Hallo, und danke für die schnelle Antwort.
Ich hatte noch Hijackthis durchlaufen lassen und danach ist der Fehler anscheinend weg.
anbei das HijackthisLog Code:
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 11:35:43, on 29.02.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18098)
FIREFOX: 39.0 (x86 de)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Bieberich\Downloads\HijackThis_2.0.5.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: 172.1.6.9 www.iphonebackupextractor.com
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll
O2 - BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll
O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: IEPlugin - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4 - HKLM\..\Run: [IntelSBA] C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\SBALaunchDelay.exe "C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe -minimized" 60
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" 60
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - Global Startup: Bluetooth.lnk = ?
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service - Flexera Software LLC - C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
O23 - Service: Google Update-Dienst (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HyperW7 Service (HyperW7Svc) - Lenovo Group Limited - C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
O23 - Service: Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Small Business Advantage - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LSCWinService - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NitroPDFDriverCreatorReadSpool9 (NitroDriverReadSpool9) - Nitro PDF Software - C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe
O23 - Service: NitroUpdateService - Unknown owner - C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\NLSSRV32.EXE
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Partner Service - Google Inc. - C:\ProgramData\Partner\Partner.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\Windows\System32\TPHDEXLG64.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: Anzeige am Bildschirm (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIPAppService - Symantec Corporation - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 12172 bytes Hier habe ich folgende Werte nach der Logfileauswertung via Hijackthis gefixt:
O1 - Hosts: 172.1.6.9 iPhone Backup Extractor for Windows and Mac - Recover your lost data
O2 - BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll
O23 - Service: Partner Service - Google Inc. - C:\ProgramData\Partner\Partner.exe
Ich hoffe ich war hier nicht zu voreilig.
Anbei das FRST Log: Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:27-02-2016
durchgeführt von Bieberich (Administrator) auf BIEBERICH-THINK (29-02-2016 15:27:36)
Gestartet von C:\Users\Bieberich\Downloads
Geladene Profile: Bieberich (Verfügbare Profile: Bieberich)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Nitro PDF Software) C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe
() C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
(Lenovo) C:\Users\Bieberich\AppData\Local\Apps\2.0\42OXGXN8.7NP\3BB02JTM.A1M\lsb...tion_91a10ba61c75c82d_0001.0006_e2bd8e8ce58257d4\LSB.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(AppWork GmbH) C:\Users\Bieberich\AppData\Local\JDownloader 2.0\JDownloader2.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13653208 2013-09-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916112 2012-04-08] (Synaptics Incorporated)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [382528 2012-02-24] (Lenovo.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595848 2015-07-08] (ESET)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2015-01-16] (NVIDIA Corporation)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-07-18] (Intel Corporation)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [IntelSBA] => C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe [4243168 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1178400 2015-07-06] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKU\S-1-5-21-1723098240-1154295253-4163743611-1001\...\MountPoints2: {9c6bcf44-1e56-11e5-9785-806e6f6e6963} - Q:\LenovoQDrive.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174856 2015-04-08] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [156840 2015-04-08] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll Keine Datei
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-09-06]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0D9875A6-2B0F-4E7C-A7B3-664B17320DB5}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{935586E3-B45D-494A-AFE8-F93E6694FAA1}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{B02DA3BA-6EA2-48BC-82DE-2C811800DCE2}: [DhcpNameServer] 172.20.10.1
Internet Explorer:
==================
HKU\S-1-5-21-1723098240-1154295253-4163743611-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-1723098240-1154295253-4163743611-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
HKU\S-1-5-21-1723098240-1154295253-4163743611-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
HKU\S-1-5-21-1723098240-1154295253-4163743611-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1723098240-1154295253-4163743611-1001 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP
SearchScopes: HKU\S-1-5-21-1723098240-1154295253-4163743611-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll [2012-04-18] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-29] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll [2012-04-18] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-29] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Bieberich\AppData\Roaming\Mozilla\Firefox\Profiles\sbhecr57.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-29] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2014-08-01] (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-26] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1723098240-1154295253-4163743611-1001: www.mydlink.com/Uplayer -> C:\Users\Bieberich\AppData\Roaming\D-Link\mydlink services plugin\1.0.2.7\npUplayer.dll [2015-12-11] (D-Link Corporation)
FF Extension: Garmin Communicator - C:\Users\Bieberich\AppData\Roaming\Mozilla\Firefox\Profiles\sbhecr57.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2015-08-20] [ist nicht signiert]
FF Extension: Password Exporter - C:\Users\Bieberich\AppData\Roaming\Mozilla\Firefox\Profiles\sbhecr57.default\Extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi [2015-06-29]
FF Extension: Video DownloadHelper - C:\Users\Bieberich\AppData\Roaming\Mozilla\Firefox\Profiles\sbhecr57.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-11-08]
FF Extension: Adblock Plus - C:\Users\Bieberich\AppData\Roaming\Mozilla\Firefox\Profiles\sbhecr57.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-24]
FF HKLM-x32\...\Firefox\Extensions: [VIP3X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client [2013-09-06] [ist nicht signiert]
Chrome:
=======
CHR dev: Chrome dev build erkannt! <======= ACHTUNG
CHR Profile: C:\Users\Bieberich\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Norton Identity Protection) - C:\Users\Bieberich\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2015-06-29]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1353720 2015-07-08] (ESET)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R2 Intel(R) Small Business Advantage; C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [49376 2012-02-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-07-06] (Intel Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272864 2016-01-08] (Lenovo)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-26] ()
R2 NitroDriverReadSpool9; C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe [230920 2014-08-01] (Nitro PDF Software)
R2 NitroUpdateService; C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe [418312 2014-08-01] ()
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [21536 2016-01-13] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84080 2012-04-18] (Symantec Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-02-26] (Intel® Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [150440 2015-12-28] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [150440 2015-12-28] (SlySoft, Inc.)
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [163368 2012-04-01] (Broadcom Corporation.)
S3 CYUSB; C:\Windows\System32\Drivers\CYUSB.sys [54776 2013-02-07] (Cypress Semiconductor)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [255240 2015-07-14] (ESET)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [251632 2015-07-14] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [178520 2015-07-14] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [168208 2015-07-14] (ESET)
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [331264 2011-12-05] (Intel(R) Corporation) [Datei ist nicht signiert]
R3 LenovoRd; C:\Windows\System32\Drivers\LenovoRd.sys [118016 2009-05-11] (Lenovo)
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [32256 2009-06-24] (hxxp://libusb-win32.sourceforge.net) [Datei ist nicht signiert]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [178464 2015-06-29] (Intel Corporation)
S3 RemoteControl-USBLAN; C:\Windows\System32\DRIVERS\rcblan.sys [46616 2007-01-24] (Belcarra Technologies)
R1 RrNetCapFilterDriver; C:\Windows\System32\DRIVERS\RrNetCapFilterDriver.sys [25256 2015-07-09] (Audials AG)
S3 sbusb_vista; C:\Windows\SysWOW64\DRIVERS\sbusb_vista.sys [104576 2014-05-17] (Microsoft Corporation) [Datei ist nicht signiert]
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13128 2011-05-30] (Authentec Inc.)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-29] (Lenovo Information Product(ShenZhen China) Inc.)
