| |
| |||||||
Log-Analyse und Auswertung: Windows 10: seltsames Setup bei SystemstartWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
14.01.2016, 10:10
| #1 |
 |  Windows 10: seltsames Setup bei Systemstart Hallo, seit neuestem beoachte ich bei Systemstart eine Setup-Routine, die kurz in der Taskbar angezeigt wird (einfach nur "Setup"). Ich habe eben im Taskmanager den Ordner geöffnet, wo angeblich der Prozess liegt. Der Ordner lautet "is-HTMAR.tmp" und ist leer. Das kommt mir doch alles ein wenig spanisch vor. Könntet ihr euch das bitte mal anschauen: FRST.TXT Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:10-01-2015 01
durchgeführt von Thomas Ratzke (Administrator) auf THOMASRATZKE-PC (14-01-2016 09:52:26)
Gestartet von C:\Users\Thomas Ratzke\Downloads
Geladene Profile: Thomas Ratzke (Verfügbare Profile: Thomas Ratzke & Melanie Ratzke & Luke Ratzke & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(© pdfforge GmbH.) C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Spotify Ltd) C:\Users\Thomas Ratzke\AppData\Roaming\Spotify\SpotifyWebHelper.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 4\architect.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 4\ws.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11057768 2010-07-06] (Realtek Semiconductor)
HKLM\...\Run: [UMonit] => C:\WINDOWS\SysWOW64\UMonit64.exe [53832 2015-07-09] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2771576 2015-12-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-17] (AVAST Software)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\Run: [EPSON Stylus SX400 Series] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIEGE.EXE [221696 2007-12-17] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\Run: [Spotify Web Helper] => C:\Users\Thomas Ratzke\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-04-20] (Spotify Ltd)
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\MountPoints2: {5955485e-a071-11e5-99fb-806e6f6e6963} - "G:\StarCraft II Setup.exe"
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\PhotoScreensaver.scr [583680 2015-10-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-12-17] (AVAST Software)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => Keine Datei
Startup: C:\Users\Melanie Ratzke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk.disabled [2013-01-29]
ShortcutTarget: OpenOffice.org 3.3.lnk.disabled -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (Keine Datei)
GroupPolicyUsers\S-1-5-21-1218043409-3151763047-2122344536-1003\User: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{0192c832-e6e0-490e-92f9-73e0c6b769e5}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{7f4fdd21-863d-44aa-968e-9b58e8c6888f}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.globasearch.com/?serie=211&b=3&installkey=0yFIRIZ2hSXP5LAbSwJa
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.globasearch.com/?serie=211&b=3&installkey=0yFIRIZ2hSXP5LAbSwJa
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.globasearch.com/?serie=211&installkey=0yFIRIZ2hSXP5LAbSwJa&b=3&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.globasearch.com/?serie=211&installkey=0yFIRIZ2hSXP5LAbSwJa&b=3&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.globasearch.com/?serie=211&installkey=0yFIRIZ2hSXP5LAbSwJa&b=3&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.globasearch.com/?serie=211&installkey=0yFIRIZ2hSXP5LAbSwJa&b=3&q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-11-28] (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-11-28] (AVAST Software)
Toolbar: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
FireFox:
========
FF ProfilePath: C:\Users\Thomas Ratzke\AppData\Roaming\Mozilla\Firefox\Profiles\46keo9mh.default
FF Homepage: hxxp://www.globasearch.com/?serie=211&b=2&installkey=0yFIRIZ2hSXP5LAbSwJa
FF NewTab: hxxp://www.globasearch.com/?serie=211&b=2&installkey=0yFIRIZ2hSXP5LAbSwJa&newtab
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-04-10] (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: PDF Architect 4 -> C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2015-10-19] (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-1218043409-3151763047-2122344536-1001: @doubletwist.com/NPPodcast -> C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-1218043409-3151763047-2122344536-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Thomas Ratzke\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-1218043409-3151763047-2122344536-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Thomas Ratzke\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-1218043409-3151763047-2122344536-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Thomas Ratzke\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-1218043409-3151763047-2122344536-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2015-11-20] (Sony Network Entertainment International LLC)
FF Plugin HKU\S-1-5-21-1218043409-3151763047-2122344536-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-07-11] ()
FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension
FF Extension: PDF Architect 4 Creator - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2015-12-22] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-17]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2015-12-17]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-11-28]
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <nicht gefunden>
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-17] (AVAST Software)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [36904 2015-08-01] (CHENGDU YIWO Tech Development Co., Ltd)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [Datei ist nicht signiert]
S4 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert]
S3 GalaxyClientService; C:\Program Files (x86)\GOG.com GalaxyClient\GalaxyClientService.exe [1616440 2015-12-27] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7184440 2015-12-27] (GOG.com)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156216 2015-12-09] (NVIDIA Corporation)
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MSSQL$MYMOVIES; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-12-09] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8185464 2015-12-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [6477432 2015-12-09] (NVIDIA Corporation)
S4 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2012-10-08] () [Datei ist nicht signiert]
R3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2417376 2015-10-19] (pdfforge GmbH)
S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2015-10-19] (pdfforge GmbH)
R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2015-10-19] (pdfforge GmbH)
R2 PDF Architect 4 Manager; C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe [959248 2015-10-05] (© pdfforge GmbH.)
S4 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [483864 2013-04-24] (Sony Corporation)
S4 ProtexisLicensing; C:\windows\SysWOW64\PSIService.exe [177704 2007-06-05] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1750712 2015-06-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2102496 2015-06-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [224712 2015-07-24] (Safer-Networking Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-12-17] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-12-19] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-12-17] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-12-17] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1055560 2015-12-17] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [451040 2015-12-19] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [155304 2015-12-17] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-12-17] (AVAST Software)
S3 athrusb; C:\Windows\System32\DRIVERS\athrxusb.sys [1037312 2007-04-20] (Atheros Communications, Inc.)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\WINDOWS\SysWOW64\epmntdrv.sys [14944 2014-11-18] ()
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48168 2014-12-15] ()
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\WINDOWS\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
R3 GeneStor; C:\Windows\system32\DRIVERS\GeneStor.sys [115704 2015-07-09] (GenesysLogic)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-12-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S3 USTOR2K; C:\Windows\System32\DRIVERS\ustor2k.sys [52224 2010-02-22] (Genesys Logic)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R0 WinI2C-DDC; C:\Windows\System32\drivers\DDCDrv.sys [20832 2008-04-08] (Nicomsoft Ltd.)
R0 WinI2C-DDC; C:\Windows\SysWOW64\drivers\DDCDrv.sys [15712 2010-03-22] (Nicomsoft Ltd.)
U3 idsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-01-14 09:52 - 2016-01-14 09:53 - 00022005 _____ C:\Users\Thomas Ratzke\Downloads\FRST.txt
2016-01-14 09:52 - 2016-01-14 09:52 - 00000000 ____D C:\FRST
2016-01-14 09:37 - 2016-01-14 09:52 - 02370560 _____ (Farbar) C:\Users\Thomas Ratzke\Downloads\FRST64.exe
2016-01-12 18:41 - 2016-01-12 18:41 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Local\{6D29EF02-426D-4F59-A035-00DCCF55824D}
2016-01-09 09:50 - 2016-01-09 09:50 - 00184016 _____ C:\Users\Melanie Ratzke\Downloads\DHL-Marke-3UZYKA79LE.pdf
2016-01-09 09:44 - 2016-01-09 09:44 - 00106184 _____ C:\Users\Thomas Ratzke\Downloads\Briefmarken.1Stk.09.01.2016_0943.pdf
2016-01-09 09:36 - 2016-01-09 09:36 - 00106547 ____T C:\Users\Public\Documents\Briefe und Maße_deutsche Post_2.pdf
2016-01-09 09:34 - 2016-01-09 09:34 - 00056983 _____ C:\Users\Public\Documents\Briefe und Maße_deutsche Post.pdf
2016-01-08 09:16 - 2016-01-08 09:28 - 00000000 ____D C:\AdwCleaner
2016-01-08 08:25 - 2016-01-14 09:35 - 01599336 _____ (Malwarebytes) C:\Users\Thomas Ratzke\Downloads\JRT.exe
2016-01-08 08:24 - 2016-01-08 09:16 - 01749504 _____ C:\Users\Thomas Ratzke\Downloads\AdwCleaner_5.028.exe
2016-01-06 09:45 - 2016-01-08 09:17 - 00001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-01-06 09:45 - 2016-01-08 09:17 - 00001214 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-01-06 09:44 - 2016-01-06 09:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-06 09:44 - 2016-01-06 09:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-06 09:32 - 2016-01-06 09:32 - 00251057 _____ C:\Users\Thomas Ratzke\Downloads\Briefmarken.8Stk.06.01.2016_0931.pdf
2016-01-05 16:14 - 2016-01-05 16:15 - 00114330 _____ C:\Users\Thomas Ratzke\Downloads\Briefmarken.2Stk.05.01.2016_1614.pdf
2016-01-04 11:21 - 2016-01-04 11:21 - 00000695 _____ C:\Users\Thomas Ratzke\Downloads\sync
2016-01-04 11:10 - 2016-01-04 11:11 - 00000000 ____D C:\Users\Public\Documents\Melanie
2016-01-04 11:10 - 2016-01-04 11:10 - 00071904 _____ C:\Users\Thomas Ratzke\Downloads\Einkaufsliste.pdf
2016-01-04 10:58 - 2016-01-04 11:00 - 00125793 _____ C:\Users\Thomas Ratzke\Downloads\Dein-Wochenplan-Paleo360°-Lifestyle-Challenge.pdf
2016-01-03 10:15 - 2016-01-03 10:15 - 03340204 _____ C:\Users\Thomas Ratzke\Downloads\lo-oo-ressources-linguistiques-fr-v5.3.oxt
2015-12-27 11:41 - 2016-01-11 16:39 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Local\Deployment
2015-12-27 09:32 - 2015-12-28 16:48 - 00000000 ____D C:\Users\Thomas Ratzke\Documents\Movie Studio Platinum 13.0 Projekte
2015-12-25 16:39 - 2016-01-08 09:15 - 00001140 _____ C:\Users\Thomas Ratzke\Desktop\Format Factory.lnk
2015-12-25 16:39 - 2015-12-25 16:40 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2015-12-25 16:37 - 2015-12-25 16:40 - 00000000 ____D C:\Program Files (x86)\FormatFactory
2015-12-25 16:33 - 2015-12-25 16:33 - 00000000 ____D C:\WINDOWS\System32\Tasks\Leader Technologies
2015-12-25 16:32 - 2015-12-25 16:32 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Roaming\Leadertech
2015-12-24 12:36 - 2015-12-24 12:36 - 00003476 _____ C:\WINDOWS\System32\Tasks\Format Factory
2015-12-24 12:34 - 2015-12-24 12:35 - 04506061 _____ (Free Time Inc ) C:\Users\Thomas Ratzke\Downloads\FormatFactory-3.8.0.2.exe
2015-12-23 15:32 - 2015-12-23 15:32 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Roaming\Publish Providers
2015-12-23 15:29 - 2016-01-08 09:17 - 00001259 _____ C:\Users\Public\Desktop\Movie Studio Platinum 13.0 (64-bit).lnk
2015-12-23 15:28 - 2015-12-23 15:28 - 00000000 ____D C:\Program Files\Sony
2015-12-23 13:45 - 2015-12-23 15:26 - 484066528 _____ (Sony Creative Software Inc.) C:\Users\Thomas Ratzke\Downloads\moviestudiope13.0.955_64bit.exe
2015-12-23 13:08 - 2015-12-23 13:10 - 142602520 _____ (Microsoft Corporation) C:\Users\Thomas Ratzke\Downloads\wlsetup-all_16.4.3508.0205.exe
2015-12-23 12:15 - 2015-12-23 12:15 - 00000000 ____D C:\Users\Thomas Ratzke\.MCTranscodingSDK
2015-12-23 12:05 - 2015-12-23 12:12 - 67203112 _____ (Lightworks) C:\Users\Thomas Ratzke\Downloads\lightworks_v12.5.0_full_64bit_setup.exe
2015-12-23 12:00 - 2015-12-23 12:30 - 00000000 ____D C:\Users\Public\Documents\Lightworks
2015-12-23 12:00 - 2015-12-23 12:00 - 00000000 ____D C:\ProgramData\Geevs
2015-12-23 08:44 - 2016-01-08 09:17 - 00001816 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-12-23 08:44 - 2015-12-23 08:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-12-23 08:43 - 2015-12-23 08:44 - 00000000 ____D C:\Program Files\iTunes
2015-12-23 08:43 - 2015-12-23 08:43 - 00000000 ____D C:\Program Files\iPod
2015-12-23 08:38 - 2015-12-23 08:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-12-22 19:21 - 2016-01-08 09:17 - 00002204 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-12-22 19:20 - 2015-12-16 15:54 - 00523384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-12-22 19:20 - 2015-12-16 15:54 - 00075056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-12-22 19:20 - 2015-12-16 15:19 - 00103216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-12-22 19:18 - 2015-12-16 17:59 - 31098488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-12-22 19:18 - 2015-12-16 17:59 - 24923768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-12-22 19:18 - 2015-12-16 17:59 - 21131424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-12-22 19:18 - 2015-12-16 17:59 - 17568432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-12-22 19:18 - 2015-12-16 17:59 - 17123736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-12-22 19:18 - 2015-12-16 17:59 - 00938104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-12-22 19:18 - 2015-12-16 17:59 - 00872056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-12-22 19:18 - 2015-12-16 17:59 - 00735024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-12-22 19:18 - 2015-12-16 17:59 - 00681592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-12-22 19:18 - 2015-12-16 17:59 - 00541000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-12-22 19:18 - 2015-12-16 17:59 - 00445728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-12-22 19:18 - 2015-12-16 17:59 - 00175368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-12-22 19:18 - 2015-12-16 17:59 - 00153208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-12-22 19:18 - 2015-12-16 17:59 - 00151184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-12-22 19:18 - 2015-12-16 17:59 - 00128696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-12-22 19:17 - 2015-12-16 17:59 - 42976888 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-12-22 19:17 - 2015-12-16 17:59 - 37608568 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-12-22 19:17 - 2015-12-16 17:59 - 20672376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-12-22 19:17 - 2015-12-16 17:59 - 17164160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-12-22 19:17 - 2015-12-16 17:59 - 17104016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-12-22 19:17 - 2015-12-16 17:59 - 02560816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-12-22 19:17 - 2015-12-16 17:59 - 02214192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-12-22 19:17 - 2015-12-16 17:59 - 01915512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436143.dll
2015-12-22 19:17 - 2015-12-16 17:59 - 01564976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436143.dll
2015-12-22 09:19 - 2016-01-08 09:17 - 00000879 _____ C:\Users\Public\Desktop\PDF Architect 4.lnk
2015-12-22 09:19 - 2015-12-23 07:54 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Roaming\PDF Architect 4
2015-12-22 09:19 - 2015-12-22 09:19 - 00000000 ____D C:\ProgramData\pdfforge
2015-12-22 09:19 - 2015-12-22 09:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 4
2015-12-22 09:18 - 2015-12-22 09:19 - 00000000 ____D C:\Program Files\PDF Architect 4
2015-12-22 09:18 - 2015-12-22 09:19 - 00000000 ____D C:\Program Files (x86)\PDF Architect 4
2015-12-22 09:18 - 2015-12-22 09:18 - 00000000 ____D C:\Users\Thomas Ratzke\Documents\PDF Architect
2015-12-22 09:17 - 2016-01-08 09:17 - 00000915 _____ C:\Users\Public\Desktop\PDFCreator.lnk
2015-12-22 09:17 - 2015-12-22 09:22 - 00000000 ____D C:\ProgramData\PDF Architect 4
2015-12-22 09:17 - 2015-12-22 09:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2015-12-22 09:11 - 2015-12-22 09:16 - 27005440 _____ (pdfforge GmbH) C:\Users\Thomas Ratzke\Downloads\PDFCreator-2_2_2-setup.exe
2015-12-22 09:09 - 2016-01-14 09:39 - 00000000 ____D C:\Users\Public\Documents\Geschäftliches
2015-12-21 10:29 - 2015-12-21 10:29 - 00186303 _____ C:\Users\Thomas Ratzke\Downloads\DHL-Marke-9238YYDQPY.pdf
2015-12-20 16:30 - 2015-11-25 00:07 - 00112760 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-12-20 16:30 - 2015-11-25 00:07 - 00105080 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-12-20 16:28 - 2015-11-25 00:07 - 01905272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435906.dll
2015-12-20 16:28 - 2015-11-25 00:07 - 01564792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435906.dll
2015-12-20 16:12 - 2015-12-09 02:51 - 00111520 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2015-12-18 15:58 - 2015-12-07 05:57 - 00973664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-12-18 15:58 - 2015-12-07 05:55 - 01281376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-12-18 15:58 - 2015-12-07 05:49 - 00412512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2015-12-18 15:58 - 2015-12-07 05:48 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 01155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 01092456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 01065080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 01020096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00983464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00884256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00823264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00526856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00450904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00337840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00245848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2015-12-18 15:58 - 2015-12-07 05:47 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-12-18 15:58 - 2015-12-07 05:47 - 00898184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-12-18 15:58 - 2015-12-07 05:47 - 00716928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-12-18 15:58 - 2015-12-07 05:47 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2015-12-18 15:58 - 2015-12-07 05:46 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-18 15:58 - 2015-12-07 05:46 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-18 15:58 - 2015-12-07 05:45 - 00264544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-12-18 15:58 - 2015-12-07 05:15 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2015-12-18 15:58 - 2015-12-07 05:15 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
2015-12-18 15:58 - 2015-12-07 05:10 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2015-12-18 15:58 - 2015-12-07 05:09 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2015-12-18 15:58 - 2015-12-07 05:09 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2015-12-18 15:58 - 2015-12-07 05:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2015-12-18 15:58 - 2015-12-07 05:07 - 16984064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-12-18 15:58 - 2015-12-07 05:07 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2015-12-18 15:58 - 2015-12-07 05:07 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2015-12-18 15:58 - 2015-12-07 05:06 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2015-12-18 15:58 - 2015-12-07 05:06 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-12-18 15:58 - 2015-12-07 05:06 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-12-18 15:58 - 2015-12-07 05:05 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-12-18 15:58 - 2015-12-07 05:05 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe
2015-12-18 15:58 - 2015-12-07 05:04 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2015-12-18 15:58 - 2015-12-07 05:04 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2015-12-18 15:58 - 2015-12-07 05:03 - 13017600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-12-18 15:58 - 2015-12-07 05:02 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2015-12-18 15:58 - 2015-12-07 05:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2015-12-18 15:58 - 2015-12-07 05:01 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-12-18 15:58 - 2015-12-07 05:01 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe
2015-12-18 15:58 - 2015-12-07 05:00 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2015-12-18 15:58 - 2015-12-07 05:00 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2015-12-18 15:58 - 2015-12-07 05:00 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-12-18 15:58 - 2015-12-07 05:00 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2015-12-18 15:58 - 2015-12-07 04:59 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-12-18 15:58 - 2015-12-07 04:59 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-12-18 15:58 - 2015-12-07 04:59 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-12-18 15:58 - 2015-12-07 04:59 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2015-12-18 15:58 - 2015-12-07 04:58 - 24601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-18 15:58 - 2015-12-07 04:58 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-12-18 15:58 - 2015-12-07 04:57 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2015-12-18 15:58 - 2015-12-07 04:57 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2015-12-18 15:58 - 2015-12-07 04:57 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2015-12-18 15:58 - 2015-12-07 04:56 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-12-18 15:58 - 2015-12-07 04:56 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-12-18 15:58 - 2015-12-07 04:55 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-12-18 15:58 - 2015-12-07 04:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-12-18 15:58 - 2015-12-07 04:54 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-12-18 15:58 - 2015-12-07 04:54 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2015-12-18 15:58 - 2015-12-07 04:53 - 19339264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-18 15:58 - 2015-12-07 04:53 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-12-18 15:58 - 2015-12-07 04:51 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-12-18 15:58 - 2015-12-07 04:51 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2015-12-18 15:58 - 2015-12-07 04:50 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2015-12-18 15:58 - 2015-12-07 04:49 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2015-12-18 15:58 - 2015-12-07 04:48 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-12-18 15:58 - 2015-12-07 04:47 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-12-18 15:58 - 2015-12-07 04:45 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-12-18 15:58 - 2015-12-07 04:45 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2015-12-18 15:58 - 2015-12-07 04:45 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2015-12-18 15:58 - 2015-12-07 04:44 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-12-18 15:58 - 2015-12-07 04:43 - 02598400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-12-18 15:58 - 2015-12-07 04:43 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2015-12-18 15:58 - 2015-12-07 04:41 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-12-18 15:58 - 2015-12-07 04:40 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-12-18 15:58 - 2015-12-07 04:40 - 01995776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-12-18 15:58 - 2015-12-07 04:40 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2015-12-18 15:58 - 2015-12-07 04:39 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-12-18 15:58 - 2015-12-07 04:38 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2015-12-18 15:58 - 2015-12-07 04:33 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2015-12-18 15:58 - 2015-12-07 04:32 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2015-12-17 18:43 - 2015-12-17 18:43 - 00093759 _____ C:\Users\Thomas Ratzke\Downloads\Download (2).dvdprofiler
