Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-09-2015
durchgeführt von Nadine (Administrator) auf NAD-PC (08-09-2015 10:07:49)
Gestartet von C:\Users\Nadine\Desktop
Geladene Profile: Nadine (Verfügbare Profile: Nadine)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
() C:\Windows\System32\DnsBlockUpdateSvc.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
() C:\ProgramData\teGlooT\teGlooT.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
(Dell Inc.) C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.exe
(Dell) C:\Program Files\Dell\Dell Data Services\DDSSvc.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.6.1008.0\McCSPServiceHost.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(McAfee, Inc.) C:\Program Files\mcafee\virusscan\McVsShld.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft) C:\Program Files\Dell\Dell Foundation Services\DFSSystrayUI.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Spotify Ltd) C:\Users\Nadine\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Nadine\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\Nadine\AppData\Roaming\Spotify\Spotify.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Spotify Ltd) C:\Users\Nadine\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Nadine\AppData\Roaming\Spotify\Spotify.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe
(Dropbox, Inc.) C:\Users\Nadine\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRSync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7634648 2014-08-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393520 2014-07-28] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3860296 2014-08-12] (Dell Inc.)
HKLM-x32\...\Run: [DropboxOEM] => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [462160 2014-09-02] ()
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKU\S-1-5-21-4025079453-1308834886-2430338244-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272624 2013-02-06] (Microsoft Corporation)
HKU\S-1-5-21-4025079453-1308834886-2430338244-1001\...\Run: [Spotify] => C:\Users\Nadine\AppData\Roaming\Spotify\Spotify.exe [7535672 2015-09-04] (Spotify Ltd)
HKU\S-1-5-21-4025079453-1308834886-2430338244-1001\...\Run: [Dropbox Update] => C:\Users\Nadine\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-4025079453-1308834886-2430338244-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53282944 2015-06-29] (Skype Technologies S.A.)
HKU\S-1-5-21-4025079453-1308834886-2430338244-1001\...\Run: [Spotify Web Helper] => C:\Users\Nadine\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-09-04] (Spotify Ltd)
HKU\S-1-5-21-4025079453-1308834886-2430338244-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Keine Datei
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Keine Datei
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nadine\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nadine\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nadine\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nadine\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nadine\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nadine\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nadine\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nadine\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconBackuped.dll [2014-12-30] (Softthinks SAS)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconNotBackuped.dll [2014-12-30] (Softthinks SAS)
ShellIconOverlayIdentifiers: [DBRShellOverlayBackupFile] -> {831CEBDD-6BAF-4432-BE76-9E0989C14AEF} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconBackuped.dll [2014-12-30] (Softthinks SAS)
ShellIconOverlayIdentifiers: [DBRShellOverlayModifiedBackupFile] -> {275E4FD7-21EF-45CF-A836-832E5D2CC1B3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconNotBackuped.dll [2014-12-30] (Softthinks SAS)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Keine Datei
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-11-01]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-11-12]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Nadine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-08-25]
ShortcutTarget: Dropbox.lnk -> C:\Users\Nadine\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicy: Gruppenrichtline auf Chrome erkannt <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <======= ACHTUNG (Richtlinienbeschränkung auf ProxySettings)
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{3CA2F9F0-32FF-4A88-A419-09FCA95C77D1}: [DhcpNameServer] 10.62.22.2 10.62.22.3
Tcpip\..\Interfaces\{C6DFBC94-C9C3-4486-933D-942DF45723EB}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ACHTUNG
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4025079453-1308834886-2430338244-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIseDGNQSX1inDHKhc0pyjalGDZeV5x64F0njOwAA1dsA5wOiHzj4VxlkC7Bkp9Yd47D1q1LZiLsparrQ-bdT2zm8DA5kRl8r1gag4j84f1RoXqoif01_JEfCYBkuwHPtbT5SV-k0U_HUjYSohxDrYff47tdYgMUZQfgxyAA,&q={searchTerms}
HKU\S-1-5-21-4025079453-1308834886-2430338244-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4025079453-1308834886-2430338244-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-4025079453-1308834886-2430338244-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIseDGNQSX1inDHKhc0pyjalGDZeV5x64F0njOwAA1dsA5wOiHzj4VxlkC7Bkp9Yd47D1q1LZiLsparrQ-bdT2zm8DA5kRl8r1gag4j84f1RoXqoif01_JEfCYBkuwHPtbT5SV-k0U_HUjYSohxDrYff47tdYgMUZQfgxyAA,&q={searchTerms}
HKU\S-1-5-21-4025079453-1308834886-2430338244-1001\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIseDGNQSX1inDHKhc0pyjalGDZeV5x64F0njOwAA1dsA5wOiHzj4VxlkC7Bkp9Yd47D1q1LZiLsparrQ-bdT2zm8DA5kRl8r1gag4j84f1RoXqoif01_JEfCYBkuwHPtbT5SV-k0U_HUjYSohxDrYff47tdYgMUZQfgxyAA,&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {9F814A05-5FD2-4F9C-9ACE-77D23BB6124B} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {9F814A05-5FD2-4F9C-9ACE-77D23BB6124B} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIseDGNQSX1inDHKhc0pyjalGDZeV5x64F0njOwAA1dsA5wOiHzj4VxlkC7Bkp9Yd47D1q1LZiLsparrQ-bdT2zm8DA5kRl8r1gag4j84f1RoXqoif01_JEfCYBkuwHPtbT5SV-k0U_HUjYSohxDrYff47tdYgMUZQfgxyAA,&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4025079453-1308834886-2430338244-1001 -> DefaultScope {ielnksrch} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-4025079453-1308834886-2430338244-1001 -> {9F814A05-5FD2-4F9C-9ACE-77D23BB6124B} URL =
SearchScopes: HKU\S-1-5-21-4025079453-1308834886-2430338244-1001 -> {ielnksrch} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: DownloadProtect Extension -> {C654F3FE-8E84-4BB7-87CF-8D9171FC3C73} -> C:\Program Files\{AA4CEA3A-AA0F-4917-BC59-50E13B2420A3}\{F3F365C1-8C86-45F0-97F9-D33B678C7983}.bin [2015-09-08] (Download Protect)
BHO-x32: DownloadProtect Extension -> {C654F3FE-8E84-4BB7-87CF-8D9171FC3C73} -> C:\Program Files (x86)\{68FA9C0A-ABBA-416E-94DC-A2A17CEBD9C8}\{41B8597F-FD8F-4EB8-9444-2B09785A0109}.bin [2015-09-08] (Download Protect)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-09-02] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-09-02] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-09-02] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-09-02] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2015-08-21] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2015-08-21] (McAfee, Inc.)