S3 tvtvcamd; C:\Windows\System32\DRIVERS\tvtvcamd.sys [27432 2011-12-07] (ThinkVantage Communications Utility)
S3 Ser2pl; system32\DRIVERS\ser2pl64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-29 15:27 - 2016-02-29 15:27 - 00021732 _____ C:\Users\Bieberich\Downloads\FRST.txt
2016-02-29 15:27 - 2016-02-29 15:27 - 00000000 ____D C:\FRST
2016-02-29 15:26 - 2016-02-29 15:26 - 02371072 _____ (Farbar) C:\Users\Bieberich\Downloads\FRST64.exe
2016-02-29 14:47 - 2016-01-16 20:06 - 00025024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-02-29 14:47 - 2016-01-16 19:54 - 01162240 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-02-29 14:47 - 2016-01-11 20:05 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-02-29 14:47 - 2016-01-11 20:05 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-02-29 14:47 - 2016-01-11 20:05 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-02-29 14:47 - 2016-01-11 19:52 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-02-29 14:47 - 2016-01-11 19:47 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-02-29 14:47 - 2016-01-11 19:26 - 02610176 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-02-29 14:47 - 2016-01-11 19:24 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-02-29 14:47 - 2016-01-11 19:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-02-29 14:47 - 2016-01-11 19:23 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-02-29 14:47 - 2016-01-11 19:23 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-02-29 14:47 - 2016-01-11 19:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-02-29 14:47 - 2016-01-11 19:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-02-29 14:47 - 2016-01-11 19:14 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-02-29 14:47 - 2016-01-11 19:14 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-02-29 14:47 - 2016-01-11 19:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-02-29 14:47 - 2016-01-11 19:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-02-29 14:47 - 2016-01-11 15:08 - 01362944 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-02-29 14:47 - 2016-01-11 15:08 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-02-29 14:47 - 2016-01-11 15:08 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-02-29 14:47 - 2016-01-11 15:08 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-02-29 14:47 - 2016-01-11 15:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-02-29 14:47 - 2016-01-07 18:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-29 14:47 - 2015-11-16 21:17 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-02-29 14:47 - 2015-11-10 19:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-02-29 14:47 - 2015-11-10 19:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-02-29 14:47 - 2015-11-10 19:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-02-29 14:47 - 2015-11-10 19:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-02-29 14:47 - 2015-11-10 19:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-02-29 14:47 - 2015-11-03 20:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2016-02-29 14:47 - 2015-11-03 19:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2016-02-29 14:46 - 2016-01-07 18:53 - 03211776 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-29 14:46 - 2015-11-05 20:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2016-02-29 14:46 - 2015-11-05 20:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2016-02-29 14:46 - 2015-11-05 10:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2016-02-29 13:44 - 2015-12-08 22:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-02-29 13:44 - 2015-12-08 20:07 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-02-29 13:25 - 2016-02-29 13:25 - 00985600 _____ C:\Users\Bieberich\Downloads\MicrosoftFixit50123.msi
2016-02-29 12:38 - 2016-02-29 12:38 - 20328680 _____ (Lenovo Group Limited ) C:\Users\Bieberich\Downloads\n1avu31w.exe
2016-02-29 12:19 - 2016-02-29 12:31 - 00000133 _____ C:\Users\Bieberich\Desktop\Neues Textdokument.txt
2016-02-29 12:12 - 2016-02-29 12:15 - 00000000 ____D C:\AdwCleaner
2016-02-29 12:12 - 2016-02-29 12:12 - 01518592 _____ C:\Users\Bieberich\Downloads\AdwCleaner_5.037.exe
2016-02-29 11:59 - 2016-02-29 11:59 - 00015570 _____ C:\Users\Bieberich\Desktop\bookmarks-2016-02-29.json
2016-02-29 11:57 - 2016-02-29 11:57 - 00012795 _____ C:\Users\Bieberich\Desktop\password-export-2016-02-29.xml
2016-02-29 11:37 - 2016-02-29 11:37 - 00000000 ____D C:\Users\Bieberich\Downloads\backups
2016-02-29 11:35 - 2016-02-29 11:35 - 00388608 _____ (Trend Micro Inc.) C:\Users\Bieberich\Downloads\HijackThis_2.0.5.exe
2016-02-24 23:46 - 2016-02-24 23:46 - 00000000 ____D C:\Users\Bieberich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kodi
2016-02-24 23:43 - 2016-02-24 23:44 - 83064067 _____ C:\Users\Bieberich\Downloads\kodi-16.0-Jarvis.exe
2016-02-24 21:57 - 2016-02-29 12:02 - 00000000 ____D C:\Users\Bieberich\Desktop\1
2016-02-24 13:41 - 2016-02-24 13:41 - 08322492 _____ (GuinpinSoft inc) C:\Users\Bieberich\Downloads\Setup_MakeMKV_v1.9.9.exe
2016-02-24 12:08 - 2016-02-24 12:08 - 00000000 ____D C:\Users\Bieberich\AppData\Roaming\ImgBurn
2016-02-24 12:07 - 2016-02-24 12:07 - 00001892 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
2016-02-24 12:07 - 2016-02-24 12:07 - 00001880 _____ C:\Users\Public\Desktop\ImgBurn.lnk
2016-02-24 12:07 - 2016-02-24 12:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2016-02-24 12:07 - 2016-02-24 12:07 - 00000000 ____D C:\Program Files (x86)\ImgBurn
2016-02-23 18:16 - 2016-02-23 18:20 - 00000000 ____D C:\Users\Bieberich\AppData\Roaming\PersBackup5
2016-02-23 18:16 - 2016-02-23 18:16 - 00000000 ____D C:\Users\Bieberich\Documents\PersBackup
2016-02-23 18:16 - 2016-02-23 18:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Personal Backup
2016-02-23 18:16 - 2016-02-23 18:16 - 00000000 ____D C:\Program Files\Personal Backup 5
2016-02-23 18:15 - 2016-01-08 16:47 - 12558412 _____ (Dr. J. Rathlev ) C:\Users\Bieberich\Desktop\pb-setup-x64-5.7.0400.exe
2016-02-23 18:04 - 2016-02-23 18:04 - 24211920 _____ C:\Users\Bieberich\Downloads\pb-setup-5.7.0400.zip
2016-02-23 12:11 - 2016-02-23 12:11 - 00001378 _____ C:\Users\Bieberich\Downloads\free tv streaming online Deutsch Sport Iptv *M3u8.M3U
2016-02-22 01:53 - 2016-02-22 01:55 - 00000000 ____D C:\Users\Bieberich\Downloads\update
2016-02-21 18:38 - 2016-02-21 18:38 - 00000000 ____D C:\Users\Bieberich\AppData\Local\kvibes
2016-02-20 22:20 - 2016-02-20 22:20 - 00000000 ____D C:\Users\Bieberich\Documents\Bulk Rename Utility
2016-02-19 12:16 - 2016-02-19 12:16 - 32624376 _____ (Reincubate Ltd) C:\Users\Bieberich\Downloads\iphonebackupextractor-latest6.0.7.exe
2016-02-19 12:16 - 2016-02-19 12:16 - 00000000 ____D C:\Users\Bieberich\AppData\Roaming\Reincubate
2016-02-19 12:16 - 2016-02-19 12:16 - 00000000 ____D C:\Users\Bieberich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reincubate
2016-02-19 12:16 - 2016-02-19 12:16 - 00000000 ____D C:\Users\Bieberich\AppData\Local\Reincubate Temporary Files
2016-02-16 16:22 - 2016-02-16 16:22 - 00016161 _____ C:\Users\Bieberich\Documents\ElStEr Württembergische Versicherung LStA Februar 2016 Übertragung (Normale_Übertragung) am 2016-02-16_16.21.58.312.pdf
2016-02-15 15:57 - 2016-02-15 15:57 - 09699408 _____ (TGRMN Software ) C:\Users\Bieberich\Downloads\BRU_setup_3.0.0.1.exe
2016-02-15 15:57 - 2016-02-15 15:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bulk Rename Utility
2016-02-15 15:57 - 2016-02-15 15:57 - 00000000 ____D C:\Program Files\Bulk Rename Utility
