| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Laptop mit Windows 10 hängtWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
30.11.2015, 20:52
| #1 |
 |  Laptop mit Windows 10 hängt Hallo zusammen, mein Acer Laptop mit 64 bit Betriebssystem hat Windows 10 Home drauf und läuft mit Panda Free Anti Virus. Beim Versuch mein neues Tablet zu rooten habe ich mir leider wohl eine ganze Menge Mist auf den Rechner gezogen: Jetzt läuft er recht langsam, die Maus läuft manchmal wie in Zeitlupe und auch Chrome ist recht lahm. Habe schonmal MBAM und FRST laufen lassen. Viel anzufangen weiß ich mit den Logfiles allerdings nicht. Deswegen schonmal danke vorab an denjenigen, der sich meinem Problem annimmt! Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 30.11.2015 Suchlaufzeit: 20:09 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2015.11.30.04 Rootkit-Datenbank: v2015.11.26.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: Sebastian Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 377074 Abgelaufene Zeit: 34 Min., 5 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Warnen PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 1 PUP.Optional.WinYahoo, C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\c0ri7imr.default-1445468894904\extensions\jid1-G80Ec8LLEbK5fQ@jetpack.xpi, , [d953434109822610e30a00b0f40f7f81], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:30-11-2015
durchgeführt von Sebastian (Administrator) auf CHEMICALWORLD (30-11-2015 20:28:14)
Gestartet von C:\Users\Sebastian\Downloads
Geladene Profile: Sebastian & (Verfügbare Profile: Sebastian)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe
() C:\Flashtool\FlashTool64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1120.13270.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Yahoo Inc.) C:\Program Files (x86)\Yahoo!\yset\{821D7D0C-7B9E-914C-9BAD-BE2CAD7C255F}\YSearchSetTool.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\nacl64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1511.24020.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557984 2014-08-27] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3935912 2015-07-29] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [40184 2015-02-27] (Panda Security, S.L.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKU\S-1-5-21-1137542381-2127988082-735095979-1001\...\Run: [WinPatrol] => C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe [429120 2014-01-24] (BillP Studios)
HKU\S-1-5-21-1137542381-2127988082-735095979-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22568216 2015-10-12] (Google)
HKU\S-1-5-21-1137542381-2127988082-735095979-1001\...\Run: [Google Update] => C:\Users\Sebastian\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-04] (Google Inc.)
HKU\S-1-5-21-1137542381-2127988082-735095979-1001\...\Run: [GoogleChromeAutoLaunch_678E52C622D3FEC81C940F43ECEEEB26] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848 2015-11-07] (Google Inc.)
HKU\S-1-5-21-1137542381-2127988082-735095979-1001\...\RunOnce: [Uninstall C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-1137542381-2127988082-735095979-1001\...\RunOnce: [Uninstall C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
HKU\S-1-5-21-1137542381-2127988082-735095979-1001\...\RunOnce: [Uninstall C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"
HKU\S-1-5-21-1137542381-2127988082-735095979-1001\...\RunOnce: [Uninstall C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [WinPatrol] => C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe [429120 2014-01-24] (BillP Studios)
HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22568216 2015-10-12] (Google)
HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Google Update] => C:\Users\Sebastian\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-04] (Google Inc.)
HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleChromeAutoLaunch_678E52C622D3FEC81C940F43ECEEEB26] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848 2015-11-07] (Google Inc.)
HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"
HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-10-12] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-10-12] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-10-12] (Google)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Sebastian\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Sebastian\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Sebastian\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sebastian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sebastian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sebastian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sebastian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Sebastian\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Sebastian\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Sebastian\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
Startup: C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2015-08-17]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{1724859f-46f9-4f12-a3e2-cf0bb1297a22}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKU\S-1-5-21-1137542381-2127988082-735095979-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.skygo.sky.de/sport/live-planer/alle/liveplanner/sportsection/123.html
HKU\S-1-5-21-1137542381-2127988082-735095979-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.skygo.sky.de/sport/live-planer/alle/liveplanner/sportsection/123.html
HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1137542381-2127988082-735095979-1001 -> DefaultScope {A63E47FD-E6C3-49DE-BFAB-C9F5B99EFED5} URL =
SearchScopes: HKU\S-1-5-21-1137542381-2127988082-735095979-1001 -> {A63E47FD-E6C3-49DE-BFAB-C9F5B99EFED5} URL =
SearchScopes: HKU\S-1-5-21-1137542381-2127988082-735095979-1001 -> {B06F9FF8-F6EF-42B8-B6CC-85BB1240B0B1} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {A63E47FD-E6C3-49DE-BFAB-C9F5B99EFED5} URL =
SearchScopes: HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {A63E47FD-E6C3-49DE-BFAB-C9F5B99EFED5} URL =
SearchScopes: HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {B06F9FF8-F6EF-42B8-B6CC-85BB1240B0B1} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll [2013-02-28] (Qualcomm Atheros Commnucations)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-29] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-29] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\c0ri7imr.default-1445468894904
FF Homepage: hxxps://de.yahoo.com/?type=orcl_hpset
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-02-18] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-02-18] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-29] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1137542381-2127988082-735095979-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1137542381-2127988082-735095979-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Sebastian\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1137542381-2127988082-735095979-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Sebastian\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1137542381-2127988082-735095979-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2014-07-10] (Sony Network Entertainment International LLC)
FF Plugin HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=3 -> C:\Users\Sebastian\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=9 -> C:\Users\Sebastian\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2014-07-10] (Sony Network Entertainment International LLC)
FF SearchPlugin: C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\c0ri7imr.default-1445468894904\searchplugins\yahoo-ysp.xml [2015-11-29]
FF Extension: New Tab by Yahoo - C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\c0ri7imr.default-1445468894904\Extensions\jid1-G80Ec8LLEbK5fQ@jetpack.xpi [2015-10-08] [ist nicht signiert]
Chrome:
=======
CHR Profile: C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (Google Cast) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-11-21]
CHR Extension: (Adblock Plus) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-11-25]
CHR Extension: (Cloud Internet Explorer by IE-On-Chrome) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\enbepfpjlejecgbmaijolhgjmpkiimcd [2015-11-10]
CHR Extension: (Google Play Musik) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2015-11-19]
CHR Extension: (Google Docs Offline) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-19]
CHR Extension: (Google Wallet) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Profile: C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Store) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-07]
CHR Extension: (Google Drive) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-07]
CHR Extension: (YouTube) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-07]
CHR Extension: (Google-Suche) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-07]
CHR Extension: (Google Wallet) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-07]
CHR Extension: (Google Mail) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-07]
CHR HKU\S-1-5-21-1137542381-2127988082-735095979-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Sebastian\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-09-25]
CHR HKU\S-1-5-21-1137542381-2127988082-735095979-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Sebastian\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-09-25]
CHR HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeActiveFileMonitor13.0; C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe [231120 2014-08-31] (Adobe Systems Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2797312 2013-12-06] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [660040 2013-01-18] (Acer Incorporated)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-12] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2013-02-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2013-02-18] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-04-26] (Acer Incorporate)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142584 2015-02-27] (Panda Security, S.L.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [66808 2014-10-09] (Panda Security, S.L.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-02-27] (Panda Security, S.L.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [237736 2015-07-29] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
S3 ggsomc; C:\Windows\System32\drivers\ggsomc.sys [30424 2014-09-15] (Sony Mobile Communications)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-11-30] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [93968 2015-02-09] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [202000 2015-02-09] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [110864 2015-02-09] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [116496 2015-02-09] (Panda Security, S.L.)
