NetteMario | 03.06.2017 13:51 | Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 02-06-2017
durchgeführt von Kris (Administrator) auf NICE (03-06-2017 14:47:52)
Gestartet von C:\Users\h\Downloads
Geladene Profile: Kris (Verfügbare Profile: h & Kris)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 6\CyberGhost.Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2862448 2012-08-06] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764032 2012-08-10] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-08-10] (Atheros Communications)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [BambooCore] => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-04-23] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [MailCheck IE Broker] => C:\Program Files (x86)\GMX MailCheck\IE\GMX_MailCheck_Broker.exe [2796264 2017-04-10] (1und1 Mail und Media GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [181280 2017-01-25] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [158392 2017-01-25] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => -> Keine Datei
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
Startup: C:\Users\h\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk [2013-04-22]
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk [2017-05-29]
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.179.1
Tcpip\..\Interfaces\{39EF41FA-3C33-47DF-BEAA-29E4E409FEC8}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{C9F07D4E-D772-4C2B-BB49-7A21E60ADAE6}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{F319265E-6219-49D9-BDB2-7326C8156DA6}: [NameServer] 192.168.179.1
Tcpip\..\Interfaces\{F319265E-6219-49D9-BDB2-7326C8156DA6}: [DhcpNameServer] 192.168.179.1
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=21.7.0.11
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=21.7.0.11
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=21.7.0.11
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-05-14] (Oracle Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-10] (Qualcomm Atheros Commnucations)
BHO: GMX MailCheck BHO -> {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} -> C:\Program Files\GMX MailCheck\IE\GMX_MailCheck.dll [2017-04-10] (1und1 Mail und Media GmbH)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-14] (Oracle Corporation)
BHO-x32: GMX MailCheck BHO -> {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} -> C:\Program Files (x86)\GMX MailCheck\IE\GMX_MailCheck.dll [2017-04-10] (1und1 Mail und Media GmbH)
Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\18.8.0.180\AVG Secure Search_toolbar.dll Keine Datei
Toolbar: HKLM - GMX MailCheck - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Program Files\GMX MailCheck\IE\GMX_MailCheck.dll [2017-04-10] (1und1 Mail und Media GmbH)
Handler: gmx - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\GMX MailCheck\IE\GMX_MailCheck.dll [2017-04-10] (1und1 Mail und Media GmbH)
Handler-x32: gmx - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files (x86)\GMX MailCheck\IE\GMX_MailCheck.dll [2017-04-10] (1und1 Mail und Media GmbH)
FireFox:
========
FF DefaultProfile: 9ie3077f.default
FF ProfilePath: C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\9ie3077f.default [2017-06-03]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-15] ()
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-05-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-05-14] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-05-23] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-15] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-05-23] (Wacom)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations) [Datei ist nicht signiert]
R2 CG6Service; C:\Program Files\CyberGhost 6\CyberGhost.Service.exe [87088 2017-03-22] (CyberGhost S.R.L)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593976 2012-08-24] (Samsung Electronics CO., LTD.)
S3 GMX_MailCheck_Update; C:\Program Files (x86)\GMX MailCheck\IE\GMX_MailCheck_Update.exe [581352 2017-04-10] (Pixality Computersysteme GmbH)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2017-03-16] ()
R2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [107832 2017-05-22] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-11-14] (Wacom Technology, Corp.)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-10] (Atheros) [Datei ist nicht signiert]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AndNetDiag; C:\WINDOWS\system32\DRIVERS\lgandnetdiag64.sys [29184 2013-04-18] (LG Electronics Inc.)
S3 ANDNetModem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem64.sys [36352 2013-06-28] (LG Electronics Inc.)
S3 andnetndis; C:\WINDOWS\system32\DRIVERS\lgandnetndis64.sys [93696 2013-04-23] (LG Electronics Inc.)
S3 BTATH_LWFLT; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-10] (Qualcomm Atheros)
S1 ccSet_NARA; C:\WINDOWS\system32\drivers\NARAx64\0401000.00B\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R1 cgnetfilter1521; C:\WINDOWS\System32\drivers\cgnetfilter1521.sys [84768 2017-03-22] (Windows (R) Win 7 DDK provider)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251840 2017-06-03] (Malwarebytes)
S3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2017-02-08] (NVIDIA Corporation)
S3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-02-08] (NVIDIA Corporation)
R3 RadioHIDMini; C:\WINDOWS\System32\drivers\RadioHIDMini.sys [32168 2015-07-16] (Windows (R) Win 7 DDK provider)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-09-12] (Windows (R) 2003 DDK 3790 provider)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 usbrndis6; C:\WINDOWS\system32\DRIVERS\usb80236.sys [20992 2015-04-25] (Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-06-03 14:45 - 2017-06-03 14:45 - 00000000 ____D C:\Users\h\Downloads\FRST-OlderVersion
2017-06-03 14:38 - 2017-06-03 14:38 - 02433536 _____ (Farbar) C:\Users\Kris\Desktop\FRST64.exe
2017-06-03 10:43 - 2017-06-03 10:43 - 00001612 _____ C:\Users\Kris\Desktop\AdwCleaner[C3].txt
2017-06-03 10:22 - 2017-06-03 10:22 - 00001392 _____ C:\Users\Kris\Desktop\AdwCleaner[C2].txt
2017-06-01 22:46 - 2017-06-01 22:46 - 00000000 ____D C:\Users\Kris\AppData\Roaming\vlc
2017-06-01 20:47 - 2017-06-01 20:47 - 00001324 _____ C:\Users\Kris\Desktop\JRT.txt
2017-06-01 20:41 - 2017-06-01 20:41 - 00006340 _____ C:\Users\Kris\Desktop\AdwCleaner[C0].txt
2017-06-01 20:25 - 2017-06-01 20:25 - 01663672 _____ (Malwarebytes) C:\Users\Kris\Desktop\JRT.exe
2017-06-01 20:22 - 2017-06-03 10:44 - 00000000 ____D C:\AdwCleaner
2017-06-01 20:19 - 2017-06-01 20:20 - 04110280 _____ C:\Users\Kris\Desktop\AdwCleaner_6.047.exe
2017-05-31 22:54 - 2017-05-31 22:54 - 00000000 ____D C:\Users\Kris\AppData\Local\Macromedia
2017-05-31 15:27 - 2017-05-31 15:29 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Kris\Desktop\mbar-1.09.3.1001.exe
2017-05-31 15:08 - 2017-05-31 15:08 - 00000000 ____D C:\WINDOWS\System32\Tasks\GenericSettingsHandler
2017-05-31 14:59 - 2017-05-31 15:07 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Remove and Reinstall
2017-05-31 14:56 - 2017-05-31 14:56 - 14417536 _____ (Symantec Corporation) C:\Users\Kris\Downloads\NRnR.exe
2017-05-30 22:02 - 2017-05-30 22:02 - 00000000 ____D C:\Users\Kris\AppData\Local\Adobe
2017-05-30 21:41 - 2017-05-30 21:41 - 00001050 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-05-30 21:38 - 2017-05-30 21:39 - 07178424 _____ (VS Revo Group ) C:\Users\Kris\Desktop\revosetup_v2.0.3.exe
2017-05-29 21:49 - 2017-05-29 21:49 - 00000000 ____D C:\Users\Kris\AppData\Roaming\OpenOffice.org
2017-05-29 21:26 - 2017-06-03 10:43 - 00000000 ____D C:\Users\Kris\AppData\LocalLow\Mozilla
2017-05-29 21:26 - 2017-05-30 12:00 - 00000000 ____D C:\Users\Kris\AppData\Local\Thunderbird
2017-05-29 21:26 - 2017-05-29 21:26 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Thunderbird
2017-05-29 21:25 - 2017-05-29 21:30 - 00000000 ____D C:\Users\Kris\AppData\Local\Mozilla
2017-05-29 21:25 - 2017-05-29 21:26 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Mozilla
2017-05-29 20:53 - 2017-06-03 10:43 - 00000000 ____D C:\Users\Kris\AppData\Local\CrashDumps