FireFox:
========
FF ProfilePath: C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\o8buhl7g.default
FF NewTab: C:\\ProgramData\\teGlooTs\\ff.NT
FF DefaultSearchUrl: hxxp://www.google.de/search?hl=de&gl=de&lr=&ie=utf-8&oe=utf-8&meta=lr=lang_de&q=
FF SelectedSearchEngine: google
FF Homepage: hxxp://www.google.de?hl=de&gl=de
FF Keyword.URL: hxxp://www.google.de/search?hl=de&gl=de&lr=&ie=utf-8&oe=utf-8&meta=lr=lang_de&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-25] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-08-21] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-25] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-04] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-08-21] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\o8buhl7g.default\user.js [2015-09-08]
FF SearchPlugin: C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\o8buhl7g.default\searchplugins\google-images.xml [2014-11-12]
FF SearchPlugin: C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\o8buhl7g.default\searchplugins\google-maps.xml [2014-11-12]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\findit.xml [2015-07-21]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-09-06]
FF HKLM-x32\...\Firefox\Extensions: [{14FDC6C8-E5C6-4C0B-99D3-9A34F7F1BD2B}] - C:\Windows\Installer\{FA48F54A-656A-4520-822F-8BEB36898379}\{14FDC6C8-E5C6-4C0B-99D3-9A34F7F1BD2B}.xpi
FF Extension: Download Protect - C:\Windows\Installer\{FA48F54A-656A-4520-822F-8BEB36898379}\{14FDC6C8-E5C6-4C0B-99D3-9A34F7F1BD2B}.xpi [2015-09-08]
FF Extension: Kein Name - C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\o8buhl7g.default\extensions\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}.xpi [nicht gefunden]
Chrome:
=======
CHR Plugin: (Google Präsentationen) - aapocclcgogkmnckokdopfmhonfmgoek\0.9_0 Keine Datei
CHR Plugin: (Web Store) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\resources\web_store Keine Datei
CHR Plugin: (Google Docs) - aohghmighlieiainnegkcijnfilokake\0.9_0 Keine Datei
CHR Plugin: (Google Drive) - apdfllckaahabafndbhieahigkjlhalf\14.0_0 Keine Datei
CHR Plugin: (YouTube) - blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0 Keine Datei
CHR Plugin: (Google-Suche) - coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0 Keine Datei
CHR Plugin: (Bookmark Manager) - felcaaldnbdncclmgdcncolpebgiejap\1.1_0 Keine Datei
CHR Plugin: (SiteAdvisor) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\resources\chrome_app Keine Datei
CHR Plugin: (Chrome PDF Viewer) - pjkljhegncpnkpknbcohdijeoejaedia\8.1_0 Keine Datei
CHR Profile: C:\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-25]
CHR Extension: (Google Docs) - C:\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-25]
CHR Extension: (Google Drive) - C:\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-25]
CHR Extension: (YouTube) - C:\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-25]
CHR Extension: (Google Search) - C:\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-25]
CHR Extension: (Google Sheets) - C:\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-25]
CHR Extension: (SiteAdvisor) - C:\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-04-25]
CHR Extension: (Bookmark Manager) - C:\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-25]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-25]
CHR Extension: (Google Wallet) - C:\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-25]
CHR Extension: (Gmail) - C:\Users\Nadine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-25]
CHR Profile: C:\Users\Nadine\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Nadine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-25]
CHR Extension: (Google Docs) - C:\Users\Nadine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-25]
CHR Extension: (Google Drive) - C:\Users\Nadine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-25]
CHR Extension: (YouTube) - C:\Users\Nadine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-25]
CHR Extension: (Google Search) - C:\Users\Nadine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-25]
CHR Extension: (Google Sheets) - C:\Users\Nadine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-25]
CHR Extension: (SiteAdvisor) - C:\Users\Nadine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-04-25]
CHR Extension: (Google Docs Offline) - C:\Users\Nadine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-05]
CHR Extension: (AdBlock) - C:\Users\Nadine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-07-23]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Nadine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-25]
CHR Extension: (Download Protect) - C:\Users\Nadine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\leoeonamcelhnhlcdmaclnbgbcgghjnk [2015-09-08]
CHR Extension: (Colors) - C:\Users\Nadine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lhbgjlhhonbdjfdoiklbbkejcipkbnac [2015-07-19]
CHR Extension: (PConverter) - C:\Users\Nadine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mpkhmmacbjndakceaikggpnnnddijeen [2015-04-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Nadine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-25]
CHR Extension: (Gmail) - C:\Users\Nadine\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-25]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-09-03]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-09-03]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2014-05-21] (Broadcom Corporation.)
R2 Dell Data Services; C:\Program Files\Dell\Dell Data Services\DDSSvc.exe [45936 2014-11-13] (Dell)
R2 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [116424 2015-08-18] (Dell)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2573520 2015-05-22] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201936 2015-05-22] (Dell Inc.)
S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [278568 2014-10-31] (Aviata, Inc.)
R2 DnsBlockUpdateSvc; C:\Windows\system32\DnsBlockUpdateSvc.exe [149024 2015-07-19] ()
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [115656 2014-05-16] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [148160 2014-05-16] (Intel Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-04-24] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-04] (Intel Corporation)
R2 McAfee SiteAdvisor Service; c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [157928 2015-09-02] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [782608 2015-08-21] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [333584 2013-09-26] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe [289256 2015-07-31] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.6.1008.0\McCSPServiceHost.exe [1694152 2015-07-23] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [639456 2015-07-17] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-06-29] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [373704 2015-07-06] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [254792 2015-06-29] (McAfee, Inc.)
R2 My Dell Client Framework; C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.exe [168960 2014-01-10] (Dell Inc.) [Datei ist nicht signiert]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [291032 2014-07-22] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [2005392 2015-02-12] (SoftThinks SAS)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [20648 2015-06-11] (Dell Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 teGlooT; C:\ProgramData\teGlooT\teGlooT [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2014-05-21] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7504560 2014-05-21] (Broadcom Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [77536 2015-07-02] (McAfee, Inc.)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-01-31] (Dell Computer Corporation)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [24240 2015-05-22] (Dell Computer Corporation)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
S3 DptfDevDisplay; C:\Windows\System32\drivers\DptfDevDisplay.sys [70752 2014-05-16] (Intel Corporation)
S3 DptfDevDram; C:\Windows\System32\drivers\DptfDevDram.sys [145640 2014-05-16] (Intel Corporation)
S3 DptfDevFan; C:\Windows\System32\drivers\DptfDevFan.sys [50640 2014-05-16] (Intel Corporation)
R3 DptfDevGen; C:\Windows\System32\drivers\DptfDevGen.sys [78504 2014-05-16] (Intel Corporation)
R3 DptfDevPch; C:\Windows\System32\drivers\DptfDevPch.sys [116752 2014-05-16] (Intel Corporation)
S3 DptfDevPower; C:\Windows\System32\drivers\DptfDevPower.sys [71808 2014-05-16] (Intel Corporation)
R3 DptfDevProc; C:\Windows\System32\drivers\DptfDevProc.sys [290256 2014-05-16] (Intel Corporation)
R3 DptfManager; C:\Windows\System32\drivers\DptfManager.sys [494808 2014-05-16] (Intel Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [24568 2013-08-09] (Intel Corporation)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-08-09] (Intel Corporation)
S3 iaLPSS_SPI; C:\Windows\System32\drivers\iaLPSS_SPI.sys [83960 2013-08-09] (Intel Corporation)
S3 iaLPSS_UART2; C:\Windows\System32\drivers\iaLPSS_UART2.sys [129528 2013-08-09] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [100824 2013-12-04] (Intel Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [412440 2015-07-02] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [347800 2015-07-02] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80920 2015-07-02] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496888 2015-07-02] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [875928 2015-07-02] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [529080 2015-06-28] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109728 2015-06-28] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [37960 2015-09-02] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344704 2015-07-02] (McAfee, Inc.)
