30.864
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\1\avgnetclix.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-07 12:04:30.739
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\1\avgnetclix.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-03-07 12:04:30.504
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Xeon(R) CPU X5450 @ 3.00GHz
Prozentuale Nutzung des RAM: 33%
Installierter physikalischer RAM: 6142.49 MB
Verfügbarer physikalischer RAM: 4061.1 MB
Summe virtueller Speicher: 7352.5 MB
Verfügbarer virtueller Speicher: 4875.02 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:111.45 GB) (Free:63.31 GB) NTFS
Drive d: (WINSETUP) (Removable) (Total:14.9 GB) (Free:10.88 GB) FAT32
Drive i: (System-reserviert) (Fixed) (Total:0.34 GB) (Free:0.06 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive j: () (Fixed) (Total:185.97 GB) (Free:181.98 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: E2931C00)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 186.3 GB) (Disk ID: 54901CBA)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=186 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 14.9 GB) (Disk ID: 757BD18E)
Partition 1: (Active) - (Size=14.9 GB) - (Type=0C)
==================== Ende von Addition.txt ============================
|
| Themen zu Browser leitet automatisch auf Werbe-Seiten weiter - Win 8 |
| adobe, antivirus, browser, cid, cpu, defender, desktop, dnsapi.dll, google, iexplore.exe, installation, launch, mozilla, photoshop, problem, proxy, prozesse, registry, rundll, safer networking, scan, secure search, security, services.exe, software, trojan, udp, warnung, windows |
Baum-Darstellung