2017-05-29 20:53 - 2017-06-03 10:42 - 00000000 ___DO C:\Users\Kris\OneDrive
2017-05-29 20:53 - 2017-06-01 22:09 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3774421412-1007907057-219690849-1007
2017-05-29 20:48 - 2017-05-29 20:48 - 00000000 ____D C:\Users\Kris\AppData\Local\NVIDIA Corporation
2017-05-29 20:47 - 2017-05-29 20:47 - 00000000 ____D C:\Users\Kris\AppData\Local\Power2Go8
2017-05-29 20:46 - 2017-06-01 22:36 - 00000000 ____D C:\Users\Kris\AppData\Local\Packages
2017-05-29 20:46 - 2017-05-29 20:46 - 00001450 _____ C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-05-29 20:46 - 2017-05-29 20:46 - 00000000 ____D C:\Users\Kris\AppData\Roaming\WTablet
2017-05-29 20:46 - 2017-05-29 20:46 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Adobe
2017-05-29 20:46 - 2017-05-29 20:46 - 00000000 ____D C:\Users\Kris\AppData\Local\VirtualStore
2017-05-29 20:36 - 2017-05-31 14:36 - 00000000 ____D C:\Users\Kris
2017-05-29 20:36 - 2017-05-29 20:36 - 00000020 ___SH C:\Users\Kris\ntuser.ini
2017-05-29 20:36 - 2017-05-29 20:36 - 00000000 _SHDL C:\Users\Kris\Vorlagen
2017-05-29 20:36 - 2017-05-29 20:36 - 00000000 _SHDL C:\Users\Kris\Startmenü
2017-05-29 20:36 - 2017-05-29 20:36 - 00000000 _SHDL C:\Users\Kris\Netzwerkumgebung
2017-05-29 20:36 - 2017-05-29 20:36 - 00000000 _SHDL C:\Users\Kris\Lokale Einstellungen
2017-05-29 20:36 - 2017-05-29 20:36 - 00000000 _SHDL C:\Users\Kris\Eigene Dateien
2017-05-29 20:36 - 2017-05-29 20:36 - 00000000 _SHDL C:\Users\Kris\Druckumgebung
2017-05-29 20:36 - 2017-05-29 20:36 - 00000000 _SHDL C:\Users\Kris\Documents\Eigene Videos
2017-05-29 20:36 - 2017-05-29 20:36 - 00000000 _SHDL C:\Users\Kris\Documents\Eigene Musik
2017-05-29 20:36 - 2017-05-29 20:36 - 00000000 _SHDL C:\Users\Kris\Documents\Eigene Bilder
2017-05-29 20:36 - 2017-05-29 20:36 - 00000000 _SHDL C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-05-29 20:36 - 2017-05-29 20:36 - 00000000 _SHDL C:\Users\Kris\AppData\Local\Verlauf
2017-05-29 20:36 - 2017-05-29 20:36 - 00000000 _SHDL C:\Users\Kris\AppData\Local\Anwendungsdaten
2017-05-29 20:36 - 2017-05-29 20:36 - 00000000 _SHDL C:\Users\Kris\Anwendungsdaten
2017-05-29 20:36 - 2017-05-28 20:38 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Macromedia
2017-05-29 20:36 - 2015-02-10 12:51 - 00000000 ____D C:\Users\Kris\AppData\Roaming\TuneUp Software
2017-05-29 20:36 - 2014-11-21 05:42 - 00000369 _____ C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2017-05-29 20:36 - 2014-11-21 05:42 - 00000369 _____ C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2017-05-29 20:32 - 2017-05-29 20:32 - 14417536 _____ (Symantec Corporation) C:\Users\h\Downloads\NRnR.exe
2017-05-25 09:36 - 2017-05-30 21:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-05-25 09:36 - 2017-05-25 09:36 - 00000000 ____D C:\Program Files\VS Revo Group
2017-05-18 20:15 - 2017-05-26 12:03 - 00000000 ____D C:\Users\Kris\Desktop\LFILES
2017-05-18 19:32 - 2017-05-26 11:48 - 00067655 _____ C:\Users\h\Downloads\Addition.txt
2017-05-18 19:29 - 2017-06-03 14:48 - 00017252 _____ C:\Users\h\Downloads\FRST.txt
2017-05-18 19:27 - 2017-06-03 14:47 - 00000000 ____D C:\FRST
2017-05-18 19:19 - 2017-06-03 14:45 - 02433536 _____ (Farbar) C:\Users\h\Downloads\FRST64.exe
2017-05-14 00:13 - 2017-04-29 00:44 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-05-14 00:13 - 2017-04-29 00:44 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-05-13 21:42 - 2017-05-13 21:42 - 01496584 _____ C:\Users\h\Downloads\RansomFree Schutz vor WannaCry - CHIP-Installer.exe
2017-05-10 10:01 - 2017-04-28 23:15 - 07444824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-10 10:01 - 2017-04-26 16:06 - 04169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-05-10 10:01 - 2017-04-16 12:23 - 02176584 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-10 10:01 - 2017-04-16 12:23 - 01662096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-10 10:01 - 2017-04-16 12:23 - 01063464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-05-10 10:01 - 2017-04-16 12:18 - 01135288 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-10 10:01 - 2017-04-16 12:18 - 00803192 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-10 10:01 - 2017-04-16 11:07 - 01566032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-10 10:01 - 2017-04-16 11:07 - 01213792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-10 10:01 - 2017-04-16 11:07 - 00548032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-05-10 10:01 - 2017-04-16 11:05 - 00612096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-10 10:01 - 2017-04-16 10:54 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-10 10:01 - 2017-04-16 10:51 - 02899456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-10 10:01 - 2017-04-16 10:37 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2017-05-10 10:01 - 2017-04-16 10:35 - 25741312 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-10 10:01 - 2017-04-16 10:18 - 05977600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-10 10:01 - 2017-04-16 10:16 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-10 10:01 - 2017-04-16 10:01 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-10 10:01 - 2017-04-16 09:53 - 02290176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-10 10:01 - 2017-04-16 09:49 - 20278272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-10 10:01 - 2017-04-16 09:40 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-10 10:01 - 2017-04-16 09:37 - 02132992 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-10 10:01 - 2017-04-16 09:22 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-10 10:01 - 2017-04-16 09:10 - 15250944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-10 10:01 - 2017-04-16 09:08 - 04548608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-10 10:01 - 2017-04-16 09:08 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-10 10:01 - 2017-04-16 09:04 - 03241472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-10 10:01 - 2017-04-16 09:02 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2017-05-10 10:01 - 2017-04-16 08:53 - 13661184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-10 10:01 - 2017-04-16 08:50 - 01544704 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-10 10:01 - 2017-04-16 08:37 - 02767872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-10 10:01 - 2017-04-16 08:34 - 01314816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-10 10:01 - 2017-04-10 00:00 - 01548640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-10 10:01 - 2017-04-08 01:20 - 01375960 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2017-05-10 10:01 - 2017-04-07 15:56 - 01094656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2017-05-10 10:01 - 2017-04-02 18:41 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-10 10:01 - 2017-04-02 18:41 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-10 10:01 - 2017-04-01 01:16 - 01968408 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-10 10:01 - 2017-03-31 23:59 - 01612504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-10 10:01 - 2017-03-13 18:38 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmitomi.dll
2017-05-10 10:01 - 2017-03-13 18:29 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2017-05-10 10:01 - 2017-03-13 18:13 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmitomi.dll
