FRST.txt Code:
Alles auswählen Aufklappen ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:27-09-2015 01
durchgeführt von Fabian (Administrator) auf FABUS (29-09-2015 20:04:59)
Gestartet von C:\Users\Fabian\Downloads
Geladene Profile: Fabian (Verfügbare Profile: Fabian & Weltklasse & Administrator)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Optimal Software s.r.o.) C:\Program Files (x86)\PC Speed Up\PCSUService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Users\Fabian\AppData\Local\A2F8EA6C-1443547698-E211-83C6-B888E3FC2648\snstAD49.tmp
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
() C:\Program Files (x86)\A2F8EA6C-1443540423-E211-83C6-B888E3FC2648\hnsfFFD3.tmp
() C:\Program Files (x86)\RayDld\ihpmServer.exe
() C:\Program Files (x86)\A2F8EA6C-1443540423-E211-83C6-B888E3FC2648\jnsoD5B4.tmp
(Optimal Software s.r.o.) C:\Program Files (x86)\PC Speed Up\SpeedCheckerService.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
() C:\Program Files (x86)\A2F8EA6C-1443540423-E211-83C6-B888E3FC2648\knswAA0A.tmpfs
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
() C:\Users\Fabian\AppData\Local\gmsd_de_005010100\upgmsd_de_005010100.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Windows\System32\cpm.exe
(Open Source) C:\Users\Fabian\AppData\Roaming\cpuminer\sgminer\sgm.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(SoftBrain Technologies Ltd.) C:\Users\Fabian\AppData\Local\SmartWeb\SmartWebHelper.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
(SoftBrain Technologies Ltd.) C:\Users\Fabian\AppData\Local\SmartWeb\SmartWebApp.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files (x86)\gmsd_de_005010100\gmsd_de_005010100.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(DTools LIMITED) C:\ProgramData\1WdsManPro1\WdsManPro.exe
(TODO: <公司名>) C:\Program Files (x86)\SFK\SSFK.exe
(CinePlus-1.44V29.09) C:\Program Files (x86)\CinePlus-1.44V29.09\f49a23c4-a72f-4f54-93e7-08b94ed1f986-10.exe
(CinePlus-1.44V29.09) C:\Program Files (x86)\CinePlus-1.44V29.09\f49a23c4-a72f-4f54-93e7-08b94ed1f986-6.exe
() C:\Program Files (x86)\gmsd_de_005010101\gmsd_de_005010101.exe
(CinePlus-1.44V29.09) C:\Program Files (x86)\CinePlus-1.44V29.09\f49a23c4-a72f-4f54-93e7-08b94ed1f986-1-6.exe
() C:\Users\Fabian\AppData\Local\Temp\nswE0C6.tmp
(CMI Limited) C:\Users\Fabian\AppData\Local\Temp\nsg7914.tmp
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191824 2013-01-01] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [766080 2012-10-31] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-10-31] (Atheros Communications)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2793200 2013-11-29] (Synaptics Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [371896 2012-05-23] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36710720 2015-09-25] (Dropbox, Inc.)
HKLM-x32\...\RunOnce: [upgmsd_de_005010101.exe] => C:\Users\Fabian\AppData\Local\gmsd_de_005010101\upgmsd_de_005010101.exe -runonce
HKLM-x32\...\RunOnce: [upgmsd_de_005010100.exe] => C:\Users\Fabian\AppData\Local\gmsd_de_005010100\upgmsd_de_005010100.exe [3324560 2015-09-28] ()
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe [54072 2015-06-18] (Malwarebytes Corporation)
HKU\S-1-5-21-2678595623-4148133582-4009595467-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-12-31] (Google Inc.)
HKU\S-1-5-21-2678595623-4148133582-4009595467-1001\...\Run: [Facebook Update] => C:\Users\Fabian\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-09-26] (Facebook Inc.)
HKU\S-1-5-21-2678595623-4148133582-4009595467-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2678595623-4148133582-4009595467-1001\...\MountPoints2: {22932296-5eba-11e4-bf1b-50b7c3614c0f} - "E:\AutoRun.exe"
HKU\S-1-5-21-2678595623-4148133582-4009595467-1001\...\MountPoints2: {5819ac44-78c4-11e4-bf1c-001e101f8d7f} - "E:\AutoRun.exe"
HKU\S-1-5-21-2678595623-4148133582-4009595467-1001\...\MountPoints2: {ddca8fa6-5d0d-11e4-bf1a-50b7c3614c0f} - "E:\AutoRun.exe"
HKU\S-1-5-21-2678595623-4148133582-4009595467-1001\...\MountPoints2: {ddca8fe2-5d0d-11e4-bf1a-50b7c3614c0f} - "E:\AutoRun.exe"
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2014-03-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2014-03-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2014-03-30] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-06-14]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk [2013-04-05]
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Weltklasse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk [2013-04-09]
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{83FF6AEB-B3D1-430F-B3D2-D431FDBC3517}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2678595623-4148133582-4009595467-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-2678595623-4148133582-4009595467-1001 -> {4C6B4EEC-05FF-4DA8-9174-CB11AA2F4B6C} URL =
SearchScopes: HKU\S-1-5-21-2678595623-4148133582-4009595467-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-03-30] (Microsoft Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-10-31] (Qualcomm Atheros Commnucations)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-29] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2014-03-30] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-03-30] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2014-03-30] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-29] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2014-03-30] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2014-03-30] (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-29] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-29] (Google Inc.)
Toolbar: HKU\S-1-5-21-2678595623-4148133582-4009595467-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-29] (Google Inc.)