2015-12-17 18:40 - 2015-12-17 18:40 - 00122406 _____ C:\Users\Thomas Ratzke\Downloads\Download (1).dvdprofiler
2015-12-17 10:21 - 2016-01-08 09:17 - 00002023 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2015-12-17 10:21 - 2016-01-08 09:17 - 00002005 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-12-17 10:20 - 2015-12-17 10:20 - 00386096 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-12-17 10:20 - 2015-12-17 10:20 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-12-16 16:23 - 2015-12-16 16:23 - 00000000 ____D C:\Users\Luke Ratzke\AppData\Local\Publishers
2015-12-16 16:23 - 2015-12-16 16:23 - 00000000 ____D C:\Users\Luke Ratzke\AppData\Local\ActiveSync
2015-12-16 16:21 - 2015-12-16 16:24 - 00000000 ____D C:\Users\Luke Ratzke\AppData\Local\Packages
2015-12-16 16:21 - 2015-12-16 16:21 - 00000668 __RSH C:\Users\Luke Ratzke\ntuser.pol
2015-12-16 16:21 - 2015-12-16 16:21 - 00000020 ___SH C:\Users\Luke Ratzke\ntuser.ini
2015-12-16 16:21 - 2015-12-16 16:21 - 00000000 ____D C:\Users\Luke Ratzke\AppData\Local\TileDataLayer
2015-12-16 11:03 - 2015-12-16 11:03 - 00000000 ____D C:\Users\Melanie Ratzke\AppData\Local\ActiveSync
2015-12-16 10:59 - 2015-12-16 10:59 - 00000020 ___SH C:\Users\Melanie Ratzke\ntuser.ini
2015-12-15 16:24 - 2015-12-15 16:25 - 02845281 _____ C:\Users\Thomas Ratzke\Documents\Verkaufsliste_3.pdf
2015-12-15 11:11 - 2016-01-08 09:17 - 00001001 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-01-14 09:52 - 2015-10-30 07:28 - 00000000 ____D C:\Windows
2016-01-14 09:52 - 2015-04-20 19:01 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Local\Spotify
2016-01-14 09:43 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-14 09:43 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-14 09:38 - 2013-02-13 11:56 - 00000000 ____D C:\Users\Thomas Ratzke\Desktop\Scans
2016-01-14 09:36 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-14 09:33 - 2011-04-20 18:55 - 00004188 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{73A8952D-2499-43E8-851C-D88DA5E487FD}
2016-01-14 09:31 - 2011-05-08 18:55 - 00001184 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1218043409-3151763047-2122344536-1001UA.job
2016-01-14 09:29 - 2015-04-20 19:00 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Roaming\Spotify
2016-01-12 19:05 - 2011-04-20 21:08 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Local\Google
2016-01-12 19:05 - 2011-04-20 21:08 - 00000000 ____D C:\Program Files (x86)\Google
2016-01-12 19:02 - 2011-04-20 21:08 - 00000000 ____D C:\ProgramData\Google
2016-01-12 18:56 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-01-12 18:50 - 2015-08-08 17:55 - 00000000 ____D C:\Users\Thomas Ratzke\Documents\Tagebuch
2016-01-12 18:49 - 2011-04-22 10:40 - 00000000 ____D C:\Users\Thomas Ratzke\E-Mail
2016-01-12 18:41 - 2015-12-13 10:25 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Local\CrashDumps
2016-01-12 17:13 - 2013-03-16 10:53 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-01-10 19:41 - 2011-04-30 10:16 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Local\DVD Profiler
2016-01-10 16:49 - 2015-12-12 03:27 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-10 16:49 - 2015-12-12 02:47 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-10 16:49 - 2015-10-30 07:28 - 01835008 ___SH C:\WINDOWS\system32\config\BBI
2016-01-08 09:17 - 2015-12-13 10:26 - 00002200 _____ C:\Users\Public\Desktop\EaseUS Todo Backup Free 8.9 .lnk
2016-01-08 09:17 - 2015-12-13 10:22 - 00001459 _____ C:\Users\Public\Desktop\EaseUS Partition Master 10.8.lnk
2016-01-08 09:17 - 2015-12-12 03:09 - 00001495 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-01-08 09:17 - 2015-11-21 11:27 - 00001464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-01-08 09:17 - 2015-11-21 11:27 - 00001446 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-01-08 09:17 - 2015-11-11 12:23 - 00001126 _____ C:\Users\Public\Desktop\OpenOffice 4.1.2.lnk
2016-01-08 09:17 - 2015-07-19 17:03 - 00000993 _____ C:\Users\Public\Desktop\DVDFab 9.lnk
2016-01-08 09:17 - 2015-07-16 18:42 - 00002693 _____ C:\Users\Public\Desktop\Skype.lnk
2016-01-08 09:17 - 2015-07-12 16:02 - 00002103 _____ C:\Users\Public\Desktop\Nero MediaHome.lnk
2016-01-08 09:17 - 2015-07-12 15:57 - 00002791 _____ C:\Users\Public\Desktop\Nero Video 11.lnk
2016-01-08 09:17 - 2015-06-07 18:31 - 00000909 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-01-08 09:17 - 2015-06-07 09:34 - 00000868 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VidCoder.lnk
2016-01-08 09:17 - 2015-03-24 20:07 - 00001448 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-01-08 09:17 - 2015-03-21 19:39 - 00001839 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2016-01-08 09:17 - 2015-03-05 17:18 - 00001762 _____ C:\Users\Public\Desktop\Defraggler.lnk
2016-01-08 09:17 - 2015-01-29 09:21 - 00002093 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2016-01-08 09:17 - 2015-01-06 17:25 - 00001952 _____ C:\Users\Public\Desktop\Media Go.lnk
2016-01-08 09:17 - 2014-12-29 12:27 - 00002325 _____ C:\Users\Public\Desktop\Logitech Harmony Remote Software 7.lnk
2016-01-08 09:17 - 2014-11-06 08:59 - 00001106 _____ C:\Users\Public\Desktop\SUPER ©.lnk
2016-01-08 09:17 - 2014-09-21 18:18 - 00002199 _____ C:\Users\Public\Desktop\SteuerSparErklärung 2014.lnk
2016-01-08 09:17 - 2014-09-10 18:34 - 00001169 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-01-08 09:17 - 2013-07-11 16:25 - 00001978 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home.lnk
2016-01-08 09:17 - 2012-11-21 19:37 - 00001283 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inhaltsmanager-Assistent für PlayStation(R).lnk
2016-01-08 09:17 - 2011-12-27 19:16 - 00001137 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warner Bros. Digital Copy Manager.lnk
2016-01-08 09:17 - 2011-05-20 18:15 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-01-08 09:17 - 2010-12-17 23:49 - 00002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk
2016-01-08 09:17 - 2010-12-17 23:46 - 00002534 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2016-01-08 09:17 - 2010-12-17 23:46 - 00001490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2016-01-08 09:17 - 2010-12-17 23:46 - 00001374 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
2016-01-08 09:17 - 2010-12-17 23:46 - 00001305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
2016-01-08 09:16 - 2015-08-01 16:42 - 00002456 _____ C:\Users\Thomas Ratzke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-01-08 09:16 - 2015-08-01 16:40 - 00001051 _____ C:\Users\Thomas Ratzke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2016-01-08 09:16 - 2015-04-20 19:01 - 00001838 _____ C:\Users\Thomas Ratzke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-01-08 09:16 - 2013-07-13 16:06 - 00001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2016-01-08 09:16 - 2011-05-20 21:23 - 00001125 _____ C:\Users\Thomas Ratzke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trillian.lnk
2016-01-08 09:15 - 2015-11-29 09:57 - 00001488 _____ C:\Users\Thomas Ratzke\Desktop\CopyTrans Control Center.lnk
2016-01-08 09:15 - 2015-04-29 19:25 - 00001733 _____ C:\Users\Thomas Ratzke\Desktop\GOG.com - Verknüpfung.lnk
2016-01-08 09:15 - 2015-04-20 19:01 - 00001852 _____ C:\Users\Thomas Ratzke\Desktop\Spotify.lnk
2016-01-08 09:15 - 2015-03-05 19:25 - 00000983 _____ C:\Users\Thomas Ratzke\Desktop\AllDup.lnk
2016-01-08 09:15 - 2014-09-10 16:59 - 00001268 _____ C:\Users\Thomas Ratzke\Desktop\Revo Uninstaller.lnk
2016-01-08 09:15 - 2012-10-03 09:12 - 00001113 _____ C:\Users\Thomas Ratzke\Desktop\DVD Profiler.lnk
2016-01-08 09:15 - 2012-08-29 17:53 - 00001835 _____ C:\Users\Thomas Ratzke\Desktop\SRServer.exe.lnk
2016-01-08 09:15 - 2011-12-28 18:30 - 00001215 _____ C:\Users\Thomas Ratzke\Desktop\iSkysoft DRM Removal.lnk
2016-01-08 09:15 - 2011-05-22 19:30 - 00001929 _____ C:\Users\Thomas Ratzke\Desktop\XML Notepad 2007.lnk
2016-01-08 09:15 - 2011-05-20 21:23 - 00001095 _____ C:\Users\Thomas Ratzke\Desktop\Trillian.lnk
2016-01-08 09:15 - 2011-04-22 22:14 - 00001193 _____ C:\Users\Thomas Ratzke\Desktop\SDK Manager - Verknüpfung.lnk
2016-01-08 09:12 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-01-08 09:11 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-01-08 09:10 - 2011-04-28 20:39 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-01-08 08:21 - 2014-09-10 18:35 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-01-07 11:17 - 2011-05-09 18:01 - 00000000 ____D C:\Users\Melanie Ratzke\AppData\Local\Google
2016-01-04 11:34 - 2011-04-20 19:23 - 00000000 ____D C:\temp
2016-01-04 10:52 - 2015-12-12 02:52 - 02083424 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-04 10:52 - 2015-10-30 19:35 - 00887110 _____ C:\WINDOWS\system32\perfh007.dat
2016-01-04 10:52 - 2015-10-30 19:35 - 00196754 _____ C:\WINDOWS\system32\perfc007.dat
2016-01-03 10:00 - 2011-11-18 20:54 - 00000000 ____D C:\ProgramData\DVD Shrink
2016-01-03 02:40 - 2015-10-30 08:26 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-01-03 02:40 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-29 07:53 - 2015-08-01 16:38 - 00000000 __RHD C:\Users\Public\AccountPictures
2015-12-29 07:53 - 2011-04-25 10:52 - 00000000 ___RD C:\Users\Thomas Ratzke\Virtual Machines
2015-12-28 22:57 - 2011-11-19 15:59 - 00000000 ____D C:\Users\Thomas Ratzke\Nero Images
2015-12-28 22:34 - 2011-11-19 15:28 - 00000000 ____D C:\Users\Thomas Ratzke\Documents\NeroVideo
2015-12-27 18:45 - 2015-03-05 19:25 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Roaming\AllDup
2015-12-27 10:11 - 2015-07-16 19:22 - 00000000 ____D C:\Program Files (x86)\GOG.com GalaxyClient
2015-12-27 02:31 - 2011-05-08 18:55 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1218043409-3151763047-2122344536-1001Core.job
2015-12-24 13:14 - 2011-11-19 15:28 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Roaming\Nero
2015-12-24 12:33 - 2015-12-12 02:53 - 00000000 ____D C:\Users\Thomas Ratzke
2015-12-23 21:48 - 2015-01-06 17:23 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Roaming\Sony
2015-12-23 15:30 - 2015-01-06 17:24 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Local\Sony
2015-12-23 15:29 - 2015-01-06 17:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-12-23 15:28 - 2015-01-06 17:13 - 00000000 ____D C:\ProgramData\Sony
2015-12-23 15:28 - 2011-04-24 17:16 - 00000000 ____D C:\Program Files (x86)\Sony
2015-12-23 13:14 - 2011-04-22 10:39 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Local\Windows Live
2015-12-23 12:11 - 2011-04-20 18:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2015-12-23 12:11 - 2011-04-20 18:33 - 00000000 ____D C:\Program Files (x86)\MAGIX
2015-12-23 12:10 - 2011-04-20 18:33 - 00000000 ____D C:\ProgramData\MAGIX
2015-12-23 12:07 - 2011-04-20 18:32 - 00000000 ____D C:\WINDOWS\SysWOW64\MAGIX
2015-12-23 12:06 - 2011-04-21 13:40 - 00000000 ____D C:\Program Files (x86)\NewBlue
2015-12-23 12:01 - 2014-07-26 14:03 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Local\Amazon Music
2015-12-23 11:30 - 2011-04-20 18:33 - 00000000 ____D C:\Users\Thomas Ratzke\Documents\MAGIX_Video_deluxe_15_Premium_Sonderedition
2015-12-23 08:43 - 2011-11-18 21:10 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-12-23 08:43 - 2011-05-20 18:15 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-12-22 19:21 - 2015-12-12 02:47 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-12-22 19:21 - 2015-03-24 20:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-12-22 09:20 - 2013-11-29 19:11 - 00000000 ____D C:\Program Files\PDFCreator
2015-12-22 09:17 - 2013-11-29 19:11 - 00120200 _____ (pdfforge GmbH) C:\WINDOWS\system32\pdfcmon.dll
2015-12-20 16:12 - 2014-05-16 06:12 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-19 08:15 - 2014-09-21 19:09 - 00451040 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-12-19 08:15 - 2014-09-21 19:09 - 00097648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys
2015-12-18 22:18 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-12-18 22:18 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Provisioning
2015-12-18 22:18 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2015-12-18 09:48 - 2015-11-10 22:03 - 12426896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-12-17 10:21 - 2014-09-21 19:08 - 00000000 ____D C:\ProgramData\AVAST Software
2015-12-17 10:20 - 2014-09-21 19:10 - 00004006 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-12-17 10:20 - 2014-09-21 19:09 - 01055560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-12-17 10:20 - 2014-09-21 19:09 - 00273784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-12-17 10:20 - 2014-09-21 19:09 - 00155304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-12-17 10:20 - 2014-09-21 19:09 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-12-17 10:20 - 2014-09-21 19:09 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-12-17 10:20 - 2014-09-21 19:09 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-12-17 09:18 - 2011-04-30 10:15 - 00000000 ____D C:\Users\Thomas Ratzke\Documents\DVD Profiler
2015-12-16 17:59 - 2015-11-10 22:03 - 19727624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-12-16 17:59 - 2015-11-10 22:03 - 14103608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-12-16 17:59 - 2015-11-10 22:03 - 03603368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-12-16 17:59 - 2015-11-10 22:03 - 03184152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-12-16 17:59 - 2015-11-10 22:03 - 00035775 _____ C:\WINDOWS\system32\nvinfo.pb
2015-12-16 16:35 - 2015-08-01 16:38 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Local\Packages
2015-12-16 16:21 - 2015-12-12 02:53 - 00000000 ____D C:\Users\Luke Ratzke
2015-12-16 16:21 - 2011-11-26 10:27 - 00000000 ___RD C:\Users\Luke Ratzke\Virtual Machines
2015-12-16 15:54 - 2015-12-12 02:47 - 06359672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-12-16 15:54 - 2015-12-12 02:47 - 02985264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-12-16 15:54 - 2015-12-12 02:47 - 02554488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-12-16 15:54 - 2015-12-12 02:47 - 01256240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-12-16 15:54 - 2015-12-12 02:47 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-12-16 15:54 - 2015-12-12 02:47 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-12-16 15:49 - 2015-12-12 02:47 - 06090019 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-12-16 11:21 - 2015-08-01 18:26 - 00000000 ____D C:\Users\Melanie Ratzke\AppData\Local\Packages
2015-12-16 11:00 - 2011-05-09 18:00 - 00000000 ___RD C:\Users\Melanie Ratzke\Virtual Machines
2015-12-16 10:59 - 2015-12-12 02:53 - 00000000 ____D C:\Users\Melanie Ratzke
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2011-04-22 22:18 - 2011-04-22 22:18 - 0000109 _____ () C:\Users\Thomas Ratzke\AppData\Roaming\edition.txt
2011-04-21 20:09 - 2014-09-20 15:37 - 0058368 _____ () C:\Users\Thomas Ratzke\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-06 17:13 - 2015-01-06 17:13 - 28488056 _____ (Sony Mobile Communications ) C:\Users\Thomas Ratzke\AppData\Local\pcc.exe
2012-09-06 18:39 - 2012-09-06 18:39 - 0000017 _____ () C:\Users\Thomas Ratzke\AppData\Local\resmon.resmoncfg
2011-12-28 17:45 - 2015-06-12 18:18 - 0000040 ___SH () C:\ProgramData\.zreglib
2010-12-17 23:44 - 2010-12-17 23:44 - 1914000 _____ (Adobe Systems Incorporated) C:\ProgramData\flashax10.exe
2014-11-09 09:18 - 2014-11-09 09:18 - 0000092 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\flashax10.exe
Einige Dateien in TEMP:
====================
C:\Users\Thomas Ratzke\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Thomas Ratzke\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Thomas Ratzke\AppData\Local\Temp\nvStInst.exe
C:\Users\Thomas Ratzke\AppData\Local\Temp\sqlite3.dll
C:\Users\Thomas Ratzke\AppData\Local\Temp\unwise.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-12-26 16:15
==================== Ende von FRST.txt ============================
|
|
14.01.2016, 13:46
| #2 |
| | Windows 10: seltsames Setup bei Systemstart addition.txt
__________________Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:10-01-2015 01
durchgeführt von Thomas Ratzke (2016-01-14 09:53:37)
Gestartet von C:\Users\Thomas Ratzke\Downloads
Windows 10 Home (X64) (2015-12-12 02:38:40)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1218043409-3151763047-2122344536-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1218043409-3151763047-2122344536-503 - Limited - Disabled)
Gast (S-1-5-21-1218043409-3151763047-2122344536-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1218043409-3151763047-2122344536-1011 - Limited - Enabled)
Luke Ratzke (S-1-5-21-1218043409-3151763047-2122344536-1003 - Limited - Enabled) => C:\Users\Luke Ratzke
Melanie Ratzke (S-1-5-21-1218043409-3151763047-2122344536-1002 - Limited - Enabled) => C:\Users\Melanie Ratzke
Thomas Ratzke (S-1-5-21-1218043409-3151763047-2122344536-1001 - Administrator - Enabled) => C:\Users\Thomas Ratzke
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Out of date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Spybot - Search and Destroy (Enabled - Out of date) {A16C3F68-9280-E053-1818-342707FECF4D}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Out of date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.180 - Adobe Systems Incorporated)
Age of Mythology: Extended Edition (HKLM-x32\...\Steam App 266840) (Version: - SkyBox Labs)
AllDup 3.4.24 (HKLM-x32\...\AllDup_is1) (Version: 3.4.24 - Michael Thummerer Software Design)
Amazon Music (HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\Amazon Amazon Music) (Version: 4.0.0.1205 - Amazon Services LLC)
Anno 2070 (HKLM-x32\...\Steam App 48240) (Version: - BlueByte)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2245 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Corel Painter Essentials 3 (HKLM-x32\...\_{0C180787-F8C8-42FD-A9D3-689BA44BEAAF}) (Version: - Corel Corporation)
Corel Painter Essentials 3 (x32 Version: 3.2 - Corel Corporation) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dawn of War - Dark Crusade (HKLM-x32\...\{FF39FC01-819B-42E4-AE49-1968AF12DDD4}) (Version: 1.00.0000 - THQ)
Dawn of War - Soulstorm (HKLM-x32\...\{20533183-D42D-4261-A125-956736FBEA8C}) (Version: 1.00.0000 - THQ)
Dawn of War - Soulstorm (x32 Version: 1.00.0000 - THQ) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
DIE SIEDLER - Aufstieg eines Königreichs (HKLM-x32\...\{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}) (Version: 1.00.0000 - Ubisoft)
Die Siedler 7 (HKLM-x32\...\{9C916142-C18C-429D-BFED-40094A7E0BEB}) (Version: 1.12.1396 - Ubisoft)
Dropbox (HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\Dropbox) (Version: 3.2.9 - Dropbox, Inc.)
Dungeon Keeper Gold (HKLM-x32\...\GOGPACKDUNGEONKEEPER_is1) (Version: 2.0.0.4 - GOG.com)
DVD Profiler Version 3.9.1 (HKLM-x32\...\InvelosDVDProfiler_is1) (Version: - )
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)
DVD Shrink 3.2 deutsch (DeCSS-frei) (HKLM-x32\...\DVD Shrink DE_is1) (Version: - DVD Shrink)
DVDFab 9.2.0.2 (10/06/2015) (HKLM-x32\...\DVDFab 9_is1) (Version: - Fengtao Software Inc.)
EA Download Manager (HKLM-x32\...\InstallShield_{EF7E931D-DC84-471B-8DB6-A83358095474}) (Version: 4.0.0.396 - Electronic Arts)
EA Download Manager (x32 Version: 4.0.0.396 - Electronic Arts) Hidden
Earthworm Jim (HKLM-x32\...\Steam App 38480) (Version: - Interplay Inc.)
EaseUS Partition Master 10.8 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
EaseUS Todo Backup Free 8.9 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 8.9 - CHENGDU YIWO Tech Development Co., Ltd)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON Stylus SX400 Series Printer Uninstall (HKLM\...\EPSON Stylus SX400 Series) (Version: - SEIKO EPSON Corporation)
Fallout 3 (HKLM-x32\...\Steam App 22300) (Version: - Bethesda Softworks)
FileZilla Client 3.14.1 (HKLM-x32\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG)
FormatFactory 3.8.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.8.0.0 - Free Time)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 3.0.4.9 - Genesys Logic)
Gigaset QuickSync (HKLM\...\{18e951f2-329a-4ed2-833b-d980960db29e}) (Version: 8.2.0865.2 - Gigaset Communications GmbH)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version: - Valve)
Half-Life 2: Episode One (HKLM-x32\...\Steam App 380) (Version: - Valve)
Half-Life 2: Episode Two (HKLM-x32\...\Steam App 420) (Version: - Valve)
Heroes of Might and Magic 5 (HKLM-x32\...\Steam App 15170) (Version: - Ubisoft)
Heroes of Might and Magic V: Hammers of Fate (HKLM-x32\...\Steam App 15380) (Version: - Ubisoft)
Homeworld Remastered Collection (HKLM-x32\...\Steam App 244160) (Version: - Gearbox Software)
iClone v4.2 EX (HKLM-x32\...\{7430B12A-3B67-4191-B0C5-59E57344CB1F}) (Version: 4.2.1718.1 - Reallusion Inc.)
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
Inhaltsmanager-Assistent für PlayStation(R) (HKLM-x32\...\{E6EB4571-5ADB-4557-8F95-0E0EF5D0F833}) (Version: 3.30.7824.86 - Sony Computer Entertainment Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 15.4 - Intel)
IPTInstaller (HKLM-x32\...\{6965F2F4-1CD2-4F42-A8EF-9EF433F9AA72}) (Version: 4.0.4 - HTC)
iSkysoft DRM Removal(Build 1.1.0.0) (HKLM-x32\...\iSkysoft DRM Removal_is1) (Version: - iSkysoft Software)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Java SE Development Kit 7 Update 65 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170650}) (Version: 1.7.0.650 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo Dynamic Brightness System (HKLM-x32\...\{D9ED6D06-6002-495E-A7BC-46E6AE386996}) (Version: 4.0.00.22080 - Lenovo)
Lenovo Eye Distance System (HKLM-x32\...\{5183D7AB-D09B-411F-A74E-BBAEA61C6505}) (Version: 4.0.00.21090 - Lenovo)
Lenovo Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3720 - CyberLink Corp.)
Lenovo Power2Go (x32 Version: 6.0.3720 - CyberLink Corp.) Hidden
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 3.0.1409 - CyberLink Corp.)
Lenovo Rescue System (Version: 3.0.1409 - CyberLink Corp.) Hidden
Lenovo Treiber- und Anwendungsinstallation (HKLM-x32\...\{45970CD1-D599-47D4-938F-3E9800D54ED1}) (Version: 5.10.1809 - Lenovo)
Lenovo USB2.0 UVC Camera (HKLM-x32\...\{70D2C5B8-EB22-45B1-9EAA-5E8C1C408A3B}) (Version: 1.00.0000 - Vimicro Corporation)
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
LXH-JME2207FN Hotkey Driver (HKLM-x32\...\{42B21298-C850-4272-AFD9-636CBC005421}) (Version: 5.1.0804 - Lenovo)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Manager (x32 Version: 4.0.1.25166 - 2015 pdfforge GmbH. All rights reserved) Hidden
Media Go (HKLM-x32\...\{65256C0D-3FE7-4D2E-BB3E-53F1175481C8}) (Version: 3.0.403 - Sony)
Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony)
Media Go Video Playback Engine 2.20.103.05220 (HKLM-x32\...\{17BC85C9-EA45-84A7-F4DB-C0D63BBE98DE}) (Version: 2.20.103.05220 - Sony)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Might & Magic Heroes VI - Game Official Demo (HKLM-x32\...\{A024B9E5-7702-4556-A7BF-A04BFF2DE5D8}) (Version: 1.0 - Ubisoft)
MobileMe Control Panel (HKLM\...\{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}) (Version: 3.1.8.0 - Apple Inc.)
