| |
| |||||||
Log-Analyse und Auswertung: Emailadresse versendet JunkmailsWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
01.09.2015, 18:41
| #16 |
 |  Emailadresse versendet Junkmails Hier die 3 Logs: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015
durchgeführt von Ig (Administrator) auf MINE (01-09-2015 19:27:01)
Gestartet von C:\Users\Ig\Desktop
Geladene Profile: Ig & postgres (Verfügbare Profile: Ig & postgres)
Platform: Windows 8.1 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler64.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Windows\Runservice.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\pg_ctl.exe
(The Privoxy team - www.privoxy.org) C:\Program Files (x86)\Alfasistem Memory\privoxy.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
() C:\Program Files (x86)\D-Link\DWA-131\WlanWpsSvc.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2RPK.EXE
(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAC9SWK.EXE
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(CREALOGIX AG) C:\Program Files (x86)\CLX.PayPen\CLXReader.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(CANON INC.) C:\Program Files (x86)\Canon\ImageTransferUtility\ImageTransferUtility.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
(D-Link Corp.) C:\Program Files (x86)\D-Link\DWA-131\wirelesscm.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [CNAP2 Launcher] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [226784 2010-10-14] (CANON INC.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-12-11] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKU\S-1-5-21-1149119778-3187664459-3177370801-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-1149119778-3187664459-3177370801-1001\...\Run: [CLXReader] => C:\Program Files (x86)\CLX.PayPen\CLXReader.exe [4406576 2013-04-05] (CREALOGIX AG)
HKU\S-1-5-21-1149119778-3187664459-3177370801-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-12-11] (Samsung)
HKU\S-1-5-21-1149119778-3187664459-3177370801-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632112 2015-07-26] (Electronic Arts)
HKU\S-1-5-21-1149119778-3187664459-3177370801-1007\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-10-29] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Image Transfer Utility.lnk [2014-08-20]
ShortcutTarget: Image Transfer Utility.lnk -> C:\Program Files (x86)\Canon\ImageTransferUtility\ImageTransferUtility.exe (CANON INC.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2014-08-20]
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2013-10-22]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wireless Connection Manager.lnk [2014-06-03]
ShortcutTarget: Wireless Connection Manager.lnk -> C:\Program Files (x86)\D-Link\DWA-131\wirelesscm.exe (D-Link Corp.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
ProxyEnable: [S-1-5-21-1149119778-3187664459-3177370801-1001] => Proxy ist aktiviert.
ProxyServer: [S-1-5-21-1149119778-3187664459-3177370801-1001] => 127.0.0.1:8118
Tcpip\Parameters: [DhcpNameServer] 212.60.61.246 212.60.63.246
Tcpip\..\Interfaces\{C4AACBFA-DA0F-4034-80FF-A69D4A756281}: [DhcpNameServer] 192.168.137.1
Tcpip\..\Interfaces\{DAF29DF8-81D1-4AEF-A1C1-23EE16D82A22}: [DhcpNameServer] 212.60.61.246 212.60.63.246
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
URLSearchHook: [S-1-5-21-1149119778-3187664459-3177370801-1007] ACHTUNG => Standard URLSearchHook fehlt
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-01-10] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-12-17] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-01-10] (Kaspersky Lab ZAO)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-02-18] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-01-10] (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-12-17] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-25] (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-01-10] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-25] (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-02-18] (Kaspersky Lab ZAO)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Ig\AppData\Roaming\Mozilla\Firefox\Profiles\935ycvye.Standard-Benutzer
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-25] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll [2013-09-06] (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-07-26] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-11-11] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-01-10]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-01-10]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-01-10]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-01-10]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-01-10]
Chrome:
=======
CHR Profile: C:\Users\Ig\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Kaspersky Protection) - C:\Users\Ig\AppData\Local\Google\Chrome\User Data\Default\Extensions\blbkdnmdcafmfhinpmnlhhddbepgkeaa [2015-08-31]
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Ig\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2015-08-31]
CHR Extension: (Safe Money) - C:\Users\Ig\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2015-08-31]
CHR Extension: (Dangerous Websites Blocker) - C:\Users\Ig\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2015-08-31]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Ig\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-31]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ig\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-31]
CHR Extension: (Anti-Banner) - C:\Users\Ig\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2015-08-31]
CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-09-21] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2765496 2015-07-14] (Microsoft Corporation)
R2 LicCtrlService; C:\WINDOWS\runservice.exe [2560 2015-02-08] () [Datei ist nicht signiert]
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-30] (IObit)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 MSSQL$JTLWAWI; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29178224 2007-02-10] (Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2007048 2015-07-26] (Electronic Arts)
R2 postgresql-x64-9.0; C:\Program Files\PostgreSQL\9.0\bin\pg_ctl.exe [111104 2012-09-21] (PostgreSQL Global Development Group) [Datei ist nicht signiert]
R2 PrivoxyService; C:\Program Files (x86)\Alfasistem Memory\privoxy.exe [371200 2015-08-29] (The Privoxy team - www.privoxy.org) [Datei ist nicht signiert] <==== ACHTUNG
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [1055008 2015-03-05] (IObit)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 WlanWpsSvc; C:\Program Files (x86)\D-Link\DWA-131\WlanWpsSvc.exe [167936 2008-06-26] () [Datei ist nicht signiert]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AIDA64Driver; C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [32088 2013-06-02] ()
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
S2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [34816 2013-06-19] (Advanced Micro Devices) [Datei ist nicht signiert]
S3 arusb_win7x; C:\Windows\system32\DRIVERS\arusb_win7x.sys [769024 2010-02-23] (Atheros Communications, Inc.) [Datei ist nicht signiert]
S3 athur; C:\Windows\system32\DRIVERS\athuw8x.sys [3744256 2012-11-21] (Qualcomm Atheros Communications, Inc.)
S3 AtiDCM; C:\AMD\WU-CCC2\ccc2_install\Support64\atdcm64a.sys [28416 2014-03-13] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [129536 2013-07-05] (Advanced Micro Devices)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-01-10] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29792 2014-01-10] (Kaspersky Lab)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [115296 2014-03-24] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625760 2014-03-24] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2014-02-18] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [77680 2015-07-30] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178272 2014-01-10] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1975000 2013-07-31] (Realtek Semiconductor Corporation )
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-31 20:17 - 2015-08-31 20:17 - 00002271 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-31 20:17 - 2015-08-31 20:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-31 20:05 - 2015-08-31 20:05 - 00929360 _____ (Google Inc.) C:\Users\Ig\Downloads\ChromeSetup (1).exe
2015-08-31 20:04 - 2015-08-31 20:04 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Ig\Downloads\revosetup95 (1).exe
2015-08-31 20:04 - 2015-08-31 20:04 - 00001284 _____ C:\Users\Ig\Desktop\Revo Uninstaller.lnk
2015-08-31 20:04 - 2015-08-31 20:04 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-08-31 20:00 - 2015-08-31 20:00 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Ig\Downloads\revosetup95.exe
2015-08-29 22:20 - 2015-08-29 22:21 - 00000000 ____D C:\Program Files (x86)\Alfasistem Memory
2015-08-25 19:56 - 2015-08-25 19:56 - 00000000 ____D C:\Users\Ig\AppData\Roaming\Sun
2015-08-25 19:56 - 2015-08-25 19:56 - 00000000 ____D C:\Users\Ig\.oracle_jre_usage
2015-08-24 22:38 - 2015-09-01 19:26 - 00000000 ____D C:\Users\Ig\Desktop\FRST-OlderVersion