2016-02-15 11:47 - 2016-02-26 16:29 - 00000000 ____D C:\Users\Bieberich\AppData\Roaming\Kodi
2016-02-15 11:45 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2016-02-15 11:45 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2016-02-15 11:44 - 2016-02-24 23:46 - 00000000 ____D C:\Program Files (x86)\Kodi
2016-02-15 11:37 - 2016-02-15 11:37 - 66591701 _____ C:\Users\Bieberich\Downloads\kodi-15.2-Isengard.exe
2016-02-14 13:39 - 2016-02-14 13:39 - 00001082 _____ C:\Users\Bieberich\Desktop\Format Factory.lnk
2016-02-14 13:39 - 2016-02-14 13:39 - 00000000 ____D C:\Users\Bieberich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2016-02-14 13:39 - 2016-02-14 13:39 - 00000000 ____D C:\Program Files (x86)\FormatFactory
2016-02-14 13:39 - 2016-02-14 13:39 - 00000000 ____D C:\FFOutput
2016-02-14 13:36 - 2016-02-14 13:38 - 56021632 _____ (Free Time) C:\Users\Bieberich\Downloads\FFSetup3.8.0.0.exe
2016-02-13 19:29 - 2016-02-13 19:30 - 20614985 _____ C:\Users\Bieberich\Downloads\ONKAVR0017_0000000000NALANA_083.zip
2016-02-11 12:23 - 2016-02-11 12:23 - 00000000 ____D C:\Users\Bieberich\Downloads\AnyDVD 7 6 8
2016-02-11 12:19 - 2016-02-11 12:20 - 00000000 ____D C:\ProgramData\Elaborate Bytes
2016-02-11 12:19 - 2016-02-11 12:19 - 12593584 _____ C:\Users\Bieberich\Downloads\SetupAnyDVD7680.exe
2016-02-11 12:19 - 2016-02-11 12:19 - 05262920 _____ C:\Users\Bieberich\Downloads\SetupCloneDVD2933Slysoft.exe
2016-02-11 12:19 - 2016-02-11 12:19 - 00001214 _____ C:\Users\Public\Desktop\CloneDVD2.lnk
2016-02-11 12:19 - 2016-02-11 12:19 - 00001116 _____ C:\Users\Public\Desktop\AnyDVD.lnk
2016-02-11 12:19 - 2016-02-11 12:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlySoft
2016-02-11 12:19 - 2016-02-11 12:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2016-02-11 12:19 - 2016-02-11 12:19 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
2016-02-09 13:37 - 2016-02-09 13:37 - 00002088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\GetDataBack for NTFS.lnk
2016-02-09 13:37 - 2016-02-09 13:37 - 00002082 _____ C:\Users\Public\Desktop\GetDataBack for NTFS.lnk
2016-02-09 13:37 - 2016-02-09 13:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Runtime Software
2016-02-09 13:37 - 2016-02-09 13:37 - 00000000 ____D C:\Program Files (x86)\Runtime Software
2016-02-09 13:09 - 2016-02-09 13:09 - 00000000 ____D C:\Users\Bieberich\Downloads\Runtime GetDataBack for FAT and NTFS v4
2016-02-03 18:54 - 2016-02-03 18:54 - 00002002 _____ C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2016-02-03 18:54 - 2016-02-03 18:54 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-02-03 18:54 - 2016-02-03 18:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2016-02-03 18:54 - 2013-09-13 19:38 - 00646313 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2016-02-03 18:54 - 2013-09-13 18:54 - 03641688 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2016-02-03 18:54 - 2013-09-13 14:23 - 32882688 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2016-02-03 18:54 - 2013-09-12 19:23 - 00149208 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2016-02-03 18:54 - 2013-09-12 18:03 - 02586840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2016-02-03 18:54 - 2013-09-03 14:49 - 02103040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2016-02-03 18:54 - 2013-08-20 20:17 - 02809048 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2016-02-03 18:54 - 2013-08-07 17:41 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2016-02-03 18:54 - 2013-08-06 09:47 - 00947248 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2016-02-03 18:54 - 2013-08-06 04:56 - 06219096 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2016-02-03 18:54 - 2013-08-06 04:56 - 01908568 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2016-02-03 18:54 - 2013-08-06 04:56 - 00312152 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2016-02-03 18:54 - 2013-08-06 04:56 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2016-02-03 18:54 - 2013-08-05 18:11 - 02743328 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2016-02-03 18:54 - 2013-08-02 20:16 - 01005784 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2016-02-03 18:54 - 2013-06-05 21:42 - 00208072 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2016-02-03 18:54 - 2013-04-24 17:16 - 01662024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2016-02-03 18:54 - 2013-02-20 18:55 - 01284680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2016-02-03 18:54 - 2012-10-02 14:41 - 00501192 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2016-02-03 18:54 - 2012-10-02 14:41 - 00487368 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2016-02-03 18:54 - 2012-10-02 14:41 - 00415688 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2016-02-03 18:54 - 2012-08-31 19:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2016-02-03 18:54 - 2012-08-31 19:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2016-02-03 18:54 - 2012-08-31 19:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2016-02-03 18:54 - 2012-08-31 19:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2016-02-03 18:54 - 2012-08-31 19:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2016-02-03 18:52 - 2016-02-03 18:52 - 00000000 ____D C:\Users\Bieberich\AppData\Local\Tvsukernel
2016-02-03 18:47 - 2016-02-03 18:48 - 00277564 _____ C:\Windows\ntbtlog.txt
2016-02-03 18:44 - 2016-02-21 04:40 - 00000000 ____D C:\Windows\SysWOW64\NV
2016-02-03 18:44 - 2016-02-21 04:40 - 00000000 ____D C:\Windows\system32\NV
2016-02-03 18:44 - 2016-02-03 18:44 - 00000000 ____D C:\Users\Bieberich\AppData\Local\NVIDIA
2016-02-03 18:43 - 2016-02-03 18:43 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-02-03 18:43 - 2015-04-07 14:37 - 06898832 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-02-03 18:43 - 2015-04-07 14:37 - 03533512 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-02-03 18:43 - 2015-04-07 14:37 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-02-03 18:43 - 2015-04-07 14:37 - 01093776 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-02-03 18:43 - 2015-04-07 14:37 - 00935232 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-02-03 18:43 - 2015-04-07 14:37 - 00623816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\oemdspif.dll
2016-02-03 18:43 - 2015-04-07 14:37 - 00385352 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-02-03 18:43 - 2015-04-07 14:37 - 00075080 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-02-03 18:43 - 2015-04-07 14:37 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-02-03 18:43 - 2015-04-02 17:12 - 04336074 _____ C:\Windows\system32\nvcoproc.bin