Toolbar: HKU\S-1-5-21-2678595623-4148133582-4009595467-1001 -> Kein Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - Keine Datei
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2014-03-30] (Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-05-23] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-05-23] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-05-23] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-05-23] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-05-23] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-05-23] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-05-23] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-05-23] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-05-23] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-05-23] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-05-23] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-05-23] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-05-23] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-05-23] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-05-23] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-05-23] (Citrix Systems, Inc.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\6dxoysjt.default
FF SearchEngineOrder.1: Search By ZoneAlarm
FF Homepage: hxxps://www.malwarebytes.org/restorebrowser//?type=hp&ts=1443541655&z=95f1fd592bc84a8cc7f9954g0z2z4c9wcz8g3zfq4g&from=cmi&uid=HitachiXHTS547575A9E384_J2190020DZXEKDDZXEKDX
FF Keyword.URL: hxxp://search.zonealarm.com/search?src=sp&tbid=HFA5&Lan=de&gu=55ae97b08b424b198a0d350b62d91f50&tu=10GXz00Co1C01u0&sku=&tstsId=&ver=&&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-22] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-22] ()
FF Plugin-x32: @checkpoint.com/FFApi -> C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll [Keine Datei]
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2012-05-23] (Citrix Systems, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-03-30] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-03-30] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-11-11] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-12-21] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2678595623-4148133582-4009595467-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Fabian\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-2678595623-4148133582-4009595467-1001: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll [2012-07-13] (Intel)
FF SearchPlugin: C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\6dxoysjt.default\searchplugins\youtube-videosuche.xml [2015-05-09]
FF SearchPlugin: C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\6dxoysjt.default\searchplugins\zonealarm.xml [2014-03-06]
FF Extension: LyricXeeker - C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\6dxoysjt.default\Extensions\128 [2013-08-18]
FF Extension: zonealarm.com - C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\6dxoysjt.default\Extensions\ffxtlbr@zonealarm.com [2014-03-06]
FF HKLM-x32\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker => nicht gefunden
FF Extension: Kein Name - C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\6dxoysjt.default\extensions\deskCutv2@gmail.com [nicht gefunden]
FF Extension: Kein Name - C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\6dxoysjt.default\extensions\defsearchp@gmail.com [nicht gefunden]
FF Extension: Kein Name - C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\6dxoysjt.default\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com [nicht gefunden]
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR HomePage: Default -> hxxp://www.mystartsearch.com/?type=hp&ts=1443541655&z=95f1fd592bc84a8cc7f9954g0z2z4c9wcz8g3zfq4g&from=cmi&uid=HitachiXHTS547575A9E384_J2190020DZXEKDDZXEKDX
CHR StartupUrls: Default -> "hxxp://www.mystartsearch.com/?type=hp&ts=1443541655&z=95f1fd592bc84a8cc7f9954g0z2z4c9wcz8g3zfq4g&from=cmi&uid=HitachiXHTS547575A9E384_J2190020DZXEKDDZXEKDX"
CHR DefaultSearchURL: Default -> hxxp://www.mystartsearch.com/web/?type=ds&ts=1443544239&z=0a446fd311a8435d266f9cfgdzez8cfw0z0z5ecz0m&from=cmi&uid=HitachiXHTS547575A9E384_J2190020DZXEKDDZXEKDX&q={searchTerms}
CHR DefaultSearchKeyword: Default -> mystartsearch
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.99\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.99\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.99\pdf.dll => Keine Datei
CHR Plugin: (Norton Confidential) - C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.0.0.72_0\npcoplgn.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (AppUp) - C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll (Intel)
CHR Profile: C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-31]
CHR Extension: (Google Search) - C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-31]
CHR Extension: (Freemake Video Converter) - C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj [2013-08-08]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-09-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-28]
CHR Extension: (Gmail) - C:\Users\Fabian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-31]
CHR HKLM-x32\...\Chrome\Extension: [cfcbmgbfdbijmjgjihagbomfbjfjmgon] - C:\Users\Fabian\AppData\Roaming\SpeedanAlysis\speedanalysis.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-07-27]
StartMenuInternet: Google Chrome - Chrome.exe
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [231040 2012-10-31] (Qualcomm Atheros Commnucations) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2169016 2014-03-01] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-29] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-29] (Dropbox, Inc.)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593976 2012-09-05] (Samsung Electronics CO., LTD.)
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-09] (Intel Corporation) [Datei ist nicht signiert]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe [289256 2015-07-31] (McAfee, Inc.)
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3000664 2015-01-06] (Samsung Electronics CO., LTD.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2409272 2013-12-10] (TuneUp Software)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-10-31] (Atheros) [Datei ist nicht signiert]
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe /svc [X] <==== ACHTUNG
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe /medsvc [X] <==== ACHTUNG
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2014-07-21] (Advanced Micro Devices, Inc.)
S3 BTATH_HID; C:\Windows\system32\DRIVERS\btath_hid.sys [222360 2012-10-31] (Qualcomm Atheros)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-10-31] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-29] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
S3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2013-01-01] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 ewusbmbb; \SystemRoot\system32\DRIVERS\ewusbwwan.sys [X]
S3 ew_hwusbdev; \SystemRoot\system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_enumerator; \SystemRoot\System32\drivers\ew_jubusenum.sys [X]
S3 hwdatacard; \SystemRoot\system32\DRIVERS\ewusbmdm.sys [X]
S1 MpKslce08bbb0; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D842C845-EC9E-4F68-9647-40816D3CEB29}\MpKslce08bbb0.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-29 20:04 - 2015-09-29 20:05 - 00032678 _____ C:\Users\Fabian\Downloads\FRST.txt
2015-09-29 20:04 - 2015-09-29 20:05 - 00000000 ____D C:\FRST
2015-09-29 20:03 - 2015-09-29 20:03 - 02192384 _____ (Farbar) C:\Users\Fabian\Downloads\FRST64.exe
2015-09-29 20:03 - 2015-09-29 20:03 - 01696256 _____ (Farbar) C:\Users\Fabian\Downloads\FRST.exe
2015-09-29 20:01 - 2015-09-29 19:12 - 00000108 _____ C:\Users\Fabian\Desktop\Wichtig.txt
2015-09-29 18:51 - 2015-09-29 18:35 - 00613255 _____ (CMI Limited) C:\Users\Fabian\AppData\Local\nsg7914.tmp
