Windows 7: Laptop friert nach dem Hochfahren komplett ein

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:01-12-2015
Ran by SYSTEM on MININT-KF1PPO9 (05-12-2015 11:05:40)
Running from F:\
Platform: Windows 7 Home Premium (X64) Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery
Default: ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.

Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe [1864312 2015-06-16] (G DATA Software AG)
HKLM\...\RunOnce: [*WerKernelReporting] => C:\Windows\SYSTEM32\WerFault.exe [415232 2009-07-13] (Microsoft Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G DATA\InternetSecurity\AVKTray\AVKTray.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe
HKU\Sophia\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21648480 2014-07-02] (Skype Technologies S.A.)
HKU\Sophia\...\Run: [Dropbox Update] => C:\Users\Sophia\AppData\Local\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-16] (Dropbox, Inc.)
AppInit_DLLs: C:\Users\Sophia\AppData\Local\Smartbar\Application\Resources\crdlil64.dll => No File
AppInit_DLLs-x32: c:\users\sophia\appdata\local\smartbar\application\resources\crdlil.dll => No File
Startup: C:\Users\Sophia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-11-15]
ShortcutTarget: Dropbox.lnk ->  (No File)
GroupPolicy: Restriction - Chrome <======= ATTENTION

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2558072 2015-06-19] (G Data Software AG)
S2 AVKService; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe [966776 2015-06-15] (G Data Software AG)
S2 AVKWCtl; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe [3711712 2015-06-15] (G Data Software AG)
S3 GDFwSvc; C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe [3202368 2015-06-19] (G Data Software AG)
S3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [789624 2015-06-15] (G Data Software AG)
S2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [632792 2011-01-28] (PC Tools)
S3 spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [125496 2007-08-03] ()
S2 UI Assistant Service; C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe [270672 2011-08-25] ()
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [158720 2015-09-14] (G Data Software AG)
S3 GDKBB; C:\Windows\system32\drivers\GDKBB64.sys [27648 2015-04-12] (G Data Software AG)
S1 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [20992 2015-04-12] (G Data Software AG)
S1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [230912 2015-09-14] (G Data Software AG)
S3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [76288 2015-09-14] (G Data Software AG)
S1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [65024 2015-09-14] (G Data Software AG)
S2 ghaio; C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [17464 2007-08-02] ()
S1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [125952 2015-09-14] (G Data Software AG)
S3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-31] (Malwarebytes Corporation)
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800192 2009-08-19] ()
S3 ASUSProcObsrv; \??\E:\I386\AsPrOb64.sys [X]
S3 cpuz134; \??\C:\Users\Sophia\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 ipswuio; System32\DRIVERS\ipswuio.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-05 11:04 - 2015-12-05 11:05 - 00000000 ____D C:\FRST
2015-12-04 23:20 - 2015-12-04 23:45 - 00329542 _____ C:\Windows\ntbtlog.txt
2015-11-16 09:27 - 2015-11-16 09:27 - 00018275 _____ C:\Users\Sophia\Downloads\Handout  Mutter Teresa (1).odt
2015-11-16 09:24 - 2015-11-16 09:26 - 00018275 _____ C:\Users\Sophia\Downloads\Handout  Mutter Teresa.odt
2015-11-11 06:49 - 2015-11-11 06:49 - 04699336 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-11-11 05:31 - 2015-11-11 05:31 - 00001203 _____ C:\Users\Public\Desktop\FOTOParadies.lnk
2015-11-11 05:28 - 2015-11-11 05:33 - 00000000 ____D C:\Program Files (x86)\FOTOParadies
2015-11-11 05:24 - 2015-11-11 05:28 - 347336448 _____ (Foto Online Service GmbH ) C:\Users\Sophia\Downloads\FotoParadiesSetup.exe
2015-11-10 07:21 - 2015-11-10 07:21 - 00279579 ____N C:\Windows\Minidump\111015-23353-01.dmp