2016-02-03 18:42 - 2016-02-03 18:43 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-02-03 18:42 - 2015-04-08 00:36 - 31893192 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-02-03 18:42 - 2015-04-08 00:36 - 24558736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-02-03 18:42 - 2015-04-08 00:36 - 20989152 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-02-03 18:42 - 2015-04-08 00:36 - 20922512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2016-02-03 18:42 - 2015-04-08 00:36 - 19972512 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-02-03 18:42 - 2015-04-08 00:36 - 18519400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-02-03 18:42 - 2015-04-08 00:36 - 17258696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2016-02-03 18:42 - 2015-04-08 00:36 - 16890480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-02-03 18:42 - 2015-04-08 00:36 - 14034224 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-02-03 18:42 - 2015-04-08 00:36 - 13945976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-02-03 18:42 - 2015-04-08 00:36 - 13053072 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-02-03 18:42 - 2015-04-08 00:36 - 11398768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-02-03 18:42 - 2015-04-08 00:36 - 11337136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-02-03 18:42 - 2015-04-08 00:36 - 04292240 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-02-03 18:42 - 2015-04-08 00:36 - 04014912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-02-03 18:42 - 2015-04-08 00:36 - 03264832 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-02-03 18:42 - 2015-04-08 00:36 - 02876688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-02-03 18:42 - 2015-04-08 00:36 - 01895240 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434535.dll
2016-02-03 18:42 - 2015-04-08 00:36 - 01556680 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434535.dll
2016-02-03 18:42 - 2015-04-08 00:36 - 00989568 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-02-03 18:42 - 2015-04-08 00:36 - 00963784 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-02-03 18:42 - 2015-04-08 00:36 - 00934600 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-02-03 18:42 - 2015-04-08 00:36 - 00923848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-02-03 18:42 - 2015-04-08 00:36 - 00899272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-02-03 18:42 - 2015-04-08 00:36 - 00872672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-02-03 18:42 - 2015-04-08 00:36 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-02-03 18:42 - 2015-04-08 00:36 - 00303784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-02-03 18:42 - 2015-04-08 00:36 - 00174856 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-02-03 18:42 - 2015-04-08 00:36 - 00156840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-02-03 18:42 - 2015-04-08 00:36 - 00031376 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2016-02-03 18:42 - 2015-04-08 00:36 - 00027094 _____ C:\Windows\system32\nvinfo.pb
2016-02-03 18:34 - 2016-02-29 15:15 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-03 18:34 - 2016-02-10 15:15 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-29 15:25 - 2015-08-20 15:22 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-02-29 15:24 - 2015-07-02 12:04 - 00000000 ____D C:\Windows\system32\MRT
2016-02-29 15:21 - 2015-07-03 23:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-02-29 15:21 - 2015-07-02 12:04 - 146614896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-29 15:20 - 2015-07-03 23:43 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-02-29 15:20 - 2015-07-03 23:43 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-02-29 15:08 - 2009-07-14 05:45 - 00034208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-29 15:08 - 2009-07-14 05:45 - 00034208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-29 15:06 - 2015-06-29 13:57 - 00000000 ____D C:\Users\Bieberich\AppData\Local\JDownloader 2.0
2016-02-29 15:05 - 2013-09-07 02:07 - 00699666 _____ C:\Windows\system32\perfh007.dat
2016-02-29 15:05 - 2013-09-07 02:07 - 00149774 _____ C:\Windows\system32\perfc007.dat
2016-02-29 15:05 - 2009-07-14 06:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-29 15:05 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-02-29 15:02 - 2015-08-20 19:10 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-29 15:01 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-29 15:01 - 2009-07-14 05:45 - 00323712 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-29 15:00 - 2015-07-05 08:55 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-02-29 15:00 - 2015-07-05 08:55 - 00000000 ____D C:\Windows\system32\appraiser
2016-02-29 15:00 - 2015-07-03 08:28 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-02-29 14:37 - 2015-08-20 19:10 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-29 14:14 - 2015-09-01 16:51 - 00000000 ____D C:\Users\Bieberich\AppData\Local\ElevatedDiagnostics
2016-02-29 13:50 - 2015-08-25 09:28 - 01594892 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-02-29 13:25 - 2015-08-09 21:00 - 00000000 ____D C:\ProgramData\Oracle
2016-02-29 13:24 - 2016-01-13 15:21 - 00000000 ____D C:\Users\Bieberich\.oracle_jre_usage
2016-02-29 13:24 - 2015-08-09 21:01 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-02-29 13:24 - 2015-08-09 21:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-02-29 13:24 - 2015-08-09 21:00 - 00000000 ____D C:\Program Files (x86)\Java
2016-02-29 12:44 - 2015-07-03 08:36 - 00000000 ____D C:\Users\Bieberich\AppData\Roaming\vlc
2016-02-29 12:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system
2016-02-29 11:52 - 2015-07-05 19:46 - 00000000 ____D C:\Users\Bieberich\Documents\meins
2016-02-29 11:35 - 2015-06-29 13:04 - 00000000 ____D C:\Users\Bieberich\AppData\Local\VirtualStore
2016-02-29 11:11 - 2016-01-19 13:14 - 00000000 ____D C:\Users\Bieberich\AppData\Local\Deployment
2016-02-25 02:23 - 2015-07-18 15:41 - 00000000 ____D C:\Users\Bieberich\AppData\Roaming\dvdcss
2016-02-24 15:18 - 2015-08-21 10:41 - 00000125 ___SH C:\ProgramData\.zreglib
2016-02-22 16:46 - 2009-07-14 06:08 - 00032626 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-02-21 13:13 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2016-02-21 12:59 - 2016-01-14 15:11 - 00000000 ____D C:\Users\Bieberich\AppData\Roaming\Lightman Studio
2016-02-21 04:40 - 2013-09-06 16:16 - 00000000 ____D C:\ProgramData\NVIDIA
2016-02-20 21:08 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\LiveKernelReports
2016-02-17 12:19 - 2015-08-09 21:01 - 00000000 ____D C:\Users\Bieberich\.mediathek3
2016-02-16 16:18 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-02-16 16:12 - 2015-07-08 14:09 - 00000334 _____ C:\Windows\BRCALIB.INI
2016-02-15 11:44 - 2015-07-08 14:33 - 00000000 ____D C:\ProgramData\Package Cache
2016-02-11 12:19 - 2015-08-21 10:39 - 00000000 ____D C:\Program Files (x86)\SlySoft
2016-02-10 15:15 - 2015-07-03 16:16 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-10 15:15 - 2015-07-03 16:16 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-06 21:37 - 2015-08-23 18:11 - 00000000 ____D C:\Users\Bieberich\MediathekView
2016-02-03 18:56 - 2016-01-20 11:19 - 00000000 ____D C:\Users\Bieberich\AppData\Roaming\LSC
2016-02-03 18:54 - 2013-09-06 16:18 - 00000000 ____D C:\Windows\System32\Tasks\Lenovo
2016-02-03 18:54 - 2013-09-06 16:15 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-02-03 18:54 - 2013-09-06 16:15 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-02-03 18:54 - 2013-09-06 16:15 - 00000000 ____D C:\Program Files (x86)\Lenovo
2016-02-03 18:54 - 2013-09-06 16:14 - 00000000 ____D C:\Program Files\Lenovo
2016-02-03 18:53 - 2013-09-06 16:18 - 00000000 ____D C:\Windows\Downloaded Installations
2016-02-03 18:51 - 2013-09-07 02:00 - 00000000 ____D C:\ProgramData\Lenovo
2016-02-03 18:51 - 2013-09-06 16:26 - 00000000 ____D C:\Windows\System32\Tasks\TVT
2016-02-03 18:51 - 2013-09-06 16:17 - 00000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2016-02-03 18:44 - 2015-09-04 13:39 - 00000446 __RSH C:\ProgramData\ntuser.pol
2016-02-03 18:43 - 2013-09-06 16:16 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-02-03 18:43 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Help