2015-09-29 18:35 - 2015-09-29 19:55 - 00000000 ____D C:\Program Files (x86)\AnyProtectEx
2015-09-29 18:34 - 2015-09-29 19:55 - 00000000 ____D C:\Program Files (x86)\gmsd_de_005010101
2015-09-29 18:34 - 2015-09-29 18:34 - 00004028 _____ C:\WINDOWS\System32\Tasks\MZhXnKSOZpeGB0VKC0d
2015-09-29 18:34 - 2015-09-29 18:34 - 00004016 _____ C:\WINDOWS\System32\Tasks\5naU0BRS17ZiL
2015-09-29 18:34 - 2015-09-29 18:34 - 00001026 _____ C:\WINDOWS\Tasks\MZhXnKSOZpeGB0VKC0d.job
2015-09-29 18:34 - 2015-09-29 18:34 - 00001014 _____ C:\WINDOWS\Tasks\5naU0BRS17ZiL.job
2015-09-29 18:33 - 2015-09-29 19:56 - 00000000 ____D C:\Program Files (x86)\globalUpdate
2015-09-29 18:33 - 2015-09-29 19:33 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-09-29 18:33 - 2015-09-29 18:33 - 00000000 ____D C:\Users\Fabian\AppData\Local\globalUpdate
2015-09-29 18:33 - 2015-09-29 18:33 - 00000000 ____D C:\Program Files (x86)\42db7398-4c6e-4869-8b96-ba76ddc26801
2015-09-29 18:32 - 2015-09-29 19:55 - 00000000 ____D C:\Program Files (x86)\CinePlus-1.44V29.09
2015-09-29 18:30 - 2015-09-29 19:56 - 00000000 ____D C:\ProgramData\1WdsManPro1
2015-09-29 17:48 - 2015-09-29 19:56 - 00000000 ____D C:\Users\Fabian\AppData\Local\gmsd_de_005010100
2015-09-29 17:48 - 2015-09-29 19:55 - 00000000 ____D C:\Program Files (x86)\SFK
2015-09-29 17:48 - 2015-09-29 19:55 - 00000000 ____D C:\Program Files (x86)\gmsd_de_005010100
2015-09-29 17:48 - 2015-09-29 18:30 - 00000102 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-09-29 17:47 - 2015-09-29 17:47 - 00000588 _____ C:\task.vbs
2015-09-29 17:45 - 2015-09-29 19:55 - 00000000 ____D C:\Users\Fabian\AppData\Local\SmartWeb
2015-09-29 17:40 - 2015-09-29 19:56 - 00001127 _____ C:\Users\Fabian\Desktop\Continue Live Installation.lnk
2015-09-29 17:35 - 2015-09-29 19:56 - 00000000 ____D C:\Program Files (x86)\PC Speed Up
2015-09-29 17:35 - 2015-09-29 17:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-09-29 17:35 - 2015-09-29 17:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-09-29 17:34 - 2015-09-29 17:34 - 00000000 ____D C:\Program Files (x86)\predm
2015-09-29 17:32 - 2015-09-29 19:55 - 00000000 ____D C:\Users\Fabian\AppData\Roaming\cpuminer
2015-09-29 17:32 - 2015-09-29 17:32 - 00000000 ____D C:\ProgramData\7c0535b143fc4671b6ebd202fbffe066
2015-09-29 17:29 - 2015-09-29 17:29 - 03687352 _____ (Sony Corporation) C:\Users\Fabian\Downloads\picture-motion-browser-5.8.02.exe
2015-09-29 17:28 - 2015-09-29 19:55 - 00000000 ____D C:\Users\Fabian\AppData\Local\A2F8EA6C-1443547698-E211-83C6-B888E3FC2648
2015-09-29 17:27 - 2015-09-29 19:55 - 00000000 ____D C:\Program Files (x86)\A2F8EA6C-1443540423-E211-83C6-B888E3FC2648
2015-09-29 17:27 - 2015-09-06 12:54 - 00000856 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2015-09-29 17:24 - 2015-09-29 19:56 - 00000000 ____D C:\Program Files (x86)\RayDld
2015-09-29 17:21 - 2015-09-29 19:56 - 00001271 _____ C:\Users\Fabian\Desktop\Continue installation .lnk
2015-09-29 17:19 - 2015-09-29 17:20 - 01567200 _____ C:\Users\Fabian\Downloads\Sony+dcr+dvd106+driver+wi_10924_i65360158_il345.exe
2015-09-29 13:07 - 2015-09-29 19:56 - 00001234 _____ C:\Users\Fabian\Desktop\Dropbox.lnk
2015-09-29 13:07 - 2015-09-29 18:02 - 00000000 ___RD C:\Users\Fabian\Dropbox
2015-09-29 13:05 - 2015-09-29 13:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-09-29 13:03 - 2015-09-29 13:03 - 00000000 ____D C:\Users\Fabian\AppData\Roaming\Dropbox
2015-09-29 12:55 - 2015-09-29 20:00 - 00001226 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2015-09-29 12:55 - 2015-09-29 18:02 - 00000000 ____D C:\Users\Fabian\AppData\Local\Dropbox
2015-09-29 12:55 - 2015-09-29 17:59 - 00001222 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2015-09-29 12:55 - 2015-09-29 13:05 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-09-29 12:55 - 2015-09-29 12:55 - 00660960 _____ (Dropbox, Inc.) C:\Users\Fabian\Downloads\DropboxInstaller.exe
2015-09-29 12:55 - 2015-09-29 12:55 - 00004198 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2015-09-29 12:55 - 2015-09-29 12:55 - 00003962 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2015-09-29 12:55 - 2015-09-29 12:55 - 00000000 ____D C:\ProgramData\Dropbox
2015-09-23 02:35 - 2015-09-23 02:35 - 01423680 ____N C:\WINDOWS\system32\cpm.exe
2015-09-21 23:11 - 2015-09-21 23:11 - 00000220 _____ C:\WINDOWS\system32\cpuminer-conf.json
2015-09-19 18:36 - 2015-09-19 18:40 - 00000000 ____D C:\Users\Fabian\Desktop\Tennis neu
2015-09-16 17:05 - 2015-09-16 17:05 - 02517044 _____ C:\Users\Fabian\Downloads\Foto(1).zip
2015-09-15 13:23 - 2015-09-15 13:23 - 00826072 _____ C:\WINDOWS\Minidump\091515-44859-01.dmp
2015-09-15 12:13 - 2015-09-15 12:13 - 00798800 _____ C:\WINDOWS\Minidump\091515-53031-01.dmp
2015-09-09 13:19 - 2015-09-09 13:19 - 01028457 _____ C:\Users\Fabian\Downloads\Hh.zip
2015-09-08 23:33 - 2015-09-03 04:18 - 02531400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-09-08 23:33 - 2015-09-03 04:17 - 01903848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-09-08 23:33 - 2015-09-02 20:48 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-09-08 23:33 - 2015-09-02 19:09 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-09-08 23:33 - 2015-07-22 16:19 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-09-08 23:33 - 2015-07-22 15:52 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-09-08 23:33 - 2015-07-17 16:15 - 00951296 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-09-08 23:33 - 2015-07-17 16:10 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-09-08 23:32 - 2015-08-27 04:48 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-09-08 23:32 - 2015-08-26 20:00 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-09-08 23:32 - 2015-08-26 20:00 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-09-08 23:32 - 2015-08-26 20:00 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-09-08 23:32 - 2015-08-26 20:00 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-09-08 23:32 - 2015-08-26 16:46 - 03705344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-09-08 23:32 - 2015-08-26 16:29 - 02240512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-09-08 23:32 - 2015-08-26 16:27 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-09-08 23:32 - 2015-08-26 16:27 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-09-08 23:32 - 2015-08-26 16:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-09-08 23:32 - 2015-08-26 16:26 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-09-08 23:32 - 2015-08-26 16:26 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-09-08 23:32 - 2015-08-22 20:19 - 25188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-08 23:32 - 2015-08-22 19:35 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-08 23:32 - 2015-08-22 19:34 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-08 23:32 - 2015-08-22 19:22 - 19856384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-08 23:32 - 2015-08-22 19:21 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-08 23:32 - 2015-08-22 19:20 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-09-08 23:32 - 2015-08-22 18:55 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-08 23:32 - 2015-08-22 18:50 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-08 23:32 - 2015-08-22 18:50 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-09-08 23:32 - 2015-08-22 18:45 - 00665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-08 23:32 - 2015-08-22 18:44 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-09-08 23:32 - 2015-08-22 18:41 - 14451712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-08 23:32 - 2015-08-22 18:41 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-09-08 23:32 - 2015-08-22 18:41 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-09-08 23:32 - 2015-08-22 18:41 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-09-08 23:32 - 2015-08-22 18:39 - 02126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-09-08 