Movie Studio Platinum 13.0 (64-bit) (HKLM\...\{2B593480-2BF0-11E5-9124-F04DA23A5C58}) (Version: 13.0.955 - Sony)
Mozilla Firefox 43.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.3 (x86 de)) (Version: 43.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.3 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Music Manager (HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\MusicManager) (Version: - Google, Inc.)
MyHarmony (HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\036a0e4fc6a247ec) (Version: 1.0.1.257 - Logitech)
Nero 11 (HKLM-x32\...\{810B7362-6B05-4714-AF6A-EF3A20CCD634}) (Version: 11.2.00600 - Nero AG)
Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 12.0.4000 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.1009 - Nero AG)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.43 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5983 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.8.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.8.1.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.43 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
PDF Architect 4 (HKLM-x32\...\PDF Architect 4) (Version: 4.0.34.26215 - pdfforge GmbH)
PDF Architect 4 Create Module (Version: 4.0.9.25450 - pdfforge GmbH) Hidden
PDF Architect 4 Edit Module (Version: 4.0.9.25450 - pdfforge GmbH) Hidden
PDF Architect 4 View Module (Version: 4.0.9.25450 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.2.2 - pdfforge)
PlayMemories Home (HKLM-x32\...\{0657DE52-8F5C-4073-B70C-ED4F3F7FA076}) (Version: 7.0.03.04240 - Sony Corporation)
Portal (HKLM-x32\...\Steam App 400) (Version: - Valve)
Prey (HKLM-x32\...\Steam App 3970) (Version: - Humanhead Studios)
proDAD Heroglyph 2.5 (HKLM-x32\...\proDAD-Heroglyph-2.5) (Version: 2.6.32 - proDAD GmbH)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6151 - Realtek Semiconductor Corp.)
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SHIELD Streaming (Version: 4.1.0250 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.8.1.21 - NVIDIA Corporation) Hidden
Sid Meier's Civilization IV (HKLM-x32\...\Steam App 3900) (Version: - Firaxis)
Sid Meier's Civilization IV: Beyond the Sword (HKLM-x32\...\Steam App 8800) (Version: - Firaxis)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Sony PC Companion 2.10.289 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.289 - Sony)
Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.14 - Splashtop Inc.)
Splashtop Streamer (HKLM-x32\...\InstallShield_{2EFEAD58-3311-4B2B-9D8A-8D663581D109}) (Version: 2.1.5.2 - Splashtop Inc.)
Splashtop Streamer (x32 Version: 2.1.5.2 - Splashtop Inc.) Hidden
Spotify (HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\Spotify) (Version: 1.0.3.101.gbfa97dfe - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.5.43 - Safer-Networking Ltd.)
STAR WARS® - Empire At War™ Gold (HKLM-x32\...\1421404887_is1) (Version: 2.0.0.3 - GOG.com)
STAR WARS® - Knights of the Old Republic™ (HKLM-x32\...\1207666283_is1) (Version: 2.0.0.3 - GOG.com)
STAR WARS® Jedi Knight - Dark Forces 2 (HKLM-x32\...\1422286819_is1) (Version: 2.0.0.3 - GOG.com)
STAR WARS™ Jedi Knight™ II - Jedi Outcast™ (HKLM-x32\...\1428935917_is1) (Version: 2.0.0.3 - GOG.com)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steuer-Spar-Erklärung 2011 (HKLM-x32\...\{9F5FD796-86F0-4360-85F8-D54C0F5411EB}) (Version: 16.13 - Akademische Arbeitsgemeinschaft Verlag)
Steuer-Spar-Erklärung 2012 (HKLM-x32\...\{CCD2BAD2-0919-40CB-80CC-E9538B0E4C2E}) (Version: 17.11 - Wolters Kluwer Deutschland GmbH)
Steuer-Spar-Erklärung 2013 (HKLM-x32\...\{AEB61F7A-4BBA-4292-A096-7893E09034A4}) (Version: 18.09 - Wolters Kluwer Deutschland GmbH)
SteuerSparErklärung 2014 (HKLM-x32\...\{A463EB06-22A6-47F5-9593-E52B291EF13E}) (Version: 19.12.92 - Akademische Arbeitsgemeinschaft)
SUPER © v2014.build.62+Recorder (2014/09/21) Version v2014.buil (HKLM-x32\...\{8E2A18E2-96AF-8649-4DE7-5C06C90719A4}_is1) (Version: v2014.build.62+Recorder - eRightSoft)
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version: - )
The GodFather (HKLM-x32\...\The GodFather) (Version: - )
ThemeWallpaper (HKLM-x32\...\{F29CBF73-C211-4616-898A-379A2679F990}) (Version: 1.1.0.090804 - Lenovo)
Trillian (HKLM-x32\...\Trillian) (Version: - Cerulean Studios, LLC)
Turbo Lister 2 (HKLM-x32\...\{8927E07C-97F7-4A54-88FB-D976F50DD46E}) (Version: 2.00.0000 - eBay Inc.)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Ulead PhotoImpact X3 (HKLM-x32\...\InstallShield_{15803703-25FA-4C01-A062-3F4A59937E87}) (Version: 1.00.0000 - Corel)
Ulead PhotoImpact X3 (x32 Version: 1.00.0000 - Corel) Hidden
Vasco da Gama 4 HDPro (HKLM-x32\...\{05BBF12D-565E-4212-8BDD-C482C72866DD}) (Version: 4.00.0000 - MotionStudios)
VidCoder 1.5.31 (x64) (HKLM\...\VidCoder-x64_is1) (Version: 1.5.31 - RandomEngy)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Warner Bros. Digital Copy Manager (HKLM-x32\...\com.warnerbros.DigitalCopyManager.449F66ACC381FDC604DC2AA255FEECEEBBBEE1E5.1) (Version: 1.70 - Warner Bros. Entertainment Inc.)
Warner Bros. Digital Copy Manager (x32 Version: 1.70 - Warner Bros. Entertainment Inc.) Hidden
Welcome App (Start-up experience) (x32 Version: 11.0.23500.0.0 - Nero AG) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16432 - Microsoft Corporation)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
XML Notepad 2007 (HKLM-x32\...\{FC7BACF0-1FFA-4605-B3B4-A66AB382752D}) (Version: 2.3.0.0 - Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Thomas Ratzke\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Thomas Ratzke\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Thomas Ratzke\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {02E10510-A547-494A-9D5A-40B2FE4D0076} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {03CF3941-A5EB-4A5D-84DC-A42FC2982F9E} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2015-05-06] (Nero AG)
Task: {07C87CCB-B2E7-4C0E-9051-3A74F49676C5} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {0CFE2E40-6A97-48C5-9F38-DE82315CF1B0} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {0F80665D-0433-4562-A64D-77D17AE6E51A} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {18328E56-666F-4FBB-8645-6356DC741DBD} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {20107E34-CEFB-4B82-8608-91E485907AB4} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {269751A5-1E8A-4ABC-A55B-D40514BEFEA7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-11-23] (Microsoft Corporation)
Task: {26CA76CF-7DB1-4F12-88D9-F297C6CB0597} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {280C1E7E-5CB6-4DC7-A61C-4ADEE397CA6E} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {2A880E2A-4823-4B1A-95CC-8A37511BB490} - System32\Tasks\Format Factory => C:\Users\Thomas Ratzke\AppData\Local\Temp\is-1C0LD.tmp\prsetup.exe [2015-10-24] (Free Time ) <==== ACHTUNG
Task: {323601EE-CC47-43D2-9D0E-829756D92381} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {38CFA671-3EBE-45FE-BF10-941FC8258D63} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {3D5737C5-EFDD-47D1-8E65-CE48B02C569D} - System32\Tasks\{86A63F94-FD74-4B2C-AD21-C5082463B96D} => pcalua.exe -a "C:\Users\Thomas Ratzke\Downloads\JavaSetup8u40.exe" -d "C:\Users\Thomas Ratzke\Downloads"
Task: {3E4F7CBB-12A9-4FB6-846C-E4650759363A} - System32\Tasks\{CE52BE5C-8F2F-41B9-9383-F051D5E4B7AB} => pcalua.exe -a "C:\Users\Thomas Ratzke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZS6UT17X\JavaSetup8u40.exe" -d "C:\Users\Thomas Ratzke\Desktop"
Task: {3EEA0947-99CC-4D10-8CBE-E929E3FDC5EB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {3F9213D2-BF62-4A8B-92E1-5195E3234256} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {406F4A92-9EB1-4111-83F2-1C8513F341C0} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Task: {493274B7-99AC-4978-9438-2013DFAAA3F3} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {4CFC482A-7F3F-4574-AC61-DA999D34E63C} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {5010C001-5D4F-44B3-A250-CE27A03DE36E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {54D4B834-8C90-41DB-9FE6-96272BBCC4AD} - System32\Tasks\{335F9BA8-081E-4E9F-AA0C-FA29983082B1} => pcalua.exe -a G:\Safe\Nero\Nero7_chm_deu.exe
Task: {56D221FB-A8BF-4047-B8EE-4FFF0C7D9DF0} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {630AEEDF-CD30-43BB-8A6B-FCDBAD67C73D} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {6843F01E-E280-43C8-A99C-754C2C7F83F6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1218043409-3151763047-2122344536-1001UA => C:\Users\Thomas Ratzke\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {6A6CA0A2-0A16-4AC1-B7F2-8B83130A24D5} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
Task: {6AD6CFFE-0357-4A36-A259-DD9125A57965} - System32\Tasks\{173A6382-5B3C-46CB-993C-B3C4A64480BB} => pcalua.exe -a D:\SETUP.EXE -d D:\
Task: {723638DC-4A6A-4EB4-9328-C6E5591847C4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {731AED53-0655-439F-BAA6-0ED7E5585FFE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {746835B7-8675-416C-87E7-EB68234BDDBF} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {74714ED8-09FC-4484-A0F8-C1B90F945099} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {79474E7A-89A9-42B8-B1D6-DFA58DCC2DF6} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {7E91FD94-C7DE-42FD-9892-259B96CFE314} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {8795F85C-B330-4CF1-949F-A981D06AA86D} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {87E999FF-1C14-4ACB-AA62-7EF4C8DD5904} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {8BB21638-D722-4970-8494-4512DFBBEFA3} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {8E9FB6BA-E80F-448D-8CEC-C10F90DBFB47} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {932FF5D1-5E38-4DE0-A951-F2A2152ACD03} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {9683E79B-EA41-4ADF-95BC-4DF39B7E698C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {9BDA3F8F-EB93-4067-B2F6-D50065A37800} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated)
Task: {9BF1CCD1-4116-429E-860F-AA055C334D1B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {A0BCA1B8-C642-40A5-B23F-855725EFFC4F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {A1CDD364-365A-40AF-9585-8EFF375F9593} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-12-17] (AVAST Software)
Task: {A5F483D0-280E-4A7F-B7DF-8E871982D929} - System32\Tasks\{AC642351-857E-4F5E-97A5-B91274266F7E} => pcalua.exe -a "C:\Users\Thomas Ratzke\Downloads\jre-8u40-windows-i586.exe" -d "C:\Users\Thomas Ratzke\Desktop"
Task: {A8892BD7-84EA-4896-90A6-CC23E4018A0B} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {A918B0E8-CEFC-4A4F-8B09-29BA61F5F416} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {AC3FC41D-F3DE-472F-8759-748CFBD507B4} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {ACC81702-DF3D-4CB5-BA50-01FC0F20F285} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {B1EF88D3-3686-4EEC-AF3C-25195A94679E} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {B7B600EB-1AE8-4443-8193-C01DCE5D7262} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {CCB8EFB8-C3E9-428F-98FF-D1A152A2689C} - System32\Tasks\{5711C5F7-3642-4CFD-80F9-9937DDC340FB} => pcalua.exe -a D:\Autoplay.exe -d D:\
Task: {CFDBA500-6D37-42ED-9EB9-674E3E89C2DB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {D33F7650-CAAF-431D-B1B4-2B53D627678A} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {D55D07A2-C7B9-4BF7-BF47-E5DC83277E7E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1218043409-3151763047-2122344536-1001Core => C:\Users\Thomas Ratzke\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {DF46AA32-5F1A-4C17-99AC-752F79708431} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {E329831B-1977-4A22-9F64-F55FA5CAB376} - System32\Tasks\{8C644042-7F3C-48C7-8C93-DCF4A28A5BA2} => pcalua.exe -a D:\fscommand\setup_deutsch.exe -d D:\fscommand
Task: {E40949CB-1B0A-4C07-962D-527AC097DA97} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {E540FF01-0797-47DD-9E13-8FEBF41528C7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {EF55379A-60E7-42BF-9DD1-D0B73264760E} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: {F1CF4C03-ECC0-40FE-B08F-0F5FFDFF5952} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1218043409-3151763047-2122344536-1001Core.job => C:\Users\Thomas Ratzke\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1218043409-3151763047-2122344536-1001UA.job => C:\Users\Thomas Ratzke\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-12-20 16:12 - 2015-12-09 02:52 - 00217720 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-12 02:47 - 2015-12-16 15:54 - 00126256 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-12-12 02:31 - 2015-12-12 02:31 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-12 02:31 - 2015-12-12 02:31 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-12-13 10:24 - 2015-11-03 13:18 - 00249384 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
2015-12-18 15:58 - 2015-12-07 04:33 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-12 02:31 - 2015-12-12 02:31 - 02653816 _____ () C:\Windows\System32\CoreUIComponents.dll
2015-12-18 15:58 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-18 15:58 - 2015-12-07 05:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-18 15:58 - 2015-12-07 04:37 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-18 15:58 - 2015-12-07 04:34 - 00936448 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2015-12-18 15:58 - 2015-12-07 04:34 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-12-18 15:58 - 2015-12-07 04:36 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-12-17 16:36 - 2015-12-17 16:36 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-10-19 19:34 - 2015-10-19 19:34 - 00199680 _____ () C:\Program Files\PDF Architect 4\libidn.dll
2015-12-17 10:20 - 2015-12-17 10:20 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-12-17 10:20 - 2015-12-17 10:20 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-01-08 08:46 - 2016-01-08 08:46 - 02809344 _____ () C:\Program Files\AVAST Software\Avast\defs\16010701\algo.dll
2015-12-17 10:20 - 2015-12-17 10:20 - 00469008 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2015-12-17 10:20 - 2015-12-17 10:20 - 00241896 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2016-01-11 17:59 - 2016-01-11 17:59 - 02821120 _____ () C:\Program Files\AVAST Software\Avast\defs\16011100\algo.dll
2015-12-13 10:24 - 2015-09-21 18:00 - 00080936 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll
2015-12-13 10:24 - 2014-12-15 00:53 - 00017448 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CompressFile.dll
2015-12-13 10:24 - 2014-12-15 00:53 - 00088616 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll
2015-12-13 10:24 - 2014-12-15 00:53 - 01296424 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll
2015-12-13 10:24 - 2014-12-15 00:53 - 00060968 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll
2015-12-13 10:24 - 2015-11-03 03:45 - 00022568 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CmcTbProxy.dll
2015-12-13 10:24 - 2015-11-03 03:45 - 00186408 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCPipeCenter.dll
2015-12-13 10:24 - 2015-11-03 03:45 - 00165416 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCAdapt.dll
2015-12-13 10:24 - 2015-11-03 03:45 - 00058408 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBInfo.dll
2015-12-13 10:24 - 2015-11-03 03:45 - 00015912 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCNetTokenProxy.dll
2015-12-13 10:24 - 2015-06-22 17:58 - 00108072 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll
2015-12-13 10:24 - 2014-12-15 00:53 - 00077864 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\logsys.dll
2015-12-13 10:24 - 2015-09-23 17:58 - 00030760 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DiskSearchImg.dll
2015-12-13 10:24 - 2015-09-23 17:58 - 00068136 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\MountImg.dll
2015-12-13 10:24 - 2014-12-14 17:53 - 00158248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ImgFile.dll
2015-12-13 10:24 - 2015-03-14 04:54 - 00281128 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DsImgFile.dll
2015-12-13 10:24 - 2015-09-23 17:58 - 00072232 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckImg.dll
2015-12-13 10:24 - 2015-09-23 17:58 - 00139816 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\vhdvmdk.dll
2015-12-13 10:24 - 2015-06-22 17:58 - 00037416 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\BootDriver.dll
2015-12-13 10:24 - 2015-11-02 23:03 - 00769064 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll
2015-12-13 10:24 - 2014-12-15 00:53 - 00193064 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBackupSize.dll
2015-12-13 10:24 - 2014-12-15 00:53 - 00407080 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidImage.dll
2015-12-13 10:24 - 2015-06-22 17:58 - 00148008 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumDisk.dll
2015-12-13 10:24 - 2014-12-15 00:53 - 00076840 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FatLib.dll
2015-12-13 10:24 - 2014-12-15 00:53 - 00207912 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSLib.dll
2015-12-13 10:24 - 2015-11-03 13:18 - 00111656 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileStorage.dll
2015-12-13 10:24 - 2015-11-02 23:03 - 00169512 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudInterface.dll
2015-12-13 10:24 - 2015-11-10 11:07 - 00501800 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\StorageMgr.dll
2015-12-13 10:24 - 2015-06-22 17:58 - 00024616 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\GetDriverInfo.dll
2015-12-13 10:24 - 2014-12-15 00:53 - 00020520 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CorrectMbr.dll
2015-12-13 10:24 - 2014-12-15 00:53 - 00032296 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll
2015-12-13 10:24 - 2014-12-15 00:53 - 00034856 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll
2015-12-13 10:24 - 2014-12-15 00:53 - 00064040 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\RegLib.dll
2015-12-13 10:24 - 2015-08-01 08:10 - 00025128 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AccountManager.dll
2015-12-13 10:24 - 2014-12-15 00:53 - 00115752 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NasOperator.dll
2015-12-13 10:24 - 2015-09-23 17:58 - 00201768 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBrowser.dll
2015-12-13 10:24 - 2014-12-15 00:53 - 00077864 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudOperator.dll
2015-12-13 10:24 - 2014-12-15 00:53 - 00037928 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActiveOnline.dll
2015-12-13 10:24 - 2015-06-22 17:58 - 00136232 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\VMConfig.dll
2015-12-13 10:24 - 2014-12-15 00:53 - 00020008 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidDeviceManager.dll
2015-12-13 10:24 - 2014-12-15 00:53 - 00043048 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbDataSwap.dll
2015-11-21 11:27 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-11-21 11:27 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-11-21 11:27 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-11-21 11:27 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-12-13 10:24 - 2014-12-15 00:53 - 00223784 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\SmartBackup.dll
2015-04-09 17:57 - 2015-12-09 02:53 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-12-17 10:20 - 2015-12-17 10:20 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-12-17 16:36 - 2015-12-17 16:36 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2015-12-17 16:36 - 2015-12-17 16:36 - 21845504 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-10-13 05:46 - 2015-10-13 05:46 - 01040144 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\123simsen.com -> www.123simsen.com
Da befinden sich 7867 mehr Seiten.