2016-02-03 18:42 - 2013-09-06 16:14 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-02-03 18:42 - 2013-09-06 16:13 - 00000000 ____D C:\Program Files\Common Files\Intel
2016-02-03 18:42 - 2013-09-06 16:13 - 00000000 ____D C:\Program Files (x86)\Intel
2016-02-03 18:41 - 2013-09-06 16:14 - 00000000 ____D C:\Intel
2016-02-02 09:32 - 2015-08-20 19:10 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-02 09:32 - 2015-08-20 19:10 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-06-29 13:13 - 2015-06-29 13:13 - 6420480 _____ () C:\Program Files (x86)\GUTB339.tmp
2015-11-17 15:26 - 2015-11-17 15:26 - 0000017 _____ () C:\Users\Bieberich\AppData\Local\resmon.resmoncfg
2015-08-21 10:41 - 2016-02-24 15:18 - 0000125 ___SH () C:\ProgramData\.zreglib
2016-02-03 18:54 - 2016-02-03 18:54 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-09-04 00:03 - 2015-09-04 00:03 - 0000125 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Einige Dateien in TEMP:
====================
C:\Users\Bieberich\AppData\Local\Temp\jre-8u71-windows-au.exe
C:\Users\Bieberich\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\Bieberich\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Bieberich\AppData\Local\Temp\nvStereoApiI64.dll
C:\Users\Bieberich\AppData\Local\Temp\nvStInst.exe
C:\Users\Bieberich\AppData\Local\Temp\proxy_vole5764642478296490310.dll
C:\Users\Bieberich\AppData\Local\Temp\proxy_vole8165923406807017581.dll
C:\Users\Bieberich\AppData\Local\Temp\_is32B3.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-02-28 00:17
==================== Ende von FRST.txt ============================
und das Addition Log: Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:27-02-2016
durchgeführt von Bieberich (2016-02-29 15:27:56)
Gestartet von C:\Users\Bieberich\Downloads
Windows 7 Professional Service Pack 1 (X64) (2015-06-29 12:03:15)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1723098240-1154295253-4163743611-500 - Administrator - Disabled)
Bieberich (S-1-5-21-1723098240-1154295253-4163743611-1001 - Administrator - Enabled) => C:\Users\Bieberich
Gast (S-1-5-21-1723098240-1154295253-4163743611-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1723098240-1154295253-4163743611-1003 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.233 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Reader X (10.1.15) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.15 - Adobe Systems Incorporated)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version: 3.0 - )
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.6.8.0 - SlySoft)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Audials (HKLM-x32\...\{A40121C8-C37E-4488-BA00-F6140609D0BE}) (Version: 12.1.5200.0 - Audials AG)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bulk Rename Utility 3.0.0.1 (64-bit) (HKLM\...\Bulk Rename Utility Installation_is1) (Version: - TGRMN Software)
Burn.Now 4.5 (x32 Version: 4.5.0 - Corel Corporation) Hidden
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.3 - Elaborate Bytes)
Corel Burn.Now Lenovo Edition (HKLM-x32\...\InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}) (Version: 4.5.0 - Corel Corporation)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
ESET NOD32 Antivirus (HKLM\...\{A5A55BFF-DCFE-4771-A1FF-84716C386E17}) (Version: 8.0.319.1 - ESET, spol s r. o.)
FormatFactory 3.8.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.8.0.0 - Free Time)
GetDataBack for NTFS (HKLM-x32\...\{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}) (Version: 4.32.000 - Runtime Software)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.21.57 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Integrated Camera Driver Installer Package Ver.1.2.1.16 (HKLM-x32\...\{A78800AF-1779-4AE8-8EBE-16E1BE727C71}) (Version: 1.2.1.16 - RICOH)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1156 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 18.7 - Intel)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2725 - Intel Corporation)
Intel(R) Update Manager (x32 Version: 1.0.0.34813 - Intel Corporation) Hidden
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.9.254 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{728985C5-A04B-457C-9D62-15360F3EAF85}) (Version: 3.1.29.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless WiFi-Software (HKLM\...\{E97F409F-9E1C-42A0-B72D-765A78DF3696}) (Version: 15.01.0000.0830 - Intel Corporation)
iPhone Backup Extractor (HKU\S-1-5-21-1723098240-1154295253-4163743611-1001\...\iPhone Backup Extractor) (Version: 6.0.7.826 - Reincubate Ltd)
iPhone Backup Extractor (x32 Version: 6.0.7.826 - Reincubate Ltd) Hidden
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kodi (HKU\S-1-5-21-1723098240-1154295253-4163743611-1001\...\Kodi) (Version: - XBMC-Foundation)
Lenovo Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 8.63.10 - Lenovo)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.11 - )
Lenovo Patch Utility (HKLM-x32\...\{6E6E7725-C7BC-4C39-8B3F-14B67331A120}) (Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Patch Utility 64 bit (HKLM\...\{0369F866-2CE0-4EB9-B426-88FA122C6E82}) (Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.10.20 - Lenovo)
Lenovo Service Bridge (HKU\S-1-5-21-1723098240-1154295253-4163743611-1001\...\cbe8636f7dd0cf1d) (Version: 1.6.3.0 - Lenovo)
Lenovo Solution Center (HKLM\...\{49277B39-D2E8-4342-9CE8-FC080C3FA344}) (Version: 2.8.007.00 - Lenovo Group Limited)
Lenovo Solutions for Small Business (HKLM-x32\...\{6A6D86CD-B004-46b7-8951-7BB75A776F8C}) (Version: - Intel(R) Corporation)
Lenovo Solutions for Small Business Customizations (HKLM-x32\...\{5B5DEF99-85E9-423D-A1A3-B83202697B09}) (Version: 1.0.0006.00 - Lenovo Group Limited)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0022 - Lenovo)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)
Lightman Studio (HKLM-x32\...\Lightman Studio) (Version: 6.1 - JBMedia)
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{9bd48a22-fe5a-457c-8f10-da6c2be89eee}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{a55ac379-46b0-461a-95b1-fef5c08443f2}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 39.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
mydlink services plugin (HKLM-x32\...\{1A9B665A-5F27-4F71-BF90-22FDFE7A1635}) (Version: 1.0.2.7 - D-Link Corporation)
Nitro Pro 9 (HKLM\...\{B7650660-055D-4C05-BEB6-648ECD2F0057}) (Version: 9.5.3.8 - Nitro)
NVIDIA Grafiktreiber 345.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 345.35 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.16.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.16.0 - NVIDIA Corporation)
Online Poststelle - Druckertreiber 2.1.102 (HKLM-x32\...\Online Poststelle_is1) (Version: - IO Factory GmbH)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Personal Backup 5.7.4.0 (HKLM\...\Personal Backup 5_is1) (Version: 5.7.4.0 - Dr. J. Rathlev)
RapidBoot Shield (HKLM\...\{5E2652DF-743F-482B-A593-C95F431A5769}) (Version: 1.23 - Lenovo)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7040 - Realtek Semiconductor Corp.)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
RICOH_Media_Driver_v2.14.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH)
sv.net (HKLM-x32\...\sv.net) (Version: 16.0 - ITSG GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2700 - Broadcom Corporation)
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.1.1.0 - )
ThinkVantage Fingerprint Software (HKLM\...\{479016BF-5B8D-445F-BE15-A187F25D81C8}) (Version: 5.9.6.7084 - Authentec Inc.)