S1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [49936 2014-12-31] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [99600 2015-02-09] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [69904 2015-02-09] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [124176 2015-02-09] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [299792 2015-02-09] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [166160 2015-02-09] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [113424 2015-02-09] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [257296 2015-02-09] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [106256 2015-02-09] (Panda Security, S.L.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [163088 2015-02-25] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121616 2015-02-25] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [197392 2015-02-25] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [124176 2015-02-25] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [133904 2015-02-25] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107792 2015-02-25] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [61712 2015-01-29] (Panda Security, S.L.)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation)
S3 QRDCIO; C:\Windows\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2015-07-29] (Synaptics Incorporated)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.) [Datei ist nicht signiert]
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-30 20:28 - 2015-11-30 20:30 - 00033081 _____ C:\Users\Sebastian\Downloads\FRST.txt
2015-11-30 20:28 - 2015-11-30 20:28 - 00000000 ____D C:\FRST
2015-11-30 20:14 - 2015-11-30 20:24 - 02350080 _____ (Farbar) C:\Users\Sebastian\Downloads\FRST64.exe
2015-11-30 20:08 - 2015-11-30 20:09 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-11-30 20:08 - 2015-11-30 20:08 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-11-30 20:08 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-11-30 20:08 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-11-30 20:07 - 2015-11-30 20:08 - 00001175 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-11-30 20:07 - 2015-11-30 20:08 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2015-11-30 20:07 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-11-30 19:53 - 2015-11-30 19:53 - 00016148 _____ C:\WINDOWS\system32\CHEMICALWORLD_Sebastian_HistoryPrediction.bin
2015-11-29 14:54 - 2015-11-29 14:54 - 00000000 ____D C:\Users\Sebastian\AppData\Local\YSearchUtil
2015-11-29 14:54 - 2015-11-29 14:54 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2015-11-29 14:15 - 2015-11-29 14:15 - 02880770 _____ C:\Users\Sebastian\Downloads\EasyRootTool v12.4 (1).zip
2015-11-29 14:06 - 2015-11-29 14:06 - 00000000 ___HD C:\OneDriveTemp
2015-11-29 13:18 - 2015-11-29 13:19 - 1107094019 _____ C:\Users\Sebastian\Downloads\SGP521_17.1.A.2.69_1281-5556.ftf
2015-11-25 22:41 - 2015-11-25 22:41 - 15106048 _____ C:\Users\Sebastian\Downloads\Z2Tab_DooMLoRD_AdvStkKernel_LTE-v03_17.1.1.A.0.402.img
2015-11-25 22:28 - 2015-11-25 22:28 - 14783449 _____ C:\Users\Sebastian\Downloads\z2_tab_files (1).zip
2015-11-25 21:15 - 2015-11-25 21:09 - 19128121 _____ C:\Users\Sebastian\Desktop\SGP521_23.4.A.1.232_XZDRKernel2.8.21-RELEASE.flashable.zip
2015-11-25 21:08 - 2015-11-25 21:09 - 19128121 _____ C:\Users\Sebastian\Downloads\SGP521_23.4.A.1.232_XZDRKernel2.8.21-RELEASE.flashable.zip
2015-11-25 21:07 - 2015-11-25 21:41 - 1555099209 _____ C:\Users\Sebastian\Downloads\SGP521_23.4.A.1.232_RedOracle - Central Europe 3 1282-0228.ftf
2015-11-25 20:46 - 2015-11-25 20:46 - 04015219 _____ C:\Users\Sebastian\Downloads\BETA-SuperSU-v2.52.zip
2015-11-25 20:38 - 2015-11-25 20:38 - 18964480 _____ C:\Users\Sebastian\Downloads\boot.img
2015-11-22 01:35 - 2015-11-19 15:22 - 00008402 _____ C:\Users\Sebastian\Desktop\install.sh
2015-11-22 01:35 - 2015-11-19 15:22 - 00008178 _____ C:\Users\Sebastian\Desktop\install.bat
2015-11-22 01:35 - 2015-11-19 15:22 - 00000757 _____ C:\Users\Sebastian\Desktop\READ_ME_FIRST.txt
2015-11-22 01:35 - 2015-11-19 15:22 - 00000310 _____ C:\Users\Sebastian\Desktop\backupstockbinaries.sh
2015-11-22 01:35 - 2015-11-19 15:22 - 00000000 ____D C:\Users\Sebastian\Desktop\tmp
2015-11-22 01:35 - 2015-11-19 15:22 - 00000000 ____D C:\Users\Sebastian\Desktop\system
2015-11-21 23:26 - 2014-06-03 12:50 - 00012639 _____ C:\Users\Sebastian\Desktop\sa0111adb86.cat
2015-11-21 23:26 - 2014-06-03 12:50 - 00012495 _____ C:\Users\Sebastian\Desktop\sa0111adba64.cat
2015-11-21 23:26 - 2014-06-02 10:50 - 00009995 _____ C:\Users\Sebastian\Desktop\sarndis86.cat
2015-11-21 23:25 - 2015-11-21 23:26 - 04837226 _____ C:\Users\Sebastian\Downloads\Xperia_Z2_Tablet_driver_R2.zip
2015-11-21 23:01 - 2015-11-23 20:19 - 00000000 ____D C:\Flashtool
2015-11-21 22:38 - 2015-11-29 14:21 - 00000000 ____D C:\Users\Sebastian\.flashTool
2015-11-21 21:38 - 2015-11-21 22:29 - 138459335 _____ (Androxyde) C:\Users\Sebastian\Downloads\flashtool-0.9.19.8-windows.exe
2015-11-21 15:30 - 2015-11-21 15:33 - 1596969401 _____ C:\Users\Sebastian\Downloads\SGP521_23.4.A.1.200_R3C_Germany Generic_1282-2019.ftf
2015-11-21 14:44 - 2015-11-21 14:46 - 1602563441 _____ C:\Users\Sebastian\Downloads\SGP521_23.4.A.1.232_Customized_DE.ftf
2015-11-21 14:27 - 2015-11-21 14:28 - 09989712 _____ (MEGA Limited) C:\Users\Sebastian\Downloads\MEGAsyncSetup (1).exe
2015-11-20 23:15 - 2015-11-20 23:15 - 00000000 ____D C:\Users\Sebastian\.swt
2015-11-20 17:06 - 2015-11-20 17:08 - 118773384 _____ (Androxyde) C:\Users\Sebastian\Downloads\flashtool-0.9.14.0-windows.exe
2015-11-20 16:04 - 2010-12-19 14:52 - 00000000 ____D C:\adb-tools
2015-11-20 16:02 - 2015-11-20 16:03 - 35844368 _____ C:\Users\Sebastian\Downloads\adb-tools.zip
2015-11-20 14:49 - 2015-11-20 14:49 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2015-11-20 14:18 - 2015-11-20 14:18 - 00001296 _____ C:\Users\Sebastian\Downloads\downloadinf_v1.01 (5).zip
2015-11-20 14:16 - 2015-11-20 14:16 - 00001296 _____ C:\Users\Sebastian\Downloads\downloadinf_v1.01 (4).zip
2015-11-20 14:07 - 2015-11-25 21:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android SDK Tools
2015-11-20 14:07 - 2015-11-20 14:07 - 00001296 _____ C:\Users\Sebastian\Downloads\downloadinf_v1.01 (3).zip
2015-11-20 14:06 - 2015-11-20 16:08 - 00000000 ____D C:\Program Files (x86)\Android
2015-11-20 14:01 - 2015-11-20 14:01 - 00001296 _____ C:\Users\Sebastian\Downloads\downloadinf_v1.01 (2).zip
2015-11-20 13:58 - 2014-09-17 12:48 - 00000000 ____D C:\Users\Sebastian\Desktop\usb_driver
2015-11-20 13:57 - 2015-11-20 13:57 - 08682859 _____ C:\Users\Sebastian\Downloads\latest_usb_driver_windows.zip