2017-05-10 10:01 - 2017-03-13 18:07 - 02170880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-05-10 10:01 - 2017-03-11 19:58 - 01437696 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-05-10 10:01 - 2017-03-11 01:38 - 02017624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-05-10 10:01 - 2017-03-11 01:38 - 00275800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-05-10 10:01 - 2017-03-09 22:52 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2017-05-10 10:01 - 2017-03-09 21:17 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2017-05-10 10:00 - 2017-04-16 10:54 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-05-10 10:00 - 2017-04-16 10:36 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-05-10 10:00 - 2017-04-16 10:10 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-10 10:00 - 2017-04-16 10:03 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-10 10:00 - 2017-04-16 10:02 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-10 10:00 - 2017-04-16 10:00 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-10 10:00 - 2017-04-16 10:00 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2017-05-10 10:00 - 2017-04-16 09:52 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2017-05-10 10:00 - 2017-04-16 09:47 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-05-10 10:00 - 2017-04-16 09:43 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-10 10:00 - 2017-04-16 09:40 - 00725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-10 10:00 - 2017-04-16 09:40 - 00378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-10 10:00 - 2017-04-16 09:29 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-10 10:00 - 2017-04-16 09:24 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-10 10:00 - 2017-04-16 09:23 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-10 10:00 - 2017-04-16 09:22 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-10 10:00 - 2017-04-16 09:17 - 00880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2017-05-10 10:00 - 2017-04-16 09:12 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-10 10:00 - 2017-04-16 09:10 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-10 10:00 - 2017-04-16 09:10 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-10 10:00 - 2017-04-16 08:40 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-10 10:00 - 2017-04-16 08:34 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-10 10:00 - 2017-04-10 00:00 - 00388448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-05-10 10:00 - 2017-03-13 18:25 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2017-05-10 10:00 - 2017-03-13 18:06 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2017-05-10 10:00 - 2017-03-11 21:34 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-05-10 10:00 - 2017-03-11 21:32 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-05-10 10:00 - 2017-03-11 21:32 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-05-10 10:00 - 2017-03-11 20:49 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2017-05-10 10:00 - 2017-03-11 19:54 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2017-05-10 10:00 - 2017-03-08 04:44 - 00448285 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-05-09 22:40 - 2017-03-30 15:15 - 00678592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll
2017-05-09 22:40 - 2017-03-30 15:15 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll
2017-05-09 22:39 - 2017-03-30 15:15 - 00875712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2017-05-09 22:39 - 2017-03-30 15:15 - 00869568 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2017-05-06 21:44 - 2017-05-06 21:48 - 00000000 ____D C:\Users\TEMP.NICE.000\AppData\Local\Packages
2017-05-06 21:44 - 2017-05-06 21:48 - 00000000 ____D C:\Users\TEMP.NICE.000
2017-05-05 21:35 - 2017-05-18 16:59 - 00000000 ____D C:\Users\h\AppData\Roaming\Skype
2017-05-05 21:35 - 2017-05-05 21:35 - 00002715 _____ C:\Users\Public\Desktop\Skype.lnk
2017-05-05 21:35 - 2017-05-05 21:35 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-05-05 21:35 - 2017-05-05 21:35 - 00000000 ____D C:\Users\h\Tracing
2017-05-05 21:35 - 2017-05-05 21:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-05-05 21:34 - 2017-05-05 21:35 - 00000000 ____D C:\ProgramData\Skype
2017-05-05 21:30 - 2017-05-05 21:31 - 01631704 _____ (Skype Technologies S.A.) C:\Users\h\Downloads\SkypeSetup.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-06-03 10:56 - 2012-08-23 06:32 - 00000360 _____ C:\WINDOWS\Tasks\Xerox PhotoCafe Communicator.job
2017-06-03 10:44 - 2012-08-23 06:25 - 00000000 ____D C:\ProgramData\WinClon
2017-06-03 10:35 - 2016-12-22 21:43 - 00251840 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-06-03 10:34 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-03 10:34 - 2013-04-21 21:01 - 00000000 ____D C:\ProgramData\NVIDIA
2017-06-03 10:33 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2017-06-01 23:29 - 2016-12-16 20:09 - 00000000 ____D C:\Users\h\AppData\LocalLow\Mozilla
2017-06-01 23:18 - 2013-04-21 19:29 - 00000000 ____D C:\Users\h\AppData\Local\CrashDumps
2017-06-01 23:17 - 2015-02-10 13:45 - 00000000 ___RD C:\Users\h\OneDrive
2017-06-01 21:48 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-01 21:48 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-01 20:39 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2017-06-01 20:37 - 2016-12-15 21:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-06-01 20:37 - 2013-08-03 23:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-01 20:29 - 2016-12-22 21:15 - 00000000 ____D C:\ProgramData\Lavasoft
2017-06-01 19:17 - 2015-06-02 18:07 - 00003898 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{6BC42FF6-E8FF-496F-834E-72144BBBDEE5}
2017-06-01 18:34 - 2013-04-20 20:26 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3774421412-1007907057-219690849-1002
2017-05-31 19:13 - 2017-04-17 12:29 - 00000000 ____D C:\Users\Kris\Desktop\mbar
2017-05-31 18:46 - 2017-04-17 12:33 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-05-31 15:32 - 2015-02-10 12:43 - 00000000 ____D C:\Users\UpdatusUser
2017-05-31 15:31 - 2015-08-21 15:30 - 00000000 ____D C:\Program Files (x86)\Avira
2017-05-31 15:30 - 2017-04-17 12:30 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2017-05-31 15:08 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\registration
2017-05-31 14:59 - 2014-02-10 21:00 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2017-05-31 14:59 - 2012-08-23 06:22 - 00000000 ____D C:\ProgramData\Norton
2017-05-31 14:57 - 2016-11-20 14:05 - 00003860 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1479643490
2017-05-31 14:57 - 2016-11-20 14:05 - 00001063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-05-31 14:57 - 2016-11-20 14:04 - 00000000 ____D C:\Program Files (x86)\Opera
2017-05-31 14:36 - 2015-02-10 12:43 - 00000000 ____D C:\Users\h
2017-05-30 22:45 - 2015-08-20 22:02 - 00565416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-05-30 22:22 - 2015-08-21 15:35 - 00000000 ____D C:\ProgramData\Package Cache
2017-05-29 21:24 - 2013-08-14 12:08 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-29 21:18 - 2013-04-22 09:57 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-29 20:47 - 2015-02-10 13:39 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2017-05-28 21:05 - 2017-03-13 10:35 - 00000000 ____D C:\Users\h\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2017-05-28 21:05 - 2016-01-09 20:56 - 00000000 ____D C:\Users\h\AppData\Roaming\vlc
2017-05-28 21:05 - 2014-11-10 13:16 - 00000000 ____D C:\Users\h\AppData\Local\Abelssoft
2017-05-28 21:05 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2017-05-28 21:05 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-05-28 21:04 - 2016-12-11 16:35 - 00000000 ____D C:\Users\h\AppData\Local\Akamai
2017-05-28 21:04 - 2016-01-09 20:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-05-28 21:04 - 2015-02-10 12:51 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2017-05-28 21:04 - 2015-02-10 12:51 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2017-05-28 20:37 - 2016-12-10 22:30 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2017-05-28 20:36 - 2012-08-23 05:32 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-05-25 10:16 - 2013-04-21 19:13 - 00000000 ____D C:\Users\h\AppData\LocalLow\Adobe
2017-05-23 11:25 - 2015-05-19 23:12 - 00000000 ____D C:\Users\Kris\Desktop\Kunst
2017-05-23 00:15 - 2016-12-13 22:10 - 00000000 ____D C:\Program Files (x86)\Steam
2017-05-23 00:12 - 2013-04-30 22:57 - 00000000 ____D C:\Program Files (x86)\Ambient Design
2017-05-22 17:56 - 2017-02-28 21:07 - 00107832 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2017-05-22 17:55 - 2017-02-28 21:07 - 02250024 _____ C:\WINDOWS\SysWOW64\pbsvc.exe