ThinkVantage System für aktiven Festplattenschutz (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.76 - Lenovo)
Unternehmer Suite (HKLM-x32\...\{13CE6A18-2936-49E5-B10C-148A12C035DD}) (Version: 16.0.5164.0 - Buhl Data Service GmbH)
VIP Access (HKLM-x32\...\{E8D46836-CD55-453C-A107-A59EC51CB8DC}) (Version: 2.0.5.13 - VeriSign)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-Treiberpaket - Intel (e1cexpress) Net (01/11/2012 11.15.16.0) (HKLM\...\EC2A0F2B229770EC589265FCF2B4839A0C221993) (Version: 01/11/2012 11.15.16.0 - Intel)
Windows-Treiberpaket - Intel System (01/11/2012 9.3.0.1020) (HKLM\...\09839A9B5EDA69DA2DCC34637B5140AAF8A53B44) (Version: 01/11/2012 9.3.0.1020 - Intel)
Windows-Treiberpaket - Intel System (08/26/2011 9.3.0.1011) (HKLM\...\9D7CD466F7FC8B18FF1B84943B7BB8648D17FCE8) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Intel System (08/26/2011 9.3.0.1011) (HKLM\...\D8EF6CACF49BD33CC1FACD124C8CC2B1A8E8AE35) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Intel USB (08/26/2011 9.3.0.1011) (HKLM\...\97EE1802A0385A37DE6323FA39EC76BEB2D73E41) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows-Treiberpaket - Lenovo (LenovoRd) SmartCardReader (05/11/2009 4.1.0.1) (HKLM\...\9B84710FFAE6C50914FCE568B59E426F1386E7F6) (Version: 05/11/2009 4.1.0.1 - Lenovo)
Windows-Treiberpaket - Lenovo 1.65.05.20 (02/29/2012 1.65.05.20) (HKLM\...\E3535F123E7F666D573665142F90D3E5004DC326) (Version: 02/29/2012 1.65.05.20 - Lenovo)
Windows-Treiberpaket - Synaptics (SynTP) Mouse (04/06/2012 16.1.1.0) (HKLM\...\64B3C27E4CF7B6AD920184EFFF6C488C55EF2892) (Version: 04/06/2012 16.1.1.0 - Synaptics)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {241114E9-9495-45CB-8F0C-D7859CD4888C} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1723098240-1154295253-4163743611-1001 => Rundll32.exe dfshim.dll,ShOpenVerbShortcut C:\Users\Bieberich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms
Task: {28460789-D828-4AA9-88B4-FA0EAB92AB01} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10] (Adobe Systems Incorporated)
Task: {4D1BD13C-DF3B-4FCC-A10E-B9AEAA57838D} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-01-08] (Lenovo)
Task: {5AAB14E7-2D27-42B3-8623-BD455BE2E0CB} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2016-01-08] (Lenovo)
Task: {7427459D-1DE0-4F16-921D-6997E4FEF7C9} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-01-08] ()
Task: {851EAD04-7A55-4790-82E9-86FD7D340168} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-20] (Google Inc.)
Task: {94259B8E-1E0E-4C69-A850-EB1582C46C1E} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2016-01-13] ()
Task: {A18F4757-CC89-4906-BF1D-3CEE9897EE17} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2016-01-08] (Lenovo)
Task: {C3A64B15-C572-48C7-B73A-36BC480D1E90} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-20] (Google Inc.)
Task: {CC5541C3-D7CA-487D-ACF4-AF61FD328336} - System32\Tasks\{5FEDD4BD-674A-42C6-ABFF-42839674D4DB} => pcalua.exe -a E:\VCMDVD.exe -d E:\
Task: {D2E5A971-2EBA-4A7B-A7AD-487C7576D7CD} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-01-08] ()
Task: {D815BB4A-E74E-4B67-A69F-D22A9F59E2C0} - System32\Tasks\{9184231E-0C0E-497F-A403-FCCF43D56BCD} => pcalua.exe -a "E:\OBDII USB Driver\FTD232 USB Driver\WHQL Certified Driver\Ftdiunin.exe" -d "E:\OBDII USB Driver\FTD232 USB Driver\WHQL Certified Driver"
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-06-29 15:06 - 2005-03-12 00:07 - 00087552 _____ () C:\Windows\System32\pdfcmnnt.dll
2015-03-20 17:12 - 2015-03-20 17:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-01 15:03 - 2014-08-01 15:03 - 00418312 _____ () C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe
2016-02-03 18:42 - 2015-04-08 00:36 - 00011920 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2016-02-03 18:43 - 2015-04-07 14:37 - 00117064 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-06 16:16 - 2012-04-09 00:54 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2016-02-29 15:06 - 2016-02-29 15:06 - 00040448 _____ () C:\Users\Bieberich\AppData\Local\Temp\proxy_vole8165923406807017581.dll
2016-02-29 15:06 - 2016-02-29 15:06 - 00566439 _____ () C:\Users\Bieberich\AppData\Local\JDownloader 2.0\tmp\7zip\SevenZipJBinding-FKPz9\libgcc_s_sjlj-1.dll
2016-02-29 15:06 - 2016-02-29 15:06 - 04078962 _____ () C:\Users\Bieberich\AppData\Local\JDownloader 2.0\tmp\7zip\SevenZipJBinding-FKPz9\lib7-Zip-JBinding.dll
2016-02-03 18:42 - 2015-04-08 00:36 - 00010952 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2013-09-06 16:23 - 2012-07-12 13:59 - 00891392 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll
2013-09-06 16:23 - 2012-07-12 13:59 - 02281984 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll
2013-09-06 16:23 - 2012-07-12 13:59 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
2013-09-06 16:23 - 2012-07-12 13:59 - 00339456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll
2013-09-06 16:23 - 2012-07-12 13:59 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
2013-09-06 16:23 - 2012-07-12 13:59 - 00016896 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
2013-09-06 16:23 - 2012-07-12 13:59 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
2013-09-06 16:23 - 2012-07-12 13:59 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
2013-09-06 16:23 - 2012-07-12 13:59 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
2013-09-06 16:23 - 2012-07-12 13:59 - 00446976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll
2013-09-06 16:23 - 2012-07-12 13:59 - 00019456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
2013-09-06 16:23 - 2012-07-12 13:59 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll
2015-07-06 20:36 - 2015-07-06 20:36 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-01-20 11:19 - 2012-02-27 13:00 - 00030432 _____ () C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\ProcessPrivileges.dll
2016-01-20 11:19 - 2012-02-27 13:00 - 00215264 _____ () C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\System.ComponentModel.Composition.dll
2016-01-20 11:19 - 2012-02-27 13:00 - 00051424 _____ () C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Interop.TaskScheduler.dll
2016-01-20 11:19 - 2012-02-27 13:00 - 00076000 _____ () C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Interop.WUApiLib.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\ProgramData\TEMP:C68DE4A3