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2015-11-21 12:23 - 00450892 ___RA C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
Da befinden sich 15464 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Thomas Ratzke\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\transcodedwallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: CEEBC40A-FDED-4C59-B354-939132350B01 => 2
MSCONFIG\Services: EPSON_EB_RPCV4_01 => 2
MSCONFIG\Services: EPSON_PM_RPCV4_01 => 2
MSCONFIG\Services: FirebirdServerMAGIXInstance => 3
MSCONFIG\Services: FoxitCloudUpdateService => 2
MSCONFIG\Services: GalaxyClientService => 3
MSCONFIG\Services: GalaxyCommunication => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LenovoCOMSvc => 2
MSCONFIG\Services: LitModeCtrl => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\Services: PassThru Service => 2
MSCONFIG\Services: PDF Architect Helper Service => 2
MSCONFIG\Services: PDF Architect Service => 2
MSCONFIG\Services: PMBDeviceInfoProvider => 2
MSCONFIG\Services: ProtexisLicensing => 2
MSCONFIG\Services: SBSDWSCService => 2
MSCONFIG\Services: Sony PC Companion => 3
MSCONFIG\Services: SSUService => 2
MSCONFIG\Services: StarWindServiceAE => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: WSWNA3100 => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Inhaltsmanager-Assistent für PlayStation(R).lnk => C:\windows\pss\Inhaltsmanager-Assistent für PlayStation(R).lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NETGEAR WNA3100 Setup-Assistent.lnk => C:\windows\pss\NETGEAR WNA3100 Setup-Assistent.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SRServer.exe.lnk => C:\windows\pss\SRServer.exe.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Thomas Ratzke^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Thomas Ratzke^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk => C:\windows\pss\MyPC Backup.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Thomas Ratzke^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Thomas Ratzke^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Picture Motion Browser Medien-Prüfung.lnk => C:\windows\pss\Picture Motion Browser Medien-Prüfung.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Thomas Ratzke^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Trillian.lnk => C:\windows\pss\Trillian.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AlcoholAutomount => "C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" -automount
MSCONFIG\startupreg: Amazon Cloud Player => "C:\Users\Thomas Ratzke\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe"
MSCONFIG\startupreg: Amazon Music => "C:\Users\Thomas Ratzke\AppData\Local\Amazon Music\Amazon Music Helper.exe"
MSCONFIG\startupreg: AmazonMP3DownloaderHelper => C:\Users\Thomas Ratzke\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
MSCONFIG\startupreg: AnyDVD => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
MSCONFIG\startupreg: ApnUpdater => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
MSCONFIG\startupreg: AppleSyncNotifier => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Browser Infrastructure Helper => C:\Users\Thomas Ratzke\AppData\Local\Smartbar\Application\Linkury.exe startup
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: Corel File Shell Monitor => C:\Program Files (x86)\Corel\Corel MediaOne\CorelIOMonitor.exe
MSCONFIG\startupreg: Corel Photo Downloader => "C:\Program Files (x86)\Corel\Corel MediaOne\Corel Photo Downloader.exe" -startup
MSCONFIG\startupreg: dcmsvc => C:\Program Files (x86)\dcmsvc\dcmsvc.exe
MSCONFIG\startupreg: EA Core => C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent
MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files (x86)\Partition Master 9.2.1 Home Edition\bin\EpmNews.exe
MSCONFIG\startupreg: GalaxyClient => C:\Program Files (x86)\GOG.com GalaxyClient\GalaxyClient.exe /launchViaAutoStart
MSCONFIG\startupreg: Garmin Lifetime Updater => C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe /StartMinimized
MSCONFIG\startupreg: Google Update => "C:\Users\Thomas Ratzke\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GoogleChromeAutoLaunch_42BCF34DF888FA5E24C109D3BA6D368A => "C:\Users\Thomas Ratzke\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: HTC Sync Loader => "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: jmekey => C:\Program Files (x86)\jmesoft\hotkey.exe
MSCONFIG\startupreg: KeePass 2 PreLoad => "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
MSCONFIG\startupreg: Lenovo Dynamic Brightness System => C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe 1
MSCONFIG\startupreg: Lenovo Eye Distance System => C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe 1
MSCONFIG\startupreg: mbot_de_60 => "C:\Program Files (x86)\mbot_de_60\mbot_de_60.exe"
MSCONFIG\startupreg: Microsoft Default Manager => "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
MSCONFIG\startupreg: MobileDocuments => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
MSCONFIG\startupreg: ModeSwitch => "C:\Program Files\Lenovo\Power Dial\LitModeSwitch.exe" /AutoRun
MSCONFIG\startupreg: MusicManager => "C:\Users\Thomas Ratzke\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"
MSCONFIG\startupreg: My Movies Tray => "C:\Program Files (x86)\My Movies for Windows Media Center\My Movies Tray.exe"
MSCONFIG\startupreg: NBAgent => "C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: PMBVolumeWatcher => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SearchSettings => "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
MSCONFIG\startupreg: ShadowPlay => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Thomas Ratzke\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Games\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TrayServer => C:\PROGRA~2\MAGIX\VIDEO_~2\TRAYSE~1.EXE
MSCONFIG\startupreg: Ulead AutoDetector v2 => C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe
MSCONFIG\startupreg: UMonit => C:\windows\SysWOW64\UMonit.exe
MSCONFIG\startupreg: Unattend0000000001{BFA3D12B-66DD-4617-923A-E864BC7D20B5} => C:\Windows\test.bat
MSCONFIG\startupreg: UpdateP2GoShortCut => "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
MSCONFIG\startupreg: UpdatePRCShortCut => "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\StartupApproved\Run: => "Amazon Music"
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\StartupApproved\Run: => "EPSON Stylus SX400 Series"
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\StartupApproved\Run: => "MusicManager"
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\StartupApproved\Run: => "Uninstall C:\Users\Thomas Ratzke\AppData\Local\Microsoft\OneDrive\17.3.5892.0626"
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\StartupApproved\Run: => "Uninstall C:\Users\Thomas Ratzke\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\StartupApproved\Run: => "Uninstall C:\Users\Thomas Ratzke\AppData\Local\Microsoft\OneDrive\17.3.5907.0716"
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\StartupApproved\Run: => "Uninstall C:\Users\Thomas Ratzke\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\StartupApproved\Run: => "Uninstall C:\Users\Thomas Ratzke\AppData\Local\Microsoft\OneDrive\17.3.5930.0814"
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\StartupApproved\Run: => "Uninstall C:\Users\Thomas Ratzke\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\StartupApproved\Run: => "Uninstall C:\Users\Thomas Ratzke\AppData\Local\Microsoft\OneDrive\17.3.5951.0827"
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\StartupApproved\Run: => "Uninstall C:\Users\Thomas Ratzke\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [UDP Query User{3A1156B0-05ED-4D16-878F-72E97EA6B181}C:\users\thomas ratzke\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\thomas ratzke\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{7A918BB9-D97E-43D1-BB49-5303D277B4E3}C:\users\thomas ratzke\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\thomas ratzke\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{B23A1530-7A9C-4C50-A309-68FA4F996826}C:\program files (x86)\sony\media go\mediago.exe] => (Allow) C:\program files (x86)\sony\media go\mediago.exe
FirewallRules: [TCP Query User{6559B205-D387-4EA1-9965-6A2A904A7730}C:\program files (x86)\sony\media go\mediago.exe] => (Allow) C:\program files (x86)\sony\media go\mediago.exe
FirewallRules: [UDP Query User{E722F823-91F5-4C14-8A9E-CD5547968ED3}C:\program files (x86)\sony\media go\mediago.exe] => (Allow) C:\program files (x86)\sony\media go\mediago.exe
FirewallRules: [TCP Query User{B48A24F6-CD65-4EFC-BCCF-B65F8ACB8985}C:\program files (x86)\sony\media go\mediago.exe] => (Allow) C:\program files (x86)\sony\media go\mediago.exe
FirewallRules: [UDP Query User{4924AD17-553D-418E-BB8A-EFFA9F974203}C:\games\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) C:\games\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [TCP Query User{BF9BF998-66AD-4ADC-98D7-9CDBA07B59C3}C:\games\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) C:\games\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [UDP Query User{A376ED6D-950B-4522-9675-68B928F811F1}C:\games\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) C:\games\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [TCP Query User{45C80DB8-7D73-40C4-BB2F-7A234063BED6}C:\games\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) C:\games\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [{F643FD75-0E7E-412B-9BBE-893DCAB887B5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E32EFC61-30B7-4ABE-89C2-40681D312238}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8A043B09-67C8-4248-A65D-DAA2114EBCF8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{675D2958-C39F-44A2-A24E-18226BCBB24C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9E153424-0357-4706-911D-CF07E00A1EE1}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{57E800FA-86E7-4605-8751-A2125441C64B}] => (Allow) LPort=2869
FirewallRules: [{A6A7ADE5-F7BE-4024-8CA7-102563C4EE01}] => (Allow) LPort=1900
FirewallRules: [{4E8FB5DE-0169-4987-9EAE-F582C05D3D09}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{5B549BE3-1F72-4730-847B-A4AF437097BD}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{69A23F59-E423-466C-BDF0-2350EA1D8F4F}] => (Allow) C:\Games\StarCraft II\StarCraft II.exe
FirewallRules: [{D2BF4104-F7FB-4EB3-A8E0-5DF4A26E8F31}] => (Allow) C:\Games\StarCraft II\StarCraft II.exe
FirewallRules: [{15FCCBD7-D3DD-4136-84C6-7E204B189FF9}] => (Allow) C:\Games\DIE SIEDLER - Aufstieg eines Königreichs\base\bin\Settlers6.exe
FirewallRules: [{4F713BF0-3C87-4C7A-B6FE-CFCC2EFC9630}] => (Allow) C:\Games\DIE SIEDLER - Aufstieg eines Königreichs\base\bin\Settlers6.exe
FirewallRules: [{D8C4F190-2EA0-445A-99F3-770938063C79}] => (Allow) C:\Games\Die Siedler 7\Data\Base\_Dbg\Bin\Release\Settlers7R.exe
FirewallRules: [{07100F48-97F8-4AFE-8961-125A1907F63E}] => (Allow) C:\Games\Die Siedler 7\Data\Base\_Dbg\Bin\Release\Settlers7R.exe
FirewallRules: [TCP Query User{04C99A30-3EC8-4A60-B142-96C8F789BFA9}C:\program files (x86)\dvd profiler\dvdpro.exe] => (Allow) C:\program files (x86)\dvd profiler\dvdpro.exe
FirewallRules: [UDP Query User{295908BA-E88E-42B5-AD62-AACE4CE186FB}C:\program files (x86)\dvd profiler\dvdpro.exe] => (Allow) C:\program files (x86)\dvd profiler\dvdpro.exe
FirewallRules: [{A311FADA-47BA-4F7A-A743-276481BA68F4}] => (Allow) C:\Program Files (x86)\Ubisoft\Might & Magic Heroes VI - Game Official Demo\Might & Magic Heroes VI.exe
FirewallRules: [{82435B1B-FC97-4A2A-9C68-2DAE8662DE88}] => (Allow) C:\Program Files (x86)\Ubisoft\Might & Magic Heroes VI - Game Official Demo\Might & Magic Heroes VI.exe
FirewallRules: [TCP Query User{11E78D1F-E698-4D88-A7BC-0C613AE68CD0}C:\program files (x86)\trillian\plugins\skypekit.exe] => (Allow) C:\program files (x86)\trillian\plugins\skypekit.exe
FirewallRules: [UDP Query User{FE51D907-EAE6-4FD6-A100-C771BDA16E72}C:\program files (x86)\trillian\plugins\skypekit.exe] => (Allow) C:\program files (x86)\trillian\plugins\skypekit.exe
FirewallRules: [TCP Query User{4B253899-6F83-42AD-8713-9EBE4B22538E}C:\program files (x86)\trillian\plugins\skypekit.exe] => (Allow) C:\program files (x86)\trillian\plugins\skypekit.exe
FirewallRules: [UDP Query User{43A8D277-A809-4E14-ADA5-F10CF12594A6}C:\program files (x86)\trillian\plugins\skypekit.exe] => (Allow) C:\program files (x86)\trillian\plugins\skypekit.exe
FirewallRules: [TCP Query User{F06636C9-EE51-44DA-93FF-027BEB4402F0}C:\program files (x86)\sony\content manager assistant\cma.exe] => (Allow) C:\program files (x86)\sony\content manager assistant\cma.exe
FirewallRules: [UDP Query User{5A7CA666-2E63-4B19-B592-42B661D483E2}C:\program files (x86)\sony\content manager assistant\cma.exe] => (Allow) C:\program files (x86)\sony\content manager assistant\cma.exe
FirewallRules: [TCP Query User{27DA271B-B6B7-4CF2-AB57-59ED06F54FC2}C:\program files (x86)\splashtop\splashtop remote\server\srfeature.exe] => (Allow) C:\program files (x86)\splashtop\splashtop remote\server\srfeature.exe
FirewallRules: [UDP Query User{877BD684-A827-4BE8-91AE-11130C96EE8D}C:\program files (x86)\splashtop\splashtop remote\server\srfeature.exe] => (Allow) C:\program files (x86)\splashtop\splashtop remote\server\srfeature.exe
FirewallRules: [TCP Query User{060982E9-F103-4DD4-A864-7CF051AEFC74}C:\program files (x86)\sony\content manager assistant\cma.exe] => (Allow) C:\program files (x86)\sony\content manager assistant\cma.exe
FirewallRules: [UDP Query User{32CCDA8E-B42E-46A3-B8CE-DEBCFC317A38}C:\program files (x86)\sony\content manager assistant\cma.exe] => (Allow) C:\program files (x86)\sony\content manager assistant\cma.exe
FirewallRules: [{52EFC8AC-89CD-4CB3-8E2A-DA0E89B29B7A}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
FirewallRules: [{00EF4A28-6F85-4F9C-861D-BBBE87F9AF3D}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
FirewallRules: [{295C08F3-BEE8-4680-99CD-EBD1C9B1E42A}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\DataProxy.exe
FirewallRules: [TCP Query User{F0D9FFC3-FCC3-42FE-B14D-4D24BDD51129}C:\program files (x86)\dvd profiler\dvdpro.exe] => (Allow) C:\program files (x86)\dvd profiler\dvdpro.exe
FirewallRules: [UDP Query User{138629BB-2AD8-4CA7-AC43-5CF82C1C2409}C:\program files (x86)\dvd profiler\dvdpro.exe] => (Allow) C:\program files (x86)\dvd profiler\dvdpro.exe
FirewallRules: [{1F918310-7456-4DF1-BAB3-ABB8EA967E26}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{6B6C4CD4-DD5C-4A33-A7E6-57D5CAE2DDB3}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{4E03838A-3704-43EA-888F-F91947FD7463}C:\games\dawn of war - dark crusade\darkcrusade.exe] => (Allow) C:\games\dawn of war - dark crusade\darkcrusade.exe
FirewallRules: [UDP Query User{D2B74BFD-B2CA-4A94-A0F3-233A1493A9B8}C:\games\dawn of war - dark crusade\darkcrusade.exe] => (Allow) C:\games\dawn of war - dark crusade\darkcrusade.exe
FirewallRules: [TCP Query User{BDE3F4CF-0D2D-4B02-B49D-79433CF7EEE9}C:\games\dawn of war - soulstorm\soulstorm.exe] => (Allow) C:\games\dawn of war - soulstorm\soulstorm.exe
FirewallRules: [UDP Query User{A42430BD-51B9-4C1A-AB7D-6C5F95D68E69}C:\games\dawn of war - soulstorm\soulstorm.exe] => (Allow) C:\games\dawn of war - soulstorm\soulstorm.exe
FirewallRules: [TCP Query User{70F86723-C140-40FC-A1CA-3D82905C1D22}C:\program files (x86)\kuffs software\kps\kps.exe] => (Allow) C:\program files (x86)\kuffs software\kps\kps.exe
FirewallRules: [UDP Query User{B113A33E-07A5-4C12-8C8A-80EBD35B8DAD}C:\program files (x86)\kuffs software\kps\kps.exe] => (Allow) C:\program files (x86)\kuffs software\kps\kps.exe
FirewallRules: [{F8340B8B-EF04-4CD5-ACFB-4DAA20F708EC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C2C8D6B7-1EB9-4BCD-B9D5-D5F74630D4DF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{7707C0B7-13CD-440B-A3D6-7F70ED03697B}] => (Allow) C:\Games\Steam\Steam.exe
FirewallRules: [{1A60C235-2D41-4220-8A64-DE6B3CB86EE3}] => (Allow) C:\Games\Steam\Steam.exe
FirewallRules: [{840394ED-3BF3-43A6-8009-22CEC20F9138}] => (Allow) C:\Games\Steam\SteamApps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{E07C26F2-9645-4D6C-A94A-5FB5C7FE8752}] => (Allow) C:\Games\Steam\SteamApps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{7C287818-05E7-451D-A163-71DA9259791C}] => (Allow) C:\Games\Steam\SteamApps\common\Duke Nukem 3D\bin\dosbox\dosbox.exe
FirewallRules: [{517CAC9A-9D0A-4673-B438-D5F769FF8BDC}] => (Allow) C:\Games\Steam\SteamApps\common\Duke Nukem 3D\bin\dosbox\dosbox.exe
FirewallRules: [{45A2F578-CDB9-49A7-A94E-A15349B71677}] => (Allow) C:\Games\Steam\SteamApps\common\Duke Nukem 3D\bin\build.exe
FirewallRules: [{667BDA52-EDF8-4A8B-86D5-EA5577A4BE7B}] => (Allow) C:\Games\Steam\SteamApps\common\Duke Nukem 3D\bin\build.exe
FirewallRules: [{951713AF-7FE8-4539-B913-1C3EA73F2896}] => (Allow) C:\Games\Steam\SteamApps\common\prey\prey.exe
FirewallRules: [{4BD4E341-9631-4DBE-8E69-088017501F89}] => (Allow) C:\Games\Steam\SteamApps\common\prey\prey.exe
FirewallRules: [{75AF6457-4FBB-405A-923F-232E7D168C12}] => (Allow) C:\Games\Steam\SteamApps\common\Homeworld\HWLauncher\Launcher.exe
FirewallRules: [{95E871EB-0947-41D4-B1AE-5F847E8554D4}] => (Allow) C:\Games\Steam\SteamApps\common\Homeworld\HWLauncher\Launcher.exe
FirewallRules: [{C705FF64-BEFB-430D-83AB-96EBCE3ACA69}] => (Allow) C:\Games\Steam\SteamApps\common\Age of Mythology\Launcher.exe
FirewallRules: [{2702D9C8-EE86-4EA3-886E-33CB7901579E}] => (Allow) C:\Games\Steam\SteamApps\common\Age of Mythology\Launcher.exe
FirewallRules: [{D665FACA-A466-446F-86FF-605E8A4EF592}] => (Allow) C:\Games\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{C64697F9-A477-4BA0-ACA4-1864E872F22C}] => (Allow) C:\Games\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{B17FEE93-7974-4B5F-85C6-62D98EE16645}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{3CC50FEE-F114-463C-95F1-8DD957FC02D6}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{AAABA71E-0106-4A0D-88CA-5FC1A24D0CF2}] => (Allow) C:\Games\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{BA2456C3-1B6E-4C00-888D-194D56763A42}] => (Allow) C:\Games\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{E72F42EC-4D5E-466D-BBF9-8D26EFAD3675}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{ACC2A916-BAEB-455D-9AD6-E9C19B098342}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{33929DC2-1F43-4ABC-8914-1DC001385D48}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{1D789DE4-B6FC-48F0-B6E1-7678024946F3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{818C4A5C-1ABE-4F9E-8E7B-79ED4E61205D}] => (Allow) C:\Games\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{D0B9316E-EA42-497E-BFE6-E6C6A30A16E2}] => (Allow) C:\Games\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{21CC47CB-54D6-42FC-A8E1-9D0F1AA5DEE9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{4EE678C5-B977-47A9-BA8C-71488AE9C778}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3C6B7EE3-525C-491B-8DAC-94A55405EC1D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{1D2BA8DD-4E32-4D90-8DC7-3306F53925E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CF05F847-DE9A-4D41-8960-E4D1C54557A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{96B68E34-1841-42E3-83D9-4491A41EAE44}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{41561100-0144-41BA-A679-6181E4627F32}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{E697DA5A-A3BC-4679-B0D8-CF85AEEC669F}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{2EB5466B-689C-46DD-8AA6-CB511B5AFE25}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{7EDFA8D2-16AE-4902-BAE8-0C8DE3E540F5}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{96756778-CF8F-4012-932F-117091513BF6}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{C21ED57A-D7FF-4491-A105-2862C25E2C88}] => (Allow) C:\Games\Steam\bin\steamwebhelper.exe
FirewallRules: [{12E5CD79-3B73-4EAA-917E-2B7E5EEADC41}] => (Allow) C:\Games\Steam\bin\steamwebhelper.exe
FirewallRules: [{F2CC8125-2F2A-41ED-80AB-21FFBE05B6C5}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{BA959C4F-D6B3-4137-B6A0-B5566DB831DD}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{BEBA6E23-8D98-4292-8F19-F6A132F2335C}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{E617B5C7-28AD-4477-987C-DFAFA5BB9C48}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{FCD652D3-CBF6-49FB-81CE-EC4182657BDA}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{629DFFEB-0D78-4D9E-99A0-A16F797CBB9B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3CD68F0A-2EFC-409A-AEEF-E09778E94D1A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\DVD Profiler\dvdpro.exe] => Enabled:DVD Profiler
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Wiederherstellungspunkte =========================
25-12-2015 16:41:52 Revo Uninstaller's restore point - DailyPCClean v4.1
03-01-2016 09:44:34 Windows Update
06-01-2016 10:53:42 Windows Update
08-01-2016 09:33:54 JRT Pre-Junkware Removal
12-01-2016 18:55:01 Revo Uninstaller's restore point - Lightworks
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (01/12/2016 07:07:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15563
Error: (01/12/2016 07:07:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15563
Error: (01/12/2016 07:07:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/12/2016 06:55:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (01/12/2016 06:41:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: senddoc.exe, Version: 0.0.0.0, Zeitstempel: 0x56275a50
Name des fehlerhaften Moduls: smapi.dll, Version: 15.4.3508.1109, Zeitstempel: 0x4cda7a4a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00008c9f
ID des fehlerhaften Prozesses: 0x420
Startzeit der fehlerhaften Anwendung: 0xsenddoc.exe0
Pfad der fehlerhaften Anwendung: senddoc.exe1
Pfad des fehlerhaften Moduls: senddoc.exe2
Berichtskennung: senddoc.exe3
Vollständiger Name des fehlerhaften Pakets: senddoc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: senddoc.exe5
Error: (01/12/2016 06:25:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: THOMASRATZKE-PC)
Description: Bei der Aktivierung der App „Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (01/12/2016 06:25:47 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: THOMASRATZKE-PC)
Description: Bei der Aktivierung der App „Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (01/12/2016 04:40:30 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: THOMASRATZKE-PC)
Description: Bei der Aktivierung der App „Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (01/11/2016 05:41:37 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: MSSQL$MYMOVIES8
Error: (01/10/2016 07:00:00 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsort "G:\" nicht abgeschlossen. Fehler: Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006).
Systemfehler:
=============
Error: (01/14/2016 09:42:08 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Windows Camera
Error: (01/12/2016 07:07:26 PM) (Source: DCOM) (EventID: 10010) (User: THOMASRATZKE-PC)
Description: {0002DF02-0000-0000-C000-000000000046}
Error: (01/12/2016 07:07:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_1ec39a4" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/12/2016 07:07:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _1ec39a4" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/12/2016 07:07:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_1ec39a4" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/12/2016 07:07:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_1ec39a4" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/11/2016 04:42:06 PM) (Source: DCOM) (EventID: 10016) (User: THOMASRATZKE-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}ThomasRatzke-PCThomas RatzkeS-1-5-21-1218043409-3151763047-2122344536-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (01/11/2016 04:40:46 PM) (Source: DCOM) (EventID: 10016) (User: THOMASRATZKE-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}ThomasRatzke-PCThomas RatzkeS-1-5-21-1218043409-3151763047-2122344536-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (01/11/2016 04:40:46 PM) (Source: DCOM) (EventID: 10016) (User: THOMASRATZKE-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}ThomasRatzke-PCThomas RatzkeS-1-5-21-1218043409-3151763047-2122344536-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (01/11/2016 04:40:36 PM) (Source: DCOM) (EventID: 10016) (User: THOMASRATZKE-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}ThomasRatzke-PCThomas RatzkeS-1-5-21-1218043409-3151763047-2122344536-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
CodeIntegrity:
===================================
Date: 2016-01-10 18:43:03.594
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-10 18:43:03.582
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-10 18:41:31.970
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-10 18:41:31.959
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-10 18:20:50.775
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-10 18:20:50.764
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-10 18:08:06.860
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-10 18:08:06.848
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-10 16:54:40.611
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-10 16:54:40.588
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 39%
Installierter physikalischer RAM: 6126.53 MB
Verfügbarer physikalischer RAM: 3676.16 MB
Summe virtueller Speicher: 12270.53 MB
Verfügbarer virtueller Speicher: 9597.79 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:905.9 GB) (Free:121.99 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive g: (StarCraft II 3.0 Disc 1) (CDROM) (Total:7.91 GB) (Free:0 GB) CDFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 94BB371C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=905.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=25.1 GB) - (Type=12)
==================== Ende von Addition.txt ============================
Gruß, Ratzi Hallo, ich habe mir erlaubt, schon mal einen Schritt weiter zu machen und Malwarbytes laufen lassen. Dieses wurde fündig: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 14.01.2016 Suchlaufzeit: 13:05 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2016.01.14.03 Rootkit-Datenbank: v2016.01.09.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: Thomas Ratzke Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 541324 Abgelaufene Zeit: 31 Min., 2 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 2 PUP.Optional.GlobalSearch.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, In Quarantäne, [256631081d7c37ff8d482ca460a2b947], PUP.Optional.GlobalSearch.ShrtCln, HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, In Quarantäne, [8506e5548f0a05314292d5fbee14b24e], Registrierungswerte: 2 PUP.Optional.GlobalSearch.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, hxxp://www.globasearch.com/?serie=211&installkey=0yFIRIZ2hSXP5LAbSwJa&b=3&q={searchTerms}, In Quarantäne, [256631081d7c37ff8d482ca460a2b947] PUP.Optional.GlobalSearch.ShrtCln, HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, hxxp://www.globasearch.com/?serie=211&installkey=0yFIRIZ2hSXP5LAbSwJa&b=3&q={searchTerms}, In Quarantäne, [8506e5548f0a05314292d5fbee14b24e] Registrierungsdaten: 2 Hijack.GlobaSearch.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.globasearch.com/?serie=211&b=3&installkey=0yFIRIZ2hSXP5LAbSwJa, Gut: (www.google.com), Schlecht: (hxxp://www.globasearch.com/?serie=211&b=3&installkey=0yFIRIZ2hSXP5LAbSwJa),Ersetzt,[147775c48f0a63d38b09bef06d978977] Hijack.GlobaSearch.C, HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.globasearch.com/?serie=211&b=3&installkey=0yFIRIZ2hSXP5LAbSwJa, Gut: (www.google.com), Schlecht: (hxxp://www.globasearch.com/?serie=211&b=3&installkey=0yFIRIZ2hSXP5LAbSwJa),Ersetzt,[15763702a7f2ea4c781bb0fe1ce843bd] Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 2 PUP.Optional.GlobalSearch.ShrtCln, C:\Users\Thomas Ratzke\AppData\Roaming\Mozilla\Firefox\Profiles\46keo9mh.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "hxxp://www.globasearch.com/?serie=211&b=2&installkey=0yFIRIZ2hSXP5LAbSwJa&newtab");), Ersetzt,[d7b4ce6b16834de9fed06371788ca759] PUP.Optional.GlobalSearch.ShrtCln, C:\Users\Thomas Ratzke\AppData\Roaming\Mozilla\Firefox\Profiles\46keo9mh.default\prefs.js, Gut: (user_pref("browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser/), Schlecht: (user_pref("browser.startup.homepage", "hxxp://www.globasearch.com), Ersetzt,[612a9a9f8d0cf64069f525b8947058a8] Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Gruß, Ratzi |
|
14.01.2016, 15:01
| #3 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Windows 10: seltsames Setup bei SystemstartZitat:
Gib Bescheid wenn das erledigt ist.