2015-08-24 22:37 - 2015-08-24 22:37 - 00001071 _____ C:\Users\Ig\Desktop\checkup.txt
2015-08-24 22:35 - 2015-08-24 22:35 - 00852684 _____ C:\Users\Ig\Desktop\SecurityCheck.exe
2015-08-24 18:11 - 2015-08-24 18:11 - 02870984 _____ (ESET) C:\Users\Ig\Desktop\esetsmartinstaller_deu.exe
2015-08-23 18:56 - 2015-08-25 19:51 - 00000000 ____D C:\ProgramData\ProductData
2015-08-23 18:54 - 2015-08-23 18:54 - 00001492 _____ C:\Users\Ig\Desktop\JRT.txt
2015-08-23 18:52 - 2015-08-23 18:52 - 00000000 ____D C:\Users\Ig\AppData\Roaming\ProductData
2015-08-23 18:45 - 2015-08-23 18:45 - 00000945 _____ C:\Users\Ig\Desktop\AdwCleaner[C9].txt
2015-08-23 18:41 - 2015-08-23 18:41 - 00001193 _____ C:\Users\Ig\Desktop\mbam.txt
2015-08-23 18:19 - 2015-08-23 18:19 - 00001118 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-08-23 18:18 - 2015-08-23 18:18 - 01798576 _____ (Malwarebytes Corporation) C:\Users\Ig\Desktop\JRT.exe
2015-08-23 18:17 - 2015-08-23 18:18 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Ig\Desktop\mbam-setup-2.1.8.1057.exe
2015-08-23 18:17 - 2015-08-23 18:17 - 01605632 _____ C:\Users\Ig\Desktop\AdwCleaner_5.003.exe
2015-08-22 14:26 - 2015-08-22 14:53 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-08-22 14:24 - 2015-08-22 14:53 - 00000000 ____D C:\Users\Ig\Desktop\mbar
2015-08-22 14:20 - 2015-08-22 14:20 - 16563304 _____ (Malwarebytes Corp.) C:\Users\Ig\Desktop\mbar-1.09.2.1008.exe
2015-08-22 13:59 - 2015-08-22 13:59 - 00016761 _____ C:\Users\Ig\Desktop\Gmer.zip
2015-08-22 13:15 - 2015-08-22 13:38 - 00420936 _____ C:\Users\Ig\Desktop\Gmer.txt
2015-08-22 13:15 - 2015-08-22 13:15 - 00000093 ____H C:\Users\Ig\Desktop\.~lock.Gmer.txt#
2015-08-22 13:05 - 2015-08-22 13:06 - 00048271 _____ C:\Users\Ig\Desktop\Addition.txt
2015-08-22 13:04 - 2015-09-01 19:27 - 00021563 _____ C:\Users\Ig\Desktop\FRST.txt
2015-08-22 13:04 - 2015-09-01 19:27 - 00000000 ____D C:\FRST
2015-08-22 13:02 - 2015-08-22 13:02 - 00380416 _____ C:\Users\Ig\Desktop\Gmer-19357.exe
2015-08-22 13:01 - 2015-09-01 19:26 - 02188800 _____ (Farbar) C:\Users\Ig\Desktop\FRST64.exe
2015-08-22 13:01 - 2015-08-22 13:36 - 00000468 _____ C:\Users\Ig\Desktop\defogger_disable.log
2015-08-22 13:01 - 2015-08-22 13:01 - 00000000 _____ C:\Users\Ig\defogger_reenable
2015-08-22 12:59 - 2015-08-22 12:59 - 00050477 _____ C:\Users\Ig\Downloads\Defogger (1).exe
2015-08-22 12:58 - 2015-08-22 12:58 - 00050477 _____ C:\Users\Ig\Desktop\Defogger.exe
2015-08-20 12:29 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-20 12:29 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-12 18:21 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 18:21 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 18:11 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-08-12 18:11 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-12 18:11 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-08-12 18:11 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-08-12 18:11 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-08-12 18:11 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-12 18:11 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-08-12 18:11 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-08-12 18:11 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-08-12 18:11 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-08-12 18:11 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-12 18:11 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-12 18:11 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-12 18:11 - 2015-06-09 20:27 - 00411133 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-08-12 18:10 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-08-12 18:10 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-08-12 18:10 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-12 18:10 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-12 18:10 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-08-12 18:10 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-08-12 18:10 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-08-12 18:10 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-08-12 18:10 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-08-12 18:10 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-12 18:10 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-08-12 18:10 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-08-12 18:10 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-08-12 18:10 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-08-12 18:10 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-08-12 18:10 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-08-12 18:10 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-12 18:10 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-08-12 18:10 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-12 18:10 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-12 18:10 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-12 18:10 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-08-12 18:10 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-12 18:10 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-12 18:10 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-08-12 18:10 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-12 18:10 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-12 18:10 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-08-12 18:09 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-12 18:09 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-12 18:09 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-12 18:09 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-12 18:09 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-08-12 18:09 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-08-12 18:09 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-08-12 18:09 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-08-12 18:09 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-08-12 18:09 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-12 18:09 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-08-12 18:09 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-12 18:09 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-12 18:09 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-12 18:09 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-12 18:09 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-12 18:09 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-12 18:09 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-12 18:09 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-12 18:09 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-12 18:09 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2015-08-12 18:09 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2015-08-12 18:09 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-08-12 18:09 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-08-12 18:09 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2015-08-12 18:09 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2015-08-12 18:09 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-08-12 18:09 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-12 18:09 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-08-12 18:09 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-08-12 18:09 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-08-12 18:09 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-08-12 18:09 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-08-12 18:09 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-12 18:09 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-12 18:09 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-12 18:09 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-08-12 18:09 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-08-12 18:09 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-08-12 18:09 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-08-12 18:09 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-08-12 18:09 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-08-12 18:09 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2015-08-12 18:09 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-12 18:09 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-12 18:09 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-08-12 18:09 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-08-12 18:09 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-08-11 16:36 - 2015-08-11 16:36 - 00000000 ____D C:\Users\Ig\AppData\Roaming\Windows Updater
2015-08-04 18:47 - 2015-08-19 18:48 - 00003844 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1438706836
2015-08-04 18:46 - 2015-08-04 18:46 - 00703440 _____ (Opera Software) C:\Users\Ig\Downloads\Opera_NI_stable.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-01 19:10 - 2014-01-10 20:42 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-09-01 19:07 - 2013-11-26 19:31 - 01445366 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-01 19:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-01 18:53 - 2013-10-17 19:18 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-01 18:41 - 2013-09-16 15:41 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-09-01 17:53 - 2013-10-17 19:18 - 00001124 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-01 17:44 - 2014-02-02 13:36 - 00000000 ____D C:\Users\Ig\AppData\Roaming\vlc