S3 RTLU3E8023-W8-64; C:\Windows\system32\DRIVERS\rtu30x64w8.sys [92376 2013-10-10] (Realtek )
R3 SensorsServiceDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R3 VirtualButtons; C:\Windows\System32\drivers\VirtualButtons.sys [32024 2013-10-04] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
U2 McMPFSvc; kein ImagePath
S3 PCDSRVC{3B54B31B-D06B6431-06020200}_0; \??\c:\program files\dell\supportassist\pcdsrvc_x64.pkms [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-08 10:07 - 2015-09-08 10:11 - 00034412 _____ C:\Users\Nadine\Desktop\FRST.txt
2015-09-08 10:07 - 2015-09-08 10:08 - 00000000 ____D C:\FRST
2015-09-08 09:22 - 2015-09-08 09:23 - 02190336 _____ (Farbar) C:\Users\Nadine\Desktop\FRST64.exe
2015-09-08 09:22 - 2015-09-08 09:23 - 01692160 _____ (Farbar) C:\Users\Nadine\Desktop\FRST.exe
2015-09-08 08:08 - 2015-09-08 08:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-09-08 06:22 - 2015-09-08 06:22 - 00005120 _____ C:\Windows\SysWOW64\ncrzptsslp.dll
2015-09-08 06:22 - 2015-09-08 06:22 - 00000000 ____D C:\Program Files\{AA4CEA3A-AA0F-4917-BC59-50E13B2420A3}
2015-09-08 06:22 - 2015-09-08 06:22 - 00000000 ____D C:\Program Files (x86)\{68FA9C0A-ABBA-416E-94DC-A2A17CEBD9C8}
2015-09-06 21:45 - 2015-09-06 21:45 - 00003162 _____ C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask-Retry
2015-09-05 12:12 - 2015-09-05 12:12 - 00000000 ____D C:\Users\Nadine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-09-04 14:58 - 2015-09-04 14:58 - 00000000 ____D C:\Program Files\{027FF24A-6AD2-4C13-B33A-C18D95D85B83}
2015-09-04 14:58 - 2015-09-04 14:58 - 00000000 ____D C:\Program Files (x86)\{60EDDCFD-7084-4101-995F-FCB37C526622}
2015-09-03 15:37 - 2015-09-03 15:37 - 00001952 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2015-09-03 15:37 - 2015-09-03 15:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-09-03 15:36 - 2015-09-03 15:36 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-09-03 15:30 - 2015-09-04 14:56 - 00001304 _____ C:\Windows\PFRO.log
2015-09-02 04:09 - 2015-09-08 06:20 - 00005367 _____ C:\Windows\setupact.log
2015-09-02 04:09 - 2015-09-02 04:09 - 00000000 _____ C:\Windows\setuperr.log
2015-08-31 18:22 - 2015-08-31 18:46 - 00018126 _____ C:\Users\Nadine\Desktop\Unbenannt 1.ods
2015-08-31 18:22 - 2015-08-31 18:46 - 00000105 ____H C:\Users\Nadine\Desktop\.~lock.Unbenannt 1.ods#
2015-08-30 14:39 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-30 14:39 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-29 13:33 - 2015-08-14 03:50 - 00794088 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-29 13:33 - 2015-08-14 03:50 - 00179688 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-28 09:15 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-28 09:15 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-26 09:12 - 2015-08-26 09:12 - 00000000 ____D C:\Users\Nadine\AppData\Local\CEF
2015-08-26 00:14 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-26 00:14 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-26 00:14 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-26 00:14 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-26 00:14 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-26 00:14 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-08-26 00:14 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-26 00:14 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-26 00:14 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-26 00:14 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-26 00:14 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-26 00:14 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-26 00:14 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-26 00:14 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-26 00:14 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-26 00:14 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-26 00:14 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-08-26 00:14 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-26 00:14 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-26 00:14 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-26 00:14 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-26 00:14 - 2015-06-09 20:27 - 00411133 _____ C:\Windows\system32\ApnDatabase.xml
2015-08-26 00:13 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-26 00:13 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-26 00:13 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-26 00:13 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-26 00:13 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-08-26 00:13 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-26 00:13 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-26 00:13 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-26 00:13 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-08-26 00:13 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-26 00:13 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-08-26 00:13 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-26 00:13 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-26 00:13 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-08-26 00:13 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-26 00:13 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-26 00:13 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-08-26 00:13 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-26 00:13 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-26 00:13 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-26 00:13 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-26 00:12 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-26 00:12 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-26 00:12 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-26 00:12 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-26 00:12 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-26 00:12 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-26 00:12 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-26 00:12 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-26 00:12 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-26 00:12 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-26 00:12 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-26 00:12 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-08-26 00:12 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-08-26 00:12 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-08-26 00:12 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-26 00:12 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-26 00:12 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-26 00:12 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-26 00:12 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-08-26 00:12 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-08-26 00:08 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-08-26 00:08 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2015-08-26 00:08 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2015-08-26 00:08 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-26 00:08 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-26 00:08 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-08-26 00:08 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-08-26 00:07 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-26 00:07 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-26 00:07 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-26 00:07 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-08-26 00:07 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-26 00:07 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-08-26 00:07 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-26 00:07 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-26 00:07 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-26 00:07 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-26 00:07 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-26 00:07 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-26 00:06 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-26 00:06 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-26 00:06 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-26 00:06 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-26 00:06 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-26 00:06 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-26 00:06 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-08 10:06 - 2015-06-17 20:55 - 00001242 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4025079453-1308834886-2430338244-1001UA.job