__________________ |
|
14.01.2016, 17:09
| #4 |
| |  Windows 10: seltsames Setup bei Systemstart Ich habe die Programme mit "Revo Uninstaller" deinstalliert. |
|
14.01.2016, 22:23
| #5 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: seltsames Setup bei Systemstart Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
3. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
15.01.2016, 09:17
| #6 |
| | Windows 10: seltsames Setup bei Systemstart Hallo Cosinus, hier schon mal das LOG des AdwCleaner. Dieses versteckte Setup kam leider nach dem Neustart trotzdem noch. Aber ich bin ja auch noch nicht fertig mit diesem.  Code:
ATTFilter # AdwCleaner v5.029 - Bericht erstellt am 15/01/2016 um 08:52:45
# Aktualisiert am 11/01/2016 von Xplode
# Datenbank : 2016-01-14.1 [Server]
# Betriebssystem : Windows 10 Home (x64)
# Benutzername : Thomas Ratzke - THOMASRATZKE-PC
# Gestartet von : C:\Users\Thomas Ratzke\Downloads\AdwCleaner_5.029.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
***** [ Internetbrowser ] *****
[-] [C:\Users\Thomas Ratzke\AppData\Roaming\Mozilla\Firefox\Profiles\46keo9mh.default\prefs.js] [Preference] Gelöscht : user_pref("browser.startup.homepage", "hxxp://www.globasearch.com/?serie=211&b=2&installkey=0yFIRIZ2hSXP5LAbSwJa");
[-] [C:\Users\Thomas Ratzke\AppData\Roaming\Mozilla\Firefox\Profiles\46keo9mh.default\prefs.js] [Preference] Gelöscht : user_pref("browser.newtab.url", "hxxp://www.globasearch.com/?serie=211&b=2&installkey=0yFIRIZ2hSXP5LAbSwJa&newtab");
*************************
:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1928 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.2 (01.06.2016)
Operating System: Windows 10 Home x64
Ran by Thomas Ratzke (Administrator) on 15.01.2016 at 9:07:35,68
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 3
Failed to delete: C:\ProgramData\pdfforge (Folder)
Successfully deleted: C:\Users\Thomas Ratzke\AppData\Local\{6D29EF02-426D-4F59-A035-00DCCF55824D} (Empty Folder)
Successfully deleted: C:\WINDOWS\wininit.ini (File)
Deleted the following from C:\Users\Thomas Ratzke\AppData\Roaming\Mozilla\Firefox\Profiles\46keo9mh.default\prefs.js
user_pref(browser.startup.homepage, hxxp://www.globasearch.com/?serie=211&b=2&installkey=0yFIRIZ2hSXP5LAbSwJa);
user_pref(browser.newtab.url, hxxp://www.globasearch.com/?serie=211&b=2&installkey=0yFIRIZ2hSXP5LAbSwJa&newtab);
Registry: 4
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\Main\\Start Page (Registry Value)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15.01.2016 at 9:10:14,70
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:10-01-2015 01
durchgeführt von Thomas Ratzke (Administrator) auf THOMASRATZKE-PC (15-01-2016 09:14:26)
Gestartet von C:\Users\Thomas Ratzke\Downloads
Geladene Profile: Thomas Ratzke (Verfügbare Profile: Thomas Ratzke & Melanie Ratzke & Luke Ratzke & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(© pdfforge GmbH.) C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
() C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Farbar) C:\Users\Thomas Ratzke\Downloads\FRST64 (1).exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11057768 2010-07-06] (Realtek Semiconductor)
HKLM\...\Run: [UMonit] => C:\WINDOWS\SysWOW64\UMonit64.exe [53832 2015-07-09] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2771576 2015-12-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\Run: [EPSON Stylus SX400 Series] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIEGE.EXE [221696 2007-12-17] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\Run: [Spotify Web Helper] => C:\Users\Thomas Ratzke\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-04-20] (Spotify Ltd)
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\Run: [Dropbox Update] => C:\Users\Thomas Ratzke\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-14] (Dropbox, Inc.)
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\MountPoints2: {5955485e-a071-11e5-99fb-806e6f6e6963} - "G:\StarCraft II Setup.exe"
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\PhotoScreensaver.scr [583680 2015-10-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => Keine Datei
Startup: C:\Users\Melanie Ratzke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk.disabled [2013-01-29]
ShortcutTarget: OpenOffice.org 3.3.lnk.disabled -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (Keine Datei)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{0192c832-e6e0-490e-92f9-73e0c6b769e5}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{7f4fdd21-863d-44aa-968e-9b58e8c6888f}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
FireFox:
========
FF ProfilePath: C:\Users\Thomas Ratzke\AppData\Roaming\Mozilla\Firefox\Profiles\46keo9mh.default
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-04-10] (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: PDF Architect 4 -> C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2015-10-19] (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-1218043409-3151763047-2122344536-1001: @doubletwist.com/NPPodcast -> C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-1218043409-3151763047-2122344536-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Thomas Ratzke\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-1218043409-3151763047-2122344536-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Thomas Ratzke\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-1218043409-3151763047-2122344536-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Thomas Ratzke\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-1218043409-3151763047-2122344536-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2015-11-20] (Sony Network Entertainment International LLC)
FF Plugin HKU\S-1-5-21-1218043409-3151763047-2122344536-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-07-11] ()
FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension
FF Extension: PDF Architect 4 Creator - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2015-12-22] [ist nicht signiert]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <nicht gefunden>
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [36904 2015-08-01] (CHENGDU YIWO Tech Development Co., Ltd)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [Datei ist nicht signiert]
S4 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert]
S3 GalaxyClientService; C:\Program Files (x86)\GOG.com GalaxyClient\GalaxyClientService.exe [1616440 2015-12-27] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7184440 2015-12-27] (GOG.com)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156216 2015-12-09] (NVIDIA Corporation)
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MSSQL$MYMOVIES; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-12-09] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8185464 2015-12-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [6477432 2015-12-09] (NVIDIA Corporation)
S4 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2012-10-08] () [Datei ist nicht signiert]
S3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2417376 2015-10-19] (pdfforge GmbH)
S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2015-10-19] (pdfforge GmbH)
R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2015-10-19] (pdfforge GmbH)
R2 PDF Architect 4 Manager; C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe [959248 2015-10-05] (© pdfforge GmbH.)
S4 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [483864 2013-04-24] (Sony Corporation)
S4 ProtexisLicensing; C:\windows\SysWOW64\PSIService.exe [177704 2007-06-05] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 athrusb; C:\Windows\System32\DRIVERS\athrxusb.sys [1037312 2007-04-20] (Atheros Communications, Inc.)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\WINDOWS\SysWOW64\epmntdrv.sys [14944 2014-11-18] ()
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48168 2014-12-15] ()
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\WINDOWS\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
R3 GeneStor; C:\Windows\system32\DRIVERS\GeneStor.sys [115704 2015-07-09] (GenesysLogic)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-12-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S3 USTOR2K; C:\Windows\System32\DRIVERS\ustor2k.sys [52224 2010-02-22] (Genesys Logic)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R0 WinI2C-DDC; C:\Windows\System32\drivers\DDCDrv.sys [20832 2008-04-08] (Nicomsoft Ltd.)
R0 WinI2C-DDC; C:\Windows\SysWOW64\drivers\DDCDrv.sys [15712 2010-03-22] (Nicomsoft Ltd.)
U3 idsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-01-15 09:12 - 2016-01-15 09:12 - 02370560 _____ (Farbar) C:\Users\Thomas Ratzke\Downloads\FRST64 (1).exe
2016-01-15 09:10 - 2016-01-15 09:10 - 00001587 _____ C:\Users\Thomas Ratzke\Desktop\JRT.txt
2016-01-15 09:05 - 2016-01-15 09:05 - 01600184 _____ (Malwarebytes) C:\Users\Thomas Ratzke\Downloads\JRT (1).exe
2016-01-15 07:37 - 2016-01-15 07:37 - 01754112 _____ C:\Users\Thomas Ratzke\Downloads\AdwCleaner_5.029.exe
2016-01-14 13:57 - 2016-01-14 13:57 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-01-14 13:55 - 2016-01-15 09:00 - 00001288 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1218043409-3151763047-2122344536-1001UA.job
2016-01-14 13:55 - 2016-01-14 14:00 - 00001236 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1218043409-3151763047-2122344536-1001Core.job
2016-01-14 13:55 - 2016-01-14 13:55 - 00004424 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1218043409-3151763047-2122344536-1001UA
2016-01-14 13:55 - 2016-01-14 13:55 - 00004048 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1218043409-3151763047-2122344536-1001Core
2016-01-14 13:55 - 2016-01-14 13:55 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Local\Dropbox
2016-01-14 13:55 - 2016-01-14 13:55 - 00000000 ____D C:\ProgramData\Dropbox
2016-01-14 13:40 - 2016-01-14 13:40 - 00003415 _____ C:\Users\Thomas Ratzke\Desktop\mbam.txt
2016-01-14 13:37 - 2016-01-14 13:37 - 00003354 _____ C:\Users\Thomas Ratzke\Desktop\Malwarebytes_2016-01-14.txt
2016-01-14 09:56 - 2016-01-14 09:56 - 00061754 _____ C:\Users\Thomas Ratzke\Desktop\FRST.txt
2016-01-14 09:55 - 2016-01-14 09:55 - 00089072 _____ C:\Users\Thomas Ratzke\Desktop\Addition.txt
2016-01-14 09:53 - 2016-01-14 09:55 - 00089072 _____ C:\Users\Thomas Ratzke\Downloads\Addition.txt
2016-01-14 09:52 - 2016-01-15 09:14 - 00017706 _____ C:\Users\Thomas Ratzke\Downloads\FRST.txt
2016-01-14 09:52 - 2016-01-15 09:14 - 00000000 ____D C:\FRST
2016-01-14 09:41 - 2016-01-05 03:37 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-14 09:41 - 2016-01-05 02:59 - 22393856 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-01-14 09:41 - 2016-01-05 02:57 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-01-14 09:41 - 2016-01-05 02:48 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-14 09:41 - 2016-01-05 02:41 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-01-14 09:41 - 2016-01-05 02:28 - 07826432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-01-14 09:40 - 2016-01-05 03:51 - 07477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-01-14 09:40 - 2016-01-05 03:51 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-01-14 09:40 - 2016-01-05 03:51 - 01141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-01-14 09:40 - 2016-01-05 03:50 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-14 09:40 - 2016-01-05 03:50 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-14 09:40 - 2016-01-05 03:50 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-14 09:40 - 2016-01-05 03:49 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-14 09:40 - 2016-01-05 03:48 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-01-14 09:40 - 2016-01-05 03:45 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-01-14 09:40 - 2016-01-05 03:42 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-01-14 09:40 - 2016-01-05 03:37 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-14 09:40 - 2016-01-05 03:37 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-01-14 09:40 - 2016-01-05 03:37 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-14 09:40 - 2016-01-05 03:37 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-14 09:40 - 2016-01-05 03:37 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-14 09:40 - 2016-01-05 03:37 - 00234504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-01-14 09:40 - 2016-01-05 03:36 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-01-14 09:40 - 2016-01-05 03:33 - 02180128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-14 09:40 - 2016-01-05 03:33 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-14 09:40 - 2016-01-05 03:33 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-14 09:40 - 2016-01-05 03:33 - 00701384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-01-14 09:40 - 2016-01-05 03:33 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-14 09:40 - 2016-01-05 03:33 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-01-14 09:40 - 2016-01-05 03:33 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-14 09:40 - 2016-01-05 03:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-01-14 09:40 - 2016-01-05 03:27 - 01594408 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-14 09:40 - 2016-01-05 03:24 - 00796352 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-01-14 09:40 - 2016-01-05 03:23 - 01804664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-14 09:40 - 2016-01-05 03:23 - 01309376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-01-14 09:40 - 2016-01-05 03:23 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-01-14 09:40 - 2016-01-05 03:23 - 00119320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-14 09:40 - 2016-01-05 03:21 - 01371792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-01-14 09:40 - 2016-01-05 03:17 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-01-14 09:40 - 2016-01-05 03:16 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-01-14 09:40 - 2016-01-05 02:57 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll
2016-01-14 09:40 - 2016-01-05 02:57 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-01-14 09:40 - 2016-01-05 02:56 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-01-14 09:40 - 2016-01-05 02:54 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-01-14 09:40 - 2016-01-05 02:53 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2016-01-14 09:40 - 2016-01-05 02:52 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-01-14 09:40 - 2016-01-05 02:51 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-01-14 09:40 - 2016-01-05 02:51 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-01-14 09:40 - 2016-01-05 02:50 - 00644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-01-14 09:40 - 2016-01-05 02:50 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-01-14 09:40 - 2016-01-05 02:50 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-01-14 09:40 - 2016-01-05 02:49 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-01-14 09:40 - 2016-01-05 02:49 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-01-14 09:40 - 2016-01-05 02:49 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-14 09:40 - 2016-01-05 02:49 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-01-14 09:40 - 2016-01-05 02:49 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-01-14 09:40 - 2016-01-05 02:49 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll
2016-01-14 09:40 - 2016-01-05 02:48 - 01009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-14 09:40 - 2016-01-05 02:48 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-01-14 09:40 - 2016-01-05 02:47 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-01-14 09:40 - 2016-01-05 02:47 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-01-14 09:40 - 2016-01-05 02:47 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-01-14 09:40 - 2016-01-05 02:45 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-01-14 09:40 - 2016-01-05 02:45 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-01-14 09:40 - 2016-01-05 02:44 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2016-01-14 09:40 - 2016-01-05 02:43 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-01-14 09:40 - 2016-01-05 02:43 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-01-14 09:40 - 2016-01-05 02:43 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-01-14 09:40 - 2016-01-05 02:42 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-01-14 09:40 - 2016-01-05 02:41 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-01-14 09:40 - 2016-01-05 02:41 - 00558592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-01-14 09:40 - 2016-01-05 02:40 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-01-14 09:40 - 2016-01-05 02:40 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2016-01-14 09:40 - 2016-01-05 02:39 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-01-14 09:40 - 2016-01-05 02:39 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-14 09:40 - 2016-01-05 02:39 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-01-14 09:40 - 2016-01-05 02:39 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-01-14 09:40 - 2016-01-05 02:38 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-01-14 09:40 - 2016-01-05 02:36 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-01-14 09:40 - 2016-01-05 02:36 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-01-14 09:40 - 2016-01-05 02:33 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-14 09:40 - 2016-01-05 02:30 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-01-14 09:40 - 2016-01-05 02:30 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-01-14 09:40 - 2016-01-05 02:29 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-01-14 09:40 - 2016-01-05 02:28 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-01-14 09:40 - 2016-01-05 02:28 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-14 09:40 - 2016-01-05 02:25 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-01-14 09:37 - 2016-01-14 09:52 - 02370560 _____ (Farbar) C:\Users\Thomas Ratzke\Downloads\FRST64.exe
2016-01-09 09:50 - 2016-01-09 09:50 - 00184016 _____ C:\Users\Melanie Ratzke\Downloads\DHL-Marke-3UZYKA79LE.pdf
2016-01-09 09:44 - 2016-01-09 09:44 - 00106184 _____ C:\Users\Thomas Ratzke\Downloads\Briefmarken.1Stk.09.01.2016_0943.pdf
2016-01-09 09:36 - 2016-01-09 09:36 - 00106547 ____T C:\Users\Public\Documents\Briefe und Maße_deutsche Post_2.pdf
2016-01-09 09:34 - 2016-01-09 09:34 - 00056983 _____ C:\Users\Public\Documents\Briefe und Maße_deutsche Post.pdf
2016-01-08 09:16 - 2016-01-15 08:52 - 00000000 ____D C:\AdwCleaner
2016-01-08 08:25 - 2016-01-15 09:03 - 01600184 _____ (Malwarebytes) C:\Users\Thomas Ratzke\Downloads\JRT.exe
2016-01-08 08:24 - 2016-01-08 09:16 - 01749504 _____ C:\Users\Thomas Ratzke\Downloads\AdwCleaner_5.028.exe
2016-01-06 09:45 - 2016-01-14 13:38 - 00001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-01-06 09:45 - 2016-01-14 13:38 - 00001214 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-01-06 09:44 - 2016-01-06 09:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-06 09:44 - 2016-01-06 09:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-06 09:32 - 2016-01-06 09:32 - 00251057 _____ C:\Users\Thomas Ratzke\Downloads\Briefmarken.8Stk.06.01.2016_0931.pdf
2016-01-05 16:14 - 2016-01-05 16:15 - 00114330 _____ C:\Users\Thomas Ratzke\Downloads\Briefmarken.2Stk.05.01.2016_1614.pdf
2016-01-04 11:21 - 2016-01-04 11:21 - 00000695 _____ C:\Users\Thomas Ratzke\Downloads\sync
2016-01-04 11:10 - 2016-01-04 11:11 - 00000000 ____D C:\Users\Public\Documents\Melanie
2016-01-04 11:10 - 2016-01-04 11:10 - 00071904 _____ C:\Users\Thomas Ratzke\Downloads\Einkaufsliste.pdf
2016-01-04 10:58 - 2016-01-04 11:00 - 00125793 _____ C:\Users\Thomas Ratzke\Downloads\Dein-Wochenplan-Paleo360°-Lifestyle-Challenge.pdf
2016-01-03 10:15 - 2016-01-03 10:15 - 03340204 _____ C:\Users\Thomas Ratzke\Downloads\lo-oo-ressources-linguistiques-fr-v5.3.oxt
2015-12-27 11:41 - 2016-01-11 16:39 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Local\Deployment
2015-12-27 09:32 - 2015-12-28 16:48 - 00000000 ____D C:\Users\Thomas Ratzke\Documents\Movie Studio Platinum 13.0 Projekte
2015-12-25 16:39 - 2016-01-14 13:37 - 00001140 _____ C:\Users\Thomas Ratzke\Desktop\Format Factory.lnk
2015-12-25 16:39 - 2015-12-25 16:40 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2015-12-25 16:37 - 2015-12-25 16:40 - 00000000 ____D C:\Program Files (x86)\FormatFactory
2015-12-25 16:33 - 2015-12-25 16:33 - 00000000 ____D C:\WINDOWS\System32\Tasks\Leader Technologies
2015-12-25 16:32 - 2015-12-25 16:32 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Roaming\Leadertech
2015-12-24 12:36 - 2015-12-24 12:36 - 00003476 _____ C:\WINDOWS\System32\Tasks\Format Factory
2015-12-24 12:34 - 2015-12-24 12:35 - 04506061 _____ (Free Time Inc ) C:\Users\Thomas Ratzke\Downloads\FormatFactory-3.8.0.2.exe
2015-12-23 15:32 - 2015-12-23 15:32 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Roaming\Publish Providers
2015-12-23 15:29 - 2016-01-14 13:38 - 00001259 _____ C:\Users\Public\Desktop\Movie Studio Platinum 13.0 (64-bit).lnk
2015-12-23 15:28 - 2015-12-23 15:28 - 00000000 ____D C:\Program Files\Sony
2015-12-23 13:45 - 2015-12-23 15:26 - 484066528 _____ (Sony Creative Software Inc.) C:\Users\Thomas Ratzke\Downloads\moviestudiope13.0.955_64bit.exe
2015-12-23 13:08 - 2015-12-23 13:10 - 142602520 _____ (Microsoft Corporation) C:\Users\Thomas Ratzke\Downloads\wlsetup-all_16.4.3508.0205.exe
2015-12-23 12:15 - 2015-12-23 12:15 - 00000000 ____D C:\Users\Thomas Ratzke\.MCTranscodingSDK
2015-12-23 12:05 - 2015-12-23 12:12 - 67203112 _____ (Lightworks) C:\Users\Thomas Ratzke\Downloads\lightworks_v12.5.0_full_64bit_setup.exe
2015-12-23 12:00 - 2015-12-23 12:30 - 00000000 ____D C:\Users\Public\Documents\Lightworks
2015-12-23 12:00 - 2015-12-23 12:00 - 00000000 ____D C:\ProgramData\Geevs
2015-12-23 08:44 - 2016-01-14 13:38 - 00001816 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-12-23 08:44 - 2015-12-23 08:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-12-23 08:43 - 2015-12-23 08:44 - 00000000 ____D C:\Program Files\iTunes
2015-12-23 08:43 - 2015-12-23 08:43 - 00000000 ____D C:\Program Files\iPod
2015-12-23 08:38 - 2015-12-23 08:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-12-22 19:21 - 2016-01-14 13:38 - 00002204 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-12-22 19:20 - 2015-12-16 15:54 - 00523384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-12-22 19:20 - 2015-12-16 15:54 - 00075056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-12-22 19:20 - 2015-12-16 15:19 - 00103216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-12-22 19:18 - 2015-12-16 17:59 - 31098488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-12-22 19:18 - 2015-12-16 17:59 - 24923768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-12-22 19:18 - 2015-12-16 17:59 - 21131424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-12-22 19:18 - 2015-12-16 17:59 - 17568432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-12-22 19:18 - 2015-12-16 17:59 - 17123736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-12-22 19:18 - 2015-12-16 17:59 - 00938104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-12-22 19:18 - 2015-12-16 17:59 - 00872056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-12-22 19:18 - 2015-12-16 17:59 - 00735024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-12-22 19:18 - 2015-12-16 17:59 - 00681592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-12-22 19:18 - 2015-12-16 17:59 - 00541000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-12-22 19:18 - 2015-12-16 17:59 - 00445728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-12-22 19:18 - 2015-12-16 17:59 - 00175368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-12-22 19:18 - 2015-12-16 17:59 - 00153208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-12-22 19:18 - 2015-12-16 17:59 - 00151184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-12-22 19:18 - 2015-12-16 17:59 - 00128696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-12-22 19:17 - 2015-12-16 17:59 - 42976888 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-12-22 19:17 - 2015-12-16 17:59 - 37608568 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-12-22 19:17 - 2015-12-16 17:59 - 20672376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-12-22 19:17 - 2015-12-16 17:59 - 17164160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-12-22 19:17 - 2015-12-16 17:59 - 17104016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-12-22 19:17 - 2015-12-16 17:59 - 02560816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-12-22 19:17 - 2015-12-16 17:59 - 02214192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-12-22 19:17 - 2015-12-16 17:59 - 01915512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436143.dll
2015-12-22 19:17 - 2015-12-16 17:59 - 01564976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436143.dll
2015-12-22 09:19 - 2016-01-14 13:38 - 00000879 _____ C:\Users\Public\Desktop\PDF Architect 4.lnk
2015-12-22 09:19 - 2015-12-23 07:54 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Roaming\PDF Architect 4
2015-12-22 09:19 - 2015-12-22 09:19 - 00000000 ____D C:\ProgramData\pdfforge
2015-12-22 09:19 - 2015-12-22 09:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 4
2015-12-22 09:18 - 2015-12-22 09:19 - 00000000 ____D C:\Program Files\PDF Architect 4
2015-12-22 09:18 - 2015-12-22 09:19 - 00000000 ____D C:\Program Files (x86)\PDF Architect 4
2015-12-22 09:18 - 2015-12-22 09:18 - 00000000 ____D C:\Users\Thomas Ratzke\Documents\PDF Architect
2015-12-22 09:17 - 2016-01-14 13:38 - 00000915 _____ C:\Users\Public\Desktop\PDFCreator.lnk
2015-12-22 09:17 - 2015-12-22 09:22 - 00000000 ____D C:\ProgramData\PDF Architect 4