2015-09-01 17:02 - 2014-01-04 19:34 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2015-09-01 16:58 - 2013-09-30 06:14 - 01924612 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-01 16:58 - 2013-09-30 05:56 - 00821570 _____ C:\WINDOWS\system32\perfh007.dat
2015-09-01 16:58 - 2013-09-30 05:56 - 00182886 _____ C:\WINDOWS\system32\perfc007.dat
2015-09-01 16:55 - 2014-02-02 13:41 - 00003902 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{33CAA2F9-1C62-49EA-8B91-CFEE7FF50469}
2015-09-01 16:52 - 2013-11-26 19:42 - 00000000 __RDO C:\Users\Ig\SkyDrive
2015-09-01 16:52 - 2013-09-13 16:07 - 00000000 ____D C:\Program Files (x86)\Steam
2015-09-01 16:51 - 2015-05-27 18:59 - 00010114 _____ C:\WINDOWS\setupact.log
2015-09-01 16:51 - 2015-02-08 18:06 - 00001713 ___SH C:\WINDOWS\SysWOW64\mmf.sys
2015-09-01 16:51 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-31 20:48 - 2013-09-13 15:50 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1149119778-3187664459-3177370801-1001
2015-08-31 20:25 - 2015-05-28 18:26 - 00129014 _____ C:\WINDOWS\PFRO.log
2015-08-31 20:25 - 2014-04-20 12:11 - 00000000 ____D C:\ProgramData\Origin
2015-08-31 20:22 - 2013-09-13 23:38 - 00000000 ____D C:\Program Files (x86)\Opera
2015-08-31 20:20 - 2013-09-16 19:43 - 00000000 ____D C:\Program Files (x86)\IObit
2015-08-31 20:14 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-08-30 08:52 - 2015-07-25 15:16 - 00000000 ____D C:\Users\Ig\AppData\Roaming\Pro Cycling Manager 2015
2015-08-30 08:32 - 2015-07-25 15:16 - 00000000 ____D C:\Users\Ig\Documents\Pro Cycling Manager 2015
2015-08-29 21:58 - 2015-07-14 19:37 - 00000946 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-08-28 17:48 - 2013-10-17 19:18 - 00004100 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-28 17:48 - 2013-10-17 19:18 - 00003864 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-25 20:04 - 2013-10-09 21:34 - 00124416 ___SH C:\Users\Ig\Desktop\Thumbs.db
2015-08-25 19:57 - 2014-10-21 17:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-08-25 19:57 - 2013-09-18 18:55 - 00000000 ____D C:\ProgramData\Oracle
2015-08-25 19:56 - 2014-10-21 17:48 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-08-25 19:56 - 2014-10-21 17:48 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-25 19:56 - 2013-11-26 19:28 - 00000000 ____D C:\Users\Ig
2015-08-23 18:48 - 2014-01-10 18:39 - 00000000 ____D C:\AdwCleaner
2015-08-23 18:20 - 2015-04-28 18:34 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-08-23 18:19 - 2015-04-28 18:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-08-23 18:19 - 2015-04-28 18:34 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-08-23 04:58 - 2014-07-26 17:54 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-08-23 04:14 - 2014-07-26 17:57 - 00005108 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for MINE-Ig Mine
2015-08-20 20:59 - 2014-07-26 17:57 - 00003082 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1149119778-3187664459-3177370801-1001
2015-08-20 20:59 - 2014-07-26 17:57 - 00000000 ___RD C:\Users\Ig\OneDrive
2015-08-20 12:29 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-15 23:39 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-08-14 05:58 - 2013-10-05 19:33 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-14 05:58 - 2013-10-05 19:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-14 05:58 - 2013-08-22 16:44 - 00508344 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-13 22:17 - 2015-04-15 22:07 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-13 22:17 - 2015-03-13 23:18 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-08-13 22:17 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-13 22:17 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-13 22:17 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-13 22:17 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-13 18:39 - 2015-07-09 19:51 - 00000000 ____D C:\Users\Ig\AppData\Local\Deployment
2015-08-13 18:39 - 2013-10-17 19:18 - 00000000 ____D C:\Program Files (x86)\Google
2015-08-13 18:39 - 2013-10-17 19:17 - 00000000 ____D C:\Users\Ig\AppData\Local\Google
2015-08-12 20:41 - 2015-07-14 19:37 - 00003896 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-08-12 20:41 - 2013-09-16 15:41 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-08-12 18:22 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-12 18:21 - 2013-10-05 19:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-12 18:18 - 2013-09-14 19:46 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-12 18:15 - 2013-09-14 19:46 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-12 18:12 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-12 18:12 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-11 22:29 - 2013-11-28 19:08 - 00000000 ___RD C:\WINDOWS\BrowserChoice
2015-08-08 15:55 - 2013-08-22 17:38 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-08 15:55 - 2013-08-22 17:38 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-04 18:47 - 2013-09-13 23:39 - 00000000 ____D C:\Users\Ig\AppData\Roaming\Opera Software
2015-08-04 18:47 - 2013-09-13 23:39 - 00000000 ____D C:\Users\Ig\AppData\Local\Opera Software
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-03-28 16:36 - 2015-03-28 16:36 - 0009662 _____ () C:\Users\Ig\AppData\Roaming\em_64x64.ico
2014-06-19 10:50 - 2014-06-19 10:50 - 0000024 _____ () C:\Users\Ig\AppData\Roaming\temp.ini
2013-10-22 16:29 - 2013-10-22 16:29 - 0005002 _____ () C:\ProgramData\flwjycbm.bab
Einige Dateien in TEMP:
====================
C:\Users\Ig\AppData\Local\Temp\hp_u_439343.exe
C:\Users\Ig\AppData\Local\Temp\vlc-2.2.1-win32.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-09-01 17:01
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:31-08-2015
durchgeführt von Ig (2015-09-01 19:28:15)
Gestartet von C:\Users\Ig\Desktop
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1149119778-3187664459-3177370801-500 - Administrator - Disabled)
Gast (S-1-5-21-1149119778-3187664459-3177370801-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1149119778-3187664459-3177370801-1009 - Limited - Enabled)
Ig (S-1-5-21-1149119778-3187664459-3177370801-1001 - Administrator - Enabled) => C:\Users\Ig
postgres (S-1-5-21-1149119778-3187664459-3177370801-1007 - Limited - Enabled) => C:\Users\postgres
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Internet Security (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AIDA64 Extreme Edition v3.00 (HKLM-x32\...\AIDA64 Extreme Edition_is1) (Version: 3.00 - FinalWire Ltd.)
AMD Catalyst Install Manager (HKLM\...\{05F0EE9C-A87B-01B5-EE44-F344F6CC9023}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Canon LBP7200C (HKLM\...\Canon LBP7200C) (Version: - )
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC) (Version: 8.10.3.23 - Canon Inc.)
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.14.10.0 - Canon Inc.)
Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.5.0.6 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
CLX.PayPen - CLX.PayPen Wireless (HKLM-x32\...\{7A744C96-D643-424E-A3B8-ECA2239728AD}) (Version: 3.0.0.0 - CREALOGIX)
Crusader Kings II (HKLM-x32\...\Steam App 203770) (Version: - Paradox Development Studio)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
D-Link DWA-131 Wireless N Nano USB Adapter (HKLM-x32\...\{98B82958-1DCA-4504-BE88-C91F1C7A7225}) (Version: 1 - D-Link)
EasyBCD 2.2 (HKLM-x32\...\EasyBCD) (Version: 2.2 - NeoSmart Technologies)
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version: - Paradox Development Studio)
Football Manager 2014 Editor (HKLM-x32\...\Steam App 242460) (Version: - )
Football Manager 2015 (HKLM-x32\...\Steam App 295270) (Version: - Sports Interactive)
Football Manager 2015 Editor (HKLM-x32\...\Steam App 295350) (Version: - )
GDR 3077 for SQL Server Tools and Workstation Components 2005 ENU (KB960089) (HKLM-x32\...\KB960089_SQLTools9) (Version: 9.2.3077 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version: - IO Interactive)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.130.10 - McAfee, Inc.)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4745.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1149119778-3187664459-3177370801-1001\...\OneDriveSetup.exe) (Version: 17.3.5930.0814 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 Upgrade Advisor (HKLM\...\{40FEBDD7-4F19-4131-B575-30738BD36C25}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{519918B9-24E9-4227-B927-9DD4F0FDBD0E}) (Version: 9.00.3042.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{DD6290F5-9620-4FF6-AF3F-454465782B1A}) (Version: 9.00.3042.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MSI Kombustor 2.5.0 (HKLM-x32\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version: - MSI Co., LTD)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.0.11.77 - Electronic Arts, Inc.)
PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars)
PokerTracker 4 (remove only) (HKLM-x32\...\PokerTracker4) (Version: - )
PostgreSQL 9.0 (HKLM\...\PostgreSQL 9.0) (Version: 9.0 - PostgreSQL Global Development Group)
Pro Cycling Manager 2015 (HKLM-x32\...\Steam App 322850) (Version: - Cyanide Studio)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.1.13105_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.1.13105_7 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 2.1.0 - IObit)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
TEW2013 (HKLM-x32\...\TEW2013) (Version: - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Tropico 5 (HKLM-x32\...\Steam App 245620) (Version: - Haemimont Games)
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (HKLM-x32\...\{07629207-FAA0-4F1A-8092-BF5085BE511F}) (Version: 9.00.3042.00 - Microsoft Corporation)
Victoria II (HKLM-x32\...\Steam App 42960) (Version: - Paradox Development Studio)
Victoria: Revolutions (HKLM-x32\...\Steam App 42980) (Version: - Paradox Development Studio)
VLC media player 2.1.1 (HKLM-x32\...\VLC media player) (Version: 2.1.1 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows-Treiberpaket - C Technologies AB (PayPen) Input Pen (09/28/2007 2.0.0.0) (HKLM\...\FF0C660232778E730A83A02DA620652B3CF36C07) (Version: 09/28/2007 2.0.0.0 - C Technologies AB)
WinRAR 4.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1149119778-3187664459-3177370801-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Ig\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Wiederherstellungspunkte =========================
22-08-2015 02:12:07 Windows Update
23-08-2015 18:49:38 JRT Pre-Junkware Removal
26-08-2015 20:01:02 Windows Update
30-08-2015 09:46:18 Windows Update
31-08-2015 20:07:00 Revo Uninstaller's restore point - Google Chrome
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {564493E0-E139-43A4-9F92-9FEB28DAEA14} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12] (Adobe Systems Incorporated)
Task: {590B305A-128F-4FE5-85B8-4EC0C0371453} - \HDvid Codec V1-updater -> Keine Datei <==== ACHTUNG
Task: {5C7EDCA4-AE11-4921-A2C1-A589B11791AE} - System32\Tasks\Grand Panda Updater => C:\Program Files (x86)\PrivateVPN\gpup.exe <==== ACHTUNG
Task: {5FAF505E-B740-4A4E-9834-944232B07BE7} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-07-14] (Microsoft Corporation)
Task: {6879333F-AF9E-4381-9A8F-E818D18F8494} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1149119778-3187664459-3177370801-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {787C3F85-8CC7-4BAA-BCE3-FC7DA1B283FC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-12] (Microsoft Corporation)
Task: {7F05A096-9EFF-4946-9AB8-F59B7B69B831} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {8D92BC89-4CAF-4393-8DEE-F847A8F6CFC9} - System32\Tasks\Microsoft Office 15 Sync Maintenance for MINE-Ig Mine => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-06-02] (Microsoft Corporation)
Task: {9235BC36-6736-405E-A6E7-7CE7763DBBEE} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {A43CDF16-45B4-4770-BD38-D3E576854461} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {A8ECA95F-7817-44DA-9578-AF9AF5150787} - System32\Tasks\Application Defender Job => C:\Program Files (x86)\Application Defender\ApplicationDefender.exe [2015-07-29] (Secure Best Updater)
Task: {ABDE4367-0486-4256-AF57-00D9EC04F062} - \HDvid Codec V1-enabler -> Keine Datei <==== ACHTUNG
Task: {AC897904-E547-494A-AB22-90E1101C1702} - System32\Tasks\Opera scheduled Autoupdate 1438706836 => C:\Program Files (x86)\Opera\launcher.exe
Task: {B042A0BB-E3DE-433F-850F-B2970F4ED387} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-14] (Microsoft Corporation)
Task: {D97F93D2-3B6E-4D16-B400-70E232D428D2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-14] (Microsoft Corporation)
Task: {FD519112-52C0-4E09-B3A4-285A4C3C1E37} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_232_pepper.exe [2015-08-12] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_232_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-09-13 16:22 - 2012-02-17 20:55 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2014-07-26 17:54 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-02-08 18:05 - 2015-02-08 18:05 - 00002560 _____ () C:\WINDOWS\runservice.exe
2013-10-22 16:35 - 2012-09-21 09:55 - 00217600 _____ () C:\Program Files\PostgreSQL\9.0\bin\LIBPQ.dll
2013-10-22 16:36 - 2012-08-14 14:02 - 02258432 _____ () C:\Program Files\PostgreSQL\9.0\bin\libxml2.dll
2014-06-03 19:31 - 2008-06-26 19:09 - 00167936 _____ () C:\Program Files (x86)\D-Link\DWA-131\WlanWpsSvc.exe
2014-08-20 18:46 - 2014-04-08 09:13 - 00069120 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
2013-06-17 13:35 - 2013-06-17 13:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2013-05-08 15:52 - 2013-05-08 15:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll
2015-02-08 18:05 - 2015-02-08 18:05 - 00048640 _____ () C:\WINDOWS\mmfs.dll
2013-12-20 18:18 - 2014-10-16 11:26 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2015-08-29 22:20 - 2015-08-29 22:20 - 00086528 _____ () C:\Program Files (x86)\Alfasistem Memory\mgwz.dll
2013-09-16 19:43 - 2015-03-05 16:34 - 00348960 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madExcept_.bpl
2013-09-16 19:43 - 2015-03-05 16:33 - 00180856 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madBasic_.bpl
2013-09-16 19:43 - 2015-03-05 16:34 - 00050976 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madDisAsm_.bpl
2015-01-23 20:53 - 2015-03-05 16:35 - 00268920 _____ () C:\Program Files (x86)\IObit\Start Menu 8\sqlite3.dll
2015-01-23 20:53 - 2015-03-05 16:34 - 00053024 _____ () C:\Program Files (x86)\IObit\Start Menu 8\parseAuto.dll
2015-01-23 20:53 - 2015-03-05 16:34 - 00622880 _____ () C:\Program Files (x86)\IObit\Start Menu 8\ProductStatistics.dll
2013-09-16 19:43 - 2015-03-05 16:36 - 00041248 _____ () C:\Program Files (x86)\IObit\Start Menu 8\winkey.dll
2013-08-21 14:18 - 2015-07-03 18:12 - 00778240 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-20 19:39 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-05-22 06:11 - 2015-08-19 22:39 - 02413248 _____ () C:\Program Files (x86)\Steam\video.dll
2015-01-20 19:39 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-20 19:39 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-08-30 11:24 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-30 11:24 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-30 11:24 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-30 11:24 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-30 11:24 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2013-09-06 12:55 - 2015-08-19 22:39 - 00704192 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-23 17:26 - 2015-07-27 03:13 - 00171008 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2013-08-07 11:31 - 2015-07-03 18:12 - 39553928 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-08-20 18:46 - 2014-04-08 09:08 - 00112128 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFMFileSystemWatcher.dll
2014-06-03 19:31 - 2013-10-15 19:09 - 00413696 _____ () C:\Program Files (x86)\D-Link\DWA-131\WlanDll.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9
AlternateDataStreams: C:\Users\Ig\SkyDrive:ms-properties
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1149119778-3187664459-3177370801-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ig\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-1149119778-3187664459-3177370801-1007\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 212.60.61.246 - 212.60.63.246
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [UDP Query User{E5BA152E-1ACE-4408-BD59-8A49D4042DDE}C:\program files (x86)\steam\steamapps\common\europa universalis iv\eu4.exe] => (Block) C:\program files (x86)\steam\steamapps\common\europa universalis iv\eu4.exe
FirewallRules: [TCP Query User{675CF8A8-62B6-4052-B591-E2A2FC5D3BEF}C:\program files (x86)\steam\steamapps\common\europa universalis iv\eu4.exe] => (Block) C:\program files (x86)\steam\steamapps\common\europa universalis iv\eu4.exe
FirewallRules: [{BA8AA518-53E3-4B77-81BB-0FDAC85E74B4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Europa Universalis IV\eu4_launch.exe
FirewallRules: [{1BCA270E-ED1E-4386-AFC4-00BE8D83EE53}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Europa Universalis IV\eu4_launch.exe
FirewallRules: [{934F64D8-0006-417F-B936-CFDD6DE1E7AD}] => (Allow) C:\ProgramData\eSafe\eGdpSvc.exe
FirewallRules: [{619E4638-FB26-4BC4-BF2E-66C4DB8AE8DD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{61AB1306-C351-40B0-A971-7EDA79E9285B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [UDP Query User{3B8F27F0-F0A2-4A82-A0AE-981B4E0DB17C}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [TCP Query User{6F5A639F-4DF2-4703-95F6-97E2F2E5A18F}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{A1C7EEB7-7709-424A-8FF6-55583F3C2203}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [TCP Query User{50E960F5-CC41-4822-A5D6-6A029668344D}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [{739FB14C-61E8-4872-8821-464256784BD0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\empire total war\Empire.exe
FirewallRules: [{145C9AD9-629C-4B55-8837-A20E528F8201}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\empire total war\Empire.exe
FirewallRules: [{7A89F052-BC20-4612-B084-51EC0A1ADA9C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0C8CB7D4-B7A7-4B0B-9FA6-3F2B47F15BD0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{92DC5B0B-822D-4070-844D-2FB65A4CCC88}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{9ED101CE-C043-4A95-BA4C-C2668F7DBC26}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [TCP Query User{FD446011-E66F-43E4-941A-6FD579983297}C:\abamsoft\finos\finos.exe] => (Allow) C:\abamsoft\finos\finos.exe
FirewallRules: [UDP Query User{18F42F6C-46DA-42FB-B789-35D8022D80F2}C:\abamsoft\finos\finos.exe] => (Allow) C:\abamsoft\finos\finos.exe
FirewallRules: [{77D3E11B-3079-40ED-ADD4-ABB0026C5ADE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Europa Universalis IV\eu4_launch.exe
FirewallRules: [{0725FFED-3C23-4D1F-B3E0-4233DCC048CE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Europa Universalis IV\eu4_launch.exe
FirewallRules: [{3BB4F352-B3FC-48FC-A84D-40F2F324E91C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{AD6E7316-89B1-410C-925D-6D9DDDDFCE93}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{2C582F87-24BC-40C4-962F-565E4C52B2B9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{ABB57FBA-D419-4CE0-80AB-846B76BF6889}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{3E98F2E4-2BB8-45AA-BA7D-18C738C141CF}] => (Allow) C:\Users\Ig\Downloads\QuicklineWLANoptimizer.exe