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2016-02-19 12:24 - 00000874 ____A C:\Windows\system32\Drivers\etc\hosts
172.1.6.9 www.iphonebackupextractor.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1723098240-1154295253-4163743611-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{FEA214B0-3FE6-4F03-B96A-0860749571D2}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{BF70A213-E8B2-4A42-A4FE-66DEE84D8590}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{DD03CEEC-3E52-4181-9E74-BEB457719648}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{FE770AB8-C946-42D0-B446-F7143CE045E6}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{FB0281D9-F843-4CEA-960D-63E0B97FB628}] => (Allow) LPort=2869
FirewallRules: [{3AEC495B-95AC-400F-A27C-6B8A87B48FE4}] => (Allow) LPort=1900
FirewallRules: [{3B182D6E-3F66-4B48-AC72-5E14430AEDD4}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{6CF00672-1448-4CA4-983F-487E09DA0010}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{B1AE82A6-EE60-4078-A4F9-1391DDBF055D}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{874ABA3C-EA39-4F95-A5E9-F7E2DFDF4ADE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A3C60612-03BA-4E9F-B514-2E55FC9548B6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{766BF98A-9AA5-4C70-B1FC-72DE6BAA2277}] => (Allow) C:\Program Files (x86)\Buhl\Business\Buero Plus NexT\BpNexT.exe
FirewallRules: [{E11D6167-AEFB-4B96-95B3-B23AF9CFB6A1}] => (Allow) C:\Program Files (x86)\Buhl\Business\Buero Plus NexT\BpNexT.exe
FirewallRules: [{300BBE45-7B19-45CC-B56A-9E6CFA63C55B}] => (Allow) C:\Program Files (x86)\Deskshare\IP Camera Viewer 3\IP Camera Viewer.exe
FirewallRules: [{388DC64C-134B-4D57-AF69-1B420CFA60EC}] => (Allow) C:\Program Files (x86)\Deskshare\IP Camera Viewer 3\IP Camera Viewer.exe
FirewallRules: [TCP Query User{4C34D3BD-237C-4C0E-8960-26D387EF5597}C:\windows\syswow64\ipcamera.exe] => (Allow) C:\windows\syswow64\ipcamera.exe
FirewallRules: [UDP Query User{E6F10F3F-ED0A-4100-AE5E-B48E0A9295C1}C:\windows\syswow64\ipcamera.exe] => (Allow) C:\windows\syswow64\ipcamera.exe
FirewallRules: [TCP Query User{0B17A285-9FEF-4176-A668-A1D5D1F003E7}C:\windows\syswow64\ipcamera.exe] => (Allow) C:\windows\syswow64\ipcamera.exe
FirewallRules: [UDP Query User{E1FC881B-D56D-48E9-9062-27DE74159C6D}C:\windows\syswow64\ipcamera.exe] => (Allow) C:\windows\syswow64\ipcamera.exe
FirewallRules: [TCP Query User{DA9C3D42-D2CC-40D0-ABBC-FF221DC5CA44}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe] => (Allow) C:\program files (x86)\intel\intelappstore\bin\ismagent.exe
FirewallRules: [UDP Query User{CC59F348-B8F3-42E4-A66F-38AC5607DF8B}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe] => (Allow) C:\program files (x86)\intel\intelappstore\bin\ismagent.exe
FirewallRules: [{1A6479B1-DBB9-4AF7-931B-1C756A663CA5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{04C71B93-04B4-4FC7-90E7-2E716E9C8709}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1124E164-51E3-42CE-B20C-3C6BC325B6BE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F6BF0C26-17C5-416E-90EA-80B4F47CA403}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B69BCA2C-E566-43B2-BF3E-DCA7DB824DE5}] => (Allow) C:\Program Files (x86)\Ford Motor Company\IDS\Runtime\Tabman.exe
FirewallRules: [{6AEAE002-F0CB-4B34-87D1-9EFFBB91EA99}] => (Allow) C:\Program Files (x86)\Ford Motor Company\IDS\Runtime\syspage.exe
FirewallRules: [{54A3E473-BD69-490B-9FA8-6AAFBF2AE04E}] => (Allow) C:\Program Files (x86)\Ford Motor Company\IDS\Runtime\Testman.exe
FirewallRules: [{139ADE3C-E1BF-456F-AC45-3C484591CB18}] => (Allow) C:\Program Files (x86)\Ford Motor Company\IDS\Runtime\CodeServeD.exe
FirewallRules: [{67433121-F795-4FAC-A3D4-B61615F21747}] => (Allow) C:\Program Files (x86)\Ford Motor Company\IDS\Runtime\XMLRegistryD.exe
FirewallRules: [{F392FE58-4E16-43B4-B902-56A24924F1E0}] => (Allow) C:\Program Files (x86)\Ford Motor Company\IDS\Runtime\TDSNetConfig.exe
FirewallRules: [{16090431-5170-4175-8276-B86A3AC19DA0}] => (Allow) C:\Program Files (x86)\Ford Motor Company\IDS\Runtime\SWUpdWizard.exe
FirewallRules: [{72A3DFCB-24D0-49EF-972A-E0FD64D7BED5}] => (Allow) C:\Program Files (x86)\Ford Motor Company\IDS\Runtime\PtchApply.exe
FirewallRules: [{AAF2DC6E-A836-4E70-A787-BF0D3E8B5604}] => (Allow) C:\Program Files (x86)\Ford Motor Company\IDS\Runtime\RTDB.exe
FirewallRules: [{377999BF-DB3A-4658-87DF-AD4BB41D5F56}] => (Allow) C:\Program Files (x86)\Ford Motor Company\IDS\Runtime\Starburst.exe
FirewallRules: [{6FF11BB5-9CB5-4004-8BA0-12AD4A922616}] => (Allow) C:\Program Files (x86)\Ford Motor Company\IDS\Runtime\EngineeringFeedback.exe
FirewallRules: [{453949C3-E2F9-4635-8980-3BB122524C89}] => (Allow) C:\Program Files (x86)\Ford Motor Company\IDS\Runtime\SystemDiagnostic.exe
FirewallRules: [{2B277D1F-2741-4CC2-9F60-DD571551A5E2}] => (Allow) C:\Program Files (x86)\Ford Motor Company\IDS\Runtime\VMM.exe
FirewallRules: [{63E0270F-9282-40A8-80E9-A1BD90A97F1D}] => (Allow) C:\Program Files (x86)\Ford Motor Company\IDS\Runtime\probes\C402.exe
FirewallRules: [{5D898C50-E6EB-4D43-83B0-8FC9FFF71184}] => (Allow) C:\Program Files (x86)\Ford Motor Company\IDS\Runtime\probes\C403.exe
FirewallRules: [{3B3806A3-747C-400B-9EBB-03E2FB913241}] => (Allow) C:\Program Files (x86)\Ford Motor Company\IDS\Runtime\probes\C404.exe
FirewallRules: [{724F827E-9416-437D-800B-CFB0314B1ADB}] => (Allow) C:\Program Files (x86)\Ford Motor Company\IDS\Runtime\probes\C407.exe
FirewallRules: [{EAEE87C7-3427-442E-BB80-EDBE7A107864}] => (Allow) C:\Program Files (x86)\Ford Motor Company\IDS\Runtime\probes\C412.exe
FirewallRules: [{108B3E15-4E67-4603-A35B-587C5C8D2698}] => (Allow) C:\Program Files (x86)\Ford Motor Company\IDS\Runtime\probes\C413.exe
FirewallRules: [{A7E73F53-0CAB-4661-8C64-CD98C5745CD1}] => (Allow) C:\Program Files (x86)\Ford Motor Company\IDS\Runtime\LVPCheck.exe
FirewallRules: [{A5CBA38B-0336-426F-9E8A-1D76F5A55F0B}] => (Allow) C:\Program Files (x86)\Ford Motor Company\IDS\Runtime\vcl_pc.exe
FirewallRules: [{EC548BBD-241F-4AED-AEC5-B076C8F0A006}] => (Allow) C:\Program Files (x86)\Ford Motor Company\IDS\Runtime\NetworkActivation.exe
FirewallRules: [{039C80A9-333A-4C57-889C-7E23796142F5}] => (Allow) C:\Program Files (x86)\Ford Motor Company\IDS\Runtime\ProbeTickHandler.exe
FirewallRules: [{766AABBC-BF14-447B-B216-6AC7A21C89C1}] => (Allow) C:\Program Files (x86)\Ford Motor Company\IDS\Runtime\DetectionManager.exe
FirewallRules: [{1549B232-74DA-400C-A04C-783F2C5A28D8}] => (Allow) C:\Program Files (x86)\Ford Motor Company\IDS\Runtime\probes\C418.exe