2017-05-19 20:09 - 2017-04-24 21:58 - 00000000 ____D C:\Users\h\AppData\Local\Spotify
2017-05-19 20:09 - 2017-04-24 21:54 - 00000000 ____D C:\Users\h\AppData\Roaming\Spotify
2017-05-16 22:18 - 2016-09-28 20:38 - 00000000 ____D C:\Users\h\Documents\My Games
2017-05-16 21:37 - 2017-02-28 21:07 - 00107832 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2017-05-15 21:22 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-15 21:22 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-05-15 21:22 - 2013-08-03 23:24 - 00004342 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-05-15 21:18 - 2014-10-15 11:39 - 00000000 ____D C:\ProgramData\Oracle
2017-05-14 22:38 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2017-05-14 18:09 - 2016-08-29 10:06 - 00000000 ____D C:\Program Files\Java
2017-05-14 18:09 - 2014-10-15 11:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-05-14 18:08 - 2016-08-29 10:07 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2017-05-14 00:10 - 2013-08-22 16:44 - 00447488 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-13 23:25 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-10 10:15 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2012-08-23 06:42 - 2012-08-08 06:07 - 2258432 _____ (Samsung Electronics) C:\ProgramData\MakeMarkerFile.exe
2012-08-23 06:42 - 2012-08-07 12:11 - 0003196 _____ () C:\ProgramData\MakeMarkerFile.xml
Einige Dateien in TEMP:
====================
2015-08-21 15:34 - 2016-10-05 22:24 - 0000000 ____D () C:\Users\h\AppData\Local\Temp\avgnt.exe
2017-05-19 20:56 - 2017-05-19 20:56 - 0208896 _____ (Sony DADC Austria AG) C:\Users\h\AppData\Local\Temp\drm_dyndata_7400005.dll
2017-05-23 00:10 - 2015-08-18 11:44 - 2097040 _____ (AVG Technologies) C:\Users\h\AppData\Local\Temp\UNINSTALL.exe
2017-05-30 22:16 - 2015-08-18 11:44 - 2097040 _____ (AVG Technologies) C:\Users\Kris\AppData\Local\Temp\UNINSTALL.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-06-01 21:46
==================== Ende von FRST.txt ============================ Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02-06-2017
durchgeführt von Kris (03-06-2017 14:49:46)
Gestartet von C:\Users\h\Downloads
Windows 8.1 (Update) (X64) (2015-02-10 11:33:54)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3774421412-1007907057-219690849-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3774421412-1007907057-219690849-1006 - Limited - Enabled)
Gast (S-1-5-21-3774421412-1007907057-219690849-501 - Limited - Disabled)
h (S-1-5-21-3774421412-1007907057-219690849-1002 - Administrator - Enabled) => C:\Users\h
HomeGroupUser$ (S-1-5-21-3774421412-1007907057-219690849-1004 - Limited - Enabled)
Kris (S-1-5-21-3774421412-1007907057-219690849-1007 - Administrator - Enabled) => C:\Users\Kris
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 25.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Allshare Play Link (HKLM-x32\...\{91786428-D4AA-476D-8AF9-A63FFAC2901F}) (Version: 1.0.0 - Samsung)
ANNO 1404 - Königsedition (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.02.0000 - Ubisoft)
ArtRage Studio Pro (HKLM-x32\...\{7082E27E-2637-4ED5-9156-E19B57A3B5B0}) (Version: 3.5.4 - Ambient Design)
Autodesk SketchBook Pro 6.0.1 (HKLM-x32\...\{783C27F9-EF0B-4B81-8464-8592AE8CB5B8}) (Version: 6.01.0000 - Autodesk)
Bamboo (HKLM\...\Pen Tablet Driver) (Version: 5.3.0-3 - Wacom Technology Corp.)
Bamboo Dock (HKLM-x32\...\Bamboo Dock) (Version: 4.1 - Wacom Co., Ltd.)
Bamboo Dock (x32 Version: 4.1.0 - Wacom Europe GmbH) Hidden
Bamboo Tablets Tutorial (x32 Version: 3.0.20 - Wacom) Hidden
Botanicula (HKLM-x32\...\Botanicula) (Version: 1.0 - Daedalic Entertainment)
Canon MP Navigator 3.0 (HKLM-x32\...\MP Navigator 3.0) (Version: - )
Canon MP510 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP510) (Version: - )
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.70.4.2009 - Georgy Berdyshev)
Corel Painter Essentials 4 (HKLM-x32\...\_{53A908D4-99C6-469B-BC13-F4189F260742}) (Version: - Corel Corporation)
Corel Painter Essentials 4 (x32 Version: 4.2 - Corel Corporation) Hidden
CyberGhost 6 (HKLM\...\CyberGhost 6_is1) (Version: - CyberGhost S.R.L.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1912 - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4415.02 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Die*Sims™*3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.631 - Electronic Arts)
Don't Starve (HKLM\...\Steam App 219740) (Version: - Klei Entertainment)
Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.4 - Samsung Electronics CO.,LTD.)
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.)
EPSON XP-600 Series Printer Uninstall (HKLM\...\EPSON XP-600 Series) (Version: - SEIKO EPSON Corporation)
ETDWare PS/2-X64 11.7.2.1_WHQL (HKLM\...\Elantech) (Version: 11.7.2.1 - ELAN Microelectronic Corp.)
Fallout: New Vegas (HKLM\...\Steam App 22380) (Version: - Obsidian Entertainment)
Far Cry 2 (HKLM-x32\...\{F2835483-37F2-4123-B4FE-0E77D58447F2}) (Version: 1.03.00 - Ubisoft)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - )
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
GMX Desktop Icons (HKLM-x32\...\1&1 Mail & Media GmbH 1und1DesktopIconsInstaller) (Version: 3.0.5.0 - 1&1 Mail & Media GmbH)
GMX MailCheck für Windows (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar IE8) (Version: 2.6.12.0 - 1&1 Mail & Media GmbH)
GMX Softwareaktualisierung (HKLM-x32\...\1&1 Mail & Media GmbH 1und1Softwareaktualisierung) (Version: 4.0.3.0 - 1&1 Mail & Media GmbH)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
GTA2 (HKLM-x32\...\{2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}) (Version: 1.00.001 - )
Help Desk (HKLM\...\{C85A891D-7AB4-46AE-84F0-B0C3FAC82280}) (Version: 1.0.4 - Samsung Electronics CO., LTD.)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33070) (Version: 3.6.1.33070.11 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3368 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.2.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
LEGO® Star Wars™ III: The Clone Wars™ (HKLM\...\Steam App 32510) (Version: - Traveller's Tales)
LG United Mobile Drivers (HKLM-x32\...\{55031CEF-CE75-4A5C-8DEA-60577820529B}) (Version: 3.10.1.0 - LG Electronics)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 53.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0.3 (x86 de)) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.3.6347 - Mozilla)
Mozilla Thunderbird 45.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.0 (x86 de)) (Version: 45.0 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
nGlide 1.04 (HKLM-x32\...\nGlide) (Version: 1.04 - Zeus Software)
Norton Online Backup ARA (x32 Version: 4.1.0.11 - Symantec Corporation) Hidden
NVIDIA Grafiktreiber 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
oCam Version 370.0 (HKLM-x32\...\oCam_is1) (Version: 370.0 - hxxp://ohsoft.net/)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Opera Stable 45.0.2552.888 (HKLM-x32\...\Opera 45.0.2552.888) (Version: 45.0.2552.888 - Opera Software)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Plants vs. Zombies (HKLM-x32\...\Plants vs. Zombies) (Version: - PopCap Games)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.206 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Quick Starter (HKLM\...\{EC36E2BC-86F7-44C9-84B2-93930F0FBDBF}) (Version: 1.0.0 - Samsung Electronics CO., LTD.)
Raccolta foto (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.)
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.4.0 - Samsung Electronics CO., LTD.)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Rockstar Games Social Club (HKLM-x32\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version: 1.00.0000 - Rockstar Games)
S Agent (Version: 1.0.7 - Samsung Electronics CO., LTD.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.23.0 - SAMSUNG Electronics Co., Ltd.)
SecureW2 EAP Suite 1.1.3 for Windows (HKLM-x32\...\SecureW2 EAP Suite) (Version: - )
Settings (HKLM-x32\...\{52E5DE60-C96B-42CC-9A37-FE04725940AE}) (Version: 2.0.0 - Samsung Electronics CO., LTD.)