2015-11-20 13:44 - 2015-11-20 13:46 - 199569958 _____ C:\Users\Sebastian\Downloads\__rzi_0.278
2015-11-20 13:08 - 2015-11-20 13:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minimal ADB and Fastboot
2015-11-20 13:08 - 2015-11-20 13:22 - 00000000 ____D C:\Program Files (x86)\Minimal ADB and Fastboot
2015-11-20 13:07 - 2015-11-20 13:07 - 00767523 _____ (Sam Rodberg ) C:\Users\Sebastian\Downloads\minimal_adb_fastboot_v1.3.1_setup.exe
2015-11-20 12:47 - 2015-11-20 12:47 - 00001296 _____ C:\Users\Sebastian\Downloads\downloadinf_v1.01 (1).zip
2015-11-20 05:29 - 2015-11-20 05:29 - 00728857 _____ C:\Users\Sebastian\Downloads\de.robv.android.xposed.installer_v32_de4f0d.apk
2015-11-20 05:13 - 2015-11-20 05:13 - 00000000 ____D C:\Users\Sebastian\AppData\Local\Android
2015-11-20 05:06 - 2015-11-20 05:11 - 151659917 _____ (Google Inc.) C:\Users\Sebastian\Downloads\installer_r24.4.1-windows.exe
2015-11-20 04:54 - 2015-11-20 04:56 - 199569958 _____ C:\Users\Sebastian\Downloads\__rzi_0.808
2015-11-20 04:18 - 2015-11-20 04:20 - 199569958 _____ C:\Users\Sebastian\Downloads\__rzi_0.326
2015-11-20 04:10 - 2015-11-20 04:10 - 00001296 _____ C:\Users\Sebastian\Downloads\downloadinf_v1.01.zip
2015-11-20 03:14 - 2014-04-14 21:07 - 00000000 ____D C:\Users\Sebastian\Desktop\z2_tab_files
2015-11-20 03:13 - 2015-11-20 03:14 - 14783449 _____ C:\Users\Sebastian\Downloads\z2_tab_files.zip
2015-11-20 02:31 - 2015-11-20 02:18 - 1371483204 _____ C:\Users\Sebastian\Desktop\flashable-prerooted-signed.zip
2015-11-20 02:21 - 2015-11-20 02:21 - 00000000 ____D C:\Users\Sebastian\Desktop\utils
2015-11-20 02:21 - 2008-02-29 03:33 - 03499155 _____ C:\Users\Sebastian\Desktop\xposed-v73-sdk22-arm.zip
2015-11-20 02:20 - 2015-11-19 15:22 - 00000000 ____D C:\Users\Sebastian\Desktop\META-INF
2015-11-20 02:20 - 2008-02-29 03:33 - 2671771648 _____ C:\Users\Sebastian\Desktop\system.ext4
2015-11-20 02:20 - 2008-02-29 03:33 - 09215260 _____ C:\Users\Sebastian\Desktop\dualrecovery.zip
2015-11-20 02:20 - 2008-02-29 03:33 - 04019040 _____ C:\Users\Sebastian\Desktop\SuperSU.zip
2015-11-20 02:06 - 2015-11-20 02:18 - 1371483204 _____ C:\Users\Sebastian\Downloads\flashable-prerooted-signed.zip
2015-11-20 00:11 - 2015-11-29 15:17 - 00002103 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2015-11-20 00:09 - 2015-11-20 00:09 - 02880770 _____ C:\Users\Sebastian\Downloads\EasyRootTool v12.4.zip
2015-11-19 23:53 - 2015-11-19 23:36 - 24006878 ____N C:\Users\Sebastian\Desktop\TabZ2-lockeddualrecovery2.8.23-RELEASE.combined.zip
2015-11-19 23:52 - 2015-11-19 23:48 - 01260473 ____N C:\Users\Sebastian\Desktop\UPDATE-SuperSU-v2.02.zip
2015-11-19 23:41 - 2015-11-20 13:03 - 00000000 ____D C:\Users\Sebastian\.android
2015-11-19 22:32 - 2015-11-19 22:32 - 00001184 _____ C:\Users\Sebastian\Desktop\MEGAsync.lnk
2015-11-19 22:32 - 2015-11-19 22:32 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
2015-11-19 22:32 - 2015-11-19 22:32 - 00000000 ____D C:\Users\Sebastian\AppData\Local\MEGAsync
2015-11-19 22:32 - 2015-11-19 22:32 - 00000000 ____D C:\Users\Sebastian\AppData\Local\Mega Limited
2015-11-19 22:31 - 2015-11-19 22:31 - 09989712 _____ (MEGA Limited) C:\Users\Sebastian\Desktop\MEGAsyncSetup.exe
2015-11-19 22:30 - 2015-11-19 22:31 - 09989712 _____ (MEGA Limited) C:\Users\Sebastian\Downloads\MEGAsyncSetup.exe
2015-11-19 22:15 - 2015-11-19 22:16 - 00000000 ____D C:\Users\Sebastian\Desktop\root
2015-11-19 22:13 - 2015-11-19 22:14 - 00113099 _____ C:\Users\Sebastian\Downloads\tr.apk
2015-11-19 12:10 - 2015-11-19 12:13 - 00000000 ____D C:\WINDOWS\Panther
2015-11-19 12:10 - 2015-11-19 12:10 - 00000000 ___HD C:\$WINDOWS.~BT
2015-11-16 12:04 - 2015-11-16 12:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-11-16 12:04 - 2015-11-16 12:04 - 00000000 ____D C:\Program Files\iTunes
2015-11-16 12:04 - 2015-11-16 12:04 - 00000000 ____D C:\Program Files\iPod
2015-11-16 12:04 - 2015-11-16 12:04 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-11-13 15:16 - 2015-11-13 15:16 - 00561697 _____ C:\Users\Sebastian\Downloads\Mitgliedsantrag interaktiv.pdf
2015-11-13 15:16 - 2015-11-13 15:16 - 00037488 _____ C:\Users\Sebastian\Downloads\Mitgliedsantrag_Merkblatt_11-2014.pdf
2015-11-13 15:16 - 2015-11-13 15:16 - 00032378 _____ C:\Users\Sebastian\Downloads\Beitragseinzugsermächtigung.pdf
2015-11-11 11:19 - 2015-11-05 06:15 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-11-11 11:19 - 2015-11-05 06:15 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-11-11 11:19 - 2015-11-05 06:14 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-11-11 11:19 - 2015-11-05 06:13 - 00577888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-11-11 11:19 - 2015-11-05 06:11 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-11-11 11:19 - 2015-11-05 06:06 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-11-11 11:19 - 2015-11-05 06:06 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-11-11 11:19 - 2015-11-05 06:01 - 00607408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-11-11 11:19 - 2015-11-05 05:56 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-11-11 11:19 - 2015-11-05 05:56 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-11-11 11:19 - 2015-11-05 05:56 - 00025280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-11-11 11:19 - 2015-11-05 05:30 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-11-11 11:19 - 2015-11-05 05:24 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-11-11 11:19 - 2015-11-05 05:23 - 00762888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-11-11 11:19 - 2015-11-05 05:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-11-11 11:19 - 2015-11-05 05:20 - 21873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-11-11 11:19 - 2015-11-05 05:18 - 24597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-11-11 11:19 - 2015-11-05 05:18 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-11-11 11:19 - 2015-11-05 05:17 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-11-11 11:19 - 2015-11-05 05:12 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2015-11-11 11:19 - 2015-11-05 05:11 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-11-11 11:19 - 2015-11-05 05:10 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-11-11 11:19 - 2015-11-05 05:10 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-11-11 11:19 - 2015-11-05 05:07 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-11-11 11:19 - 2015-11-05 05:06 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-11-11 11:19 - 2015-11-05 05:05 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-11-11 11:19 - 2015-11-05 05:05 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-11-11 11:19 - 2015-11-05 05:03 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-11-11 