2015-09-08 10:02 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-09-08 10:01 - 2015-04-25 20:39 - 00001132 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-08 09:57 - 2014-11-11 08:21 - 01325309 _____ C:\Windows\WindowsUpdate.log
2015-09-08 09:38 - 2015-02-28 21:19 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-08 09:16 - 2014-11-11 08:27 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4025079453-1308834886-2430338244-1001
2015-09-08 09:09 - 2014-11-12 04:16 - 00000000 ____D C:\Users\Nadine\AppData\Roaming\Spotify
2015-09-08 08:09 - 2014-11-01 18:51 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2015-09-08 08:07 - 2014-11-11 08:58 - 00003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{2A81A488-8A9A-4317-87B5-CFACAA55A5F3}
2015-09-08 08:05 - 2014-11-11 10:00 - 00000000 ___RD C:\Users\Nadine\Dropbox
2015-09-08 08:05 - 2014-11-11 09:57 - 00000000 ____D C:\Users\Nadine\AppData\Roaming\Dropbox
2015-09-08 08:03 - 2015-07-19 18:46 - 00000382 _____ C:\Windows\Tasks\SDAWPOWJ1.job
2015-09-08 08:03 - 2015-04-25 20:39 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-08 08:03 - 2014-11-12 04:20 - 00000000 ____D C:\Users\Nadine\AppData\Local\Spotify
2015-09-08 08:03 - 2014-11-11 09:31 - 00000000 ___RD C:\Users\Nadine\OneDrive
2015-09-08 06:22 - 2015-07-29 10:29 - 00000306 __RSH C:\ProgramData\ntuser.pol
2015-09-08 06:22 - 2015-07-19 18:49 - 00000000 ____D C:\ProgramData\teGlooT
2015-09-08 06:21 - 2014-11-01 18:54 - 00000000 ____D C:\Program Files (x86)\McAfee
2015-09-08 06:20 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-08 02:07 - 2013-08-22 15:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2015-09-06 21:47 - 2014-03-18 11:47 - 01780340 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-06 21:47 - 2014-03-18 11:30 - 00772278 _____ C:\Windows\system32\perfh007.dat
2015-09-06 21:47 - 2014-03-18 11:30 - 00162264 _____ C:\Windows\system32\perfc007.dat
2015-09-04 20:06 - 2015-06-17 20:55 - 00001190 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4025079453-1308834886-2430338244-1001Core.job
2015-09-04 17:18 - 2015-07-02 12:33 - 00000000 ____D C:\Windows\System32\Tasks\McAfee
2015-09-03 22:17 - 2015-04-25 20:40 - 00002239 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-03 17:09 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-09-03 15:28 - 2014-11-01 18:54 - 00000000 ____D C:\ProgramData\McAfee
2015-09-03 15:23 - 2014-11-01 18:54 - 00000000 ____D C:\Program Files\Common Files\McAfee
2015-09-03 15:15 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-09-02 15:28 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-09-01 17:03 - 2013-08-22 17:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2015-08-31 19:13 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF
2015-08-30 14:39 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-08-30 14:04 - 2014-11-12 04:26 - 00000000 ____D C:\Users\Nadine\AppData\Roaming\vlc
2015-08-29 13:31 - 2013-08-22 16:44 - 00511880 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-29 13:29 - 2015-06-23 20:58 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-29 13:29 - 2015-06-23 20:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-29 02:51 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-29 02:51 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-29 02:51 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-29 02:51 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-28 23:56 - 2015-04-25 20:39 - 00004104 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-28 23:56 - 2015-04-25 20:39 - 00003868 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-28 09:14 - 2015-06-23 21:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-28 09:10 - 2014-11-14 05:50 - 00000000 ____D C:\Windows\system32\MRT
2015-08-28 08:54 - 2014-11-14 05:50 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-28 08:51 - 2014-12-15 16:36 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-28 08:51 - 2014-11-14 06:27 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-28 08:49 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-28 08:49 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-26 17:05 - 2014-11-20 21:24 - 00000000 ____D C:\Users\Nadine\Desktop\Naddler
2015-08-26 09:24 - 2014-11-11 08:22 - 00000000 ____D C:\Users\Nadine\AppData\Local\Packages
2015-08-26 07:38 - 2014-11-01 18:50 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2015-08-26 07:38 - 2014-11-01 18:45 - 00000000 ____D C:\Program Files\Dell
2015-08-25 23:39 - 2015-02-28 21:19 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-25 23:25 - 2014-12-03 15:55 - 00003094 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-4025079453-1308834886-2430338244-1001
2015-08-25 22:57 - 2014-11-12 02:52 - 00000000 ____D C:\ProgramData\McAfee Security Scan
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-11-01 18:27 - 2014-11-01 18:27 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
C:\Users\Nadine\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpv0j4zu.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-09-02 18:43
==================== Ende von FRST.txt ============================
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-09-2015
durchgeführt von Nadine (2015-09-08 10:12:52)
Gestartet von C:\Users\Nadine\Desktop
Windows 8.1 (X64) (2014-11-11 06:22:19)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-4025079453-1308834886-2430338244-500 - Administrator - Disabled)
Gast (S-1-5-21-4025079453-1308834886-2430338244-501 - Limited - Disabled)
Nadine (S-1-5-21-4025079453-1308834886-2430338244-1001 - Administrator - Enabled) => C:\Users\Nadine
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.8.1.70 - Dell Inc.)
Dell Data Services (HKLM\...\{90F9BFC9-A2A9-403F-9A40-1063FAD035BA}) (Version: 1.1.6.0 - Dell Inc.)
Dell Data Vault (Version: 4.3.4.0 - Dell Inc.) Hidden
Dell Digital Delivery (HKLM-x32\...\{D850CB7E-72BC-4510-BA4F-48932BFAB295}) (Version: 2.9.901.0 - Dell Products, LP)
Dell Foundation Services (HKLM\...\{D605CD24-103D-4DB6-B572-653851213C46}) (Version: 2.2.65.0 - Dell Inc.)
Dell Product Registration (HKLM-x32\...\{24F2AD94-CC1B-4294-B184-D4D31A3186A7}) (Version: 2.42.0012 - Aviata Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.10 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.1.0.47 - Dell)
Dell System Detect (HKU\S-1-5-21-4025079453-1308834886-2430338244-1001\...\73f463568823ebbe) (Version: 6.3.0.6 - Dell)
Dell Update (HKLM-x32\...\{D9D0E75C-F791-402A-98E2-A2F43E7B0CE3}) (Version: 1.1.1054.0 - Dell Inc.)
Dropbox (HKU\S-1-5-21-4025079453-1308834886-2430338244-1001\...\Dropbox) (Version: 3.8.8 - Dropbox, Inc.)
Dropbox 20 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.)
DW WLAN Card (HKLM\...\DW WLAN Card) (Version: 6.30.223.201 - Dell Inc.)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.22.1760 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3574 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Intel(R) Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 1.0.0.14 - Intel Corporation)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 14.0.4121 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.163.2 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.152 - McAfee, Inc.)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4025079453-1308834886-2430338244-1001\...\OneDriveSetup.exe) (Version: 17.3.5930.0814 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 37.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1 - Mozilla)
My Dell Client Framework (HKLM-x32\...\InstallShield_{05F1B866-2372-4E82-9AA8-C64FB11CEF8B}) (Version: 1.0.0.3 - Dell)
My Dell Client Framework (x32 Version: 1.0.0.3 - Dell) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.24 - Dell Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7312 - Realtek Semiconductor Corp.)