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
Splinter Cell Blacklist (HKLM-x32\...\Uplay Install 91) (Version: - Ubisoft)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StuffIt Expander 2011 (HKLM\...\{6B62B973-49F5-4C51-B738-93B56A963417}) (Version: 15.0.1.17 - Smith Micro Software, Inc.)
Support Center (HKLM\...\{332518C0-0D31-4FFA-9D15-24C9C3D70B08}) (Version: 2.0.7 - Samsung Electronics CO., LTD.)
Support Center FAQ (x32 Version: 1.0.0 - Samsung Electronics CO., LTD.) Hidden
SW Update (HKLM-x32\...\{3B4E6027-AED5-4169-B030-B450E5A0F396}) (Version: 2.0.14 - Samsung Electronics CO., LTD.)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
UE4 Prerequisites (x86) (x32 Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x86) (x32 Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 26.1 - Ubisoft)
User Guide (HKLM-x32\...\{039EA659-E421-45C6-8913-BED5D69B5536}) (Version: 1.1.00 - Samsung Electronics CO., LTD.)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.2 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.2 - Wacom Technology Corp.)
Windows Driver Package - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass (07/27/2012 20.57.1.735) (HKLM\...\9F04C462DAB591BDCCE784F77E4D4F1736010B92) (Version: 07/27/2012 20.57.1.735 - Samsung Electronics Co. Ltd.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Xerox PhotoCafe (HKLM-x32\...\Xerox PhotoCafe) (Version: 1.0.0.6162 - Xerox)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {01F6B9A0-CA15-46A3-8E51-4CE1B9F7AFBB} - System32\Tasks\StereoPn => C:\Users\h\AppData\Roaming\StereoPn\sterpn.exe
Task: {0A7D9EFA-2AA9-444B-8114-5F4E9E153961} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe [2014-11-05] (CHIP)
Task: {154E2819-0A69-4F32-B7E8-9ADE82864295} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-08] (NVIDIA Corporation)
Task: {291F679A-E195-4D37-B448-90F0BA73DD07} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {30258BE9-3094-4431-B317-46BC72279FE8} - System32\Tasks\Registration 1und1 Task => C:\Program Files (x86)\1und1Softwareaktualisierung\cdsupdclient.exe [2016-03-25] (1&1 Mail & Media GmbH)
Task: {3E118B37-9ED6-44ED-BDEC-6F22731F6F7B} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2012-08-15] (SEC)
Task: {43518753-E4B6-4A80-9BE4-3CD36CE5A964} - System32\Tasks\Xerox PhotoCafe Communicator => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe [2011-10-26] ()
Task: {452845B5-540D-43A4-8470-400FF0920B02} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\SymErr.exe
Task: {473ECCD0-938F-4928-9E8D-3BAD79EB68F3} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-15] (Adobe Systems Incorporated)
Task: {47AFA574-7503-4D40-80AE-18D62BFA2E13} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2012-08-17] (Samsung Electronics CO., LTD.)
Task: {568D0B88-C874-4E2D-8A72-857710B2AC78} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-01-12] (Microsoft Corporation)
Task: {5827C3C2-464E-4F28-8AA5-2B09C1A29D53} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-02-08] (NVIDIA Corporation)
Task: {6D3520E8-2AC5-45AC-BB72-39399F356070} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3774421412-1007907057-219690849-1007
Task: {6F490688-8690-46FA-BBA9-0655E6923BD4} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-08] (NVIDIA Corporation)
Task: {6FBFF8F1-1F77-42B7-8305-418C5F610A93} - System32\Tasks\{4C645FA7-882A-4228-9C1B-D93CA4171B3D} => pcalua.exe -a C:\Users\h\Downloads\mpnwin303ea22.exe
Task: {70839554-B98C-4FE9-BCD4-D3769E6F70AF} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\SymErr.exe
Task: {70DADE89-37B0-4EB3-8DFC-5F9A6BCCBA04} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2012-08-24] (Samsung Electronics CO., LTD.)
Task: {7E9114A8-6D68-4B2C-9DBB-00DC4A88FE9B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-05-29] (Microsoft Corporation)
Task: {9AA64FD8-7838-43CE-8E19-65C81A1712CC} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {AC59F6FD-64F4-4D52-B4B7-FCBB717E291B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-01-12] (Microsoft Corporation)
Task: {AE7CA6C7-E966-45DA-99B5-9872A4FF5F9E} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {B2115EFD-DEAD-4B4F-9559-333D32E89603} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-01-12] (Microsoft Corporation)
Task: {C0667715-7681-4B61-AB4E-42F1065332A0} - System32\Tasks\WLANStartup => %programfiles(x86)%\Samsung\Easy Settings\WLANStartup.exe
Task: {C67A143E-5A1D-440F-BF6D-132AAA9C0202} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\WSCStub.exe
Task: {CE9C9BE2-4027-4559-855B-DED0762E1AA8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-01-12] (Microsoft Corporation)
Task: {E9E02351-0485-4864-BCDE-BDF92B335A1C} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-08] (NVIDIA Corporation)
Task: {EC4921E0-CF05-48ED-9CB3-A66D47E194EB} - System32\Tasks\SWUpdateAgent => C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe [2012-08-22] (Samsung Electronics CO., LTD.)
Task: {F15F162E-EB1F-4A53-AC1B-712E34A2E896} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-08] (NVIDIA Corporation)
Task: {F5807FEF-276D-4C48-98AA-4F18B544D69E} - System32\Tasks\Opera scheduled Autoupdate 1479643490 => C:\Program Files (x86)\Opera\launcher.exe [2017-05-31] (Opera Software)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Xerox PhotoCafe Communicator.job => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-02-28 21:07 - 2017-03-16 20:19 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2017-02-28 21:07 - 2017-05-22 17:56 - 00107832 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2015-02-10 12:29 - 2016-12-29 15:16 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-12-22 21:42 - 2017-02-24 07:23 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-04-16 23:01 - 2017-03-22 09:40 - 00310320 _____ () C:\Program Files\CyberGhost 6\MobileConcepts45.dll
2017-04-16 23:01 - 2017-03-22 09:39 - 00093232 _____ () C:\Program Files\CyberGhost 6\CyberGhost.FilterApi.dll
2017-04-16 23:01 - 2017-03-22 09:39 - 00025648 _____ () C:\Program Files\CyberGhost 6\BugSplatDotNet.dll
2017-04-16 23:01 - 2017-03-22 09:39 - 00121904 _____ () C:\Program Files\CyberGhost 6\CyberGhost.RESTCommunicator.dll
2017-04-16 23:01 - 2017-03-22 09:39 - 00169656 _____ () C:\Program Files\CyberGhost 6\Data\Firewall\x64\nfapi.DLL
2012-08-24 13:45 - 2012-08-24 13:45 - 00076920 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
2014-04-03 22:40 - 2012-11-14 14:45 - 01184640 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2014-03-20 08:53 - 2014-03-20 08:53 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-23 06:14 - 2012-06-25 20:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2012-08-24 13:45 - 2012-08-24 13:45 - 00028280 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
2012-08-24 13:45 - 2012-08-24 13:45 - 01016440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
2012-08-24 13:45 - 2012-08-24 13:45 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
2012-08-24 13:45 - 2012-08-24 13:45 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