11:19 - 2015-11-05 05:03 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-11-11 11:19 - 2015-11-05 05:01 - 00949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-11-11 11:19 - 2015-11-05 05:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-11-11 11:19 - 2015-11-05 05:01 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-11-11 11:19 - 2015-11-05 04:59 - 03587072 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-11-11 11:19 - 2015-11-05 04:59 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-11-11 11:19 - 2015-11-05 04:58 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-11-11 11:19 - 2015-11-05 04:58 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-11-11 11:19 - 2015-11-05 04:56 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-11-11 11:19 - 2015-11-05 04:55 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-11-11 11:19 - 2015-11-05 04:54 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-11-11 11:19 - 2015-11-05 04:47 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-11-11 11:19 - 2015-11-05 04:42 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-11-11 11:19 - 2015-11-05 04:40 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-11-11 11:19 - 2015-11-05 04:35 - 18803712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-11-11 11:19 - 2015-11-05 04:35 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-11-11 11:19 - 2015-11-05 04:34 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-11-11 11:19 - 2015-11-05 04:33 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-11-11 11:19 - 2015-11-05 04:33 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-11-11 11:19 - 2015-11-05 04:30 - 00767488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-11-11 11:19 - 2015-11-05 04:28 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-11-11 11:19 - 2015-11-05 04:27 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-11-11 11:19 - 2015-11-05 04:27 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-11-11 11:19 - 2015-11-05 04:23 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-11-11 11:18 - 2015-11-05 05:18 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-11-10 14:41 - 2015-11-10 14:41 - 00005378 _____ C:\Users\Sebastian\Downloads\Antrag-Presseausweis-15.1048204.pdf
2015-11-10 14:33 - 2015-11-10 14:33 - 00035840 _____ C:\Users\Sebastian\Downloads\Formular Passierscheinausgabe 2016 (2).xls
2015-11-10 14:31 - 2015-11-10 14:31 - 00035840 _____ C:\Users\Sebastian\Downloads\Formular Passierscheinausgabe 2016.xls
2015-11-10 14:31 - 2015-11-10 14:31 - 00035840 _____ C:\Users\Sebastian\Downloads\Formular Passierscheinausgabe 2016 (1).xls
2015-11-09 19:26 - 2015-11-09 19:26 - 10096216 _____ (Google Inc.) C:\Users\Sebastian\Downloads\WidevineMediaOptimizerChrome (1).exe
2015-11-09 18:48 - 2015-11-09 18:48 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\IDM
2015-11-09 18:48 - 2015-11-09 18:48 - 00000000 ____D C:\ProgramData\IDM
2015-11-09 18:47 - 2015-11-09 18:47 - 10096216 _____ (Google Inc.) C:\Users\Sebastian\Downloads\WidevineMediaOptimizerChrome.exe
2015-11-03 21:29 - 2015-11-03 21:29 - 00000000 ___DL C:\Users\Sebastian\AppData\LocalLow\PlayReady
2015-11-03 20:36 - 2015-11-03 20:36 - 00000000 ____D C:\Users\Sebastian\AppData\Local\CEF
2015-11-03 19:40 - 2015-11-27 19:55 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-10-31 15:03 - 2015-10-31 15:03 - 00000000 ____D C:\Users\Sebastian\AppData\Local\Macromedia
2015-10-31 14:59 - 2015-11-30 20:22 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-10-31 14:59 - 2015-11-11 11:22 - 00003870 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-10-31 14:53 - 2015-10-31 14:53 - 00098719 _____ C:\Users\Sebastian\Downloads\silverlight (1).diagcab
2015-10-31 14:36 - 2015-10-31 14:36 - 13155552 _____ (Microsoft Corporation) C:\Users\Sebastian\Downloads\Silverlight_x64 (1).exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-30 20:28 - 2015-07-10 10:05 - 00000000 ____D C:\Windows
2015-11-30 20:08 - 2014-01-22 20:54 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\Malwarebytes
2015-11-30 20:01 - 2015-07-31 00:24 - 00000000 ____D C:\Users\Sebastian\AppData\Local\Deployment
2015-11-30 19:59 - 2015-07-10 12:04 - 00000000 ___HD C:\Program Files\WindowsApps
2015-11-30 19:59 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-30 19:56 - 2013-11-23 18:36 - 00004156 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{52BAE3CE-E0CD-4712-AE6A-27340BC859C5}
2015-11-30 01:41 - 2015-08-04 20:27 - 00001164 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1137542381-2127988082-735095979-1001UA.job
2015-11-30 01:39 - 2013-11-19 11:23 - 00001146 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-29 23:39 - 2013-11-19 11:23 - 00001142 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-29 15:40 - 2014-09-15 13:15 - 00000000 ____D C:\Program Files (x86)\Sony Mobile
2015-11-29 15:17 - 2014-09-21 13:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-11-29 15:17 - 2013-07-03 13:17 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-11-29 14:52 - 2014-11-20 21:44 - 00000000 ____D C:\ProgramData\Oracle
2015-11-29 14:52 - 2014-11-20 21:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-29 14:52 - 2014-11-20 21:44 - 00000000 ____D C:\Program Files (x86)\Java
2015-11-29 14:51 - 2015-09-03 15:26 - 00000000 ____D C:\Users\Sebastian\.oracle_jre_usage
2015-11-29 14:51 - 2014-11-20 21:45 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-11-29 14:06 - 2014-03-28 18:04 - 00000000 __RDO C:\Users\Sebastian\SkyDrive
2015-11-29 14:05 - 2014-06-27 19:24 - 00000000 __SHD C:\Users\Sebastian\IntelGraphicsProfiles
2015-11-29 14:04 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-29 14:04 - 2015-07-10 10:05 - 01835008 ___SH C:\WINDOWS\system32\config\BBI
2015-11-23 20:23 - 2015-06-11 17:40 - 00000000 ____D C:\Users\Sebastian\Documents\Elisa
2015-11-22 13:37 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-11-21 23:33 - 2015-07-10 12:02 - 00000000 ____D C:\WINDOWS\INF
2015-11-21 22:38 - 2015-07-29 22:08 - 00000000 ____D C:\Users\Sebastian
2015-11-20 13:21 - 2015-07-29 22:34 - 01790124 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-20 13:21 - 2015-07-10 17:34 - 00772342 _____ C:\WINDOWS\system32\perfh007.dat
2015-11-20 13:21 - 2015-07-10 17:34 - 00154170 _____ C:\WINDOWS\system32\perfc007.dat
2015-11-19 22:54 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-11-19 15:22 - 2014-11-09 16:35 - 00000000 ____D C:\Users\Sebastian\Desktop\files
2015-11-16 12:04 - 2014-06-27 16:40 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-11-13 16:41 - 2013-11-25 22:03 - 00000000 ____D C:\Users\Sebastian\Documents\Job