FirewallRules: [{5BC6A309-2CAB-4CF4-B138-1B7AE6DA7F9F}] => (Allow) C:\Users\Ig\Downloads\QuicklineWLANoptimizer.exe
FirewallRules: [{B05AE6E1-83CA-44BF-8A7E-71A269FAAE15}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tropico 5\Tropico5Steam.exe
FirewallRules: [{D1D7D147-6795-4282-8193-0122DBC8B267}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tropico 5\Tropico5Steam.exe
FirewallRules: [{8DA2D8FC-268E-4B82-AD03-9C3DB3C48411}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{0AEF3AAE-5F55-4C7C-BE78-126A97969F74}] => (Allow) C:\Users\Ig\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{EA1D40D3-406C-49C0-85F1-F7AAC5A692BA}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C1B47529-8128-4474-BA39-6A385EAFC139}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{7019ACDD-DA0D-4F6C-BEA6-D0FDD9ED873D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Football Manager 2014 Editor\editor.exe
FirewallRules: [{8195B1D3-BA50-4C68-9D33-B16B3E51C45B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Football Manager 2014 Editor\editor.exe
FirewallRules: [{D5781E08-EE7B-4137-A222-A69E8441826A}] => (Allow) C:\Users\Ig\Downloads\3-4-3-bath.tac_downloader.exe
FirewallRules: [{2BE2DD0D-E93C-41A8-B27F-6A391357CF61}] => (Allow) C:\Users\Ig\Downloads\3-4-3-bath.tac_downloader.exe
FirewallRules: [{48C892BC-37F5-4877-BE6A-1A00AA9FA644}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{E453F639-2787-465D-92FD-2274D4837BBC}] => (Allow) LPort=2869
FirewallRules: [{DC766E5D-4F64-4ABA-8ADE-74A886AA8DEC}] => (Allow) LPort=1900
FirewallRules: [{999FD1EF-3FE0-4F50-AC12-11B4075DE2AE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Victoria Revolutions\Victoria.exe
FirewallRules: [{447CF24B-9415-4389-BAAE-F5341B8C4DB7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Victoria Revolutions\Victoria.exe
FirewallRules: [{4F00C33B-ABD3-4FFF-82A9-E847C4281550}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Victoria 2\victoria2.exe
FirewallRules: [{2138AE28-9F62-40E1-8D6B-46BFD223E758}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Victoria 2\victoria2.exe
FirewallRules: [{4BA88060-1B89-47C4-B6A6-8DDEA557A921}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{79C1E991-C01C-42F4-A0DB-15DEAD0BFB92}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{99288F18-9C06-42F4-A930-8A39F19C23D1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Football Manager 2015\fm.exe
FirewallRules: [{F646824A-41BE-40AF-84C5-769DF6D4401D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Football Manager 2015\fm.exe
FirewallRules: [{3EAADF28-24DD-477D-859A-57B89F404E5A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Football Manager 2015 Editor\editor.exe
FirewallRules: [{5189059A-FEA8-4365-AC77-97D26C969FE2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Football Manager 2015 Editor\editor.exe
FirewallRules: [{C157C953-4663-4643-A5EB-AC9EC6BCCD35}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Pro Cycling Manager 2015\PCM.exe
FirewallRules: [{FE0F94BF-2711-4592-8E98-8A8CA8D97182}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Pro Cycling Manager 2015\PCM.exe
FirewallRules: [{24BCAEEC-BB49-4A26-939D-00F1E5923E7C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{AEDA0889-33CC-4806-8A72-CF9E7E3FB0E6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{E158BA9F-EF9E-4868-ACF5-7DCEF434D084}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/01/2015 05:36:42 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: MSSQL$JTLWAWI8
Error: (09/01/2015 05:03:46 PM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft SQL Server 2005 Express Edition - Update "GDR 3077 for SQL Server Database Services 2005 ENU (KB960089)" konnte nicht installiert werden. Fehlercode 1603. Weitere Informationen sind in der Protokolldatei C:\Program Files (x86)\Microsoft SQL Server\90\Setup Bootstrap\LOG\Hotfix\SQL9_Hotfix_KB960089_sqlrun_sql.msp.log enthalten.
Error: (09/01/2015 05:03:16 PM) (Source: MsiInstaller) (EventID: 11920) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft SQL Server 2005 Express Edition -- Fehler 1920. Dienst "SQL Server VSS Writer" (SQLWriter) konnte nicht gestartet werden. Überprüfen Sie, ob Sie ausreichende Berechtigungen zum Starten von Systemdiensten besitzen.
Error: (09/01/2015 05:03:16 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (09/01/2015 05:03:11 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (09/01/2015 05:03:06 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (09/01/2015 05:03:01 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (09/01/2015 05:02:56 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (09/01/2015 05:02:51 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (09/01/2015 05:02:46 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Systemfehler:
=============
Error: (09/01/2015 05:03:50 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80240020 fehlgeschlagen: Upgrade auf Windows 10 Pro
Error: (09/01/2015 05:03:50 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für SQL Server 2005 Service Pack 2 (KB960089)
Error: (09/01/2015 05:03:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SQL Server VSS Writer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%14001
Error: (09/01/2015 05:03:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SQL Server VSS Writer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%14001
Error: (09/01/2015 05:03:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SQL Server VSS Writer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%14001
Error: (09/01/2015 05:03:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SQL Server VSS Writer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%14001
Error: (09/01/2015 05:02:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SQL Server VSS Writer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%14001
Error: (09/01/2015 05:02:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SQL Server VSS Writer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%14001
Error: (09/01/2015 05:02:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SQL Server VSS Writer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%14001
Error: (09/01/2015 04:52:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Microsoft Office:
=========================
Error: (09/01/2015 05:36:42 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: MSSQL$JTLWAWI8
Error: (09/01/2015 05:03:46 PM) (Source: MsiInstaller) (EventID: 1023) (User: NT-AUTORITÄT)
Description: Microsoft SQL Server 2005 Express EditionGDR 3077 for SQL Server Database Services 2005 ENU (KB960089)1603C:\Program Files (x86)\Microsoft SQL Server\90\Setup Bootstrap\LOG\Hotfix\SQL9_Hotfix_KB960089_sqlrun_sql.msp.log(NULL)(NULL)
Error: (09/01/2015 05:03:16 PM) (Source: MsiInstaller) (EventID: 11920) (User: NT-AUTORITÄT)
Description: Produkt: Microsoft SQL Server 2005 Express Edition -- Fehler 1920. Dienst "SQL Server VSS Writer" (SQLWriter) konnte nicht gestartet werden. Überprüfen Sie, ob Sie ausreichende Berechtigungen zum Starten von Systemdiensten besitzen.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/01/2015 05:03:16 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
Error: (09/01/2015 05:03:11 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
Error: (09/01/2015 05:03:06 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
Error: (09/01/2015 05:03:01 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
Error: (09/01/2015 05:02:56 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
Error: (09/01/2015 05:02:51 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
Error: (09/01/2015 05:02:46 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
CodeIntegrity:
===================================
Date: 2015-09-01 16:52:01.205
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume7\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-09-01 16:51:52.376
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume7\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-31 20:25:25.313
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume7\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-31 20:25:16.452
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume7\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-31 20:15:40.398
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume7\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-31 20:15:31.568
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume7\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-31 16:40:28.744
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume7\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-31 16:40:19.930
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume7\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-30 08:31:15.796
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume7\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-30 08:31:06.982
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume7\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
Prozessor: AMD FX(tm)-8320 Eight-Core Processor
Prozentuale Nutzung des RAM: 20%
Installierter physikalischer RAM: 8152.74 MB
Verfügbarer physikalischer RAM: 6517.72 MB
Summe virtueller Speicher: 9432.74 MB
Verfügbarer virtueller Speicher: 5518.61 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:232.37 GB) (Free:67.75 GB) NTFS
Drive d: (The Hunt for Jumbo Tosai) (CDROM) (Total:3.87 GB) (Free:0 GB) UDF
Drive e: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive f: (COMPAQ) (Fixed) (Total:917.94 GB) (Free:639.41 GB) NTFS
Drive g: (FACTORY_IMAGE) (Fixed) (Total:13.47 GB) (Free:2.39 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive h: () (Removable) (Total:7.4 GB) (Free:5.28 GB) FAT32
Drive j: (JTL BACKUP) (Removable) (Total:1.87 GB) (Free:1.82 GB) FAT
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=917.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 2 (Size: 7.4 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 1.9 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=1.9 GB) - (Type=06)
==================== Ende von Addition.txt ============================
|
|
01.09.2015, 18:42
| #17 |
| | Emailadresse versendet JunkmailsCode:
ATTFilter Untersuchungsergebnis der Verknüpfungen des Benutzers (x64) Version:31-08-2015
durchgeführt von Ig (2015-09-01 19:29:00)
Gestartet von C:\Users\Ig\Desktop
Start-Modus: Normal