2015-12-22 09:17 - 2015-12-22 09:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2015-12-22 09:11 - 2015-12-22 09:16 - 27005440 _____ (pdfforge GmbH) C:\Users\Thomas Ratzke\Downloads\PDFCreator-2_2_2-setup.exe
2015-12-22 09:09 - 2016-01-14 09:39 - 00000000 ____D C:\Users\Public\Documents\Geschäftliches
2015-12-21 10:29 - 2015-12-21 10:29 - 00186303 _____ C:\Users\Thomas Ratzke\Downloads\DHL-Marke-9238YYDQPY.pdf
2015-12-20 16:30 - 2015-11-25 00:07 - 00112760 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-12-20 16:30 - 2015-11-25 00:07 - 00105080 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-12-20 16:28 - 2015-11-25 00:07 - 01905272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435906.dll
2015-12-20 16:28 - 2015-11-25 00:07 - 01564792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435906.dll
2015-12-20 16:12 - 2015-12-09 02:51 - 00111520 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2015-12-18 15:58 - 2015-12-07 05:57 - 00973664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-12-18 15:58 - 2015-12-07 05:55 - 01281376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-12-18 15:58 - 2015-12-07 05:49 - 00412512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2015-12-18 15:58 - 2015-12-07 05:48 - 01155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 01092456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 01065080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 01020096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00983464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00884256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00823264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00526856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00450904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00337840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2015-12-18 15:58 - 2015-12-07 05:47 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-12-18 15:58 - 2015-12-07 05:47 - 00898184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-12-18 15:58 - 2015-12-07 05:47 - 00716928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-12-18 15:58 - 2015-12-07 05:46 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-18 15:58 - 2015-12-07 05:46 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-18 15:58 - 2015-12-07 05:45 - 00264544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-12-18 15:58 - 2015-12-07 05:15 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2015-12-18 15:58 - 2015-12-07 05:15 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
2015-12-18 15:58 - 2015-12-07 05:10 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2015-12-18 15:58 - 2015-12-07 05:09 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2015-12-18 15:58 - 2015-12-07 05:09 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2015-12-18 15:58 - 2015-12-07 05:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2015-12-18 15:58 - 2015-12-07 05:07 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2015-12-18 15:58 - 2015-12-07 05:07 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2015-12-18 15:58 - 2015-12-07 05:06 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2015-12-18 15:58 - 2015-12-07 05:06 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-12-18 15:58 - 2015-12-07 05:06 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-12-18 15:58 - 2015-12-07 05:05 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-12-18 15:58 - 2015-12-07 05:05 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe
2015-12-18 15:58 - 2015-12-07 05:04 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2015-12-18 15:58 - 2015-12-07 05:04 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2015-12-18 15:58 - 2015-12-07 05:02 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2015-12-18 15:58 - 2015-12-07 05:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2015-12-18 15:58 - 2015-12-07 05:01 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-12-18 15:58 - 2015-12-07 05:01 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe
2015-12-18 15:58 - 2015-12-07 05:00 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2015-12-18 15:58 - 2015-12-07 05:00 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2015-12-18 15:58 - 2015-12-07 05:00 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-12-18 15:58 - 2015-12-07 05:00 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2015-12-18 15:58 - 2015-12-07 04:59 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-12-18 15:58 - 2015-12-07 04:59 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-12-18 15:58 - 2015-12-07 04:59 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-12-18 15:58 - 2015-12-07 04:59 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2015-12-18 15:58 - 2015-12-07 04:58 - 24601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-18 15:58 - 2015-12-07 04:58 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-12-18 15:58 - 2015-12-07 04:57 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2015-12-18 15:58 - 2015-12-07 04:57 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2015-12-18 15:58 - 2015-12-07 04:56 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-12-18 15:58 - 2015-12-07 04:56 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-12-18 15:58 - 2015-12-07 04:55 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-12-18 15:58 - 2015-12-07 04:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-12-18 15:58 - 2015-12-07 04:54 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-12-18 15:58 - 2015-12-07 04:53 - 19339264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-18 15:58 - 2015-12-07 04:53 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-12-18 15:58 - 2015-12-07 04:51 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-12-18 15:58 - 2015-12-07 04:51 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2015-12-18 15:58 - 2015-12-07 04:50 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2015-12-18 15:58 - 2015-12-07 04:49 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2015-12-18 15:58 - 2015-12-07 04:48 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-12-18 15:58 - 2015-12-07 04:45 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-12-18 15:58 - 2015-12-07 04:45 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2015-12-18 15:58 - 2015-12-07 04:45 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2015-12-18 15:58 - 2015-12-07 04:43 - 02598400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-12-18 15:58 - 2015-12-07 04:43 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2015-12-18 15:58 - 2015-12-07 04:41 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-12-18 15:58 - 2015-12-07 04:40 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-12-18 15:58 - 2015-12-07 04:40 - 01995776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-12-18 15:58 - 2015-12-07 04:40 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2015-12-18 15:58 - 2015-12-07 04:39 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-12-18 15:58 - 2015-12-07 04:38 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2015-12-18 15:58 - 2015-12-07 04:33 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2015-12-18 15:58 - 2015-12-07 04:32 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2015-12-17 18:43 - 2015-12-17 18:43 - 00093759 _____ C:\Users\Thomas Ratzke\Downloads\Download (2).dvdprofiler
2015-12-17 18:40 - 2015-12-17 18:40 - 00122406 _____ C:\Users\Thomas Ratzke\Downloads\Download (1).dvdprofiler
2015-12-16 16:23 - 2015-12-16 16:23 - 00000000 ____D C:\Users\Luke Ratzke\AppData\Local\Publishers
2015-12-16 16:23 - 2015-12-16 16:23 - 00000000 ____D C:\Users\Luke Ratzke\AppData\Local\ActiveSync
2015-12-16 16:21 - 2015-12-16 16:24 - 00000000 ____D C:\Users\Luke Ratzke\AppData\Local\Packages
2015-12-16 16:21 - 2015-12-16 16:21 - 00000668 __RSH C:\Users\Luke Ratzke\ntuser.pol
2015-12-16 16:21 - 2015-12-16 16:21 - 00000020 ___SH C:\Users\Luke Ratzke\ntuser.ini
2015-12-16 16:21 - 2015-12-16 16:21 - 00000000 ____D C:\Users\Luke Ratzke\AppData\Local\TileDataLayer
2015-12-16 11:03 - 2015-12-16 11:03 - 00000000 ____D C:\Users\Melanie Ratzke\AppData\Local\ActiveSync
2015-12-16 10:59 - 2015-12-16 10:59 - 00000020 ___SH C:\Users\Melanie Ratzke\ntuser.ini
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-01-15 09:13 - 2013-03-16 10:53 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-01-15 09:08 - 2015-10-30 07:28 - 00000000 ____D C:\Windows
2016-01-15 08:53 - 2015-12-12 03:27 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-15 08:53 - 2015-12-12 02:47 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-15 08:53 - 2015-10-30 07:28 - 01835008 ___SH C:\WINDOWS\system32\config\BBI
2016-01-15 08:52 - 2015-12-13 10:25 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Local\CrashDumps
2016-01-15 08:31 - 2011-05-08 18:55 - 00001184 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1218043409-3151763047-2122344536-1001UA.job
2016-01-15 07:36 - 2015-08-08 17:55 - 00000000 ____D C:\Users\Thomas Ratzke\Documents\Tagebuch
2016-01-15 03:32 - 2011-04-20 18:55 - 00004188 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{73A8952D-2499-43E8-851C-D88DA5E487FD}
2016-01-14 20:32 - 2011-11-27 10:27 - 00000000 ____D C:\Users\Thomas Ratzke\Documents\Nero
2016-01-14 20:29 - 2015-04-20 19:01 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Local\Spotify
2016-01-14 20:28 - 2013-08-15 08:56 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-14 20:23 - 2011-04-20 20:32 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-01-14 20:09 - 2015-06-07 18:31 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Roaming\vlc
2016-01-14 20:08 - 2011-11-19 15:28 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Local\Nero
2016-01-14 20:01 - 2015-04-20 19:00 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Roaming\Spotify
2016-01-14 17:10 - 2014-09-21 19:08 - 00000000 ____D C:\ProgramData\AVAST Software
2016-01-14 17:09 - 2011-04-25 10:56 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-01-14 14:23 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-14 14:12 - 2011-05-05 16:31 - 00000000 ___RD C:\Users\Thomas Ratzke\Dropbox
2016-01-14 14:08 - 2011-05-05 16:29 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox
2016-01-14 14:07 - 2015-12-12 02:52 - 02083424 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-14 14:07 - 2015-10-30 19:35 - 00887110 _____ C:\WINDOWS\system32\perfh007.dat
2016-01-14 14:07 - 2015-10-30 19:35 - 00196754 _____ C:\WINDOWS\system32\perfc007.dat
2016-01-14 14:07 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-01-14 14:00 - 2013-03-14 14:47 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-14 14:00 - 2013-03-14 14:47 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-14 14:00 - 2011-04-20 21:08 - 00000000 ____D C:\Program Files\Google
2016-01-14 14:00 - 2011-04-20 21:08 - 00000000 ____D C:\Program Files (x86)\Google
2016-01-14 13:58 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-14 13:38 - 2015-12-15 11:11 - 00001001 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
2016-01-14 13:38 - 2015-12-13 10:26 - 00002200 _____ C:\Users\Public\Desktop\EaseUS Todo Backup Free 8.9 .lnk
2016-01-14 13:38 - 2015-12-13 10:22 - 00001459 _____ C:\Users\Public\Desktop\EaseUS Partition Master 10.8.lnk
2016-01-14 13:38 - 2015-12-12 03:09 - 00001495 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-01-14 13:38 - 2015-11-11 12:23 - 00001126 _____ C:\Users\Public\Desktop\OpenOffice 4.1.2.lnk
2016-01-14 13:38 - 2015-07-19 17:03 - 00000993 _____ C:\Users\Public\Desktop\DVDFab 9.lnk
2016-01-14 13:38 - 2015-07-16 18:42 - 00002693 _____ C:\Users\Public\Desktop\Skype.lnk
2016-01-14 13:38 - 2015-07-12 16:02 - 00002103 _____ C:\Users\Public\Desktop\Nero MediaHome.lnk
2016-01-14 13:38 - 2015-07-12 15:57 - 00002791 _____ C:\Users\Public\Desktop\Nero Video 11.lnk
2016-01-14 13:38 - 2015-06-07 18:31 - 00000909 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-01-14 13:38 - 2015-06-07 09:34 - 00000868 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VidCoder.lnk
2016-01-14 13:38 - 2015-03-24 20:07 - 00001448 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-01-14 13:38 - 2015-03-21 19:39 - 00001839 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2016-01-14 13:38 - 2015-03-05 17:18 - 00001762 _____ C:\Users\Public\Desktop\Defraggler.lnk
2016-01-14 13:38 - 2015-01-29 09:21 - 00002093 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2016-01-14 13:38 - 2015-01-06 17:25 - 00001952 _____ C:\Users\Public\Desktop\Media Go.lnk
2016-01-14 13:38 - 2014-12-29 12:27 - 00002325 _____ C:\Users\Public\Desktop\Logitech Harmony Remote Software 7.lnk
2016-01-14 13:38 - 2014-11-06 08:59 - 00001106 _____ C:\Users\Public\Desktop\SUPER ©.lnk
2016-01-14 13:38 - 2014-09-21 18:18 - 00002199 _____ C:\Users\Public\Desktop\SteuerSparErklärung 2014.lnk
2016-01-14 13:38 - 2014-09-10 18:34 - 00001169 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-01-14 13:38 - 2013-07-11 16:25 - 00001978 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home.lnk
2016-01-14 13:38 - 2012-11-21 19:37 - 00001283 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inhaltsmanager-Assistent für PlayStation(R).lnk
2016-01-14 13:38 - 2011-12-27 19:16 - 00001137 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warner Bros. Digital Copy Manager.lnk
2016-01-14 13:38 - 2011-05-20 18:15 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-01-14 13:38 - 2010-12-17 23:49 - 00002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk
2016-01-14 13:38 - 2010-12-17 23:46 - 00002534 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2016-01-14 13:38 - 2010-12-17 23:46 - 00001490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2016-01-14 13:38 - 2010-12-17 23:46 - 00001374 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
2016-01-14 13:38 - 2010-12-17 23:46 - 00001305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
2016-01-14 13:37 - 2015-11-29 09:57 - 00001488 _____ C:\Users\Thomas Ratzke\Desktop\CopyTrans Control Center.lnk
2016-01-14 13:37 - 2015-08-01 16:42 - 00002456 _____ C:\Users\Thomas Ratzke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-01-14 13:37 - 2015-08-01 16:40 - 00001051 _____ C:\Users\Thomas Ratzke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2016-01-14 13:37 - 2015-04-29 19:25 - 00001733 _____ C:\Users\Thomas Ratzke\Desktop\GOG.com - Verknüpfung.lnk
2016-01-14 13:37 - 2015-04-20 19:01 - 00001852 _____ C:\Users\Thomas Ratzke\Desktop\Spotify.lnk
2016-01-14 13:37 - 2015-04-20 19:01 - 00001838 _____ C:\Users\Thomas Ratzke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-01-14 13:37 - 2015-03-05 19:25 - 00000983 _____ C:\Users\Thomas Ratzke\Desktop\AllDup.lnk
2016-01-14 13:37 - 2014-09-10 16:59 - 00001268 _____ C:\Users\Thomas Ratzke\Desktop\Revo Uninstaller.lnk
2016-01-14 13:37 - 2013-07-13 16:06 - 00001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2016-01-14 13:37 - 2012-10-03 09:12 - 00001113 _____ C:\Users\Thomas Ratzke\Desktop\DVD Profiler.lnk
2016-01-14 13:37 - 2012-08-29 17:53 - 00001835 _____ C:\Users\Thomas Ratzke\Desktop\SRServer.exe.lnk
2016-01-14 13:37 - 2011-12-28 18:30 - 00001215 _____ C:\Users\Thomas Ratzke\Desktop\iSkysoft DRM Removal.lnk
2016-01-14 13:37 - 2011-05-22 19:30 - 00001929 _____ C:\Users\Thomas Ratzke\Desktop\XML Notepad 2007.lnk
2016-01-14 13:37 - 2011-05-20 21:23 - 00001125 _____ C:\Users\Thomas Ratzke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trillian.lnk
2016-01-14 13:37 - 2011-05-20 21:23 - 00001095 _____ C:\Users\Thomas Ratzke\Desktop\Trillian.lnk
2016-01-14 13:37 - 2011-04-22 22:14 - 00001193 _____ C:\Users\Thomas Ratzke\Desktop\SDK Manager - Verknüpfung.lnk
2016-01-14 13:04 - 2014-09-10 18:35 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-01-14 10:48 - 2013-03-14 14:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-14 10:47 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-14 10:46 - 2015-12-12 11:17 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Local\ElevatedDiagnostics
2016-01-14 09:43 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-14 09:38 - 2013-02-13 11:56 - 00000000 ____D C:\Users\Thomas Ratzke\Desktop\Scans
2016-01-12 19:05 - 2011-04-20 21:08 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Local\Google
2016-01-12 19:02 - 2011-04-20 21:08 - 00000000 ____D C:\ProgramData\Google
2016-01-12 18:49 - 2011-04-22 10:40 - 00000000 ____D C:\Users\Thomas Ratzke\E-Mail
2016-01-10 19:41 - 2011-04-30 10:16 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Local\DVD Profiler
2016-01-08 09:12 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-01-08 09:11 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-01-08 09:10 - 2011-04-28 20:39 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-01-07 11:17 - 2011-05-09 18:01 - 00000000 ____D C:\Users\Melanie Ratzke\AppData\Local\Google
2016-01-04 11:34 - 2011-04-20 19:23 - 00000000 ____D C:\temp
2016-01-03 10:00 - 2011-11-18 20:54 - 00000000 ____D C:\ProgramData\DVD Shrink
2016-01-03 02:40 - 2015-10-30 08:26 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-01-03 02:40 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-29 07:53 - 2015-08-01 16:38 - 00000000 __RHD C:\Users\Public\AccountPictures
2015-12-29 07:53 - 2011-04-25 10:52 - 00000000 ___RD C:\Users\Thomas Ratzke\Virtual Machines
2015-12-28 22:57 - 2011-11-19 15:59 - 00000000 ____D C:\Users\Thomas Ratzke\Nero Images
2015-12-28 22:34 - 2011-11-19 15:28 - 00000000 ____D C:\Users\Thomas Ratzke\Documents\NeroVideo
2015-12-27 18:45 - 2015-03-05 19:25 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Roaming\AllDup
2015-12-27 10:11 - 2015-07-16 19:22 - 00000000 ____D C:\Program Files (x86)\GOG.com GalaxyClient
2015-12-27 02:31 - 2011-05-08 18:55 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1218043409-3151763047-2122344536-1001Core.job
2015-12-24 13:14 - 2011-11-19 15:28 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Roaming\Nero
2015-12-24 12:33 - 2015-12-12 02:53 - 00000000 ____D C:\Users\Thomas Ratzke
2015-12-23 21:48 - 2015-01-06 17:23 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Roaming\Sony
2015-12-23 15:30 - 2015-01-06 17:24 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Local\Sony
2015-12-23 15:29 - 2015-01-06 17:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-12-23 15:28 - 2015-01-06 17:13 - 00000000 ____D C:\ProgramData\Sony
2015-12-23 15:28 - 2011-04-24 17:16 - 00000000 ____D C:\Program Files (x86)\Sony
2015-12-23 13:14 - 2011-04-22 10:39 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Local\Windows Live
2015-12-23 12:11 - 2011-04-20 18:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2015-12-23 12:11 - 2011-04-20 18:33 - 00000000 ____D C:\Program Files (x86)\MAGIX
2015-12-23 12:10 - 2011-04-20 18:33 - 00000000 ____D C:\ProgramData\MAGIX
2015-12-23 12:07 - 2011-04-20 18:32 - 00000000 ____D C:\WINDOWS\SysWOW64\MAGIX
2015-12-23 12:06 - 2011-04-21 13:40 - 00000000 ____D C:\Program Files (x86)\NewBlue
2015-12-23 12:01 - 2014-07-26 14:03 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Local\Amazon Music
2015-12-23 11:30 - 2011-04-20 18:33 - 00000000 ____D C:\Users\Thomas Ratzke\Documents\MAGIX_Video_deluxe_15_Premium_Sonderedition
2015-12-23 08:43 - 2011-11-18 21:10 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-12-23 08:43 - 2011-05-20 18:15 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-12-22 19:21 - 2015-12-12 02:47 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-12-22 19:21 - 2015-03-24 20:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-12-22 09:20 - 2013-11-29 19:11 - 00000000 ____D C:\Program Files\PDFCreator
2015-12-22 09:17 - 2013-11-29 19:11 - 00120200 _____ (pdfforge GmbH) C:\WINDOWS\system32\pdfcmon.dll
2015-12-20 16:12 - 2014-05-16 06:12 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-18 22:18 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Provisioning
2015-12-18 22:18 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2015-12-18 09:48 - 2015-11-10 22:03 - 12426896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-12-17 09:18 - 2011-04-30 10:15 - 00000000 ____D C:\Users\Thomas Ratzke\Documents\DVD Profiler
2015-12-16 17:59 - 2015-11-10 22:03 - 19727624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-12-16 17:59 - 2015-11-10 22:03 - 14103608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-12-16 17:59 - 2015-11-10 22:03 - 03603368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-12-16 17:59 - 2015-11-10 22:03 - 03184152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-12-16 17:59 - 2015-11-10 22:03 - 00035775 _____ C:\WINDOWS\system32\nvinfo.pb
2015-12-16 16:35 - 2015-08-01 16:38 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Local\Packages
2015-12-16 16:21 - 2015-12-12 02:53 - 00000000 ____D C:\Users\Luke Ratzke
2015-12-16 16:21 - 2011-11-26 10:27 - 00000000 ___RD C:\Users\Luke Ratzke\Virtual Machines
2015-12-16 15:54 - 2015-12-12 02:47 - 06359672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-12-16 15:54 - 2015-12-12 02:47 - 02985264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-12-16 15:54 - 2015-12-12 02:47 - 02554488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-12-16 15:54 - 2015-12-12 02:47 - 01256240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-12-16 15:54 - 2015-12-12 02:47 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-12-16 15:54 - 2015-12-12 02:47 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-12-16 15:49 - 2015-12-12 02:47 - 06090019 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-12-16 11:21 - 2015-08-01 18:26 - 00000000 ____D C:\Users\Melanie Ratzke\AppData\Local\Packages
2015-12-16 11:00 - 2011-05-09 18:00 - 00000000 ___RD C:\Users\Melanie Ratzke\Virtual Machines
2015-12-16 10:59 - 2015-12-12 02:53 - 00000000 ____D C:\Users\Melanie Ratzke
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2011-04-22 22:18 - 2011-04-22 22:18 - 0000109 _____ () C:\Users\Thomas Ratzke\AppData\Roaming\edition.txt
2011-04-21 20:09 - 2014-09-20 15:37 - 0058368 _____ () C:\Users\Thomas Ratzke\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-06 17:13 - 2015-01-06 17:13 - 28488056 _____ (Sony Mobile Communications ) C:\Users\Thomas Ratzke\AppData\Local\pcc.exe
2012-09-06 18:39 - 2012-09-06 18:39 - 0000017 _____ () C:\Users\Thomas Ratzke\AppData\Local\resmon.resmoncfg
2011-12-28 17:45 - 2015-06-12 18:18 - 0000040 ___SH () C:\ProgramData\.zreglib
2010-12-17 23:44 - 2010-12-17 23:44 - 1914000 _____ (Adobe Systems Incorporated) C:\ProgramData\flashax10.exe
2014-11-09 09:18 - 2014-11-09 09:18 - 0000092 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\flashax10.exe
Einige Dateien in TEMP:
====================
C:\Users\Thomas Ratzke\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphpcobj.dll
C:\Users\Thomas Ratzke\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Thomas Ratzke\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Thomas Ratzke\AppData\Local\Temp\nvStInst.exe
C:\Users\Thomas Ratzke\AppData\Local\Temp\sqlite3.dll
C:\Users\Thomas Ratzke\AppData\Local\Temp\unwise.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-01-15 07:42
==================== Ende von FRST.txt ============================
|
|
15.01.2016, 09:18
| #7 |
| | Windows 10: seltsames Setup bei Systemstart ...gefolgt von Addition.txt Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:10-01-2015 01
durchgeführt von Thomas Ratzke (2016-01-15 09:14:49)
Gestartet von C:\Users\Thomas Ratzke\Downloads
Windows 10 Home (X64) (2015-12-12 02:38:40)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1218043409-3151763047-2122344536-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1218043409-3151763047-2122344536-503 - Limited - Disabled)
Gast (S-1-5-21-1218043409-3151763047-2122344536-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1218043409-3151763047-2122344536-1011 - Limited - Enabled)
Luke Ratzke (S-1-5-21-1218043409-3151763047-2122344536-1003 - Limited - Enabled) => C:\Users\Luke Ratzke
Melanie Ratzke (S-1-5-21-1218043409-3151763047-2122344536-1002 - Limited - Enabled) => C:\Users\Melanie Ratzke
Thomas Ratzke (S-1-5-21-1218043409-3151763047-2122344536-1001 - Administrator - Enabled) => C:\Users\Thomas Ratzke
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.180 - Adobe Systems Incorporated)
Age of Mythology: Extended Edition (HKLM-x32\...\Steam App 266840) (Version: - SkyBox Labs)
AllDup 3.4.24 (HKLM-x32\...\AllDup_is1) (Version: 3.4.24 - Michael Thummerer Software Design)
Amazon Music (HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\Amazon Amazon Music) (Version: 4.0.0.1205 - Amazon Services LLC)
Anno 2070 (HKLM-x32\...\Steam App 48240) (Version: - BlueByte)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Corel Painter Essentials 3 (HKLM-x32\...\_{0C180787-F8C8-42FD-A9D3-689BA44BEAAF}) (Version: - Corel Corporation)
Corel Painter Essentials 3 (x32 Version: 3.2 - Corel Corporation) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dawn of War - Dark Crusade (HKLM-x32\...\{FF39FC01-819B-42E4-AE49-1968AF12DDD4}) (Version: 1.00.0000 - THQ)
Dawn of War - Soulstorm (HKLM-x32\...\{20533183-D42D-4261-A125-956736FBEA8C}) (Version: 1.00.0000 - THQ)
Dawn of War - Soulstorm (x32 Version: 1.00.0000 - THQ) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
DIE SIEDLER - Aufstieg eines Königreichs (HKLM-x32\...\{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}) (Version: 1.00.0000 - Ubisoft)
Die Siedler 7 (HKLM-x32\...\{9C916142-C18C-429D-BFED-40094A7E0BEB}) (Version: 1.12.1396 - Ubisoft)
Dropbox (HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
Dungeon Keeper Gold (HKLM-x32\...\GOGPACKDUNGEONKEEPER_is1) (Version: 2.0.0.4 - GOG.com)
DVD Profiler Version 3.9.1 (HKLM-x32\...\InvelosDVDProfiler_is1) (Version: - )
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)
DVD Shrink 3.2 deutsch (DeCSS-frei) (HKLM-x32\...\DVD Shrink DE_is1) (Version: - DVD Shrink)
DVDFab 9.2.0.2 (10/06/2015) (HKLM-x32\...\DVDFab 9_is1) (Version: - Fengtao Software Inc.)