2015-11-11 12:04 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-11 12:04 - 2013-11-19 11:25 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-03 21:27 - 2014-06-03 20:26 - 00000000 __SHD C:\Users\Sebastian\AppData\LocalLow\EmieUserList
2015-11-03 21:27 - 2014-06-03 20:26 - 00000000 __SHD C:\Users\Sebastian\AppData\LocalLow\EmieSiteList
2015-11-03 21:27 - 2014-06-03 20:26 - 00000000 __SHD C:\Users\Sebastian\AppData\Local\EmieUserList
2015-11-03 21:27 - 2014-06-03 20:26 - 00000000 __SHD C:\Users\Sebastian\AppData\Local\EmieSiteList
2015-11-03 20:35 - 2014-06-03 11:30 - 00000000 ____D C:\Users\Sebastian\AppData\Local\Adobe
2015-11-03 19:41 - 2015-07-31 00:36 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-11-03 19:40 - 2014-05-24 01:28 - 00000000 ____D C:\ProgramData\Adobe
2015-11-03 19:40 - 2014-05-24 01:27 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-11-03 19:20 - 2015-10-04 18:01 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-11-03 19:20 - 2015-10-04 18:01 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-03 11:13 - 2015-07-29 23:01 - 00002413 _____ C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-11-01 00:41 - 2014-05-24 03:06 - 00000000 ____D C:\Users\Sebastian\AppData\Local\ElevatedDiagnostics
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-02-02 23:12 - 2015-02-02 23:12 - 0448512 _____ (OldTimer Tools) C:\Program Files\TFC.exe
2015-07-25 16:45 - 2015-07-25 16:45 - 0000132 _____ () C:\Users\Sebastian\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2014-07-11 13:12 - 2014-07-11 13:12 - 0007609 _____ () C:\Users\Sebastian\AppData\Local\Resmon.ResmonCfg
2015-07-29 22:04 - 2015-07-29 22:04 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
C:\Users\Sebastian\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\Sebastian\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Sebastian\AppData\Local\Temp\proxy_vole4945012496934543345.dll
C:\Users\Sebastian\AppData\Local\Temp\ytb.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-11-28 20:57
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:30-11-2015
durchgeführt von Sebastian (2015-11-30 20:30:58)
Gestartet von C:\Users\Sebastian\Downloads
Windows 10 Home (X64) (2015-07-29 21:52:30)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1137542381-2127988082-735095979-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1137542381-2127988082-735095979-503 - Limited - Disabled)
Gast (S-1-5-21-1137542381-2127988082-735095979-501 - Limited - Disabled)
Sebastian (S-1-5-21-1137542381-2127988082-735095979-1001 - Administrator - Enabled) => C:\Users\Sebastian
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Panda Free Antivirus (Enabled - Up to date) {AAF74A68-8713-CDF1-004F-30003398BE9E}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Free Antivirus (Enabled - Up to date) {1196AB8C-A129-C27F-3AFF-0B72481FF423}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Firewall (Disabled) {92CCCB4D-CD7C-CCA9-2B10-9935CD4BF9E5}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Acer Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.03.2002 - Acer Incorporated)
Acer Docs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 2.04.2001 - Acer)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.3004 - Acer Incorporated)
Acer Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.04.2006.0 - Acer Incorporated)
Acer Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.04.2004.1 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.04.2004 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3012 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.02.2002 - Acer Incorporated)
Acer USB Charge Manager (HKLM\...\{07E867C5-0C48-40FF-A013-DDAF4565AD47}) (Version: 2.00.3004 - Acer Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Creative Suite 5 Master Collection (HKLM-x32\...\{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop Elements 13 (HKLM-x32\...\{609818B9-23EB-4196-B466-EFE05E92A32F}) (Version: 13.0 - Adobe Systems Incorporated)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 486539548.4759644.48.2147344384 - Audible, Inc.)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
calibre (HKLM-x32\...\{59E75C53-7980-45AD-ADAA-733198B4BF7F}) (Version: 2.0.0 - Kovid Goyal)
ChromecastApp (HKU\S-1-5-21-1137542381-2127988082-735095979-1001\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1693.0 - Google Inc.)
ChromecastApp (HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1693.0 - Google Inc.)
clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Flashtool (HKLM-x32\...\Flashtool) (Version: 0.9.19.8 - Androxyde)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Drive (HKLM-x32\...\{9C350701-AC04-48BA-A435-BD5E0D82897E}) (Version: 1.25.0523.2491 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
HID Monitor (HKLM-x32\...\{31923C55-8208-4D0A-8AD6-3AE099A1A741}) (Version: 1.1.5 - Acer Incorporated)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3006 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.0.1066 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3010 - Acer Incorporated)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Media Go (HKLM-x32\...\{AF06B8FA-B916-4001-AE51-6645488DEF09}) (Version: 2.8.303 - Sony)
Media Go Network Downloader (HKLM-x32\...\{5562F05F-908C-4F15-9B3C-98D5FD32DCAB}) (Version: 1.5.19.0 - Sony)
Media Go Video Playback Engine 2.12.107.06300 (HKLM-x32\...\{12CEF785-A93B-15F6-1604-79E51E920A06}) (Version: 2.12.107.06300 - Sony)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Minimal ADB and Fastboot version 1.3.1 (HKLM-x32\...\{26AC9666-A2C6-4D33-8370-A50F50F277C4}_is1) (Version: 1.3.1 - Sam Rodberg)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 41.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2 - Mozilla)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.51r2 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.14 - Symantec Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.04 - Panda Security)
Panda Devices Agent (x32 Version: 1.05.00 - Panda Security) Hidden
Panda Free Antivirus (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 15.1.0 - Panda Security)
Panda Free Antivirus (Version: 7.82.00.0000 - Panda Security) Hidden
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.313.1 - Tracker Software Products Ltd)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.222 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.43 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.14.327.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C9661090-C134-46E8-90B2-76D72355C2A6}) (Version: 6.2.9200.21222 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.15.16.201511171525 - Sony Mobile Communications Inc.)