2012-08-24 13:45 - 2012-08-24 13:45 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2012-08-24 13:45 - 2012-08-24 13:45 - 00026232 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2012-08-24 13:45 - 2012-08-24 13:45 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2012-08-24 13:45 - 2012-08-24 13:45 - 00029816 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2012-08-24 13:45 - 2012-08-24 13:45 - 00091768 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2012-08-23 06:35 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 04:34 - 2012-06-08 04:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2012-08-10 16:50 - 2012-08-10 16:50 - 00170496 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxslt.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2015-08-10 03:32 - 00000854 _____ C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.1 mssplus.mcafee.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3774421412-1007907057-219690849-1007\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.179.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\StartupFolder: => "SketchBook Snapshot.lnk"
HKLM\...\StartupApproved\Run: => "BtvStack"
HKLM\...\StartupApproved\Run: => "BtTray"
HKLM\...\StartupApproved\Run: => "AdAwareTray"
HKLM\...\StartupApproved\Run32: => "BambooCore"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKLM\...\StartupApproved\Run32: => "Norton Online Backup"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "vProt"
HKLM\...\StartupApproved\Run32: => "MailCheck IE Broker"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{9C713605-3EB5-46E4-B424-52A3E5D766ED}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0870D98B-FDC7-4A27-A89F-50371677BA8E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A24C5632-491E-4B5D-80E1-23CDC0C43CBF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{CB46E053-F290-402F-A4BF-F0D363049BD5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{62D08DDE-8F1D-42C4-9099-99407693878F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1975958B-27CE-43B2-8FB0-D6BF103A5ABD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{01DBFFF1-270C-46E8-81C0-413DADD35393}] => (Allow) C:\Users\h\AppData\Local\Temp\7zSD3A6.tmp\SymNRT.exe
FirewallRules: [{70CA61D4-D7CE-4713-89A4-1BC2A22E84E5}] => (Allow) C:\Users\h\AppData\Local\Temp\7zSD3A6.tmp\SymNRT.exe
FirewallRules: [{2575C9E3-D863-4DD1-9DB2-E76BC970B4BE}] => (Allow) C:\Users\h\AppData\Local\Temp\7zSF5B1.tmp\SymNRT.exe
FirewallRules: [{31CBE51D-DBDA-4290-9D76-8CDBD633CD78}] => (Allow) C:\Users\h\AppData\Local\Temp\7zSF5B1.tmp\SymNRT.exe
FirewallRules: [{E38197A5-EF5F-4759-A3DA-46142B05FDA5}] => (Allow) C:\Users\h\AppData\Local\Temp\7zS764B.tmp\SymNRT.exe
FirewallRules: [{F94A81DA-DD84-4600-A895-02C48B3A3EDA}] => (Allow) C:\Users\h\AppData\Local\Temp\7zS764B.tmp\SymNRT.exe
FirewallRules: [{B4BACFFA-4D48-42EF-8244-5F7E81E95883}] => (Allow) C:\Users\h\AppData\Local\Temp\7zSD652.tmp\SymNRT.exe
FirewallRules: [{C27A9D61-5E7F-4158-8603-3C64B81B8E6F}] => (Allow) C:\Users\h\AppData\Local\Temp\7zSD652.tmp\SymNRT.exe
FirewallRules: [{C7C014EF-5B03-4B7E-8A57-8987A69CF188}] => (Allow) C:\Users\h\AppData\Local\Temp\7zS9283.tmp\SymNRT.exe
FirewallRules: [{C9BBEE2A-3365-45FB-8A06-5C6128ECAF0E}] => (Allow) C:\Users\h\AppData\Local\Temp\7zS9283.tmp\SymNRT.exe
FirewallRules: [{9A3B2BDD-F4C1-466E-A67F-E0BBE2885CDE}] => (Allow) C:\Users\h\AppData\Local\Temp\7zS6817.tmp\SymNRT.exe
FirewallRules: [{B05739E5-F789-42DC-A038-087EDB06FA65}] => (Allow) C:\Users\h\AppData\Local\Temp\7zS6817.tmp\SymNRT.exe
FirewallRules: [{21A46CD5-34F1-4E4F-80F2-F6534AFE817F}] => (Allow) C:\Users\h\AppData\Local\Temp\7zS91DE.tmp\SymNRT.exe
FirewallRules: [{30EA79C5-575A-486F-B01C-0EFB5DE9B68E}] => (Allow) C:\Users\h\AppData\Local\Temp\7zS91DE.tmp\SymNRT.exe
FirewallRules: [{CA55BBBA-8AC8-4937-8E24-0645050AA960}] => (Allow) C:\Users\h\AppData\Local\Temp\7zS5264.tmp\SymNRT.exe
FirewallRules: [{555F5619-A66A-437F-A77F-54B3F0254EF6}] => (Allow) C:\Users\h\AppData\Local\Temp\7zS5264.tmp\SymNRT.exe
FirewallRules: [{7FB3343A-6142-4AED-878B-96D619D5820B}] => (Allow) C:\Users\h\AppData\Local\Temp\7zS3DCD.tmp\SymNRT.exe
FirewallRules: [{599ADED6-DEE3-494C-947E-D1B67D1959DF}] => (Allow) C:\Users\h\AppData\Local\Temp\7zS3DCD.tmp\SymNRT.exe
FirewallRules: [{03B97FC0-D857-407A-AEC3-2B03C84BCD2E}] => (Allow) C:\Users\h\AppData\Local\Temp\7zS8098.tmp\SymNRT.exe
FirewallRules: [{B11D91A3-2F1A-4DED-BA7A-BA1E1812B385}] => (Allow) C:\Users\h\AppData\Local\Temp\7zS8098.tmp\SymNRT.exe
FirewallRules: [{237BEAC6-1FFC-47DA-88CC-A6F431BCB4FA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{1834F659-CF15-452C-BEEB-A761B0A5EE37}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{1FB865F4-2014-41C8-BDDA-A9A623CB5C15}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{B288242C-A231-4482-81B2-A4CD2AA0C83B}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{074B9FFA-BEF4-4AF5-8237-52CEA32409A7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{2592DA51-D3E9-4CF5-A89F-BB96ABF527E1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [TCP Query User{1B4CBF0A-E878-41FD-8034-7CB6964EEA98}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{5262EBF5-AD3D-40B8-BE66-18FEABA718BC}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{699F193A-6751-4539-9A8D-5F178DA0D93C}] => (Allow) C:\Program Files (x86)\MAGIX\Music Maker 2015\MusicMaker.exe
FirewallRules: [{A91B50AD-9C18-4DF7-976F-C9E7A78CF6D1}] => (Allow) C:\Program Files (x86)\MAGIX\Music Maker 2015\MusicMaker.exe
FirewallRules: [{D8AEC545-6F8E-4894-89C4-09569D7AC53D}] => (Allow) C:\Program Files (x86)\MAGIX\Music Maker 2015\MusicMaker.exe
FirewallRules: [{7C50BB3D-1461-4F21-B15B-97BAFDE15B30}] => (Allow) C:\Program Files (x86)\MAGIX\Music Maker 2015\MusicMaker.exe
FirewallRules: [{3F75341D-7C1E-4D84-B694-1CA6BAAE1735}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DDD9FBF0-5EFC-4F2A-B935-AA84D07654ED}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E4C3CDE2-54D5-4DED-B2F7-4D18D630C882}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4CEC78B5-F3CD-4B41-80C5-BB90F7E23A51}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AE14A140-E96B-420A-BDE7-0F271AC02579}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{1BEC09CF-E645-456E-B2A4-4F99C197DCD2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{D28CFFC0-2275-4411-A0B4-E20867ADF02D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{EBD3DCBB-62D7-445F-9726-B89070E28D2D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{501EEBDD-FF5B-41D8-90E4-D7EABCBDF89B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{DB27300D-C33C-4F65-A990-BCCACA883C7D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{DB55BFD9-C1F0-4B85-AD8F-4AC861D36644}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Creativerse\Creativerse.exe
FirewallRules: [{6E55620E-D35E-4D81-A2D9-978586653070}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Creativerse\Creativerse.exe
FirewallRules: [{FE775F47-EB85-405C-8E83-D9CB2CCCEDE6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{5AC74D70-D249-4FFE-BB44-E06569934217}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{2B56832D-26BD-467F-AA60-61127CF78D56}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lego Star Wars III - The Clone Wars\LEGOCloneWars.exe
FirewallRules: [{27920A3C-9752-409A-94EA-1185879BE43C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lego Star Wars III - The Clone Wars\LEGOCloneWars.exe
FirewallRules: [{E11A874C-942F-4BAB-8FB3-7752758486AD}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{A61DC458-B7F8-4373-96E2-515DA84BF969}] => (Allow) LPort=2869