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\PokerStars.lnk -> C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-1031-7B44-AB0000000001}\SC_Reader.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk -> C:\Program Files (x86)\Audacity\audacity.exe (The Audacity Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camera.lnk -> C:\Windows\Camera\Camera.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk -> C:\Windows\FileManager\FileManager.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk -> C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe (Google)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotosApp.lnk -> C:\Windows\FileManager\PhotosApp.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk -> C:\Program Files (x86)\Windows Live\Mail\wlmail.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Store.lnk -> C:\Windows\WinStore\WinStore.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files (x86)\VideoLAN\VLC\Documentation.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TEW2013\TEW2013.lnk -> C:\Program Files (x86)\GDS\TEW2013\TEW2013.exe (Ryality Bytes Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.lnk -> C:\Windows\Installer\{048298C9-A4D3-490B-9FF9-AB023A9238F3}\Icon048298C92.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\Image Transfer Utility.lnk -> C:\Program Files (x86)\Canon\ImageTransferUtility\ImageTransferUtility.exe (CANON INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (McAfee, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\Wireless Connection Manager.lnk -> C:\Program Files (x86)\D-Link\DWA-131\wirelesscm.exe (D-Link Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8\Start Menu 8 entfernen.lnk -> C:\Program Files (x86)\IObit\Start Menu 8\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies\Samsung Kies.lnk -> C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 9.0\Application Stack Builder.lnk -> C:\Program Files\PostgreSQL\9.0\bin\stackbuilder.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 9.0\pgAdmin III.lnk -> C:\Program Files\PostgreSQL\9.0\bin\pgAdmin3.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 9.0\SQL Shell (psql).lnk -> C:\Program Files\PostgreSQL\9.0\scripts\runpsql.bat ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 9.0\Documentation\pgAdmin documentation (Czech).lnk -> C:\Program Files\PostgreSQL\9.0\pgAdmin III\docs\cs_CZ\pgadmin3.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 9.0\Documentation\pgAdmin documentation (English).lnk -> C:\Program Files\PostgreSQL\9.0\pgAdmin III\docs\en_US\pgadmin3.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 9.0\Documentation\pgAdmin documentation (French).lnk -> C:\Program Files\PostgreSQL\9.0\pgAdmin III\docs\fr_FR\pgadmin3.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerTracker 4\PokerTracker 4.lnk -> C:\Program Files (x86)\PokerTracker 4\PokerTracker4.exe (PokerTracker Software, LLC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerTracker 4\Uninstall PokerTracker 4.lnk -> C:\Program Files (x86)\PokerTracker 4\uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars\Network Status.lnk -> C:\Program Files (x86)\PokerStars\Tracer.exe (PokerStars)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars\PokerStars.lnk -> C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Deinstallieren von Origin.lnk -> C:\Program Files (x86)\Origin\OriginUninstall.exe (Electronic Arts, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin Error Reporter.lnk -> C:\Program Files (x86)\Origin\OriginER.exe (Electronic Arts)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin.lnk -> C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1\OpenOffice Base.lnk -> C:\Program Files (x86)\OpenOffice 4\program\sbase.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1\OpenOffice Calc.lnk -> C:\Program Files (x86)\OpenOffice 4\program\scalc.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1\OpenOffice Draw.lnk -> C:\Program Files (x86)\OpenOffice 4\program\sdraw.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1\OpenOffice Impress.lnk -> C:\Program Files (x86)\OpenOffice 4\program\simpress.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1\OpenOffice Math.lnk -> C:\Program Files (x86)\OpenOffice 4\program\smath.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1\OpenOffice Writer.lnk -> C:\Program Files (x86)\OpenOffice 4\program\swriter.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1\OpenOffice.lnk -> C:\Program Files (x86)\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NeoSmart Technologies\EasyBCD\EasyBCD 2.2.lnk -> C:\Program Files (x86)\NeoSmart Technologies\EasyBCD\EasyBCD.exe (NeoSmart Technologies)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NeoSmart Technologies\EasyBCD\Uninstall EasyBCD.lnk -> C:\Program Files (x86)\NeoSmart Technologies\EasyBCD\uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.5\MSI Kombustor 2.5.lnk -> C:\Program Files (x86)\MSI Kombustor 2.5\KLoaderWin32.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.5\Uninstall MSI Kombustor.lnk -> C:\Program Files (x86)\MSI Kombustor 2.5\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008\Upgraderatgeber für SQL Server 2008.lnk -> C:\Program Files (x86)\Microsoft SQL Server 2008 Upgrade Advisor\SQLUpgradeAdvisor.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2005\Konfigurationstools\Fehler- und Verwendungsberichterstellung von SQL Server.lnk -> C:\Program Files (x86)\Microsoft SQL Server\90\Shared\SqlWtsn.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2005\Konfigurationstools\SQL Server-Oberflächenkonfiguration.lnk -> C:\Program Files (x86)\Microsoft SQL Server\90\Shared\SqlSAC.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Access 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\msaccess.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\An OneNote 2013 senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\excel.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenote.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\outlook.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\powerpnt.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Publisher 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\mspub.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\winword.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013-Tools\Office 2013 Upload Center.lnk -> C:\Program Files\Microsoft Office 15\root\office15\MSOUC.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013-Tools\Office 2013-Spracheinstellungen.lnk -> C:\Program Files\Microsoft Office 15\root\office15\setlang.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware \Malwarebytes Anti-Malware entfernen.lnk -> C:\Program Files (x86)\ Malwarebytes Anti-Malware \unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware \Malwarebytes Anti-Malware Notifications.lnk -> C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Malwarebytes Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware .lnk -> C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Malwarebytes Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware \Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files (x86)\ Malwarebytes Anti-Malware \Chameleon\Windows\chameleon.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Java konfigurieren.lnk -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire\AIDA64 Extreme Edition\AIDA64 Extreme Edition Documentation.lnk -> C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire\AIDA64 Extreme Edition\AIDA64 Extreme Edition on the Web.lnk -> C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire\AIDA64 Extreme Edition\AIDA64 Extreme Edition.lnk -> C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.exe (FinalWire Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire\AIDA64 Extreme Edition\Uninstall AIDA64 Extreme Edition.lnk -> C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deinstallationsprogramm für Canon-Drucker\Canon LBP7200C-Deinstallationsprogramm.LNK -> C:\Program Files\Canon\PrnUninstall\Canon LBP7200C\CNAC9UND.EXE (CANON INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D-Link\DWA-131\Wireless Connection Manager.lnk -> C:\Program Files (x86)\D-Link\DWA-131\wirelesscm.exe (D-Link Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CLX.PayPen - CLX.PayPen Wireless\CLX.PayPen - CLX.PayPen Wireless.lnk -> C:\Program Files (x86)\CLX.PayPen\CLXReader.exe (CREALOGIX AG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\PhotoStitch\PhotoStitch - INFO.lnk -> C:\Program Files (x86)\Canon\PhotoStitch\Readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\PhotoStitch\PhotoStitch.lnk -> C:\Program Files (x86)\Canon\PhotoStitch\STLauncher.exe (Canon Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\ImageBrowser EX\ImageBrowser EX.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\ImageBrowserEX.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\ImageBrowser EX\Readme\ImageBrowser EX - INFO.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\Readme(ImageBrowser EX).rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Image Transfer Utility\Image Transfer Utility - Hilfe.lnk -> C:\Program Files (x86)\Canon\ImageTransferUtility\ImageTransferUtility_Help.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Image Transfer Utility\Image Transfer Utility.lnk -> C:\Program Files (x86)\Canon\ImageTransferUtility\ImageTransferUtility.exe (CANON INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Digital Photo Professional\Digital Photo Professional.lnk -> C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe (CANON INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\CameraWindow\CameraWindow DC 8 - INFO.lnk -> C:\Program Files (x86)\Canon\CameraWindowDC8\ReadMe(CameraWindow DC 8).rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\CameraWindow\CameraWindow.lnk -> C:\Program Files (x86)\Canon\CameraWindowLauncher\CameraLauncher.exe (CANON INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\CameraWindow\Einrichtung der WLAN-Verbindung.lnk -> C:\Program Files (x86)\Canon\WirelessCameraConnectionSetting\WirelessCameraConnectionSetting.exe (CANON INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon LBP7200C\LBP7200C Online-Handbücher.lnk -> C:\Program Files (x86)\Canon\LBP7200C\Manuals\index.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -> C:\Windows\System32\printmanagement.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk -> C:\Users\Ig\Documents ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk -> C:\Users\Ig\Pictures ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Ig\Links\Desktop.lnk -> C:\Users\Ig\Desktop ()
Shortcut: C:\Users\Ig\Links\Downloads.lnk -> C:\Users\Ig\Downloads ()
Shortcut: C:\Users\Ig\Desktop\AIDA64 Extreme Edition.lnk -> C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.exe (FinalWire Ltd.)