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
SleepTimer Ultimate 1.2 (HKLM-x32\...\{0EE56463-49B2-45E1-B74F-3E0139DBC986}_is1) (Version: - Christian Handorf)
Spotify (HKU\S-1-5-21-4025079453-1308834886-2430338244-1001\...\Spotify) (Version: 1.0.13.108.gcd94e7db - Spotify AB)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.13.0054 - ST Microelectronics)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.9680 - Broadcom Corporation)
Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB (06/11/2009 1.0.0.0) (HKLM\...\EC3E466026556D3EB760B01C4772277614354E11) (Version: 06/11/2009 1.0.0.0 - Texas Instruments Inc.)
Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB (09/02/2009 1.0.0.1) (HKLM\...\7511B29C86C398B4D11A0B0E4176CAD68D1B7057) (Version: 09/02/2009 1.0.0.1 - Texas Instruments Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-4025079453-1308834886-2430338244-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Nadine\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4025079453-1308834886-2430338244-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-4025079453-1308834886-2430338244-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Nadine\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4025079453-1308834886-2430338244-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Nadine\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4025079453-1308834886-2430338244-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nadine\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4025079453-1308834886-2430338244-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nadine\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4025079453-1308834886-2430338244-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nadine\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4025079453-1308834886-2430338244-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nadine\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4025079453-1308834886-2430338244-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nadine\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4025079453-1308834886-2430338244-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nadine\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4025079453-1308834886-2430338244-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nadine\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4025079453-1308834886-2430338244-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nadine\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4025079453-1308834886-2430338244-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Nadine\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
==================== Wiederherstellungspunkte =========================
27-08-2015 08:16:15 Geplanter Prüfpunkt
30-08-2015 14:37:25 Windows Update
01-09-2015 16:56:01 Removed Amazon 1Button App
06-09-2015 21:49:36 Removed Microsoft .NET Framework 4 Multi-Targeting Pack
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2015-09-03 15:37 - 00000856 ____A C:\Windows\system32\Drivers\etc\hosts
0.0.0.1 mssplus.mcafee.com
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {1DD1008F-91A9-4438-BDB1-E1FCD089A0A3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {234B1B55-6054-48DC-9AD7-892A591D1B15} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4025079453-1308834886-2430338244-1001Core => C:\Users\Nadine\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {34AF886B-25DF-4BF0-9C61-0C13976463B7} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {36A2851D-BD78-4812-9AEA-7F7917528734} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
Task: {38EE1784-AB17-4DE0-9603-8232DA495175} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-05-25] (PC-Doctor, Inc.)
Task: {445D4C40-3D0C-4C1B-BAB5-4DE265D67897} - System32\Tasks\PCDoctorBackgroundMonitorTask-Retry => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2015-05-25] (PC-Doctor, Inc.)
Task: {45496BFE-E8C7-4482-8A2E-87AAA37BD5F7} - System32\Tasks\Dell\Dell Product Registration Update => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-10-31] (Aviata Inc)
Task: {4F2C8FFF-B9BB-4C5D-96D1-ED3F342479B4} - System32\Tasks\SDAWPOWJ1 => C:\ProgramData\SecurityUtility\SecurityUtility.exe <==== ACHTUNG
Task: {6AEC7EC6-D048-43B0-8BFA-2D4D00F0A6B2} - System32\Tasks\snf => C:\ProgramData\teGlooT\0t4shpwn.exe [2015-07-19] ()
Task: {79A359F2-5252-4AE2-81C4-CF906BE18CE1} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {81D4F334-C327-4F8A-A174-EDD37FA18194} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-25] (Google Inc.)
Task: {87910695-E963-47B0-95B9-E1396A77C97F} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-4025079453-1308834886-2430338244-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {8B74C4EA-4FA6-4A1A-81A6-1B4CD947B0A2} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-06-11] (Dell Inc.)
Task: {9D66D922-DFF5-4D9F-B89C-0223E765FB3E} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4025079453-1308834886-2430338244-1001UA => C:\Users\Nadine\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {BD967851-FEFA-4577-81F2-94FF98D5BE84} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-25] (Google Inc.)
Task: {D3C58EFE-3310-4496-A78E-A40C0E3E975C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {D6D88800-B342-4B10-96AB-BFFB46900F2F} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-07-28] (Realtek Semiconductor)
Task: {D8A68EEC-A099-4BF4-8D15-A76B32B871FC} - System32\Tasks\snp => C:\ProgramData\teGlooT\0t4shpwn.exe [2015-07-19] ()
Task: {E439F829-45A9-46CB-BBC5-9272DC9B16FE} - System32\Tasks\Dell\Dell Product Registration => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-10-31] (Aviata Inc)
Task: {E8292501-90B3-46ED-A881-5355AB946BE3} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2015-05-25] (PC-Doctor, Inc.)