FirewallRules: [{471AACEA-030D-4550-81C3-B36390BA3F1A}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{C3023845-F75C-466C-BCDB-17B6E3A23CB5}C:\program files (x86)\cosmic castaway\asteroidthecrashing\binaries\win32\asteroidthecrashing-win32-shipping.exe] => (Block) C:\program files (x86)\cosmic castaway\asteroidthecrashing\binaries\win32\asteroidthecrashing-win32-shipping.exe
FirewallRules: [UDP Query User{C83DB4DA-8432-48C7-95CA-765245A6513C}C:\program files (x86)\cosmic castaway\asteroidthecrashing\binaries\win32\asteroidthecrashing-win32-shipping.exe] => (Block) C:\program files (x86)\cosmic castaway\asteroidthecrashing\binaries\win32\asteroidthecrashing-win32-shipping.exe
FirewallRules: [TCP Query User{08A9ABF4-8625-4ACD-916F-B7F29E5D71E3}C:\users\h\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\h\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{BEA5E667-26F9-4162-B860-B5609C02BAB7}C:\users\h\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\h\appdata\local\akamai\netsession_win.exe
FirewallRules: [{FD510838-F83C-4842-BD16-4944B665E544}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{89E61ECF-F1B8-46D6-B520-1E690B33FCA8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9FDCC3B3-7580-4BB3-8DEE-A082BA36C014}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{391268BC-011F-48EA-A4FE-3D45B803055E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BA058369-25A8-4B09-9115-91E1610397D0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{59A604A7-92EE-49CD-9F51-2AB86AF70701}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{EB28EA00-B738-477F-B2D2-6EC3E1295A6C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{922D877A-DD14-4A66-AA62-59588EF835CB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{61B3CF62-9860-4F40-AA9B-A4E84CC43CB7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{E5BBB90A-138D-40C0-81D9-904A1D1D6801}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{BD6FD614-9F65-466F-B448-91DB0502AF9C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{448F2CC0-E33C-4554-A6B9-427825C65CC9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [TCP Query User{8417E585-122B-48E3-8861-774C1FCF24CE}C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\addonweb.exe] => (Allow) C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\addonweb.exe
FirewallRules: [UDP Query User{EEA07D55-90E4-415B-BBC9-2B4818D5EE69}C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\addonweb.exe] => (Allow) C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\addonweb.exe
FirewallRules: [{380A100C-C36D-4C27-88D8-6ACAAEE4B6FC}] => (Block) C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\addonweb.exe
FirewallRules: [{A3BB5CB5-CD90-40DB-9A3A-52AAE7725FF6}] => (Block) C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\addonweb.exe
FirewallRules: [TCP Query User{3AE69678-60A6-41EA-A425-17659EA93B1F}C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\anno4web.exe] => (Block) C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\anno4web.exe
FirewallRules: [UDP Query User{1C220832-0CE1-42FB-84D5-F9FF6EE6ECD9}C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\anno4web.exe] => (Block) C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\anno4web.exe
FirewallRules: [{D764039E-21B7-48B7-9E68-AE2167067E10}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3SP.exe
FirewallRules: [{11702B0C-44BC-4AA3-B999-EB28AE6FAF9A}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3SP.exe
FirewallRules: [{A11000B8-8085-45E1-9F9E-D4811DDA0582}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3MP.exe
FirewallRules: [{6B4754A4-4153-4DE1-B7EF-DC4871CCC66F}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3MP.exe
FirewallRules: [{075A2B5E-760C-4C14-A0DC-DBC2A331A8EB}] => (Allow) C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
FirewallRules: [{29C64A47-91CC-4707-8B36-EA0D5411D82C}] => (Allow) C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
FirewallRules: [TCP Query User{EE94424A-1813-454F-941C-873A8496BA12}C:\users\h\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\h\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{36DAA579-559F-43E8-95D7-F0F2381216EB}C:\users\h\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\h\appdata\roaming\spotify\spotify.exe
FirewallRules: [{C09724F1-201D-46C7-85FC-C2339D68097D}] => (Block) C:\users\h\appdata\roaming\spotify\spotify.exe
FirewallRules: [{A1F6A64B-29CF-4B06-9DF4-D55180053CB0}] => (Block) C:\users\h\appdata\roaming\spotify\spotify.exe
FirewallRules: [{140AB763-4AB6-49EC-B7B4-9826FCAC9201}] => (Allow) C:\Program Files (x86)\Codemasters\FUEL\FUEL.exe
FirewallRules: [{D41FBEDB-B7C8-4649-9598-1B272A46B803}] => (Allow) C:\Program Files (x86)\Codemasters\FUEL\FUEL.exe
FirewallRules: [TCP Query User{95DC3EEB-3A45-4DF1-B3A1-E4E43383FE58}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{BFFF0A22-4F8E-4AB7-9AB5-A61292F3D8D0}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{42114126-3AA4-4B26-82FC-8C9BEA9F1CC5}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 2\bin\FarCry2.exe
FirewallRules: [{1A007E3D-43CD-4DF7-BD39-4947FC2B6B5F}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 2\bin\FarCry2.exe
FirewallRules: [{D335B426-D002-4603-842B-5031A7A58382}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 2\bin\FC2Launcher.exe
FirewallRules: [{FFD5C420-5A10-434E-9EF4-D5381495E7D9}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 2\bin\FC2Launcher.exe
FirewallRules: [{18FE0B48-37F6-4B47-9A2A-C5A813764046}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 2\bin\FC2Editor.exe
FirewallRules: [{5CBD3814-D419-4B06-AD45-1D846B55C4DB}] => (Allow) C:\Program Files (x86)\Ubisoft\Far Cry 2\bin\FC2Editor.exe
FirewallRules: [{5A8B7968-48AA-4ABB-9825-FCF21B1B1E95}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{62904404-6674-4D67-A2BA-CD0D8B69936C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{871F70AD-1975-4959-877D-8A18DF8DBB6F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{8BED1BA1-9696-444D-A96A-8C1584D22589}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{5DB1F109-9894-4DB3-A43C-C898D785B1FA}] => (Allow) C:\Program Files (x86)\Opera\45.0.2552.881\opera.exe
FirewallRules: [{A18A9751-9325-4034-A4E7-91A8D831496C}] => (Allow) C:\Program Files (x86)\Opera\45.0.2552.888\opera.exe
==================== Wiederherstellungspunkte =========================
29-05-2017 21:16:17 Windows Update
30-05-2017 21:43:34 Revo Uninstaller's restore point - BrowserDefender
30-05-2017 21:47:44 Revo Uninstaller's restore point - Delta Chrome Toolbar
30-05-2017 21:52:54 Revo Uninstaller's restore point - Ad-Aware Antivirus
30-05-2017 21:53:53 AA11
30-05-2017 21:58:15 Revo Uninstaller's restore point - AdblockIE
30-05-2017 21:58:42 Removed AdblockIE
30-05-2017 21:59:31 Revo Uninstaller's restore point - Adobe Acrobat Reader DC - Deutsch
30-05-2017 22:01:54 Revo Uninstaller's restore point - Adobe AIR
30-05-2017 22:06:34 Revo Uninstaller's restore point - Adobe AIR
30-05-2017 22:14:49 Revo Uninstaller's restore point - Adobe Shockwave Player 12.1
30-05-2017 22:16:25 Revo Uninstaller's restore point - AVG Security Toolbar
30-05-2017 22:18:05 Revo Uninstaller's restore point - Avira Antivirus
30-05-2017 22:19:58 Revo Uninstaller's restore point - Avira Connect
30-05-2017 22:24:29 Revo Uninstaller's restore point - Avira System Speedup
30-05-2017 22:25:29 Revo Uninstaller's restore point - chip 1-click download service
30-05-2017 22:25:56 chip 1-click download service wurde entfernt.