23:32 - 2015-08-22 18:28 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-09-08 23:32 - 2015-08-22 18:26 - 02427392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-09-08 23:32 - 2015-08-22 18:23 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-09-08 23:32 - 2015-08-22 18:22 - 12857344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-08 23:32 - 2015-08-22 18:20 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-09-08 23:32 - 2015-08-22 18:18 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-09-08 23:32 - 2015-08-22 18:18 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-09-08 23:32 - 2015-08-22 18:18 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-09-08 23:32 - 2015-08-22 18:14 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-09-08 23:32 - 2015-08-22 18:01 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-09-08 23:32 - 2015-08-22 18:00 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-09-08 23:32 - 2015-08-22 17:56 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-09-08 23:32 - 2015-08-22 17:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-09-08 23:32 - 2015-07-30 19:18 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2015-09-08 23:32 - 2015-07-30 18:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2015-09-08 23:32 - 2015-06-27 13:47 - 00118616 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2015-09-08 23:28 - 2015-07-03 23:51 - 01380056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-09-08 23:28 - 2015-07-03 16:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-09-08 23:27 - 2015-07-22 16:34 - 02775552 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-08 23:27 - 2015-07-22 16:33 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-08 23:27 - 2015-07-22 16:25 - 02461184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-08 23:27 - 2015-07-22 16:25 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-08 23:27 - 2015-07-18 20:31 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-08 23:27 - 2015-07-18 20:29 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-08 23:27 - 2015-07-18 20:29 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-08 23:27 - 2015-07-18 20:27 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-08 23:27 - 2015-06-19 19:07 - 02819072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-09-08 23:26 - 2015-09-02 04:56 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-09-08 23:26 - 2015-09-02 04:55 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-08 23:26 - 2015-09-02 04:50 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-08 23:26 - 2015-09-02 04:17 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-08 23:26 - 2015-09-02 04:13 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-08 23:26 - 2015-08-03 23:15 - 00074928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2015-09-08 23:26 - 2015-08-03 23:15 - 00065600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2015-09-08 23:26 - 2015-08-01 16:22 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2015-09-08 23:26 - 2015-08-01 05:47 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2015-09-08 23:26 - 2015-08-01 05:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2015-09-08 23:26 - 2015-08-01 05:38 - 01265152 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-08 23:26 - 2015-08-01 05:37 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2015-09-08 23:26 - 2015-08-01 05:37 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2015-09-08 23:26 - 2015-07-13 21:10 - 00411455 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-09-08 23:26 - 2015-07-09 18:14 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-09-08 23:20 - 2015-07-14 05:27 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzsync.exe
2015-09-08 23:20 - 2015-07-10 21:06 - 00118272 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2015-09-08 12:50 - 2015-09-08 12:50 - 02860258 _____ C:\Users\Fabian\Downloads\Foto.zip
2015-09-06 13:18 - 2015-09-13 11:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-09-06 12:54 - 2015-09-06 12:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-09-06 12:54 - 2015-09-06 12:54 - 00000000 ____D C:\Program Files\McAfee Security Scan
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-29 20:04 - 2012-12-31 14:38 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-29 20:01 - 2014-03-18 12:03 - 00338484 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-29 20:01 - 2014-03-18 11:25 - 03434242 _____ C:\WINDOWS\system32\perfh007.dat
2015-09-29 20:01 - 2014-03-18 11:25 - 00958384 _____ C:\WINDOWS\system32\perfc007.dat
2015-09-29 20:01 - 2012-12-31 14:29 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2678595623-4148133582-4009595467-1001
2015-09-29 20:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-29 20:00 - 2013-08-22 16:46 - 00392271 _____ C:\WINDOWS\setupact.log
2015-09-29 19:57 - 2014-09-19 10:53 - 00001511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-09-29 19:57 - 2014-03-28 19:46 - 00001386 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-09-29 19:57 - 2014-03-28 19:46 - 00001313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-09-29 19:57 - 2014-02-04 14:38 - 00002459 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-09-29 19:57 - 2013-07-18 21:06 - 00002551 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-09-29 19:57 - 2013-05-07 16:17 - 00002217 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk
2015-09-29 19:57 - 2013-01-09 23:07 - 00002557 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Allshare Play.lnk
2015-09-29 19:57 - 2013-01-08 14:29 - 00001584 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix Receiver.lnk
2015-09-29 19:57 - 2013-01-04 17:01 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-09-29 19:56 - 2015-01-18 16:03 - 00001157 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-09-29 19:56 - 2014-09-19 11:09 - 00001454 _____ C:\Users\Fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-09-29 19:56 - 2014-09-19 10:45 - 00000469 _____ C:\Users\Fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-09-29 19:56 - 2014-09-19 10:45 - 00000467 _____ C:\Users\Fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-09-29 19:56 - 2014-06-14 21:33 - 00001946 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2015-09-29 19:56 - 2014-05-27 20:51 - 00001088 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-09-29 19:56 - 2014-02-18 01:06 - 00001589 _____ C:\Users\Public\Desktop\Free Audio CD to MP3 Converter.lnk
2015-09-29 19:56 - 2013-08-19 16:06 - 00001906 _____ C:\Users\Public\Desktop\DOSBox 0.74.lnk
2015-09-29 19:56 - 2013-07-27 10:13 - 00001358 _____ C:\Users\Public\Desktop\Freemake Video Converter.lnk
2015-09-29 19:56 - 2013-05-07 15:31 - 00001049 _____ C:\Users\Fabian\Desktop\PhotoScape.lnk
2015-09-29 19:56 - 2013-04-14 16:19 - 00001206 _____ C:\Users\Fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\S Agent.lnk
2015-09-29 19:56 - 2013-03-15 17:26 - 00001206 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Driver Updater.lnk
2015-09-29 19:56 - 2013-01-03 13:44 - 00002224 _____ C:\Users\Public\Desktop\CyberLink PowerDVD 10.lnk
2015-09-29 19:56 - 2012-12-31 14:22 - 00000896 _____ C:\Users\Fabian\Desktop\Downloads.lnk
2015-09-29 19:55 - 2013-03-15 17:26 - 00000000 ____D C:\Users\Fabian\AppData\Local\TempDIR
2015-09-29 19:34 - 2014-09-19 11:05 - 01792763 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-29 19:30 - 2013-01-15 15:41 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-09-29 18:40 - 2012-12-31 14:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-09-29 18:23 - 2014-05-27 20:51 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-09-29 18:21 - 2013-09-26 21:16 - 00000944 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2678595623-4148133582-4009595467-1001UA.job
2015-09-29 18:07 - 2013-01-02 00:13 - 00000000 ____D C:\ProgramData\WinClon