Sony PC Companion 2.10.297 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.297 - Sony)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.13.0 - Synaptics Incorporated)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Ultimate EPubsoft DRM Removal 8.5.5 (HKLM-x32\...\{49617AB8-5A31-44A7-95A6-BE6CE251A6F1}) (Version: 8.5.5 - EPUBSOFT)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
VirtualDJ 8 (HKLM-x32\...\{9ADBBA93-4625-4898-BB0D-BCE7EA9F8B4A}) (Version: 8.0.0 - Atomix Productions)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Widevine Media Optimizer Chrome 6.0.0 (HKLM-x32\...\optimizer_chrome) (Version: 6.0.0.12442 - Widevine Technologies)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPatrol (HKLM\...\{84481A87-2316-4923-8FAB-3BA8CA29323D}) (Version: 30.0.2014.0 - BillP Studios)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version: - Yahoo Inc.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Sebastian\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei
CustomCLSID: HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Sebastian\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Sebastian\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Sebastian\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Sebastian\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sebastian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sebastian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sebastian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sebastian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1137542381-2127988082-735095979-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Sebastian\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei
CustomCLSID: HKU\S-1-5-21-1137542381-2127988082-735095979-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Sebastian\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1137542381-2127988082-735095979-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1137542381-2127988082-735095979-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Sebastian\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1137542381-2127988082-735095979-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1137542381-2127988082-735095979-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Sebastian\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1137542381-2127988082-735095979-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Sebastian\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1137542381-2127988082-735095979-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sebastian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1137542381-2127988082-735095979-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sebastian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1137542381-2127988082-735095979-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sebastian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1137542381-2127988082-735095979-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sebastian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => Keine Datei
==================== Wiederherstellungspunkte =========================
09-11-2015 23:23:20 Geplanter Prüfpunkt
16-11-2015 13:54:40 Windows Update
19-11-2015 23:12:41 Wiederherstellungsvorgang
25-11-2015 19:55:02 Removed Microsoft Silverlight
25-11-2015 19:57:13 Removed Bonjour
28-11-2015 22:17:50 Windows Update
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2015-05-30 22:12 - 00000826 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {050239EC-8061-4E36-99DB-05AC33ED6B74} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {12961FFE-54D0-41E5-BC08-48897D3A836F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {16D1098A-A8E1-4D46-82CC-E730C469FA18} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {3CBA2C9B-C5BC-4F5B-BA98-CCA145CA91E8} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {6246029B-44B2-4BF1-9B36-9E4CC6B00739} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {6726422F-B0C6-4477-8DFF-58823636C76D} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [2013-12-06] (Acer Incorporated)
Task: {675C8EFE-4164-414E-870C-6DBA51E5045E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {6E2A6D95-6070-4912-BE17-5EF3B32D9648} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {703D4BF8-023E-405A-96EB-1C7C784E071C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {719F5CCF-26AA-458F-B5D3-2CC48E95B950} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {72D20222-5DA7-4D33-8EFE-49D9A0F07E0E} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-04-26] (Acer Incorporate)
Task: {84305704-F602-49C3-A7E2-493475BC5D1D} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [2015-08-11] (Microsoft Corporation)
Task: {88FC726F-3744-468A-8B40-BF858D4A06E9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1137542381-2127988082-735095979-1001UA => C:\Users\Sebastian\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-04] (Google Inc.)
Task: {99BA225D-5B57-4301-A543-170D52CB0F01} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {A40C7446-846C-4275-A192-8857F1D9FE32} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {B15B1300-AFC3-47FD-9C55-818E96A1D639} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11] (Adobe Systems Incorporated)
Task: {B6625876-4036-43C2-806A-00C043B3A260} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-14] (Microsoft Corporation)
Task: {B7ACEEB9-B854-4B7A-B2B2-18870C40C8D1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1137542381-2127988082-735095979-1001Core => C:\Users\Sebastian\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-04] (Google Inc.)
Task: {C02348C5-9990-45CB-B7E0-BD37582CB368} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-01-18] (Acer Incorporated)
Task: {C18259EF-56A6-4257-9A5C-4DB31FB8BDC0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {C55D4163-FC3E-4E14-9DCB-A3917A807EC3} - System32\Tasks\Dolby Selector => C:\Dolby PCEE4\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {C9A4AB39-5C6D-4F75-9380-297BF02BEA16} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {D8A6A533-E1E9-4CF4-BA49-9C93820EBF5A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {DA52E2F0-8665-452A-A9AE-B3840B11DA98} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {DBD484D3-3F4B-480F-90D9-AD4C63CF9B8C} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()
Task: {DD15A4B5-F0EB-414A-B778-BD8454D37CE1} - System32\Tasks\{30535103-F6E1-4BFD-ACE7-6E9B0CE64FB2} => pcalua.exe -a C:\Users\Sebastian\Downloads\ID_CS2_GR_NonRet.exe -d C:\Users\Sebastian\Downloads
Task: {DF47DEFA-AEDB-4AF1-A6B1-480BCCAB4938} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1137542381-2127988082-735095979-1001Core.job => C:\Users\Sebastian\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1137542381-2127988082-735095979-1001UA.job => C:\Users\Sebastian\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-07-29 22:52 - 2015-07-29 22:52 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-19 13:12 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-10-01 15:59 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 15:59 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2014-05-01 15:13 - 2014-05-01 15:13 - 00470016 _____ () C:\Users\Sebastian\AppData\Local\MEGAsync\ShellExtX64.dll
2013-09-09 13:01 - 2013-02-20 21:58 - 00111176 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2015-10-01 15:59 - 2015-09-17 06:43 - 02028544 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesService.dll
2015-10-01 15:58 - 2015-09-17 06:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-01 15:58 - 2015-09-17 06:42 - 00619008 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SignalsManager.dll