EA Download Manager (HKLM-x32\...\InstallShield_{EF7E931D-DC84-471B-8DB6-A83358095474}) (Version: 4.0.0.396 - Electronic Arts)
EA Download Manager (x32 Version: 4.0.0.396 - Electronic Arts) Hidden
Earthworm Jim (HKLM-x32\...\Steam App 38480) (Version: - Interplay Inc.)
EaseUS Partition Master 10.8 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
EaseUS Todo Backup Free 8.9 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 8.9 - CHENGDU YIWO Tech Development Co., Ltd)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON Stylus SX400 Series Printer Uninstall (HKLM\...\EPSON Stylus SX400 Series) (Version: - SEIKO EPSON Corporation)
Fallout 3 (HKLM-x32\...\Steam App 22300) (Version: - Bethesda Softworks)
FileZilla Client 3.14.1 (HKLM-x32\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG)
FormatFactory 3.8.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.8.0.0 - Free Time)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 3.0.4.9 - Genesys Logic)
Gigaset QuickSync (HKLM\...\{18e951f2-329a-4ed2-833b-d980960db29e}) (Version: 8.2.0865.2 - Gigaset Communications GmbH)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version: - Valve)
Half-Life 2: Episode One (HKLM-x32\...\Steam App 380) (Version: - Valve)
Half-Life 2: Episode Two (HKLM-x32\...\Steam App 420) (Version: - Valve)
Heroes of Might and Magic 5 (HKLM-x32\...\Steam App 15170) (Version: - Ubisoft)
Heroes of Might and Magic V: Hammers of Fate (HKLM-x32\...\Steam App 15380) (Version: - Ubisoft)
Homeworld Remastered Collection (HKLM-x32\...\Steam App 244160) (Version: - Gearbox Software)
iClone v4.2 EX (HKLM-x32\...\{7430B12A-3B67-4191-B0C5-59E57344CB1F}) (Version: 4.2.1718.1 - Reallusion Inc.)
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
Inhaltsmanager-Assistent für PlayStation(R) (HKLM-x32\...\{E6EB4571-5ADB-4557-8F95-0E0EF5D0F833}) (Version: 3.30.7824.86 - Sony Computer Entertainment Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 15.4 - Intel)
IPTInstaller (HKLM-x32\...\{6965F2F4-1CD2-4F42-A8EF-9EF433F9AA72}) (Version: 4.0.4 - HTC)
iSkysoft DRM Removal(Build 1.1.0.0) (HKLM-x32\...\iSkysoft DRM Removal_is1) (Version: - iSkysoft Software)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Java SE Development Kit 7 Update 65 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170650}) (Version: 1.7.0.650 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo Dynamic Brightness System (HKLM-x32\...\{D9ED6D06-6002-495E-A7BC-46E6AE386996}) (Version: 4.0.00.22080 - Lenovo)
Lenovo Eye Distance System (HKLM-x32\...\{5183D7AB-D09B-411F-A74E-BBAEA61C6505}) (Version: 4.0.00.21090 - Lenovo)
Lenovo Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3720 - CyberLink Corp.)
Lenovo Power2Go (x32 Version: 6.0.3720 - CyberLink Corp.) Hidden
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 3.0.1409 - CyberLink Corp.)
Lenovo Rescue System (Version: 3.0.1409 - CyberLink Corp.) Hidden
Lenovo Treiber- und Anwendungsinstallation (HKLM-x32\...\{45970CD1-D599-47D4-938F-3E9800D54ED1}) (Version: 5.10.1809 - Lenovo)
Lenovo USB2.0 UVC Camera (HKLM-x32\...\{70D2C5B8-EB22-45B1-9EAA-5E8C1C408A3B}) (Version: 1.00.0000 - Vimicro Corporation)
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
LXH-JME2207FN Hotkey Driver (HKLM-x32\...\{42B21298-C850-4272-AFD9-636CBC005421}) (Version: 5.1.0804 - Lenovo)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Manager (x32 Version: 4.0.1.25166 - 2015 pdfforge GmbH. All rights reserved) Hidden
Media Go (HKLM-x32\...\{65256C0D-3FE7-4D2E-BB3E-53F1175481C8}) (Version: 3.0.403 - Sony)
Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony)
Media Go Video Playback Engine 2.20.103.05220 (HKLM-x32\...\{17BC85C9-EA45-84A7-F4DB-C0D63BBE98DE}) (Version: 2.20.103.05220 - Sony)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Might & Magic Heroes VI - Game Official Demo (HKLM-x32\...\{A024B9E5-7702-4556-A7BF-A04BFF2DE5D8}) (Version: 1.0 - Ubisoft)
MobileMe Control Panel (HKLM\...\{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}) (Version: 3.1.8.0 - Apple Inc.)
Movie Studio Platinum 13.0 (64-bit) (HKLM\...\{2B593480-2BF0-11E5-9124-F04DA23A5C58}) (Version: 13.0.955 - Sony)
Mozilla Firefox 43.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.3 (x86 de)) (Version: 43.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.3 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Music Manager (HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\MusicManager) (Version: - Google, Inc.)
MyHarmony (HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\036a0e4fc6a247ec) (Version: 1.0.1.257 - Logitech)
Nero 11 (HKLM-x32\...\{810B7362-6B05-4714-AF6A-EF3A20CCD634}) (Version: 11.2.00600 - Nero AG)
Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 12.0.4000 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.1009 - Nero AG)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.43 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5983 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.8.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.8.1.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.43 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
PDF Architect 4 (HKLM-x32\...\PDF Architect 4) (Version: 4.0.34.26215 - pdfforge GmbH)
PDF Architect 4 Create Module (Version: 4.0.9.25450 - pdfforge GmbH) Hidden
PDF Architect 4 Edit Module (Version: 4.0.9.25450 - pdfforge GmbH) Hidden
PDF Architect 4 View Module (Version: 4.0.9.25450 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.2.2 - pdfforge)
PlayMemories Home (HKLM-x32\...\{0657DE52-8F5C-4073-B70C-ED4F3F7FA076}) (Version: 7.0.03.04240 - Sony Corporation)
Portal (HKLM-x32\...\Steam App 400) (Version: - Valve)
Prey (HKLM-x32\...\Steam App 3970) (Version: - Humanhead Studios)
proDAD Heroglyph 2.5 (HKLM-x32\...\proDAD-Heroglyph-2.5) (Version: 2.6.32 - proDAD GmbH)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6151 - Realtek Semiconductor Corp.)
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SHIELD Streaming (Version: 4.1.0250 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.8.1.21 - NVIDIA Corporation) Hidden
Sid Meier's Civilization IV (HKLM-x32\...\Steam App 3900) (Version: - Firaxis)
Sid Meier's Civilization IV: Beyond the Sword (HKLM-x32\...\Steam App 8800) (Version: - Firaxis)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Sony PC Companion 2.10.289 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.289 - Sony)
Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.14 - Splashtop Inc.)
Splashtop Streamer (HKLM-x32\...\InstallShield_{2EFEAD58-3311-4B2B-9D8A-8D663581D109}) (Version: 2.1.5.2 - Splashtop Inc.)
Splashtop Streamer (x32 Version: 2.1.5.2 - Splashtop Inc.) Hidden
Spotify (HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\Spotify) (Version: 1.0.3.101.gbfa97dfe - Spotify AB)
STAR WARS® - Empire At War™ Gold (HKLM-x32\...\1421404887_is1) (Version: 2.0.0.3 - GOG.com)
STAR WARS® - Knights of the Old Republic™ (HKLM-x32\...\1207666283_is1) (Version: 2.0.0.3 - GOG.com)
STAR WARS® Jedi Knight - Dark Forces 2 (HKLM-x32\...\1422286819_is1) (Version: 2.0.0.3 - GOG.com)
STAR WARS™ Jedi Knight™ II - Jedi Outcast™ (HKLM-x32\...\1428935917_is1) (Version: 2.0.0.3 - GOG.com)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steuer-Spar-Erklärung 2011 (HKLM-x32\...\{9F5FD796-86F0-4360-85F8-D54C0F5411EB}) (Version: 16.13 - Akademische Arbeitsgemeinschaft Verlag)
Steuer-Spar-Erklärung 2012 (HKLM-x32\...\{CCD2BAD2-0919-40CB-80CC-E9538B0E4C2E}) (Version: 17.11 - Wolters Kluwer Deutschland GmbH)
Steuer-Spar-Erklärung 2013 (HKLM-x32\...\{AEB61F7A-4BBA-4292-A096-7893E09034A4}) (Version: 18.09 - Wolters Kluwer Deutschland GmbH)
SteuerSparErklärung 2014 (HKLM-x32\...\{A463EB06-22A6-47F5-9593-E52B291EF13E}) (Version: 19.12.92 - Akademische Arbeitsgemeinschaft)
SUPER © v2014.build.62+Recorder (2014/09/21) Version v2014.buil (HKLM-x32\...\{8E2A18E2-96AF-8649-4DE7-5C06C90719A4}_is1) (Version: v2014.build.62+Recorder - eRightSoft)
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version: - )
The GodFather (HKLM-x32\...\The GodFather) (Version: - )
ThemeWallpaper (HKLM-x32\...\{F29CBF73-C211-4616-898A-379A2679F990}) (Version: 1.1.0.090804 - Lenovo)
Trillian (HKLM-x32\...\Trillian) (Version: - Cerulean Studios, LLC)
Turbo Lister 2 (HKLM-x32\...\{8927E07C-97F7-4A54-88FB-D976F50DD46E}) (Version: 2.00.0000 - eBay Inc.)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Ulead PhotoImpact X3 (HKLM-x32\...\InstallShield_{15803703-25FA-4C01-A062-3F4A59937E87}) (Version: 1.00.0000 - Corel)
Ulead PhotoImpact X3 (x32 Version: 1.00.0000 - Corel) Hidden
Vasco da Gama 4 HDPro (HKLM-x32\...\{05BBF12D-565E-4212-8BDD-C482C72866DD}) (Version: 4.00.0000 - MotionStudios)
VidCoder 1.5.31 (x64) (HKLM\...\VidCoder-x64_is1) (Version: 1.5.31 - RandomEngy)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Warner Bros. Digital Copy Manager (HKLM-x32\...\com.warnerbros.DigitalCopyManager.449F66ACC381FDC604DC2AA255FEECEEBBBEE1E5.1) (Version: 1.70 - Warner Bros. Entertainment Inc.)
Warner Bros. Digital Copy Manager (x32 Version: 1.70 - Warner Bros. Entertainment Inc.) Hidden
Welcome App (Start-up experience) (x32 Version: 11.0.23500.0.0 - Nero AG) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16432 - Microsoft Corporation)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
XML Notepad 2007 (HKLM-x32\...\{FC7BACF0-1FFA-4605-B3B4-A66AB382752D}) (Version: 2.3.0.0 - Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Thomas Ratzke\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Thomas Ratzke\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Thomas Ratzke\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {02E10510-A547-494A-9D5A-40B2FE4D0076} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {03CF3941-A5EB-4A5D-84DC-A42FC2982F9E} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2015-05-06] (Nero AG)
Task: {0CFE2E40-6A97-48C5-9F38-DE82315CF1B0} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {0F80665D-0433-4562-A64D-77D17AE6E51A} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {0FCE2E28-58DF-4E91-9668-C14AA2166817} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-14] (Microsoft Corporation)
Task: {18328E56-666F-4FBB-8645-6356DC741DBD} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {20107E34-CEFB-4B82-8608-91E485907AB4} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {25CCACC2-3738-4327-BF9F-AD68F03BAF40} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1218043409-3151763047-2122344536-1001UA => C:\Users\Thomas Ratzke\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-01-14] (Dropbox, Inc.)
Task: {26CA76CF-7DB1-4F12-88D9-F297C6CB0597} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {280C1E7E-5CB6-4DC7-A61C-4ADEE397CA6E} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {2A880E2A-4823-4B1A-95CC-8A37511BB490} - System32\Tasks\Format Factory => C:\Users\Thomas Ratzke\AppData\Local\Temp\is-1C0LD.tmp\prsetup.exe [2015-10-24] (Free Time ) <==== ACHTUNG
Task: {323601EE-CC47-43D2-9D0E-829756D92381} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {38CFA671-3EBE-45FE-BF10-941FC8258D63} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {3D5737C5-EFDD-47D1-8E65-CE48B02C569D} - System32\Tasks\{86A63F94-FD74-4B2C-AD21-C5082463B96D} => pcalua.exe -a "C:\Users\Thomas Ratzke\Downloads\JavaSetup8u40.exe" -d "C:\Users\Thomas Ratzke\Downloads"
Task: {3E4F7CBB-12A9-4FB6-846C-E4650759363A} - System32\Tasks\{CE52BE5C-8F2F-41B9-9383-F051D5E4B7AB} => pcalua.exe -a "C:\Users\Thomas Ratzke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZS6UT17X\JavaSetup8u40.exe" -d "C:\Users\Thomas Ratzke\Desktop"
Task: {3EEA0947-99CC-4D10-8CBE-E929E3FDC5EB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {3F9213D2-BF62-4A8B-92E1-5195E3234256} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {406F4A92-9EB1-4111-83F2-1C8513F341C0} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Task: {493274B7-99AC-4978-9438-2013DFAAA3F3} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {4CFC482A-7F3F-4574-AC61-DA999D34E63C} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {5010C001-5D4F-44B3-A250-CE27A03DE36E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {54D4B834-8C90-41DB-9FE6-96272BBCC4AD} - System32\Tasks\{335F9BA8-081E-4E9F-AA0C-FA29983082B1} => pcalua.exe -a G:\Safe\Nero\Nero7_chm_deu.exe
Task: {630AEEDF-CD30-43BB-8A6B-FCDBAD67C73D} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {6843F01E-E280-43C8-A99C-754C2C7F83F6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1218043409-3151763047-2122344536-1001UA => C:\Users\Thomas Ratzke\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {6A6CA0A2-0A16-4AC1-B7F2-8B83130A24D5} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
Task: {6AD6CFFE-0357-4A36-A259-DD9125A57965} - System32\Tasks\{173A6382-5B3C-46CB-993C-B3C4A64480BB} => pcalua.exe -a D:\SETUP.EXE -d D:\
Task: {723638DC-4A6A-4EB4-9328-C6E5591847C4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {731AED53-0655-439F-BAA6-0ED7E5585FFE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {746835B7-8675-416C-87E7-EB68234BDDBF} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {74714ED8-09FC-4484-A0F8-C1B90F945099} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {79474E7A-89A9-42B8-B1D6-DFA58DCC2DF6} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {7E91FD94-C7DE-42FD-9892-259B96CFE314} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {8795F85C-B330-4CF1-949F-A981D06AA86D} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {87E999FF-1C14-4ACB-AA62-7EF4C8DD5904} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {8BB21638-D722-4970-8494-4512DFBBEFA3} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {932FF5D1-5E38-4DE0-A951-F2A2152ACD03} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {9683E79B-EA41-4ADF-95BC-4DF39B7E698C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {9BDA3F8F-EB93-4067-B2F6-D50065A37800} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated)
Task: {9BF1CCD1-4116-429E-860F-AA055C334D1B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {9E0934C7-C5E5-4DF5-8367-AECA77B84A22} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1218043409-3151763047-2122344536-1001Core => C:\Users\Thomas Ratzke\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-01-14] (Dropbox, Inc.)