Task: {EBE7B4F3-FB87-4A5C-8D73-AF809D815721} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-08-28] (Microsoft Corporation)
Task: {F097C2A7-428C-4D15-822B-EE4E9E922512} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-25] (Adobe Systems Incorporated)
Task: {FC8EADE2-2844-4FE4-A7C2-D714A003495C} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4025079453-1308834886-2430338244-1001Core.job => C:\Users\Nadine\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4025079453-1308834886-2430338244-1001UA.job => C:\Users\Nadine\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SDAWPOWJ1.job => C:\ProgramData\SecurityUtility\SecurityUtility.exe <==== ACHTUNG
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-05-05 20:23 - 2014-05-05 20:23 - 00049368 _____ () c:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
2015-07-19 18:53 - 2015-07-19 18:53 - 00149024 _____ () C:\Windows\system32\DnsBlockUpdateSvc.exe
2015-07-16 13:17 - 2015-07-16 13:17 - 00036864 _____ () C:\ProgramData\teGlooT\teGlooT.exe
2014-01-10 15:53 - 2014-01-10 15:53 - 00016384 _____ () C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.Interfaces.dll
2014-01-10 15:53 - 2014-01-10 15:53 - 00081408 _____ () C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.Objects.dll
2014-01-10 15:53 - 2014-01-10 15:53 - 00815616 _____ () C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.Resources.dll
2014-01-10 16:24 - 2014-01-10 16:24 - 00052736 _____ () C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.Client.Pulse.Agent.Plugins.SelfUpdate.dll
2014-01-10 16:24 - 2014-01-10 16:24 - 00019968 _____ () C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.Client.Pulse.Agent.Common.dll
2015-07-17 19:34 - 2015-07-17 19:34 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-11-01 18:45 - 2013-12-04 14:37 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-03-11 10:29 - 2015-09-04 14:58 - 45067320 _____ () C:\Users\Nadine\AppData\Roaming\Spotify\libcef.dll
2015-03-11 10:29 - 2015-09-04 14:58 - 01649208 _____ () C:\Users\Nadine\AppData\Roaming\Spotify\libglesv2.dll
2015-03-11 10:29 - 2015-09-04 14:58 - 00080952 _____ () C:\Users\Nadine\AppData\Roaming\Spotify\libegl.dll
2015-09-08 08:04 - 2015-09-08 08:04 - 00071168 _____ () c:\users\nadine\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpv0j4zu.dll
2015-08-25 23:06 - 2015-08-05 07:26 - 00012800 _____ () C:\Users\Nadine\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-08-25 23:06 - 2015-08-05 07:26 - 00779776 _____ () C:\Users\Nadine\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-08-25 23:06 - 2015-08-05 07:26 - 00056320 _____ () C:\Users\Nadine\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-08-25 23:06 - 2015-08-05 07:26 - 00012288 _____ () C:\Users\Nadine\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2015-02-26 18:07 - 2015-02-09 17:14 - 01905904 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
2014-11-01 18:52 - 2012-11-26 00:19 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
2015-02-26 18:07 - 2014-02-18 20:12 - 00117568 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll
2015-07-29 10:29 - 2015-09-08 06:22 - 00012288 _____ () C:\Program Files (x86)\Google\Chrome\Application\WTSAPI32.dll
2015-07-19 18:49 - 2015-08-25 23:35 - 01169408 _____ () C:\ProgramData\teGlooT\v1vs4rav.dll
2015-09-03 22:16 - 2015-08-28 02:17 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\libglesv2.dll
2015-09-03 22:16 - 2015-08-28 02:17 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\libegl.dll
2015-09-08 06:37 - 2015-09-08 06:37 - 03530752 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.UI.Xaml\90a4331ab5b5bb3ead23d75d4349a491\Windows.UI.Xaml.ni.dll
2015-08-03 21:47 - 2015-08-03 21:47 - 00302080 _____ () C:\Users\Nadine\AppData\Local\Packages\microsoft.microsoftminesweeper_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.CdnModule\a860ae91bab083fa6c8c8a963fd601c0\Arkadium.CdnModule.ni.dll
2015-09-08 06:38 - 2015-09-08 06:38 - 00960000 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.UI\6c2169e34bfb3814fa44f267572335f6\Windows.UI.ni.dll
2015-08-03 21:48 - 2015-08-03 21:48 - 00038400 _____ () C:\Users\Nadine\AppData\Local\Packages\microsoft.microsoftminesweeper_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Wi82189356#\2e205669b9a2cfb29335774b1f3147f9\Arkadium.Win8.MediaPlayer.ni.dll
2015-08-03 21:48 - 2015-08-03 21:48 - 00122880 _____ () C:\Users\Nadine\AppData\Local\Packages\microsoft.microsoftminesweeper_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Ap4e5cc921#\76e2d70fc649a810a38d0b88181da1e5\Arkadium.ApplicationFramework.ni.dll
2015-08-03 21:51 - 2015-08-03 21:51 - 00175104 _____ () C:\Users\Nadine\AppData\Local\Packages\microsoft.microsoftminesweeper_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Acc213f109#\170b506700ca236e10e63f49eb39eaa6\Arkadium.AchievementsModule.ni.dll
2015-08-03 21:51 - 2015-08-03 21:51 - 00263168 _____ () C:\Users\Nadine\AppData\Local\Packages\microsoft.microsoftminesweeper_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Awd4f12c8f#\016532e2b633f4f1903ec1881489eb03\Arkadium.AwardsModule.ni.dll
2015-08-03 21:51 - 2015-08-03 21:51 - 00369152 _____ () C:\Users\Nadine\AppData\Local\Packages\microsoft.microsoftminesweeper_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Le816657bc#\266bf60ee31f213080a03a981d6a6aa7\Arkadium.LeaderboardModule.ni.dll
2015-08-03 21:52 - 2015-08-03 21:52 - 00297984 _____ () C:\Users\Nadine\AppData\Local\Packages\microsoft.microsoftminesweeper_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Wi4bbc307d#\02a98843383d2f425d6fe1a01be74a51\Arkadium.WindowsStoreModule.ni.dll
2015-08-03 21:52 - 2015-08-03 21:52 - 02053632 _____ () C:\Users\Nadine\AppData\Local\Packages\microsoft.microsoftminesweeper_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Dae4911807#\5438ea3c2f1de9983b4098e0fd57bc70\Arkadium.DailyChallengeModule.ni.dll
2015-08-03 21:52 - 2015-08-03 21:52 - 00674304 _____ () C:\Users\Nadine\AppData\Local\Packages\microsoft.microsoftminesweeper_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Ad1735b4ba#\42c48a3359593b79c1c1b54d901b9122\Arkadium.Advertisement.ni.dll
2015-07-17 14:02 - 2015-07-17 14:02 - 01130496 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.App640a3541#\6e37f358bf8363dad51e2333292d61a9\Windows.ApplicationModel.ni.dll
2015-08-03 21:52 - 2015-08-03 21:52 - 00123392 _____ () C:\Users\Nadine\AppData\Local\Packages\microsoft.microsoftminesweeper_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Xaba8eb3bf#\bdd8f91a54c5379d0eb0b107e5e30e8e\Arkadium.Xaml.Toolkit.ni.dll
2015-08-03 21:53 - 2015-08-03 21:53 - 00125952 _____ () C:\Users\Nadine\AppData\Local\Packages\microsoft.microsoftminesweeper_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.NewsModule\61f2c3d43d46f7632ed6fea9d003adb1\Arkadium.NewsModule.ni.dll
2015-08-03 21:53 - 2015-08-03 21:53 - 00215040 _____ () C:\Users\Nadine\AppData\Local\Packages\microsoft.microsoftminesweeper_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\CustomProgr3d91ab4c#\ea9768b93a6a8f3d28a49e0b10122a04\CustomProgressControl.ni.dll
2014-11-18 09:19 - 2014-11-18 09:19 - 00228864 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\f7e726805e56676bd7b8662a3d842b0e\Windows.Foundation.ni.dll
2014-11-18 09:24 - 2014-11-18 09:24 - 00770560 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Media\ca5d421f33f051f1b561add6753e4360\Windows.Media.ni.dll
2015-08-03 21:56 - 2015-08-03 21:56 - 00483840 _____ () C:\Users\Nadine\AppData\Local\Packages\microsoft.microsoftminesweeper_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Microsoft.Xbox\7334cf3cd56e548536e510cce0ed4e14\Microsoft.Xbox.ni.dll
2015-08-03 21:59 - 2015-08-03 21:59 - 00227328 _____ () C:\Users\Nadine\AppData\Local\Packages\microsoft.microsoftminesweeper_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\CEServices\c1cbabc316caabe260365f723757062f\CEServices.ni.dll