2015-09-29 18:00 - 2014-09-19 11:16 - 00000000 __RDO C:\Users\Fabian\OneDrive
2015-09-29 17:59 - 2012-12-31 14:38 - 00001126 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-29 17:58 - 2014-09-19 10:45 - 00000000 ____D C:\Users\Fabian
2015-09-29 17:58 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-29 17:56 - 2014-03-18 03:50 - 00118636 _____ C:\WINDOWS\PFRO.log
2015-09-29 17:51 - 2014-05-27 20:51 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-09-29 17:36 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-29 15:42 - 2014-09-19 16:14 - 00003922 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{3F8CFDF7-E308-453A-87C7-259271A41379}
2015-09-28 21:21 - 2013-09-26 21:16 - 00000922 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2678595623-4148133582-4009595467-1001Core.job
2015-09-22 13:32 - 2014-03-28 20:16 - 00000000 ____D C:\Users\Fabian\AppData\Roaming\vlc
2015-09-22 11:11 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-22 10:33 - 2013-01-15 15:41 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-09-20 21:41 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-09-20 12:35 - 2014-06-15 20:57 - 00000000 ____D C:\Users\Fabian\AppData\Local\Microsoft Help
2015-09-15 15:15 - 2012-12-31 14:22 - 00000000 ____D C:\Users\Fabian\AppData\Local\Packages
2015-09-15 13:59 - 2012-12-31 14:38 - 00004102 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-15 13:59 - 2012-12-31 14:38 - 00003866 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-15 13:23 - 2015-04-29 14:20 - 616777006 _____ C:\WINDOWS\MEMORY.DMP
2015-09-15 13:23 - 2015-04-29 14:20 - 00000000 ____D C:\WINDOWS\Minidump
2015-09-15 03:18 - 2015-07-28 14:10 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-09-15 03:18 - 2015-07-28 14:10 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-13 11:31 - 2013-08-22 16:44 - 00508344 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-13 11:30 - 2013-01-04 17:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-13 11:29 - 2013-08-22 15:25 - 01048576 ___SH C:\WINDOWS\system32\config\BBI
2015-09-13 11:28 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-09-09 14:24 - 2013-01-11 16:19 - 00000000 ____D C:\Users\Fabian\Desktop\FH
2015-09-09 04:14 - 2014-03-18 11:40 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-09 04:06 - 2013-07-13 12:09 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-06 12:56 - 2015-07-16 16:25 - 00002996 _____ C:\WINDOWS\System32\Tasks\SUPatchForW10Up
2015-09-06 12:56 - 2012-12-31 14:52 - 00000000 ____D C:\ProgramData\Samsung
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Fabian\AppData\Roaming\5naU0BRS17ZiL
2015-04-20 16:05 - 2015-04-20 16:05 - 1246720 _____ () C:\Users\Fabian\AppData\Roaming\5naU0BRS17ZiL.exe
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Fabian\AppData\Roaming\MZhXnKSOZpeGB0VKC0d
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Fabian\AppData\Roaming\MZhXnKSOZpeGB0VKC0d.exe
2013-08-19 01:40 - 2013-08-19 01:40 - 0000055 _____ () C:\Users\Fabian\AppData\Roaming\WB.CFG
2013-08-19 01:40 - 2013-08-19 01:40 - 0000005 _____ () C:\Users\Fabian\AppData\Roaming\WBPU-TTL.DAT
2015-09-29 18:51 - 2015-09-29 18:35 - 0613255 _____ (CMI Limited) C:\Users\Fabian\AppData\Local\nsg7914.tmp
2013-03-02 13:02 - 2013-02-21 17:59 - 2063240 _____ (Samsung Electronics) C:\ProgramData\MakeMarkerFile.exe
2013-03-02 13:02 - 2013-01-13 00:51 - 0003004 _____ () C:\ProgramData\MakeMarkerFile.xml
2013-03-15 17:26 - 2013-03-15 17:26 - 0004974 _____ () C:\ProgramData\mtbjfghn.xbe
2015-09-29 17:48 - 2015-09-29 18:30 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Einige Dateien in TEMP:
====================
C:\Users\Fabian\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzv2bai.dll
C:\Users\Fabian\AppData\Local\Temp\Opera_NI_stable.exe
C:\Users\Fabian\AppData\Local\Temp\Sony dcr dvd106 driver wi__10924_i1683836682_il768469.exe
C:\Users\Fabian\AppData\Local\Temp\Uninstall.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-09-29 18:16
==================== Ende von FRST.txt ============================
Code:
Alles auswählen Aufklappen ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:27-09-2015 01
durchgeführt von Fabian (2015-09-29 20:06:04)
Gestartet von C:\Users\Fabian\Downloads
Windows 8.1 (X64) (2014-09-19 09:08:18)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2678595623-4148133582-4009595467-500 - Administrator - Disabled) => C:\Users\Administrator
Fabian (S-1-5-21-2678595623-4148133582-4009595467-1001 - Administrator - Enabled) => C:\Users\Fabian
Gast (S-1-5-21-2678595623-4148133582-4009595467-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2678595623-4148133582-4009595467-1005 - Limited - Enabled)
Weltklasse (S-1-5-21-2678595623-4148133582-4009595467-1003 - Administrator - Enabled) => C:\Users\Weltklasse
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.21 (HKLM-x32\...\{23170F69-40C1-2701-0921-000001000000}) (Version: 9.21.00.0 - Igor Pavlov)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Allshare Play Link (HKLM-x32\...\{91786428-D4AA-476D-8AF9-A63FFAC2901F}) (Version: 1.0.0 - Samsung)
AllSharePlayLink (HKLM-x32\...\{CE1836A8-3F2B-49BD-8395-93DD414068D2}) (Version: 1.0.0 - Samsung Electronics Co., Ltd.)
AMD Catalyst Install Manager (HKLM\...\{D1FE6D8B-E5EE-5205-3E53-CDA000257D99}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Carambis Driver Updater (HKLM-x32\...\Driver Updater) (Version: 2.0.0.6003 - MEDIA FOG LTD)
CinePlus-1.44V29.09 (HKLM-x32\...\CinePlus-1.44V29.09) (Version: 1.36.01.22 - CinePlus-1.44V29.09) <==== ACHTUNG
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 13.1.201.3 - Citrix Systems, Inc.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1912 - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4421.02 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.10.6 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.37 - Dropbox, Inc.) Hidden
DV Studio3 (HKLM-x32\...\{5DF68560-292A-11D5-99D1-00010256D40E}) (Version: - )
Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.4 - Samsung Electronics CO.,LTD.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fotogalerie (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Free Audio CD to MP3 Converter version 1.3.12.1228 (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.0.2 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.0.2 - Ellora Assets Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6904.2028 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Help Desk (HKLM\...\{22B32087-797D-4A1B-AFA7-072C87580ADC}) (Version: 1.0.9 - Samsung Electronics CO., LTD.)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33070) (Version: 3.6.1.33070.11 - Intel)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.163.2 - McAfee, Inc.)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 15.0.4569.1508 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Mozilla Firefox 40.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 de)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4569.1508 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4569.1508 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4569.1508 - Microsoft Corporation) Hidden
Online Plug-in (x32 Version: 13.1.201.3 - Citrix Systems, Inc.) Hidden
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.214 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Quick Starter (HKLM\...\{EC36E2BC-86F7-44C9-84B2-93930F0FBDBF}) (Version: 1.0.0 - Samsung Electronics CO., LTD.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6702 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.9.2 - Samsung Electronics CO., LTD.)
S Agent (Version: 1.1.51 - Samsung Electronics CO., LTD.) Hidden
SD Viewer (HKLM-x32\...\{09CF19F8-4552-11D5-99D1-00010256D40E}) (Version: - )
Self-Service Plug-in (x32 Version: 3.2.0.24226 - Citrix Systems, Inc.) Hidden
Settings (HKLM-x32\...\{52E5DE60-C96B-42CC-9A37-FE04725940AE}) (Version: 2.0.0 - Samsung Electronics CO., LTD.)
Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - )
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
SpeedAnalysis.com (HKLM-x32\...\SpeedAnalysis.com) (Version: 1.0.0.1 - SpeedAnalysis.com) <==== ACHTUNG
Support Center (HKLM\...\{8EC7C961-2CD2-49DC-8F39-75E9CD20BB19}) (Version: 2.1.100 - Samsung Electronics CO., LTD.)
Support Center FAQ (x32 Version: 1.0.9 - Samsung Electronics CO., LTD.) Hidden
SW Update (HKLM-x32\...\{1687FC01-135F-4ADE-B828-B461CC74BD8A}) (Version: 2.2.4 - Samsung Electronics CO., LTD.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.0.0 - Synaptics Incorporated)
TuneUp Utilities 2013 (HKLM-x32\...\TuneUp Utilities 2013) (Version: 13.0.4000.179 - TuneUp Software)
TuneUp Utilities 2013 (x32 Version: 13.0.4000.179 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.4000.179 - TuneUp Software) Hidden
Update for Open It! - Zip Extractor (HKU\S-1-5-21-2678595623-4148133582-4009595467-1001\...\DSite) (Version: - ) <==== ACHTUNG
User Guide (HKLM-x32\...\{C7588111-1A12-4EFE-8CA0-DA4344480D92}) (Version: 1.4.00 - Samsung Electronics CO., LTD.)
VLC media player 2.1.1 (HKLM-x32\...\VLC media player) (Version: 2.1.1 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
Windows-Treiberpaket - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass (07/27/2012 20.57.1.735) (HKLM\...\9F04C462DAB591BDCCE784F77E4D4F1736010B92) (Version: 07/27/2012 20.57.1.735 - Samsung Electronics Co. Ltd.)
Zip Opener Packages (HKU\S-1-5-21-2678595623-4148133582-4009595467-1001\...\Zip Opener Packages) (Version: - ) <==== ACHTUNG
ZoneAlarm Antivirus (x32 Version: 11.0.000.057 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Firewall (x32 Version: 11.0.000.057 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Antivirus + Firewall (HKLM-x32\...\ZoneAlarm Free Antivirus + Firewall) (Version: 12.0.118.000 - Check Point)
ZoneAlarm Security (x32 Version: 11.0.000.057 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Security Toolbar (HKLM-x32\...\zonealarm) (Version: 1.8.28.13 - Check Point Software Technologies LTD)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2678595623-4148133582-4009595467-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Wiederherstellungspunkte =========================
09-09-2015 03:59:46 Windows Update
20-09-2015 21:34:06 Geplanter Prüfpunkt
29-09-2015 09:33:13 Geplanter Prüfpunkt
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2015-09-06 12:54 - 00000856 ____A C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.1 mssplus.mcafee.com
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {04B6B6E1-A935-4981-869F-0B965A4C467B} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2012-09-05] (Samsung Electronics CO., LTD.)
Task: {0554DCE7-9957-421D-B877-FC50D04AEF53} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-06] (Google Inc.)
Task: {0675AED6-6D32-4617-A286-712207A91E8B} - System32\Tasks\WLANStartup => C:\Program Files (x86)\Samsung\Easy Settings\WLANStartup.exe
Task: {0CF1088D-8B82-49BF-A2DD-18E55392041A} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-22] (Adobe Systems Incorporated)
Task: {26D9AD83-5FD7-4EF7-BEED-867743CEA15D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2678595623-4148133582-4009595467-1001Core => C:\Users\Fabian\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-26] (Facebook Inc.)
Task: {3AF07318-F42E-400E-B0C2-073B34BAB0BE} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-03-30] (Microsoft Corporation)
Task: {4E579C2F-5DEC-4BD2-901A-5B354F360654} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-06] (Google Inc.)
Task: {56C66FE2-F5CB-49C4-A7F1-7481FE48FC4D} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {5E9A02CE-1C23-429F-8696-9DB79B87198C} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {67B75DFF-32FA-41DE-9AB9-8BF5004502F7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {6D635B4B-D8F2-4218-AAFC-178FF18E5C99} - System32\Tasks\SUPatchForW10Up => %programdata%\Samsung\SamsungUpdatePatch\SUPatchForW10Up.exe
Task: {7765C541-1D1A-452D-A647-54DE5308D80B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2013-12-17] (Microsoft Corporation)
Task: {972B1E71-9351-439F-A484-C2D370408FB9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-03-30] (Microsoft Corporation)
Task: {98031C1D-C9D1-4B59-A7A4-049CE31DC7BD} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2678595623-4148133582-4009595467-1001UA => C:\Users\Fabian\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-26] (Facebook Inc.)
Task: {9DCAE56A-934A-4476-8952-E3B213C0E1F2} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2014-10-29] (Samsung Electronics CO., LTD.)
Task: {9F108CA9-D542-46ED-B3FE-774E6A110EDF} - System32\Tasks\MZhXnKSOZpeGB0VKC0d => C:\Users\Fabian\AppData\Roaming\MZhXnKSOZpeGB0VKC0d.exe [2015-04-20] () <==== ACHTUNG
Task: {A5CD3962-2EE4-471D-83F7-A9F92FBDD405} - System32\Tasks\5naU0BRS17ZiL => C:\Users\Fabian\AppData\Roaming\5naU0BRS17ZiL.exe [2015-04-20] () <==== ACHTUNG
Task: {ABBD97C8-8221-4017-8D4A-410AF50B65FF} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe [2013-12-10] (TuneUp Software)
Task: {ADB850B7-CEF6-4B75-9869-796725C67467} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-03-30] (Microsoft Corporation)
Task: {BA8FC497-0083-4A59-BB62-427673047967} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-09-29] (Dropbox, Inc.)
Task: {BFB41CCF-9E0B-4A28-9741-CD62AF36DBD7} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-09-29] (Dropbox, Inc.)