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-05 01:56 - 2015-06-13 03:47 - 00001228 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1579712282-3239494877-4212610474-1000UA.job
2015-12-05 01:53 - 2014-11-08 13:06 - 00065536 _____ C:\Windows\System32\Ikeext.etl
2015-12-05 01:53 - 2014-09-07 13:26 - 00001336 _____ C:\Windows\Tasks\RNF.job
2015-12-05 01:53 - 2014-09-07 13:25 - 00001688 _____ C:\Windows\Tasks\EUPYZMN.job
2015-12-05 01:53 - 2014-09-07 10:47 - 00001334 _____ C:\Windows\Tasks\BV.job
2015-12-05 01:53 - 2014-09-07 10:46 - 00001342 _____ C:\Windows\Tasks\PRGCDF.job
2015-12-05 01:53 - 2014-09-07 10:27 - 00001336 _____ C:\Windows\Tasks\MJF.job
2015-12-05 01:53 - 2014-09-07 10:26 - 00001342 _____ C:\Windows\Tasks\DSENPC.job
2015-12-05 01:53 - 2010-12-19 05:57 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-05 01:53 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-05 01:49 - 2013-12-15 11:32 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-05 01:47 - 2009-07-13 21:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-12-04 23:20 - 2009-07-13 19:20 - 00000000 ____D C:\Windows
2015-12-04 09:26 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\inf
2015-11-20 11:50 - 2009-07-13 20:45 - 00018832 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-20 11:50 - 2009-07-13 20:45 - 00018832 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-16 09:29 - 2011-02-07 10:54 - 00000000 ____D C:\Users\Sophia\AppData\Roaming\SoftGrid Client
2015-11-16 09:21 - 2011-02-07 10:57 - 00003938 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{9A78741A-FB3E-4B41-89D9-4DAD30D9F29C}
2015-11-16 09:02 - 2010-12-19 05:57 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-16 08:51 - 2013-09-20 09:10 - 00000000 ___RD C:\Users\Sophia\Dropbox
2015-11-16 08:51 - 2013-09-20 08:26 - 00000000 ____D C:\Users\Sophia\AppData\Roaming\Dropbox
2015-11-16 08:49 - 2013-06-02 03:16 - 00000000 ____D C:\Users\Sophia\AppData\Roaming\Skype
2015-11-15 10:00 - 2011-10-08 07:20 - 00000268 _____ C:\Windows\Tasks\RMSchedule.job
2015-11-15 04:25 - 2015-06-13 03:47 - 00001176 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1579712282-3239494877-4212610474-1000Core.job
2015-11-14 12:49 - 2011-02-05 10:00 - 00045056 _____ C:\Windows\System32\acovcnt.exe
2015-11-13 09:06 - 2014-10-12 06:03 - 00002177 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-11-11 06:49 - 2013-12-15 11:32 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-11 06:49 - 2013-12-15 11:32 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-11-11 06:49 - 2012-02-04 09:56 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-11 05:19 - 2009-08-04 01:51 - 05538576 _____ C:\Windows\System32\perfh007.dat
2015-11-11 05:19 - 2009-08-04 01:51 - 01700208 _____ C:\Windows\System32\perfc007.dat
2015-11-11 05:19 - 2009-07-13 21:13 - 00006556 _____ C:\Windows\System32\PerfStringBackup.INI
2015-11-10 07:25 - 2014-09-07 16:33 - 00000000 ____D C:\Windows\Minidump

Some files in TEMP:
====================
C:\Users\Sophia\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpaduzwa.dll
C:\Users\Sophia\AppData\Local\Temp\GURAC79.exe


==================== Known DLLs (Whitelisted) =========================


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE Association (Whitelisted) =============


==================== Restore Points =========================

Restore point date: 2015-10-26 10:29
Restore point date: 2015-10-27 02:12
Restore point date: 2015-11-10 10:44
Restore point date: 2015-11-11 11:13
Restore point date: 2015-11-11 12:22
Restore point date: 2015-11-12 12:43
Restore point date: 2015-11-13 09:30
Restore point date: 2015-11-13 09:41
Restore point date: 2015-11-14 01:36
Restore point date: 2015-11-16 08:59

==================== Memory info =========================== 

Percentage of memory in use: 14%
Total physical RAM: 4093.82 MB
Available physical RAM: 3499.39 MB
Total Virtual: 4091.97 MB
Available Virtual: 3482.13 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:74.53 GB) (Free:14.04 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:202.07 GB) (Free:180.97 GB) NTFS
Drive f: () (Removable) (Total:7.82 GB) (Free:6.62 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 07A276F2)
Partition 1: (Not Active) - (Size=21.5 GB) - (Type=1C)
Partition 2: (Active) - (Size=74.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=202.1 GB) - (Type=OF Extended)

========================================================
Disk: 1 (Size: 7.8 GB) (Disk ID: 905EF569)
Partition 1: (Not Active) - (Size=7.8 GB) - (Type=0B)


LastRegBack: 2015-10-16 08:52

==================== End of FRST.txt ============================