2015-10-01 15:58 - 2015-09-17 06:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 15:58 - 2015-09-17 06:43 - 00928768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesBackgroundTasks.dll
2015-10-01 15:58 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-01 15:58 - 2015-09-17 07:04 - 00642048 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2015-07-10 11:59 - 2015-07-10 11:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-10-01 15:59 - 2015-09-17 06:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-01 15:58 - 2015-09-17 06:49 - 00884736 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2015-10-01 15:59 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-29 22:52 - 2015-07-29 22:52 - 00577024 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.NodeWinrtWrap.dll
2015-07-29 22:52 - 2015-07-29 22:52 - 00181248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\nodert-buffer-utils\bin\NodeRT_Buffer_Utils.node
2015-07-29 22:52 - 2015-07-29 22:52 - 00559616 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.storage.streams\bin\NodeRT_Windows_Storage_Streams.node
2015-07-29 22:52 - 2015-07-29 22:52 - 00643072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.foundation.diagnostics\bin\NodeRT_Windows_Foundation_Diagnostics.node
2015-07-10 12:00 - 2015-07-10 17:45 - 00037888 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\winrt-projections\bin\Winrt_Projections.node
2015-07-29 22:52 - 2015-07-29 22:52 - 00796160 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http\bin\NodeRT_Windows_Web_Http.node
2015-07-29 22:52 - 2015-07-29 22:52 - 00961536 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.headers\bin\NodeRT_Windows_Web_Http_Headers.node
2015-07-29 22:52 - 2015-07-29 22:52 - 00204288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.filters\bin\NodeRT_Windows_Web_Http_Filters.node
2015-07-29 22:52 - 2015-07-29 22:52 - 00397824 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.foundation\bin\NodeRT_Windows_Foundation.node
2015-07-10 12:00 - 2015-07-10 17:45 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-07-29 22:52 - 2015-07-29 22:52 - 00074240 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.networking\bin\NodeRT_Windows_Networking.node
2015-07-29 22:52 - 2015-07-29 22:52 - 00093696 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.security.cryptography\bin\NodeRT_Windows_Security_Cryptography.node
2015-07-29 22:52 - 2015-07-29 22:52 - 00124416 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.cortana.pal\bin\NodeRT_Windows_Cortana_PAL.node
2015-09-29 17:10 - 2015-09-29 17:10 - 00314368 _____ () C:\Flashtool\FlashTool64.exe
2015-11-21 08:20 - 2015-11-21 08:20 - 00012800 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1120.13270.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2015-11-21 08:20 - 2015-11-21 08:20 - 11526656 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1120.13270.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2015-11-20 11:43 - 2015-11-20 11:43 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1120.13270.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2014-09-21 13:01 - 2015-06-10 10:13 - 00113024 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
2015-11-26 20:11 - 2015-11-26 20:11 - 03494400 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1511.24020.0_x64__8wekyb3d8bbwe\Calculator.exe
2013-04-12 18:23 - 2013-04-12 18:23 - 00612664 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
2014-02-09 21:29 - 2013-12-24 23:14 - 00642016 ____N () C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll
2013-09-09 13:01 - 2013-02-20 21:58 - 00089672 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
2014-05-01 15:15 - 2014-05-01 15:15 - 00463360 _____ () C:\Users\Sebastian\AppData\Local\MEGAsync\ShellExtX32.dll
2015-11-12 14:22 - 2015-11-07 05:36 - 01532744 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libglesv2.dll
2015-11-12 14:22 - 2015-11-07 05:36 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libegl.dll
2013-09-09 12:22 - 2013-02-18 06:38 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-09-21 13:01 - 2012-04-30 10:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
2014-09-21 13:01 - 2015-10-20 17:44 - 00242176 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
2015-09-07 16:00 - 2015-09-07 16:00 - 00093568 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CalEngine.dll
2015-09-07 16:01 - 2015-09-07 16:01 - 00056704 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PimNotes.dll
2014-09-21 13:01 - 2015-04-21 12:22 - 00053248 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll
2015-09-07 15:59 - 2015-09-07 15:59 - 00237440 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll
2015-09-07 16:00 - 2015-09-07 16:00 - 00143232 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CAgdLNotes.dll
2015-09-07 16:00 - 2015-09-07 16:00 - 00167296 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CAgdOutlook.dll
2015-09-07 16:02 - 2015-09-07 16:02 - 00212352 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VistaCalendar.dll
2014-09-21 13:01 - 2013-05-20 11:58 - 00620718 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\sqlite3.dll
2015-11-06 11:46 - 2015-11-06 11:46 - 02385280 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\libxt.dll
2013-02-18 14:45 - 2013-02-18 14:45 - 00452096 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Calendar.dll
2015-10-22 12:13 - 2015-10-22 12:13 - 00823168 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-11-18 11:17 - 2013-11-18 11:17 - 00144640 _____ () C:\Program Files (x86)\Acer\Acer Docs Office AddIn\AcerWordAddin.dll
2015-07-31 00:24 - 2015-07-31 00:24 - 00038112 _____ () C:\Users\Sebastian\AppData\Local\assembly\dl3\VV0NH808.PKO\NXB6JLDH.OQC\85e393a0\00241d04_acdfcd01\WordAddIn.DLL
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\S-1-5-21-1137542381-2127988082-735095979-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1137542381-2127988082-735095979-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1137542381-2127988082-735095979-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1137542381-2127988082-735095979-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1137542381-2127988082-735095979-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1137542381-2127988082-735095979-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1137542381-2127988082-735095979-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1137542381-2127988082-735095979-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1137542381-2127988082-735095979-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1137542381-2127988082-735095979-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1137542381-2127988082-735095979-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1137542381-2127988082-735095979-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1137542381-2127988082-735095979-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1137542381-2127988082-735095979-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1137542381-2127988082-735095979-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1137542381-2127988082-735095979-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1137542381-2127988082-735095979-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-1137542381-2127988082-735095979-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-1137542381-2127988082-735095979-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-1137542381-2127988082-735095979-1001\...\100sexlinks.com -> 100sexlinks.com
Da befinden sich 5317 mehr Seiten.