Task: {C8B32519-3B74-4EC6-913D-7B7350B87631} - System32\Tasks\{CC4E6D00-A58A-4177-A897-466DF1DB4AB2} => pcalua.exe -a "C:\Users\Fabian\AppData\Roaming\Open It! - Zip Extractor Packages\uninstaller.exe" -c /Uninstall /NM="Open It! - Zip Extractor Packages" /AN="" /MBN="Open It! - Zip Extractor Packages"
Task: {F886FD86-0C6C-4CA3-B71C-4F8A7E9B6E17} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2012-12-16] (SEC)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\5naU0BRS17ZiL.job => C:\Users\Fabian\AppData\Roaming\5naU0BRS17ZiL.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2678595623-4148133582-4009595467-1001Core.job => C:\Users\Fabian\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2678595623-4148133582-4009595467-1001UA.job => C:\Users\Fabian\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\MZhXnKSOZpeGB0VKC0d.job => C:\Users\Fabian\AppData\Roaming\MZhXnKSOZpeGB0VKC0d.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-03-30 22:35 - 2013-10-31 17:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-03-30 22:35 - 2014-01-02 18:41 - 00621736 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2015-09-29 17:29 - 2015-09-29 17:29 - 00303616 _____ () C:\Users\Fabian\AppData\Local\A2F8EA6C-1443547698-E211-83C6-B888E3FC2648\snstAD49.tmp
2015-09-29 17:27 - 2015-09-29 17:27 - 00203776 _____ () C:\Program Files (x86)\A2F8EA6C-1443540423-E211-83C6-B888E3FC2648\hnsfFFD3.tmp
2015-09-25 09:32 - 2015-09-25 09:32 - 00268520 _____ () C:\Program Files (x86)\RayDld\ihpmServer.exe
2015-09-29 17:27 - 2015-09-29 17:27 - 00181760 _____ () C:\Program Files (x86)\A2F8EA6C-1443540423-E211-83C6-B888E3FC2648\jnsoD5B4.tmp
2013-12-10 19:45 - 2013-12-10 19:45 - 00753464 _____ () C:\Program Files (x86)\TuneUp Utilities 2013\avgrepliba.dll
2012-09-05 17:50 - 2012-09-05 17:50 - 00085112 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
2015-09-29 15:56 - 2015-09-29 15:56 - 00445952 _____ () C:\Program Files (x86)\A2F8EA6C-1443540423-E211-83C6-B888E3FC2648\knswAA0A.tmpfs
2015-09-29 17:48 - 2015-09-28 18:46 - 03324560 _____ () C:\Users\Fabian\AppData\Local\gmsd_de_005010100\upgmsd_de_005010100.exe
2014-10-29 17:19 - 2014-10-29 17:19 - 00088624 _____ () C:\Program Files\Samsung\S Agent\ToastX64.dll
2012-10-31 21:57 - 2012-10-31 21:57 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2012-10-31 21:52 - 2012-10-31 21:52 - 00020992 _____ () C:\Program Files (x86)\Bluetooth Suite\L10n\de-DE\BtTray.de-DE.dll
2012-10-31 21:55 - 2012-10-31 21:55 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2012-10-31 21:57 - 2012-10-31 21:57 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2015-09-23 02:35 - 2015-09-23 02:35 - 01423680 ____N () C:\Windows\System32\cpm.exe
2015-09-29 17:48 - 2015-09-28 18:46 - 03982480 _____ () C:\Program Files (x86)\gmsd_de_005010100\gmsd_de_005010100.exe
2015-09-29 18:34 - 2015-09-29 13:56 - 03978384 _____ () C:\Program Files (x86)\gmsd_de_005010101\gmsd_de_005010101.exe
2015-09-29 18:34 - 2015-09-29 18:34 - 00228667 ____N () C:\Users\Fabian\AppData\Local\Temp\nswE0C6.tmp
2015-09-29 17:35 - 2012-01-16 22:06 - 00577621 _____ () C:\Program Files (x86)\PC Speed Up\sqlite3.dll
2012-09-05 17:50 - 2012-09-05 17:50 - 00028792 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
2012-09-05 17:50 - 2012-09-05 17:50 - 01012856 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
2012-09-05 17:50 - 2012-09-05 17:50 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
2012-09-05 17:50 - 2012-09-05 17:50 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
2012-09-05 17:50 - 2012-09-05 17:50 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2012-09-05 17:50 - 2012-09-05 17:50 - 00026744 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2012-09-05 17:50 - 2012-09-05 17:50 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2012-09-05 17:50 - 2012-09-05 17:50 - 00060536 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2012-09-05 17:50 - 2012-09-05 17:50 - 00103544 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2013-01-03 13:38 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 12:34 - 2012-06-08 12:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2015-09-29 18:01 - 2015-09-29 18:01 - 00071168 _____ () c:\users\fabian\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzv2bai.dll
2015-09-29 13:04 - 2015-09-03 01:03 - 00012800 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll
2015-09-29 13:04 - 2015-09-03 01:03 - 00779776 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-09-29 13:04 - 2015-09-03 01:03 - 00056320 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-09-29 13:04 - 2015-09-03 01:03 - 00012288 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll
2014-10-24 11:53 - 2014-10-24 11:53 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\80a14cd14e9579821dba2282b4349fef\PSIClient.ni.dll
2015-09-29 18:34 - 2015-09-29 18:34 - 00011264 _____ () C:\Users\Fabian\AppData\Local\Temp\nskFD5.tmp\System.dll
2015-09-29 18:34 - 2015-09-29 18:34 - 00009728 _____ () C:\Users\Fabian\AppData\Local\Temp\nskFD5.tmp\nsDialogs.dll
2015-09-29 18:34 - 2015-09-29 18:34 - 00025088 _____ () C:\Users\Fabian\AppData\Local\Temp\nskFD5.tmp\registry.dll
2015-09-29 18:34 - 2015-09-29 18:34 - 00067584 _____ () C:\Users\Fabian\AppData\Local\Temp\nskFD5.tmp\Math.dll
2015-09-29 18:35 - 2015-09-29 18:35 - 00058368 ____N () C:\Users\Fabian\AppData\Local\Temp\nskFD5.tmp\nsCBHTML5.dll
2015-09-29 18:35 - 2015-09-29 18:35 - 00011264 _____ () C:\Users\Fabian\AppData\Local\Temp\nsc2C62.tmp\System.dll
2015-09-29 18:51 - 2015-09-29 18:51 - 00042496 _____ () C:\Users\Fabian\AppData\Local\Temp\nsc2C62.tmp\ProcessKiller.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\Fabian\OneDrive:ms-properties
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2678595623-4148133582-4009595467-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Fabian\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run: => "ISW"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{CCEC2687-B896-4148-AB21-C44B43B3DFEC}] => (Allow) C:\Users\Fabian\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{53CBF2FC-5CD0-4322-BCC2-928D7E3E6E14}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{DCF7A183-488F-4DD4-8042-68E110CBC77A}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{ABB16930-BD84-49D6-97A7-E35376951EF8}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{7DA4BE13-A71B-4375-ADB0-C9E3A4ECAC08}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{C5FE278E-D9A9-4A66-87BD-F1411EACF024}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{F0538CD0-A869-4CCD-9EE3-05CEADCAEF4E}] => (Allow) LPort=1900
FirewallRules: [{570194D2-4649-4F96-B6A0-27C403EE568E}] => (Allow) LPort=2869
FirewallRules: [{3209939F-6182-41C3-B2B0-30D075FA997E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{81F44DA5-CF3F-47E9-8133-51B5FBA0EB2B}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{203F441B-153E-4B26-89A0-0CE580DB9C5A}] => (Allow) C:\Program Files (x86)\Samsung\Easy File Share\EasyFileShare.EXE
FirewallRules: [{C88907CC-D78B-4ACF-B86C-5EE1520E3286}] => (Allow) C:\Program Files (x86)\Samsung\Easy File Share\EasyFileShare.EXE