2015-03-02 16:48 - 2015-03-02 16:48 - 00808448 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Storage\f0a2c10499402eff632a7a7df0b4afef\Windows.Storage.ni.dll
2014-11-18 09:23 - 2014-11-18 09:23 - 00402432 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Security\ade4f25e9d8384f190ede9eb090281cb\Windows.Security.ni.dll
2014-11-18 09:22 - 2014-11-18 09:22 - 00238080 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Gloaae92e31#\a1306b1fdd9c22508f9e5d901fceb4cd\Windows.Globalization.ni.dll
2014-11-18 09:23 - 2014-11-18 09:23 - 00797696 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Networking\e1a2f3f274995f1f847c00f962657943\Windows.Networking.ni.dll
2015-08-03 21:59 - 2015-08-03 21:59 - 00197120 _____ () C:\Users\Nadine\AppData\Local\Packages\microsoft.microsoftminesweeper_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\MicroStudioe45cbf8f#\701c8eca3d3515aed6c0eccdcbc6ffb2\MicroStudios.HouseAdController.ni.dll
2014-11-18 09:22 - 2014-11-18 09:22 - 00133120 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.System\7819e306c2c55c42f35a5fa10b93710f\Windows.System.ni.dll
2015-09-08 06:38 - 2015-09-08 06:38 - 00304128 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Graphics\4e33edd5ee2ee09f751c0071ba0a26c3\Windows.Graphics.ni.dll
2015-08-03 21:59 - 2015-08-03 21:59 - 00041984 _____ () C:\Users\Nadine\AppData\Local\Packages\microsoft.microsoftminesweeper_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Microsoft.G42d2c636#\c9c9d32d102cd8eb4ad7d760ede11f62\Microsoft.Games.Sentient.ni.dll
2014-11-18 09:24 - 2014-11-18 09:24 - 01282048 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Devices\bf5509cf3a0d2e3afbd0c33e9153ecbd\Windows.Devices.ni.dll
2015-07-17 14:03 - 2015-07-17 14:03 - 00337920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Data\fe565d34d4335337c06264bb0d85e3b0\Windows.Data.ni.dll
2015-08-04 12:22 - 2015-08-04 12:22 - 00012800 _____ () C:\Users\Nadine\AppData\Local\Packages\microsoft.microsoftminesweeper_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Arkadium.Sh130cfbe4#\9ef21ae2ff95f96dcc5d7181d3ef82d5\Arkadium.SharpDXEngine.AudioLoader.ni.dll
2014-11-11 10:01 - 2014-11-11 10:02 - 00038912 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftMinesweeper_2.4.1408.2503_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.AudioLoader.dll
2015-08-04 12:22 - 2015-08-04 12:22 - 00022528 _____ () C:\Users\Nadine\AppData\Local\Packages\microsoft.microsoftminesweeper_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\MicrosoftAd439beb82#\3ae6b196a24212e98acd65f0f976c8f2\MicrosoftAdvertising_MMPPF.ni.dll
2015-08-04 12:22 - 2015-08-04 12:22 - 00085504 _____ () C:\Users\Nadine\AppData\Local\Packages\microsoft.microsoftminesweeper_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\DailyChallenge\9e761f3eacace339323835829181a2b6\DailyChallenge.ni.dll
2015-08-04 12:22 - 2015-08-04 12:22 - 00014848 _____ () C:\Users\Nadine\AppData\Local\Packages\microsoft.microsoftminesweeper_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\FlaggedEngineModel\84a24883b026242eded89a1769c01f86\FlaggedEngineModel.ni.dll
2015-08-04 12:22 - 2015-08-04 12:22 - 00011776 _____ () C:\Users\Nadine\AppData\Local\Packages\microsoft.microsoftminesweeper_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\UncoverEngineModel\f8aeff5e997e586e7e2a18a14cc96270\UncoverEngineModel.ni.dll
2015-08-04 12:22 - 2015-08-04 12:22 - 00011776 _____ () C:\Users\Nadine\AppData\Local\Packages\microsoft.microsoftminesweeper_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\TapsEngine\02d7e349844941f957e54c93a581c3aa\TapsEngine.ni.dll
2015-08-04 12:22 - 2015-08-04 12:22 - 00064512 _____ () C:\Users\Nadine\AppData\Local\Packages\microsoft.microsoftminesweeper_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\TriggerBombf10768ad#\debf866b4b9be4ece15b43c32f1ef3a4\TriggerBombsEngineModel.ni.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\Nadine\OneDrive:ms-properties
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-4025079453-1308834886-2430338244-1001\...\dell.com -> dell.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4025079453-1308834886-2430338244-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Nadine\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Fotogalerie-Hintergrundbild.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run32: => "DropboxOEM"
HKU\S-1-5-21-4025079453-1308834886-2430338244-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-4025079453-1308834886-2430338244-1001\...\StartupApproved\Run: => "msnmsgr"
HKU\S-1-5-21-4025079453-1308834886-2430338244-1001\...\StartupApproved\Run: => "Skype"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{840054E6-0912-4E3F-91AA-8034467D6711}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{1599A333-F6BF-40AB-AB6F-CB004C259CB1}] => (Allow) C:\Users\Nadine\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{27FDAA42-994A-4E43-AF2D-A61AE900C53C}] => (Allow) C:\Users\Nadine\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{14812295-05C9-4361-8DEE-4FF7914205EE}C:\users\nadine\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\nadine\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{B6FDA600-7F03-447A-B80A-254EF72EC034}C:\users\nadine\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\nadine\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{E2CA518B-87DE-4D8F-BBED-A32EC4136ECB}C:\users\nadine\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\nadine\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{C1CB257A-AE0E-408A-B4EE-388C35A66300}C:\users\nadine\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\nadine\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{EE69AC68-B5EB-4960-BE01-D78C2D620D99}C:\users\nadine\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\nadine\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{7E91299F-9203-4F66-B768-783FB597CDA6}C:\users\nadine\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\nadine\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{558DEF6D-36B9-432D-80A7-393D726065D8}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{E991A7A1-E154-4547-8DA1-5594DF07282E}] => (Allow) LPort=2869
FirewallRules: [{AA0A3FA9-C221-4CF3-9BC1-96EADC4BF0F0}] => (Allow) LPort=1900
FirewallRules: [{CA925826-9920-4AEE-A656-63B3FE48DF68}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{A450DDB3-595F-41E8-80EC-9CEE80304249}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{923BC236-3878-483B-96D0-CEAE2692027C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{0FF1051E-BBE9-4D53-A5E2-49E1E4E5FA77}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{3F82409A-063F-4D47-AFDB-EF39C3310820}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{2AB7230E-1F66-464F-9307-2B0102DB02C7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{D22F8E1F-4A9A-411D-8AE5-8FA3125AE25F}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{8348EA6E-D458-45E3-90DF-CC1B086DD3A8}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{A6DB29FD-81FE-4190-A0E7-68CB210BF4FF}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{33F2F880-A290-40D3-A677-F2113FDD11F1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/08/2015 10:09:25 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Solitaire.exe, Version 1.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1e58
Startzeit: 01d0ea0da00b804b
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.6.1502.901_x86__8wekyb3d8bbwe\Solitaire.exe
Berichts-ID: e76feb04-5600-11e5-830d-9cad97ddf440
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftSolitaireCollection_2.6.1502.901_x86__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (09/08/2015 10:09:19 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: NAD-PC)
Description: Die App „Microsoft.MicrosoftSolitaireCollection_2.6.1502.901_x86__8wekyb3d8bbwe+App“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.