IE restricted site: HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100sexlinks.com -> 100sexlinks.com
Da befinden sich 5317 mehr Seiten.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1137542381-2127988082-735095979-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sebastian\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\caspar-david-friedrich-der-monch-am-meer-der-monch-am-meer.jpg
HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Sebastian\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\caspar-david-friedrich-der-monch-am-meer-der-monch-am-meer.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Norton Online Backup"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "AdobeCS5ServiceManager"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKU\S-1-5-21-1137542381-2127988082-735095979-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-1137542381-2127988082-735095979-1001\...\StartupApproved\StartupFolder: => "OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk"
HKU\S-1-5-21-1137542381-2127988082-735095979-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1137542381-2127988082-735095979-1001\...\StartupApproved\Run: => "AVG-Secure-Search-Update_0214c"
HKU\S-1-5-21-1137542381-2127988082-735095979-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-1137542381-2127988082-735095979-1001\...\StartupApproved\Run: => "Sony PC Companion"
HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk"
HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "AVG-Secure-Search-Update_0214c"
HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-1137542381-2127988082-735095979-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Sony PC Companion"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{08B0DADE-F5AF-4FEE-B222-9D1F9CA1674B}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{A7713674-9AE4-487E-8F3C-1A3F09616C34}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{258C9A66-D65B-4D04-A981-738F5CC9F89F}] => (Allow) LPort=1900
FirewallRules: [{0740175D-3B68-4615-B172-48C84D00FCA5}] => (Allow) LPort=2869
FirewallRules: [{57E6E213-6364-405E-9E81-76E51EF48813}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{92913F68-4B4C-4404-B861-516763E14686}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{A413FD5D-F951-4A8E-BB42-7B2AF6BBC4C3}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{09C5739E-59BB-4408-85F1-E26FF932A56D}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{44F53036-DE68-4DE8-964C-C1FAFB6B2465}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{FE8C8649-AE5C-4207-A161-E3AEC91AF5C2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8A2A356C-2EBC-436E-A331-2E6CC873A535}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9D852A01-39BB-420B-BEA9-0E5E38A192AC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7B295BAD-4ED5-4863-BA03-0EAC677C2828}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [UDP Query User{8B04EE6A-8393-4E5D-BBBE-D050B72ED6FC}C:\users\sebastian\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\sebastian\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{BA4A3EC9-7077-4C58-8DAC-3CB249D8D053}C:\users\sebastian\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\sebastian\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{B7A69F55-1493-4218-A936-5CCA34D03996}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{37DC4800-C06B-4743-923C-94E0B77432F3}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{9A344EC6-E90E-41DE-A4C9-1EB0959C6988}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{F70DB652-DC66-4D1E-8A40-1C45E3973E4B}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{73B8392B-261E-494D-9551-AE844FEE4F2F}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{CB1EFA0A-2F27-486E-B514-B141CA0988A6}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{E9EFEFF8-3840-458F-88C8-D027F205B63A}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{81B8F512-CB08-43AA-BB94-05DBEA67730E}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{AFB42729-9013-4D3A-B7A9-2AFD0F5860DA}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{7C9F8659-8C4D-4737-B83A-B848581025AE}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{E6ED67D8-0DBF-414B-8473-32D783B15C38}] => (Allow) C:\Program Files (x86)\Acer\Acer Media_\WindowsUpnpMV.exe
FirewallRules: [{72707831-8D9D-41DE-BB1D-332DF3ACF85B}] => (Allow) C:\Program Files (x86)\Acer\Acer Media_\WindowsUpnpMV.exe
FirewallRules: [{A473CBE5-B1AA-4EA9-BA43-B6BFD64830F3}] => (Allow) C:\Program Files (x86)\Acer\Acer Media_\DMCDaemon.exe
FirewallRules: [{0BF695B0-12FC-47B4-AA1B-3144DF34F430}] => (Allow) C:\Program Files (x86)\Acer\Acer Media_\DMCDaemon.exe
FirewallRules: [{A5C31CF7-785E-47F3-92AC-35FF11F716BD}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo_\WindowsUpnp.exe
FirewallRules: [{B7E3DC7D-72D9-4644-B799-EEB8E26BAA78}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo_\WindowsUpnp.exe
FirewallRules: [{E2CC49C7-A7C1-4BE8-979B-F80A6E243718}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo_\DMCDaemon.exe
FirewallRules: [{D8722001-B5A4-4715-A7D0-E688495CB149}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo_\DMCDaemon.exe
FirewallRules: [{881AE928-4763-4083-90D8-809C3C8D8F64}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{80EB33EF-6788-4B99-8DBA-6C998025484F}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{E8126C62-560B-4A4D-A824-D4F52F11177C}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{35767A33-008A-49A5-B0AB-897DA70412A3}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{603BFC61-9037-4D31-99EC-4B01DE0D0869}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{3F68929C-5858-4540-90DA-8557A4125B3B}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{E5B36476-F663-452B-83DD-69C40D709C8B}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{BCAB0193-AE02-43A3-8A80-94FB94C64FAC}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{79D3AD6A-BD2F-46A7-A415-BA8CB006A79C}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{1CCC6D7A-2B94-4BFE-877B-69CED4127195}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{BAA03EBE-447E-4C44-A694-8F8A9434B341}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe
FirewallRules: [{400948F9-77AF-4AAA-B863-C5A77C749149}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{B75B4F8A-948A-4379-9BB8-BA3A17855C10}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{CC1F09E0-432C-4C9C-B2F8-46B22B9E9CF9}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{9C900CF0-FBB9-4507-8D69-0C1C989BE6B4}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{20C7BE15-1AF4-4E89-B7B7-A671C706224C}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{2214EC07-082B-4563-A108-C9CA3F42BB84}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{8BB7153F-9B33-4239-B396-1C0840D6D2D2}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe
FirewallRules: [{4A960E85-0FFE-4B7B-887F-F2D2ADFBA016}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe
FirewallRules: [{09C1FB59-BC6D-4EC8-BD97-15E42EF2078E}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe
FirewallRules: [{1727CECE-4023-4B8F-9CED-F0D56419FD52}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe
FirewallRules: [{3D209863-22AA-40E8-BEDD-C88E388F4477}] => (Allow) C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe
FirewallRules: [{1CD6182F-78CC-45F8-8259-2884DEBCDBF6}] => (Allow) C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe
FirewallRules: [{D5833126-7A6E-4319-8316-CDFBE0621595}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{46112966-A5C5-4386-9C6A-135C03D9908E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{924A3F0C-9891-4FCB-BC4F-C09EF0D9AE5C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E578D48A-2C74-48D1-A615-736FDC4AA123}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{EF090A5C-3F32-4658-B521-329F4FF5AFA7}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{41633633-02E9-4220-BE90-38279A2E2C7C}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/29/2015 08:53:43 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (1240) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.
Error: (11/29/2015 08:53:43 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (1240) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.
Error: (11/29/2015 08:53:33 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (1240) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.
Error: (11/29/2015 08:53:33 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (1240) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.
Error: (11/29/2015 08:53:23 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (1240) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.
Error: (11/29/2015 08:53:23 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (1240) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.
Error: (11/29/2015 08:53:12 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (1240) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.
Error: (11/29/2015 08:53:12 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (1240) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.
Error: (11/29/2015 08:53:02 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (1240) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.
Error: (11/29/2015 08:53:02 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (1240) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.
Systemfehler:
=============
Error: (11/29/2015 06:42:44 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.
Error: (11/29/2015 02:06:25 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (11/29/2015 02:06:24 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (11/29/2015 02:06:23 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (11/29/2015 02:05:05 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Error: (11/29/2015 02:05:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Network Activity Hook Server LightWeight Filter Driver" wurde aufgrund folgenden Fehlers nicht gestartet:
%%31
Error: (11/29/2015 02:03:26 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Gruppenrichtlinienclient konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.
Error: (11/29/2015 02:02:45 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Synchronisierungshost_Session1 erreicht.
Error: (11/29/2015 02:02:45 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Benutzerdatenspeicher _Session1 erreicht.
Error: (11/29/2015 02:02:44 PM) (Source: DCOM) (EventID: 10010) (User: CHEMICALWORLD)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Pentium(R) CPU 2127U @ 1.90GHz
Prozentuale Nutzung des RAM: 62%
Installierter physikalischer RAM: 3971.27 MB
Verfügbarer physikalischer RAM: 1498.11 MB
Summe virtueller Speicher: 5939.15 MB
Verfügbarer virtueller Speicher: 2489.39 MB
==================== Laufwerke ================================
Drive c: (Acer) (Fixed) (Total:449.11 GB) (Free:221.53 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 29EE9349)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
| Themen zu Laptop mit Windows 10 hängt |
| antivirus, desktop, device driver, dnsapi.dll, downloader, firefox, flash player, google, home, homepage, hängt, installation, langsam, launch, maus, mozilla, npdicihegicnhaangkdmcgbjceoemeoo, onedrive, problem, proxy, realtek, registry, scan, security, software, svchost.exe, symantec, windows, windowsapps, wlan, xperia, zeitlupe, zugriff verweigert |
Baum-Darstellung