FirewallRules: [{587B288B-72CE-4813-8F3E-EAF0F91C34F6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{1483A208-B4DC-48FA-B467-B7FA478A9F16}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [TCP Query User{80ABDF25-E148-4913-88F8-244BB75D0E69}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{82B12C4B-4534-4582-96A1-366904403825}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{2CDE42C8-4A7D-4117-9AF7-4D67785E8075}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{9795B058-5CAA-41D0-BC34-C6BDDDFA623A}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{8BAC6E8E-617E-4951-94F7-EBB57EE3F051}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D520EE0F-474E-4E14-92B8-D32FC71B538A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{80E2CB57-B033-4420-8553-11F29586898C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{CB9AF74A-4808-4C75-902E-060E5D58068A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{FA214E37-652E-4435-9C4F-5564E0C03625}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E2D3FB84-D182-4A5B-AE7B-D68D97BF1BA3}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{9F68CE6A-908E-4600-AD82-11B1B6C9C5FF}] => (Allow) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/29/2015 08:03:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerPlugin_19_0_0_185.exe, Version: 19.0.0.185, Zeitstempel: 0x55f117ef
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x741bca20
ID des fehlerhaften Prozesses: 0x15b4
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerPlugin_19_0_0_185.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerPlugin_19_0_0_185.exe1
Pfad des fehlerhaften Moduls: FlashPlayerPlugin_19_0_0_185.exe2
Berichtskennung: FlashPlayerPlugin_19_0_0_185.exe3
Vollständiger Name des fehlerhaften Pakets: FlashPlayerPlugin_19_0_0_185.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: FlashPlayerPlugin_19_0_0_185.exe5
Error: (09/29/2015 08:03:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerPlugin_19_0_0_185.exe, Version: 19.0.0.185, Zeitstempel: 0x55f117ef
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc00001a5
Fehleroffset: 0x03935ce0
ID des fehlerhaften Prozesses: 0x15b4
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerPlugin_19_0_0_185.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerPlugin_19_0_0_185.exe1
Pfad des fehlerhaften Moduls: FlashPlayerPlugin_19_0_0_185.exe2
Berichtskennung: FlashPlayerPlugin_19_0_0_185.exe3
Vollständiger Name des fehlerhaften Pakets: FlashPlayerPlugin_19_0_0_185.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: FlashPlayerPlugin_19_0_0_185.exe5
Error: (09/29/2015 08:01:46 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (09/29/2015 07:35:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerPlugin_19_0_0_185.exe, Version: 19.0.0.185, Zeitstempel: 0x55f117ef
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x741bca20
ID des fehlerhaften Prozesses: 0x17b8
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerPlugin_19_0_0_185.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerPlugin_19_0_0_185.exe1
Pfad des fehlerhaften Moduls: FlashPlayerPlugin_19_0_0_185.exe2
Berichtskennung: FlashPlayerPlugin_19_0_0_185.exe3
Vollständiger Name des fehlerhaften Pakets: FlashPlayerPlugin_19_0_0_185.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: FlashPlayerPlugin_19_0_0_185.exe5
Error: (09/29/2015 07:35:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerPlugin_19_0_0_185.exe, Version: 19.0.0.185, Zeitstempel: 0x55f117ef
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc00001a5
Fehleroffset: 0x02535ce0
ID des fehlerhaften Prozesses: 0x17b8
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerPlugin_19_0_0_185.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerPlugin_19_0_0_185.exe1
Pfad des fehlerhaften Moduls: FlashPlayerPlugin_19_0_0_185.exe2
Berichtskennung: FlashPlayerPlugin_19_0_0_185.exe3
Vollständiger Name des fehlerhaften Pakets: FlashPlayerPlugin_19_0_0_185.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: FlashPlayerPlugin_19_0_0_185.exe5
Error: (09/29/2015 06:33:25 PM) (Source: MsiInstaller) (EventID: 11316) (User: FABUS)
Description: Product: globalupdate Helper -- Error 1316. Das angegebene Konto ist bereits vorhanden.
Error: (09/29/2015 06:05:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Uninstall_PCSpeedUp.tmp, Version 51.1052.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1124
Startzeit: 01d0fad078e53a2a
Endzeit: 4294967295
Anwendungspfad: C:\Users\Fabian\AppData\Local\Temp\is-0H48G.tmp\Uninstall_PCSpeedUp.tmp
Berichts-ID: e6bfca80-66c3-11e5-bf7c-b888e3fc2648
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/29/2015 06:05:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm gentlemjmp_ieu.tmp, Version 51.52.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 17b0
Startzeit: 01d0fad06552a9c5
Endzeit: 4294967295
Anwendungspfad: C:\Users\Fabian\AppData\Local\Temp\is-34449.tmp\gentlemjmp_ieu.tmp
Berichts-ID: de29bc4d-66c3-11e5-bf7c-b888e3fc2648
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/29/2015 06:05:11 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (09/29/2015 05:58:31 PM) (Source: ATIeRecord) (EventID: 16386) (User: )
Description: ATI EEU Client has failed to start
Systemfehler:
=============
Error: (09/29/2015 05:58:13 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 29.09.2015 um 17:38:22 unerwartet heruntergefahren.
Error: (09/29/2015 05:35:09 PM) (Source: DCOM) (EventID: 10010) (User: FABUS)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (09/29/2015 05:35:09 PM) (Source: DCOM) (EventID: 10010) (User: FABUS)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (09/29/2015 05:24:21 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "ihpmServer" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (09/28/2015 08:12:57 PM) (Source: DCOM) (EventID: 10010) (User: FABUS)
Description: {D085A4AB-CAB1-4729-9DF8-FCEEDDBD19E4}
Error: (09/28/2015 08:09:33 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 23.09.2015 um 15:46:30 unerwartet heruntergefahren.
Error: (09/23/2015 03:44:54 PM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.
Error: (09/23/2015 12:59:29 PM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (09/23/2015 10:26:18 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 22.09.2015 um 23:18:23 unerwartet heruntergefahren.
Error: (09/22/2015 10:37:46 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.
CodeIntegrity:
===================================
Date: 2015-09-29 17:57:50.315
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RadioHIDMini.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-09-29 17:38:10.550
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RadioHIDMini.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-09-28 20:09:27.785
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RadioHIDMini.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-09-23 10:26:07.127
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RadioHIDMini.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-09-15 13:23:00.096
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RadioHIDMini.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-09-15 12:13:40.580
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RadioHIDMini.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-09-13 11:30:56.488
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RadioHIDMini.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-09-06 12:48:46.473
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\RadioHIDMini.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 29%
Installierter physikalischer RAM: 8083.44 MB
Verfügbarer physikalischer RAM: 5703.51 MB
Summe virtueller Speicher: 16787.45 MB
Verfügbarer virtueller Speicher: 12892.47 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:673.3 GB) (Free:567.98 GB) NTFS
Drive d: () (Removable) (Total:0.98 GB) (Free:0.41 GB) FAT
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 4F494D44)
Partition: GPT.
========================================================
Disk: 1 (Size: 1007.3 MB) (Disk ID: 6F20736B)
No partition Table on disk 1.
Disk 1 is a removable device.
==================== Ende von Addition.txt ============================
__________________ 
29.09.2015, 19:20
Baum-Darstellung