30-05-2017 22:26:57 Revo Uninstaller's restore point - JDownloader 2
30-05-2017 22:28:07 Revo Uninstaller's restore point - Norton Internet Security
30-05-2017 22:29:38 Revo Uninstaller's restore point - Norton Online Backup
30-05-2017 22:34:18 Removed Norton Online Backup
30-05-2017 22:35:59 Revo Uninstaller's restore point - Adobe AIR
31-05-2017 14:47:01 Revo Uninstaller's restore point - JDownloader 2
31-05-2017 15:06:01 Revo Uninstaller's restore point - Norton Online Backup
31-05-2017 15:10:43 Revo Uninstaller's restore point - Norton Online Backup
31-05-2017 15:13:12 Removed Norton Online Backup
01-06-2017 20:44:18 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (06/03/2017 10:43:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CommonAgent.exe, Version: 1.0.7.5, Zeitstempel: 0x502ddd20
Name des fehlerhaften Moduls: CommonAgent.exe, Version: 1.0.7.5, Zeitstempel: 0x502ddd20
Ausnahmecode: 0x40000015
Fehleroffset: 0x0000000000183835
ID des fehlerhaften Prozesses: 0x1240
Startzeit der fehlerhaften Anwendung: 0x01d2dc4579853bfd
Pfad der fehlerhaften Anwendung: C:\Program Files\Samsung\S Agent\CommonAgent.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Samsung\S Agent\CommonAgent.exe
Berichtskennung: b791261d-4838-11e7-bf7e-e8039af457ef
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (06/03/2017 10:21:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CommonAgent.exe, Version: 1.0.7.5, Zeitstempel: 0x502ddd20
Name des fehlerhaften Moduls: CommonAgent.exe, Version: 1.0.7.5, Zeitstempel: 0x502ddd20
Ausnahmecode: 0x40000015
Fehleroffset: 0x0000000000183835
ID des fehlerhaften Prozesses: 0x7e0
Startzeit der fehlerhaften Anwendung: 0x01d2dc4262067990
Pfad der fehlerhaften Anwendung: C:\Program Files\Samsung\S Agent\CommonAgent.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Samsung\S Agent\CommonAgent.exe
Berichtskennung: a2ee5fcb-4835-11e7-bf7d-e8039af457ef
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (06/03/2017 10:17:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 53.0.3.6347, Zeitstempel: 0x591d55d1
Name des fehlerhaften Moduls: xul.dll, Version: 53.0.3.6347, Zeitstempel: 0x591d59fb
Ausnahmecode: 0x80000003
Fehleroffset: 0x007ffe99
ID des fehlerhaften Prozesses: 0x1154
Startzeit der fehlerhaften Anwendung: 0x01d2db79fdce2d02
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\xul.dll
Berichtskennung: 0569b6a0-4835-11e7-bf7c-e8039af457ef
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (06/02/2017 10:27:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CommonAgent.exe, Version: 1.0.7.5, Zeitstempel: 0x502ddd20
Name des fehlerhaften Moduls: CommonAgent.exe, Version: 1.0.7.5, Zeitstempel: 0x502ddd20
Ausnahmecode: 0x40000015
Fehleroffset: 0x0000000000183835
ID des fehlerhaften Prozesses: 0x974
Startzeit der fehlerhaften Anwendung: 0x01d2db7a082be632
Pfad der fehlerhaften Anwendung: C:\Program Files\Samsung\S Agent\CommonAgent.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Samsung\S Agent\CommonAgent.exe
Berichtskennung: 467cf660-476d-11e7-bf7c-e8039af457ef
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (06/01/2017 11:18:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CommonAgent.exe, Version: 1.0.7.5, Zeitstempel: 0x502ddd20
Name des fehlerhaften Moduls: CommonAgent.exe, Version: 1.0.7.5, Zeitstempel: 0x502ddd20
Ausnahmecode: 0x40000015
Fehleroffset: 0x0000000000183835
ID des fehlerhaften Prozesses: 0x1148
Startzeit der fehlerhaften Anwendung: 0x01d2db1c8ef6dad2
Pfad der fehlerhaften Anwendung: C:\Program Files\Samsung\S Agent\CommonAgent.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Samsung\S Agent\CommonAgent.exe
Berichtskennung: dd6d23c0-470f-11e7-bf7c-e8039af457ef
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (06/01/2017 08:40:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CommonAgent.exe, Version: 1.0.7.5, Zeitstempel: 0x502ddd20
Name des fehlerhaften Moduls: CommonAgent.exe, Version: 1.0.7.5, Zeitstempel: 0x502ddd20
Ausnahmecode: 0x40000015
Fehleroffset: 0x0000000000183835
ID des fehlerhaften Prozesses: 0xf88
Startzeit der fehlerhaften Anwendung: 0x01d2db0678131e5c
Pfad der fehlerhaften Anwendung: C:\Program Files\Samsung\S Agent\CommonAgent.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Samsung\S Agent\CommonAgent.exe
Berichtskennung: d174f55b-46f9-11e7-bf7c-e8039af457ef
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (06/01/2017 08:30:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AdwCleaner_6.047.exe, Version: 0.0.0.0, Zeitstempel: 0x591e43a6
Name des fehlerhaften Moduls: AdwCleaner_6.047.exe, Version: 0.0.0.0, Zeitstempel: 0x591e43a6
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00020fea
ID des fehlerhaften Prozesses: 0x1088
Startzeit der fehlerhaften Anwendung: 0x01d2db040efc0a5b
Pfad der fehlerhaften Anwendung: C:\Users\Kris\Downloads\AdwCleaner_6.047.exe
Pfad des fehlerhaften Moduls: C:\Users\Kris\Downloads\AdwCleaner_6.047.exe
Berichtskennung: 58feba02-46f8-11e7-bf7b-e8039af457ef
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (06/01/2017 12:50:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: EasySettingsCmdServer.exe, Version: 0.0.0.0, Zeitstempel: 0x50376629
Name des fehlerhaften Moduls: EasySettingsBase.dll, Version: 0.0.0.0, Zeitstempel: 0x5037661d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00001f7b
ID des fehlerhaften Prozesses: 0xd30
Startzeit der fehlerhaften Anwendung: 0x01d2da2de4fda74c
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
Berichtskennung: 19b4975a-46b8-11e7-bf7b-e8039af457ef
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (06/01/2017 12:50:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: EasySettingsCmdServer.exe, Version: 0.0.0.0, Zeitstempel: 0x50376629
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.30319.460, Zeitstempel: 0x4db13576
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008cb95
ID des fehlerhaften Prozesses: 0x14f4
Startzeit der fehlerhaften Anwendung: 0x01d2da40ce1a6e48
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Samsung\Settings\CmdServer\MSVCR100.dll
Berichtskennung: 1417fb90-46b8-11e7-bf7b-e8039af457ef
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (06/01/2017 12:49:20 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: nice)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Systemfehler:
=============
Error: (06/03/2017 10:33:22 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
Es wird bereits eine Instanz des Dienstes ausgeführt.
Error: (06/03/2017 10:32:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "CyberGhost 6 Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/03/2017 10:32:52 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/03/2017 10:32:52 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) ME Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/03/2017 10:32:52 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/03/2017 10:32:51 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Malwarebytes Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/03/2017 10:32:51 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PnkBstrB" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/03/2017 10:32:51 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/03/2017 10:32:51 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA Display Container LS" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/03/2017 10:32:51 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===================================
Date: 2017-05-10 10:34:37.554
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-05-10 10:34:36.991
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-05-10 10:34:36.414
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-05-10 10:34:35.835
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-05-10 10:34:35.300
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-05-10 10:34:34.724
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-05-10 10:34:34.156
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-05-10 10:34:33.596
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-05-10 10:34:33.057
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-05-10 10:34:32.522
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 60%
Installierter physikalischer RAM: 3797.53 MB
Verfügbarer physikalischer RAM: 1496.93 MB
Summe virtueller Speicher: 5141.54 MB
Verfügbarer virtueller Speicher: 3094.08 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:439.21 GB) (Free:272.92 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 0014168A)
Partition: GPT.
==================== Ende von Addition.txt ============================ |