Shortcut: C:\Users\Ig\Desktop\Compaq.lnk -> F:\Users\Ig ()
Shortcut: C:\Users\Ig\Desktop\MSI Kombustor 2.5.lnk -> C:\Program Files (x86)\MSI Kombustor 2.5\KLoaderWin32.exe ()
Shortcut: C:\Users\Ig\Desktop\PokerTracker 4.lnk -> C:\Program Files (x86)\PokerTracker 4\PokerTracker4.exe (PokerTracker Software, LLC.)
Shortcut: C:\Users\Ig\Desktop\Revo Uninstaller.lnk -> C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe (VS Revo Group)
Shortcut: C:\Users\Ig\Desktop\TechPowerUp GPU-Z.lnk -> C:\Program Files (x86)\GPU-Z\GPU-Z.exe (techPowerUp (www.techpowerup.com))
Shortcut: C:\Users\Ig\Desktop\Total Commander 64 bit.lnk -> C:\totalcmd\TOTALCMD64.EXE (Ghisler Software GmbH)
Shortcut: C:\Users\Ig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Ig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe (Kaspersky Lab ZAO)
Shortcut: C:\Users\Ig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\Users\Ig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\Ig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe ()
Shortcut: C:\Users\Ig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander\Total Commander 64 bit Entfernen oder Reparieren.lnk -> C:\totalcmd\TCUNIN64.EXE ()
Shortcut: C:\Users\Ig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander\Total Commander 64 bit.lnk -> C:\totalcmd\TOTALCMD64.EXE (Ghisler Software GmbH)
Shortcut: C:\Users\Ig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander\Total Commander Hilfe.lnk -> C:\totalcmd\TOTALCMD.CHM ()
Shortcut: C:\Users\Ig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z\TechPowerUp GPU-Z.lnk -> C:\Program Files (x86)\GPU-Z\GPU-Z.exe (techPowerUp (www.techpowerup.com))
Shortcut: C:\Users\Ig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z\Uninstall.lnk -> C:\Program Files (x86)\GPU-Z\uninstall.exe ()
Shortcut: C:\Users\Ig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Ig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\Ig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\Users\Ig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Revo Uninstaller.lnk -> C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe (VS Revo Group)
Shortcut: C:\Users\Ig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Uninstall.lnk -> C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\uninst.exe (VS Revo Group Ltd.)
Shortcut: C:\Users\Ig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Website.lnk -> C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revo Uninstaller.url ()
Shortcut: C:\Users\Ig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Ig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Ig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Ig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Ig\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Ig\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Ig\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk -> C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe ()
Shortcut: C:\Users\Ig\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\Users\Ig\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Ig\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Ig\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\25bb2cdfb96af2d6\PokerStars.lnk -> C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
Shortcut: C:\Users\Ig\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Ig\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Ig\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Ig\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Ig\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Ig\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Ig\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Ig\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Ig\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\postgres\Desktop\PokerTracker 4.lnk -> C:\Program Files (x86)\PokerTracker 4\PokerTracker4.exe (PokerTracker Software, LLC.)
Shortcut: C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\postgres\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\postgres\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\postgres\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\postgres\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\postgres\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\postgres\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\postgres\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\postgres\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\postgres\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Adobe Reader XI.lnk -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Public\Desktop\Audacity.lnk -> C:\Program Files (x86)\Audacity\audacity.exe (The Audacity Team)
Shortcut: C:\Users\Public\Desktop\CLX.PayPen.lnk -> C:\Program Files (x86)\CLX.PayPen\CLXReader.exe (CREALOGIX AG)
Shortcut: C:\Users\Public\Desktop\Digital Photo Professional.lnk -> C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe (CANON INC.)
Shortcut: C:\Users\Public\Desktop\EasyBCD 2.2.lnk -> C:\Program Files (x86)\NeoSmart Technologies\EasyBCD\EasyBCD.exe (NeoSmart Technologies)
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Public\Desktop\ImageBrowser EX.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\ImageBrowserEX.exe ()
Shortcut: C:\Users\Public\Desktop\Kaspersky Internet Security.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe (Kaspersky Lab ZAO)
Shortcut: C:\Users\Public\Desktop\Launch Monitor Driver Installer.lnk -> C:\Program Files (x86)\MonitorDriver\MonSetup.exe (Samsung Electronics)
Shortcut: C:\Users\Public\Desktop\LBP7200C Online-Handbücher.lnk -> C:\Program Files (x86)\Canon\LBP7200C\Manuals\index.html ()
Shortcut: C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk -> C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Malwarebytes Corporation)
Shortcut: C:\Users\Public\Desktop\Origin.lnk -> C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
Shortcut: C:\Users\Public\Desktop\PokerStars.lnk -> C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
Shortcut: C:\Users\Public\Desktop\Samsung Kies.lnk -> C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe ()
Shortcut: C:\Users\Public\Desktop\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\Users\Public\Desktop\VLC media player.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN)
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> -sta {C90FB8CA-3295-4462-A721-2935E83694BA}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8\Start Menu 8.lnk -> C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe (IObit) -> startmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies\Samsung Kies (Lite).lnk -> C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe () -> /lite
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies\Uninstall Kies.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{758C8301-2696-4855-AF45-534B1200980A}\setup.exe (Samsung Electronics Co., Ltd. ) -> /removeonly
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 9.0\Reload Configuration.lnk -> C:\Windows\System32\cscript.exe (Microsoft Corporation) -> //NoLogo "C:\Program Files\PostgreSQL\9.0\scripts\serverctl.vbs" reload wait
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerTracker 4\PokerTracker 4 (Logging Enabled).lnk -> C:\Program Files (x86)\PokerTracker 4\PokerTracker4.exe (PokerTracker Software, LLC.) -> -l
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars\Uninstall PokerStars.lnk -> C:\Program Files (x86)\PokerStars\PokerStarsUninstall.exe () -> /u:PokerStars
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2005\Konfigurationstools\SQL Server-Konfigurations-Manager.lnk -> C:\Windows\SysWOW64\mmc.exe (Microsoft Corporation) -> /32 "C:\WINDOWS\SysWOW64\SQLServerManager.msc"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus\Deinstallieren.lnk -> C:\Program Files\McAfee Security Scan\uninstall.exe (McAfee, Inc.) -> C:\Program Files\McAfee Security Scan\3.8.130\McAfee.ico
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus\McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.130\McUICnt.exe (McAfee, Inc.) -> SecurityScanner.dll
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Auf Updates prüfen.lnk -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Info zu Java.lnk -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D-Link\DWA-131\Connect Wizard.lnk -> C:\Program Files (x86)\D-Link\DWA-131\wirelesscm.exe (D-Link Corp.) -> -Wiz
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D-Link\DWA-131\Uninstall.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{98B82958-1DCA-4504-BE88-C91F1C7A7225}\setup.exe (D-Link) -> -runfromtemp -l0007
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Ig\Desktop\BusPro.lnk -> C:\BUSPRO\BUSPRO.EXE () -> D
ShortcutWithArgument: C:\Users\Ig\Desktop\Sicherer Zahlungsverkehr.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe (Kaspersky Lab ZAO) -> -safebanking
ShortcutWithArgument: C:\Users\Ig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BusPro.lnk -> C:\BUSPRO\BUSPRO.EXE () -> D
ShortcutWithArgument: C:\Users\Ig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Run Hunter Mode.lnk -> C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe (VS Revo Group) -> -hunter
ShortcutWithArgument: C:\Users\Ig\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Ig\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies (Lite).lnk -> C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe () -> /lite