FirewallRules: [{4C753FB9-C7D4-4E03-A9C0-CF8C24E15A6B}] => (Allow) C:\Program Files (x86)\Ford Motor Company\IDS\Runtime\VCM2.exe
FirewallRules: [TCP Query User{6684FDAD-E7EE-4CE8-B8C8-32A8F205BF09}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe] => (Allow) C:\program files (x86)\intel\intelappstore\bin\ismagent.exe
FirewallRules: [UDP Query User{6186C067-4D93-4347-8539-0D24285B5889}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe] => (Allow) C:\program files (x86)\intel\intelappstore\bin\ismagent.exe
FirewallRules: [{9F52954C-B0DD-43FF-8BBE-E1BE3061EAFF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{365D5746-5FC8-471F-BD2F-89E1F210E5E0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{94E08ECE-4C94-4A8C-A312-13EC66C6CF80}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{68753E70-7A66-49EA-9BDB-F99831D05B70}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{682F8402-F05A-427B-8EDB-FFE1F8F8057E}] => (Allow) C:\Program Files (x86)\Audials\Audials 12\Audials.exe
FirewallRules: [{A493311B-7434-4A32-83F8-58A97E7DB352}] => (Allow) LPort=12972
FirewallRules: [{5632962A-6E0E-4E73-B928-0A3586252E83}] => (Allow) LPort=14714
FirewallRules: [{394F3BF7-4A08-4E08-9E86-9D599A17A27E}] => (Allow) LPort=31931
FirewallRules: [TCP Query User{DF7DC0F4-5D27-4936-A310-8BBD75D8DDC8}C:\users\bieberich\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\bieberich\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe
FirewallRules: [UDP Query User{7CF98503-425C-4EA5-A452-0BE79C7431C9}C:\users\bieberich\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\bieberich\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe
FirewallRules: [{9CB00E67-F39F-470C-91C4-102561EB9848}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{D8EE7D12-CEA2-46F8-A090-C8D5D08948B5}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{19A7B6F8-F1A6-4233-A7A1-9A9B6E88D61B}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [TCP Query User{0CA6F87E-0D75-46B6-BC4B-60B7853E348C}C:\program files (x86)\lightman studio\lightmanstudio.exe] => (Allow) C:\program files (x86)\lightman studio\lightmanstudio.exe
FirewallRules: [UDP Query User{BC473B08-4CBE-4695-9CF0-A6D16F00290C}C:\program files (x86)\lightman studio\lightmanstudio.exe] => (Allow) C:\program files (x86)\lightman studio\lightmanstudio.exe
FirewallRules: [{25BADB08-BD19-4B87-863B-25329D93D475}] => (Block) %ProgramFiles% (x86)\SlySoft\AnyDVD\AnyDVD.exe
FirewallRules: [{28A7C81F-4766-4542-ADEE-56EF388D2300}] => (Block) %ProgramFiles% (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
FirewallRules: [{08304AFF-616F-4F95-80DE-312078734A5E}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{07682799-6EB8-447D-AAF7-A5A151ED9D8A}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [TCP Query User{7B3121C6-526B-4510-8834-61049731112D}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{AD58FFE3-2CB9-4335-9F4B-C4E9B2AA6D6A}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
==================== Wiederherstellungspunkte =========================
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/29/2016 03:01:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/29/2016 01:52:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/29/2016 01:41:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/29/2016 01:28:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/29/2016 12:39:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/29/2016 12:01:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/29/2016 11:09:29 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/26/2016 10:49:34 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 187107
Error: (02/26/2016 10:49:34 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 187107
Error: (02/26/2016 10:49:34 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Systemfehler:
=============
Error: (02/29/2016 03:20:48 PM) (Source: volsnap) (EventID: 35) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht vergrößert werden kann.
Error: (02/29/2016 03:02:08 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X86 erreicht.
Error: (02/29/2016 03:01:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X86 erreicht.
Error: (02/29/2016 02:59:36 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Windows-Tool zum Entfernen bösartiger Software x64 - Februar 2016 (KB890830)
Error: (02/29/2016 02:59:36 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Sicherheitsupdate für Microsoft Silverlight (KB3126036)
Error: (02/29/2016 02:59:33 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Update für Windows 7 für x64-basierte Systeme (KB3035583)
Error: (02/29/2016 02:59:29 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246007 fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte Systeme (KB3108669)
Error: (02/29/2016 02:59:14 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246007 fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte Systeme (KB3126587)
Error: (02/29/2016 02:59:09 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246007 fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte Systeme (KB3123479)
Error: (02/29/2016 01:51:51 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246007 fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte Systeme (KB3108670)
CodeIntegrity:
===================================
Date: 2016-02-14 14:48:59.078
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-02-14 14:48:57.792
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-01-21 18:23:21.098
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-01-21 18:23:20.965
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-3520M CPU @ 2.90GHz
Prozentuale Nutzung des RAM: 52%
Installierter physikalischer RAM: 7888.8 MB
Verfügbarer physikalischer RAM: 3732.98 MB
Summe virtueller Speicher: 15775.8 MB
Verfügbarer virtueller Speicher: 11726.95 MB
==================== Laufwerke ================================
Drive c: (Windows7_OS) (Fixed) (Total:144.54 GB) (Free:2.81 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive q: (Lenovo_Recovery) (Fixed) (Total:13.67 GB) (Free:1.54 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 167.7 GB) (Disk ID: D77451F3)
Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=144.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=8 GB) - (Type=84)
==================== Ende von Addition.txt ============================ |