Error: (09/08/2015 10:08:50 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Solitaire.exe, Version 1.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1a18
Startzeit: 01d0ea0d86a96652
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.6.1502.901_x86__8wekyb3d8bbwe\Solitaire.exe
Berichts-ID: ce3ba5cc-5600-11e5-830d-9cad97ddf440
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftSolitaireCollection_2.6.1502.901_x86__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (09/08/2015 10:08:36 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: NAD-PC)
Description: Die App „Microsoft.MicrosoftSolitaireCollection_2.6.1502.901_x86__8wekyb3d8bbwe+App“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.
Error: (09/08/2015 08:13:50 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
Error: (09/08/2015 06:21:27 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (09/08/2015 02:07:11 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: teGlooT.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.Management.ManagementException
Stapel:
bei System.Management.ManagementException.ThrowWithExtendedInfo(System.Management.ManagementStatus)
bei System.Management.SinkForEventQuery.Cancel()
bei System.Management.ManagementEventWatcher.Stop()
bei System.Management.ManagementEventWatcher.Finalize()
Error: (09/07/2015 11:00:24 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Minesweeper.exe, Version 1.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 10c8
Startzeit: 01d0e94b8b16ec22
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\Microsoft.MicrosoftMinesweeper_2.4.1408.2503_x86__8wekyb3d8bbwe\Minesweeper.exe
Berichts-ID: db216420-553e-11e5-830c-9cad97ddf440
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftMinesweeper_2.4.1408.2503_x86__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (09/07/2015 11:00:13 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: NAD-PC)
Description: Die App „Microsoft.MicrosoftMinesweeper_2.4.1408.2503_x86__8wekyb3d8bbwe+App“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.
Error: (09/07/2015 08:48:22 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20911 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1860
Startzeit: 01d0e937b571cc18
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe
Berichts-ID: 63175827-552c-11e5-830c-9cad97ddf440
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Systemfehler:
=============
Error: (09/08/2015 08:18:30 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80240020 fehlgeschlagen: Upgrade auf Windows 10 Home
Error: (09/08/2015 02:07:38 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst mfemms erreicht.
Error: (09/08/2015 02:07:30 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet:
%%1062
Error: (09/08/2015 12:39:59 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {211EBA3A-EA5A-496B-A021-5C6BEB365E4C}
Error: (09/08/2015 12:39:15 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {211EBA3A-EA5A-496B-A021-5C6BEB365E4C}
Error: (09/07/2015 12:20:52 PM) (Source: DCOM) (EventID: 10010) (User: NAD-PC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (09/07/2015 12:20:52 PM) (Source: DCOM) (EventID: 10010) (User: NAD-PC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (09/07/2015 08:49:39 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80240020 fehlgeschlagen: Upgrade auf Windows 10 Home
Error: (09/06/2015 10:49:38 PM) (Source: DCOM) (EventID: 10010) (User: NAD-PC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (09/06/2015 10:49:38 PM) (Source: DCOM) (EventID: 10010) (User: NAD-PC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Microsoft Office:
=========================
Error: (09/08/2015 10:09:25 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Solitaire.exe1.0.0.01e5801d0ea0da00b804b4294967295C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.6.1502.901_x86__8wekyb3d8bbwe\Solitaire.exee76feb04-5600-11e5-830d-9cad97ddf440Microsoft.MicrosoftSolitaireCollection_2.6.1502.901_x86__8wekyb3d8bbweApp
Error: (09/08/2015 10:09:19 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: NAD-PC)
Description: Microsoft.MicrosoftSolitaireCollection_2.6.1502.901_x86__8wekyb3d8bbwe+App
Error: (09/08/2015 10:08:50 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Solitaire.exe1.0.0.01a1801d0ea0d86a966524294967295C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.6.1502.901_x86__8wekyb3d8bbwe\Solitaire.exece3ba5cc-5600-11e5-830d-9cad97ddf440Microsoft.MicrosoftSolitaireCollection_2.6.1502.901_x86__8wekyb3d8bbweApp
Error: (09/08/2015 10:08:36 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: NAD-PC)
Description: Microsoft.MicrosoftSolitaireCollection_2.6.1502.901_x86__8wekyb3d8bbwe+App
Error: (09/08/2015 08:13:50 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
Error: (09/08/2015 06:21:27 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (09/08/2015 02:07:11 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: teGlooT.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.Management.ManagementException
Stapel:
bei System.Management.ManagementException.ThrowWithExtendedInfo(System.Management.ManagementStatus)
bei System.Management.SinkForEventQuery.Cancel()
bei System.Management.ManagementEventWatcher.Stop()
bei System.Management.ManagementEventWatcher.Finalize()
Error: (09/07/2015 11:00:24 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Minesweeper.exe1.0.0.010c801d0e94b8b16ec224294967295C:\Program Files\WindowsApps\Microsoft.MicrosoftMinesweeper_2.4.1408.2503_x86__8wekyb3d8bbwe\Minesweeper.exedb216420-553e-11e5-830c-9cad97ddf440Microsoft.MicrosoftMinesweeper_2.4.1408.2503_x86__8wekyb3d8bbweApp
Error: (09/07/2015 11:00:13 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: NAD-PC)
Description: Microsoft.MicrosoftMinesweeper_2.4.1408.2503_x86__8wekyb3d8bbwe+App
Error: (09/07/2015 08:48:22 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20911186001d0e937b571cc184294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe63175827-552c-11e5-830c-9cad97ddf440microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
CodeIntegrity:
===================================
Date: 2014-11-11 07:24:43.573
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i3-4010U CPU @ 1.70GHz
Prozentuale Nutzung des RAM: 72%
Installierter physikalischer RAM: 4020.27 MB
Verfügbarer physikalischer RAM: 1089.77 MB
Summe virtueller Speicher: 6068.27 MB
Verfügbarer virtueller Speicher: 2320.56 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:456.93 GB) (Free:212.7 GB) NTFS
Drive d: (ESP) (Fixed) (Total:0.48 GB) (Free:0.43 GB) FAT32
Drive g: () (Removable) (Total:14.91 GB) (Free:14.7 GB) FAT32
Drive x: (WINRETOOLS) (Fixed) (Total:0.73 GB) (Free:0.31 GB) NTFS
Drive y: (PBR Image) (Fixed) (Total:7.45 GB) (Free:0.73 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 2AFA6C3B)
Partition: GPT.
========================================================
Disk: 1 (Size: 14.9 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