ShortcutWithArgument: C:\Users\Ig\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\Users\Ig\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Ig\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Ig\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Ig\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Ig\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Ig\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Ig\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Ig\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\Ig\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Ig\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\postgres\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\postgres\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\postgres\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\postgres\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\postgres\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\postgres\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\postgres\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\postgres\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\postgres\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\postgres\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\postgres\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.130\McUICnt.exe (McAfee, Inc.) -> SecurityScanner.dll
ShortcutWithArgument: C:\Users\Public\Desktop\Samsung Kies (Lite).lnk -> C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe () -> /lite
ShortcutWithArgument: C:\Users\Public\Desktop\Start Menu 8.lnk -> C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe (IObit) -> startmenu
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 9.0\Documentation\Installation notes.url -> file://C:\Program Files\PostgreSQL\9.0/doc/installation-notes.html
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 9.0\Documentation\PostgreSQL documentation.url -> file://C:\Program Files\PostgreSQL\9.0/doc/postgresql/html/index.html
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 9.0\Documentation\PostgreSQL release notes.url -> file://C:\Program Files\PostgreSQL\9.0/doc/postgresql/html/release.html
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.5\Afterburner homepage.url -> hxxp://event.msi.com/vga/afterburner
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.5\Kombustor and Afterburner forum.url -> hxxp://forums.guru3d.com/forumdisplay.php?f=55
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.5\Kombustor latest news.url -> hxxp://www.ozone3d.net/redirect.php?id=210
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.5\Kombustor online scores.url -> hxxp://www.ozone3d.net/redirect.php?id=710
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 2.5\What is Kombustor.url -> hxxp://www.ozone3d.net/redirect.php?id=223
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Besuchen Sie Java.com.url -> hxxp://java.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Hilfe aufrufen.url -> hxxp://java.com/help
InternetURL: C:\Users\Ig\Favorites\Bing.url -> hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\Ig\Favorites\Bundesliga Manager.url -> hxxp://bundesligamanager.sport1.de/
InternetURL: C:\Users\Ig\Favorites\SION CLUB LA RETE • Foren-Übersicht.url -> hxxp://forum.sionclublarete.ch/
InternetURL: C:\Users\Ig\Favorites\The NeoSmart Files.url -> hxxp://neosmart.net/blog/feed/
InternetURL: C:\Users\Ig\Documents\Sports Interactive\Football Manager 2015\Logo-World.net.url -> hxxp://www.logo-world.net/
InternetURL: C:\Users\Ig\Desktop\Crusader Kings II.url -> steam://rungameid/203770
InternetURL: C:\Users\Ig\Desktop\Europa Universalis IV.url -> steam://rungameid/236850
InternetURL: C:\Users\Ig\Desktop\Football Manager 2015 Editor.url -> steam://rungameid/295350
InternetURL: C:\Users\Ig\Desktop\Football Manager 2015.url -> steam://rungameid/295270
InternetURL: C:\Users\Ig\Desktop\Goodgame Empire.url -> hxxp://bundlingnetwork.com/tracking/empire9
InternetURL: C:\Users\Ig\Desktop\Hitman Absolution.url -> steam://rungameid/203140
InternetURL: C:\Users\Ig\Desktop\Pro Cycling Manager 2015.url -> steam://rungameid/322850
InternetURL: C:\Users\Ig\Desktop\Tropico 5.url -> steam://rungameid/245620
InternetURL: C:\Users\Ig\Desktop\Victoria II.url -> steam://rungameid/42960
InternetURL: C:\Users\Ig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Crusader Kings II.url -> steam://rungameid/203770
InternetURL: C:\Users\Ig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Europa Universalis IV.url -> steam://rungameid/236850
InternetURL: C:\Users\Ig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Football Manager 2014 Editor.url -> steam://rungameid/242460
InternetURL: C:\Users\Ig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Football Manager 2015 Editor.url -> steam://rungameid/295350
InternetURL: C:\Users\Ig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Football Manager 2015.url -> steam://rungameid/295270
InternetURL: C:\Users\Ig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Hitman Absolution.url -> steam://rungameid/203140
InternetURL: C:\Users\Ig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Pro Cycling Manager 2015.url -> steam://rungameid/322850
InternetURL: C:\Users\Ig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Tropico 5.url -> steam://rungameid/245620
InternetURL: C:\Users\Ig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Victoria II.url -> steam://rungameid/42960
InternetURL: C:\Users\Ig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Victoria Revolutions.url -> steam://rungameid/42980
==================== Ende von Shortcut.txt =============================
|
|
02.09.2015, 17:39
| #18 |
| /// the machine /// TB-Ausbilder    | Emailadresse versendet Junkmails Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.
__________________Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter ProxyEnable: [S-1-5-21-1149119778-3187664459-3177370801-1001] => Proxy ist aktiviert.
ProxyServer: [S-1-5-21-1149119778-3187664459-3177370801-1001] => 127.0.0.1:8118
Task: {590B305A-128F-4FE5-85B8-4EC0C0371453} - \HDvid Codec V1-updater -> Keine Datei <==== ACHTUNG
Task: {5C7EDCA4-AE11-4921-A2C1-A589B11791AE} - System32\Tasks\Grand Panda Updater => C:\Program Files (x86)\PrivateVPN\gpup.exe <==== ACHTUNG
Task: {ABDE4367-0486-4256-AF57-00D9EC04F062} - \HDvid Codec V1-enabler -> Keine Datei <==== ACHTUNG
RemoveProxy:
Emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ |
|
02.09.2015, 18:38
| #19 |
| | Emailadresse versendet Junkmails Hallo Schrauber Ich habe die Browser mal durchgetestet und das sieht soweit schon mal gut aus. Die dubiosen Links sind weg und alles läuft wieder mit der normalen Geschwindigkeit. Hier der Fixlog: Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:31-08-2015
durchgeführt von Ig (2015-09-02 19:27:30) Run:2
Gestartet von C:\Users\Ig\Desktop
Geladene Profile: Ig & postgres (Verfügbare Profile: Ig & postgres)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
ProxyEnable: [S-1-5-21-1149119778-3187664459-3177370801-1001] => Proxy ist aktiviert.
ProxyServer: [S-1-5-21-1149119778-3187664459-3177370801-1001] => 127.0.0.1:8118
Task: {590B305A-128F-4FE5-85B8-4EC0C0371453} - \HDvid Codec V1-updater -> Keine Datei <==== ACHTUNG
Task: {5C7EDCA4-AE11-4921-A2C1-A589B11791AE} - System32\Tasks\Grand Panda Updater => C:\Program Files (x86)\PrivateVPN\gpup.exe <==== ACHTUNG
Task: {ABDE4367-0486-4256-AF57-00D9EC04F062} - \HDvid Codec V1-enabler -> Keine Datei <==== ACHTUNG
RemoveProxy:
Emptytemp:
*****************
HKU\S-1-5-21-1149119778-3187664459-3177370801-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => Wert erfolgreich entfernt
HKU\S-1-5-21-1149119778-3187664459-3177370801-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Wert erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{590B305A-128F-4FE5-85B8-4EC0C0371453}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{590B305A-128F-4FE5-85B8-4EC0C0371453}" => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HDvid Codec V1-updater => Schlüssel nicht gefunden.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5C7EDCA4-AE11-4921-A2C1-A589B11791AE}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C7EDCA4-AE11-4921-A2C1-A589B11791AE}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Grand Panda Updater => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Grand Panda Updater" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{ABDE4367-0486-4256-AF57-00D9EC04F062}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ABDE4367-0486-4256-AF57-00D9EC04F062}" => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HDvid Codec V1-enabler => Schlüssel nicht gefunden.
========= RemoveProxy: =========
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1149119778-3187664459-3177370801-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1149119778-3187664459-3177370801-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
========= Ende von RemoveProxy: =========
EmptyTemp: => 1.2 GB temporäre Dateien entfernt.
Das System musste neu gestartet werden..
==== Ende von Fixlog 19:28:04 ====
|
|
03.09.2015, 17:56
| #20 |
| /// the machine /// TB-Ausbilder | Emailadresse versendet Junkmails Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde:  Combofix deinstallieren .
Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.   Absicherung:Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank. Meine Empfehlung:  Emsisoft Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional:  NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
04.09.2015, 14:06
| #21 |
| | Emailadresse versendet Junkmails Vielen Dank Schrauber! |
|
05.09.2015, 08:19
| #22 |
| /// the machine /// TB-Ausbilder | Emailadresse versendet Junkmails Gern Geschehen 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Emailadresse versendet Junkmails |
| administrator, adobe flash player, adware, browser, canon, computer, defender, dnsapi.dll, ebanking, explorer, flash player, gesperrt, google, iexplore.exe, kaspersky, mozilla, office 365, onedrive, opera, ordner, prozesse, realtek, registry, scan, security, software, svchost.exe, system, windows, windowsapps, winlogon.exe |
+ R Taste und schreibe Combofix /Uninstall in das 
Linear-Darstellung