Task: {A0BCA1B8-C642-40A5-B23F-855725EFFC4F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {A5F483D0-280E-4A7F-B7DF-8E871982D929} - System32\Tasks\{AC642351-857E-4F5E-97A5-B91274266F7E} => pcalua.exe -a "C:\Users\Thomas Ratzke\Downloads\jre-8u40-windows-i586.exe" -d "C:\Users\Thomas Ratzke\Desktop"
Task: {A8892BD7-84EA-4896-90A6-CC23E4018A0B} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {A918B0E8-CEFC-4A4F-8B09-29BA61F5F416} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {AC3FC41D-F3DE-472F-8759-748CFBD507B4} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {ACC81702-DF3D-4CB5-BA50-01FC0F20F285} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {B1EF88D3-3686-4EEC-AF3C-25195A94679E} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {B7B600EB-1AE8-4443-8193-C01DCE5D7262} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {CCB8EFB8-C3E9-428F-98FF-D1A152A2689C} - System32\Tasks\{5711C5F7-3642-4CFD-80F9-9937DDC340FB} => pcalua.exe -a D:\Autoplay.exe -d D:\
Task: {CFDBA500-6D37-42ED-9EB9-674E3E89C2DB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {D33F7650-CAAF-431D-B1B4-2B53D627678A} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {D55D07A2-C7B9-4BF7-BF47-E5DC83277E7E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1218043409-3151763047-2122344536-1001Core => C:\Users\Thomas Ratzke\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {DF46AA32-5F1A-4C17-99AC-752F79708431} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {E329831B-1977-4A22-9F64-F55FA5CAB376} - System32\Tasks\{8C644042-7F3C-48C7-8C93-DCF4A28A5BA2} => pcalua.exe -a D:\fscommand\setup_deutsch.exe -d D:\fscommand
Task: {E40949CB-1B0A-4C07-962D-527AC097DA97} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {E540FF01-0797-47DD-9E13-8FEBF41528C7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {EF55379A-60E7-42BF-9DD1-D0B73264760E} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: {F1CF4C03-ECC0-40FE-B08F-0F5FFDFF5952} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1218043409-3151763047-2122344536-1001Core.job => C:\Users\Thomas Ratzke\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1218043409-3151763047-2122344536-1001UA.job => C:\Users\Thomas Ratzke\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1218043409-3151763047-2122344536-1001Core.job => C:\Users\Thomas Ratzke\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1218043409-3151763047-2122344536-1001UA.job => C:\Users\Thomas Ratzke\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-12-20 16:12 - 2015-12-09 02:52 - 00217720 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2015-12-12 02:31 - 2015-12-12 02:31 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-17 16:36 - 2015-12-17 16:36 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-12 02:31 - 2015-12-12 02:31 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-01-14 09:41 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-18 15:58 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-18 15:58 - 2015-12-07 05:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-14 09:41 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-14 09:41 - 2016-01-05 02:24 - 00936960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-01-14 09:41 - 2016-01-05 02:24 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-14 09:41 - 2016-01-05 02:26 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-12-13 10:24 - 2015-11-03 13:18 - 00249384 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
2015-12-13 10:24 - 2015-09-21 18:00 - 00080936 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll
2015-12-13 10:24 - 2014-12-15 00:53 - 00017448 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CompressFile.dll
2015-12-13 10:24 - 2014-12-15 00:53 - 00088616 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll
2015-12-13 10:24 - 2014-12-15 00:53 - 01296424 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll
2015-12-13 10:24 - 2014-12-15 00:53 - 00060968 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll
2015-12-13 10:24 - 2015-11-03 03:45 - 00022568 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CmcTbProxy.dll
2015-12-13 10:24 - 2015-11-03 03:45 - 00186408 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCPipeCenter.dll
2015-12-13 10:24 - 2015-11-03 03:45 - 00165416 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCAdapt.dll
2015-12-13 10:24 - 2015-11-03 03:45 - 00058408 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBInfo.dll
2015-12-13 10:24 - 2015-11-03 03:45 - 00015912 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCNetTokenProxy.dll
2015-12-13 10:24 - 2015-06-22 17:58 - 00108072 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll
2015-12-13 10:24 - 2014-12-15 00:53 - 00077864 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\logsys.dll
2015-12-13 10:24 - 2015-09-23 17:58 - 00030760 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DiskSearchImg.dll
2015-12-13 10:24 - 2015-09-23 17:58 - 00068136 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\MountImg.dll
2015-12-13 10:24 - 2014-12-14 17:53 - 00158248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ImgFile.dll
2015-12-13 10:24 - 2015-03-14 04:54 - 00281128 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DsImgFile.dll
2015-12-13 10:24 - 2015-09-23 17:58 - 00072232 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckImg.dll
2015-12-13 10:24 - 2015-09-23 17:58 - 00139816 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\vhdvmdk.dll
2015-12-13 10:24 - 2015-06-22 17:58 - 00037416 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\BootDriver.dll
2015-12-13 10:24 - 2015-11-02 23:03 - 00769064 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll
2015-12-13 10:24 - 2014-12-15 00:53 - 00193064 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBackupSize.dll
2015-12-13 10:24 - 2014-12-15 00:53 - 00407080 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidImage.dll
2015-12-13 10:24 - 2015-06-22 17:58 - 00148008 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumDisk.dll
2015-12-13 10:24 - 2014-12-15 00:53 - 00076840 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FatLib.dll
2015-12-13 10:24 - 2014-12-15 00:53 - 00207912 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSLib.dll
2015-12-13 10:24 - 2015-11-03 13:18 - 00111656 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileStorage.dll
2015-12-13 10:24 - 2015-11-02 23:03 - 00169512 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudInterface.dll
2015-12-13 10:24 - 2015-11-10 11:07 - 00501800 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\StorageMgr.dll
2015-12-13 10:24 - 2015-06-22 17:58 - 00024616 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\GetDriverInfo.dll
2015-12-13 10:24 - 2014-12-15 00:53 - 00020520 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CorrectMbr.dll
2015-12-13 10:24 - 2014-12-15 00:53 - 00032296 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll
2015-12-13 10:24 - 2014-12-15 00:53 - 00034856 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll
2015-12-13 10:24 - 2014-12-15 00:53 - 00064040 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\RegLib.dll
2015-12-13 10:24 - 2015-08-01 08:10 - 00025128 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AccountManager.dll
2015-12-13 10:24 - 2014-12-15 00:53 - 00115752 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NasOperator.dll
2015-12-13 10:24 - 2015-09-23 17:58 - 00201768 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBrowser.dll
2015-12-13 10:24 - 2014-12-15 00:53 - 00077864 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudOperator.dll
2015-12-13 10:24 - 2014-12-15 00:53 - 00037928 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActiveOnline.dll
2015-12-13 10:24 - 2015-06-22 17:58 - 00136232 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\VMConfig.dll
2015-12-13 10:24 - 2014-12-15 00:53 - 00020008 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidDeviceManager.dll
2015-12-13 10:24 - 2014-12-15 00:53 - 00043048 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbDataSwap.dll
2015-12-13 10:24 - 2014-12-15 00:53 - 00353832 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceManager.dll
2015-12-13 10:24 - 2014-12-15 00:53 - 00027176 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceAdapter.dll
2015-12-13 10:24 - 2015-09-23 17:58 - 00138792 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Device.dll
2015-12-13 10:24 - 2015-09-23 17:58 - 00146984 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Partition.dll
2015-12-13 10:24 - 2014-12-15 00:53 - 00050216 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileSystemAnalyser.dll
2015-12-13 10:24 - 2014-12-15 00:53 - 00061992 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FATFileSystemAnalyser.dll
2015-12-13 10:24 - 2014-12-15 00:53 - 00089640 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Common.dll
2015-12-13 10:24 - 2014-12-15 00:53 - 00056360 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSFileSystemAnalyser.dll
2015-12-17 16:36 - 2015-12-17 16:36 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2015-12-17 16:36 - 2015-12-17 16:36 - 21845504 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-12-13 10:24 - 2014-12-15 00:53 - 00223784 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\SmartBackup.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\123simsen.com -> www.123simsen.com
Da befinden sich 7867 mehr Seiten.
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2015-11-21 12:23 - 00450892 ___RA C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
Da befinden sich 15464 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Thomas Ratzke\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\transcodedwallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: CEEBC40A-FDED-4C59-B354-939132350B01 => 2
MSCONFIG\Services: EPSON_EB_RPCV4_01 => 2
MSCONFIG\Services: EPSON_PM_RPCV4_01 => 2
MSCONFIG\Services: FirebirdServerMAGIXInstance => 3
MSCONFIG\Services: FoxitCloudUpdateService => 2
MSCONFIG\Services: GalaxyClientService => 3
MSCONFIG\Services: GalaxyCommunication => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LenovoCOMSvc => 2
MSCONFIG\Services: LitModeCtrl => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\Services: PassThru Service => 2
MSCONFIG\Services: PDF Architect Helper Service => 2
MSCONFIG\Services: PDF Architect Service => 2
MSCONFIG\Services: PMBDeviceInfoProvider => 2
MSCONFIG\Services: ProtexisLicensing => 2
MSCONFIG\Services: SBSDWSCService => 2
MSCONFIG\Services: Sony PC Companion => 3
MSCONFIG\Services: SSUService => 2
MSCONFIG\Services: StarWindServiceAE => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: WSWNA3100 => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Inhaltsmanager-Assistent für PlayStation(R).lnk => C:\windows\pss\Inhaltsmanager-Assistent für PlayStation(R).lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NETGEAR WNA3100 Setup-Assistent.lnk => C:\windows\pss\NETGEAR WNA3100 Setup-Assistent.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SRServer.exe.lnk => C:\windows\pss\SRServer.exe.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Thomas Ratzke^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Thomas Ratzke^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk => C:\windows\pss\MyPC Backup.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Thomas Ratzke^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Thomas Ratzke^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Picture Motion Browser Medien-Prüfung.lnk => C:\windows\pss\Picture Motion Browser Medien-Prüfung.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Thomas Ratzke^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Trillian.lnk => C:\windows\pss\Trillian.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AlcoholAutomount => "C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" -automount
MSCONFIG\startupreg: Amazon Cloud Player => "C:\Users\Thomas Ratzke\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe"
MSCONFIG\startupreg: Amazon Music => "C:\Users\Thomas Ratzke\AppData\Local\Amazon Music\Amazon Music Helper.exe"
MSCONFIG\startupreg: AmazonMP3DownloaderHelper => C:\Users\Thomas Ratzke\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
MSCONFIG\startupreg: AnyDVD => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
MSCONFIG\startupreg: ApnUpdater => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
MSCONFIG\startupreg: AppleSyncNotifier => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Browser Infrastructure Helper => C:\Users\Thomas Ratzke\AppData\Local\Smartbar\Application\Linkury.exe startup
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: Corel File Shell Monitor => C:\Program Files (x86)\Corel\Corel MediaOne\CorelIOMonitor.exe
MSCONFIG\startupreg: Corel Photo Downloader => "C:\Program Files (x86)\Corel\Corel MediaOne\Corel Photo Downloader.exe" -startup
MSCONFIG\startupreg: dcmsvc => C:\Program Files (x86)\dcmsvc\dcmsvc.exe
MSCONFIG\startupreg: EA Core => C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent
MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files (x86)\Partition Master 9.2.1 Home Edition\bin\EpmNews.exe
MSCONFIG\startupreg: GalaxyClient => C:\Program Files (x86)\GOG.com GalaxyClient\GalaxyClient.exe /launchViaAutoStart
MSCONFIG\startupreg: Garmin Lifetime Updater => C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe /StartMinimized
MSCONFIG\startupreg: Google Update => "C:\Users\Thomas Ratzke\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GoogleChromeAutoLaunch_42BCF34DF888FA5E24C109D3BA6D368A => "C:\Users\Thomas Ratzke\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: HTC Sync Loader => "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: jmekey => C:\Program Files (x86)\jmesoft\hotkey.exe
MSCONFIG\startupreg: KeePass 2 PreLoad => "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
MSCONFIG\startupreg: Lenovo Dynamic Brightness System => C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe 1
MSCONFIG\startupreg: Lenovo Eye Distance System => C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe 1
MSCONFIG\startupreg: mbot_de_60 => "C:\Program Files (x86)\mbot_de_60\mbot_de_60.exe"
MSCONFIG\startupreg: Microsoft Default Manager => "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
MSCONFIG\startupreg: MobileDocuments => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
MSCONFIG\startupreg: ModeSwitch => "C:\Program Files\Lenovo\Power Dial\LitModeSwitch.exe" /AutoRun
MSCONFIG\startupreg: MusicManager => "C:\Users\Thomas Ratzke\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"
MSCONFIG\startupreg: My Movies Tray => "C:\Program Files (x86)\My Movies for Windows Media Center\My Movies Tray.exe"
MSCONFIG\startupreg: NBAgent => "C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: PMBVolumeWatcher => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SearchSettings => "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
MSCONFIG\startupreg: ShadowPlay => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Thomas Ratzke\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Games\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TrayServer => C:\PROGRA~2\MAGIX\VIDEO_~2\TRAYSE~1.EXE
MSCONFIG\startupreg: Ulead AutoDetector v2 => C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe
MSCONFIG\startupreg: UMonit => C:\windows\SysWOW64\UMonit.exe
MSCONFIG\startupreg: Unattend0000000001{BFA3D12B-66DD-4617-923A-E864BC7D20B5} => C:\Windows\test.bat
MSCONFIG\startupreg: UpdateP2GoShortCut => "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
MSCONFIG\startupreg: UpdatePRCShortCut => "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\StartupApproved\Run: => "Amazon Music"
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\StartupApproved\Run: => "EPSON Stylus SX400 Series"
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\StartupApproved\Run: => "MusicManager"
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\StartupApproved\Run: => "Uninstall C:\Users\Thomas Ratzke\AppData\Local\Microsoft\OneDrive\17.3.5892.0626"
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\StartupApproved\Run: => "Uninstall C:\Users\Thomas Ratzke\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\StartupApproved\Run: => "Uninstall C:\Users\Thomas Ratzke\AppData\Local\Microsoft\OneDrive\17.3.5907.0716"
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\StartupApproved\Run: => "Uninstall C:\Users\Thomas Ratzke\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\StartupApproved\Run: => "Uninstall C:\Users\Thomas Ratzke\AppData\Local\Microsoft\OneDrive\17.3.5930.0814"
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\StartupApproved\Run: => "Uninstall C:\Users\Thomas Ratzke\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\StartupApproved\Run: => "Uninstall C:\Users\Thomas Ratzke\AppData\Local\Microsoft\OneDrive\17.3.5951.0827"
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\StartupApproved\Run: => "Uninstall C:\Users\Thomas Ratzke\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [UDP Query User{3A1156B0-05ED-4D16-878F-72E97EA6B181}C:\users\thomas ratzke\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\thomas ratzke\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{7A918BB9-D97E-43D1-BB49-5303D277B4E3}C:\users\thomas ratzke\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\thomas ratzke\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{B23A1530-7A9C-4C50-A309-68FA4F996826}C:\program files (x86)\sony\media go\mediago.exe] => (Allow) C:\program files (x86)\sony\media go\mediago.exe
FirewallRules: [TCP Query User{6559B205-D387-4EA1-9965-6A2A904A7730}C:\program files (x86)\sony\media go\mediago.exe] => (Allow) C:\program files (x86)\sony\media go\mediago.exe
FirewallRules: [UDP Query User{E722F823-91F5-4C14-8A9E-CD5547968ED3}C:\program files (x86)\sony\media go\mediago.exe] => (Allow) C:\program files (x86)\sony\media go\mediago.exe
FirewallRules: [TCP Query User{B48A24F6-CD65-4EFC-BCCF-B65F8ACB8985}C:\program files (x86)\sony\media go\mediago.exe] => (Allow) C:\program files (x86)\sony\media go\mediago.exe
FirewallRules: [UDP Query User{4924AD17-553D-418E-BB8A-EFFA9F974203}C:\games\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) C:\games\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [TCP Query User{BF9BF998-66AD-4ADC-98D7-9CDBA07B59C3}C:\games\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) C:\games\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [UDP Query User{A376ED6D-950B-4522-9675-68B928F811F1}C:\games\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) C:\games\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [TCP Query User{45C80DB8-7D73-40C4-BB2F-7A234063BED6}C:\games\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) C:\games\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [{F643FD75-0E7E-412B-9BBE-893DCAB887B5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E32EFC61-30B7-4ABE-89C2-40681D312238}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8A043B09-67C8-4248-A65D-DAA2114EBCF8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{675D2958-C39F-44A2-A24E-18226BCBB24C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9E153424-0357-4706-911D-CF07E00A1EE1}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{57E800FA-86E7-4605-8751-A2125441C64B}] => (Allow) LPort=2869
FirewallRules: [{A6A7ADE5-F7BE-4024-8CA7-102563C4EE01}] => (Allow) LPort=1900
FirewallRules: [{4E8FB5DE-0169-4987-9EAE-F582C05D3D09}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{5B549BE3-1F72-4730-847B-A4AF437097BD}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{69A23F59-E423-466C-BDF0-2350EA1D8F4F}] => (Allow) C:\Games\StarCraft II\StarCraft II.exe
FirewallRules: [{D2BF4104-F7FB-4EB3-A8E0-5DF4A26E8F31}] => (Allow) C:\Games\StarCraft II\StarCraft II.exe
FirewallRules: [{15FCCBD7-D3DD-4136-84C6-7E204B189FF9}] => (Allow) C:\Games\DIE SIEDLER - Aufstieg eines Königreichs\base\bin\Settlers6.exe
FirewallRules: [{4F713BF0-3C87-4C7A-B6FE-CFCC2EFC9630}] => (Allow) C:\Games\DIE SIEDLER - Aufstieg eines Königreichs\base\bin\Settlers6.exe
FirewallRules: [{D8C4F190-2EA0-445A-99F3-770938063C79}] => (Allow) C:\Games\Die Siedler 7\Data\Base\_Dbg\Bin\Release\Settlers7R.exe
FirewallRules: [{07100F48-97F8-4AFE-8961-125A1907F63E}] => (Allow) C:\Games\Die Siedler 7\Data\Base\_Dbg\Bin\Release\Settlers7R.exe
FirewallRules: [TCP Query User{04C99A30-3EC8-4A60-B142-96C8F789BFA9}C:\program files (x86)\dvd profiler\dvdpro.exe] => (Allow) C:\program files (x86)\dvd profiler\dvdpro.exe
FirewallRules: [UDP Query User{295908BA-E88E-42B5-AD62-AACE4CE186FB}C:\program files (x86)\dvd profiler\dvdpro.exe] => (Allow) C:\program files (x86)\dvd profiler\dvdpro.exe
FirewallRules: [{A311FADA-47BA-4F7A-A743-276481BA68F4}] => (Allow) C:\Program Files (x86)\Ubisoft\Might & Magic Heroes VI - Game Official Demo\Might & Magic Heroes VI.exe
FirewallRules: [{82435B1B-FC97-4A2A-9C68-2DAE8662DE88}] => (Allow) C:\Program Files (x86)\Ubisoft\Might & Magic Heroes VI - Game Official Demo\Might & Magic Heroes VI.exe
FirewallRules: [TCP Query User{11E78D1F-E698-4D88-A7BC-0C613AE68CD0}C:\program files (x86)\trillian\plugins\skypekit.exe] => (Allow) C:\program files (x86)\trillian\plugins\skypekit.exe
FirewallRules: [UDP Query User{FE51D907-EAE6-4FD6-A100-C771BDA16E72}C:\program files (x86)\trillian\plugins\skypekit.exe] => (Allow) C:\program files (x86)\trillian\plugins\skypekit.exe
FirewallRules: [TCP Query User{4B253899-6F83-42AD-8713-9EBE4B22538E}C:\program files (x86)\trillian\plugins\skypekit.exe] => (Allow) C:\program files (x86)\trillian\plugins\skypekit.exe
FirewallRules: [UDP Query User{43A8D277-A809-4E14-ADA5-F10CF12594A6}C:\program files (x86)\trillian\plugins\skypekit.exe] => (Allow) C:\program files (x86)\trillian\plugins\skypekit.exe
FirewallRules: [TCP Query User{F06636C9-EE51-44DA-93FF-027BEB4402F0}C:\program files (x86)\sony\content manager assistant\cma.exe] => (Allow) C:\program files (x86)\sony\content manager assistant\cma.exe
FirewallRules: [UDP Query User{5A7CA666-2E63-4B19-B592-42B661D483E2}C:\program files (x86)\sony\content manager assistant\cma.exe] => (Allow) C:\program files (x86)\sony\content manager assistant\cma.exe
FirewallRules: [TCP Query User{27DA271B-B6B7-4CF2-AB57-59ED06F54FC2}C:\program files (x86)\splashtop\splashtop remote\server\srfeature.exe] => (Allow) C:\program files (x86)\splashtop\splashtop remote\server\srfeature.exe
FirewallRules: [UDP Query User{877BD684-A827-4BE8-91AE-11130C96EE8D}C:\program files (x86)\splashtop\splashtop remote\server\srfeature.exe] => (Allow) C:\program files (x86)\splashtop\splashtop remote\server\srfeature.exe
FirewallRules: [TCP Query User{060982E9-F103-4DD4-A864-7CF051AEFC74}C:\program files (x86)\sony\content manager assistant\cma.exe] => (Allow) C:\program files (x86)\sony\content manager assistant\cma.exe
FirewallRules: [UDP Query User{32CCDA8E-B42E-46A3-B8CE-DEBCFC317A38}C:\program files (x86)\sony\content manager assistant\cma.exe] => (Allow) C:\program files (x86)\sony\content manager assistant\cma.exe
FirewallRules: [{52EFC8AC-89CD-4CB3-8E2A-DA0E89B29B7A}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
FirewallRules: [{00EF4A28-6F85-4F9C-861D-BBBE87F9AF3D}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
FirewallRules: [{295C08F3-BEE8-4680-99CD-EBD1C9B1E42A}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\DataProxy.exe
FirewallRules: [TCP Query User{F0D9FFC3-FCC3-42FE-B14D-4D24BDD51129}C:\program files (x86)\dvd profiler\dvdpro.exe] => (Allow) C:\program files (x86)\dvd profiler\dvdpro.exe
FirewallRules: [UDP Query User{138629BB-2AD8-4CA7-AC43-5CF82C1C2409}C:\program files (x86)\dvd profiler\dvdpro.exe] => (Allow) C:\program files (x86)\dvd profiler\dvdpro.exe
FirewallRules: [{1F918310-7456-4DF1-BAB3-ABB8EA967E26}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{6B6C4CD4-DD5C-4A33-A7E6-57D5CAE2DDB3}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{4E03838A-3704-43EA-888F-F91947FD7463}C:\games\dawn of war - dark crusade\darkcrusade.exe] => (Allow) C:\games\dawn of war - dark crusade\darkcrusade.exe
FirewallRules: [UDP Query User{D2B74BFD-B2CA-4A94-A0F3-233A1493A9B8}C:\games\dawn of war - dark crusade\darkcrusade.exe] => (Allow) C:\games\dawn of war - dark crusade\darkcrusade.exe
FirewallRules: [TCP Query User{BDE3F4CF-0D2D-4B02-B49D-79433CF7EEE9}C:\games\dawn of war - soulstorm\soulstorm.exe] => (Allow) C:\games\dawn of war - soulstorm\soulstorm.exe
FirewallRules: [UDP Query User{A42430BD-51B9-4C1A-AB7D-6C5F95D68E69}C:\games\dawn of war - soulstorm\soulstorm.exe] => (Allow) C:\games\dawn of war - soulstorm\soulstorm.exe
FirewallRules: [TCP Query User{70F86723-C140-40FC-A1CA-3D82905C1D22}C:\program files (x86)\kuffs software\kps\kps.exe] => (Allow) C:\program files (x86)\kuffs software\kps\kps.exe
FirewallRules: [UDP Query User{B113A33E-07A5-4C12-8C8A-80EBD35B8DAD}C:\program files (x86)\kuffs software\kps\kps.exe] => (Allow) C:\program files (x86)\kuffs software\kps\kps.exe
FirewallRules: [{F8340B8B-EF04-4CD5-ACFB-4DAA20F708EC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C2C8D6B7-1EB9-4BCD-B9D5-D5F74630D4DF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{7707C0B7-13CD-440B-A3D6-7F70ED03697B}] => (Allow) C:\Games\Steam\Steam.exe
FirewallRules: [{1A60C235-2D41-4220-8A64-DE6B3CB86EE3}] => (Allow) C:\Games\Steam\Steam.exe
FirewallRules: [{840394ED-3BF3-43A6-8009-22CEC20F9138}] => (Allow) C:\Games\Steam\SteamApps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{E07C26F2-9645-4D6C-A94A-5FB5C7FE8752}] => (Allow) C:\Games\Steam\SteamApps\common\Duke Nukem 3D\bin\duke3d.exe
FirewallRules: [{7C287818-05E7-451D-A163-71DA9259791C}] => (Allow) C:\Games\Steam\SteamApps\common\Duke Nukem 3D\bin\dosbox\dosbox.exe
FirewallRules: [{517CAC9A-9D0A-4673-B438-D5F769FF8BDC}] => (Allow) C:\Games\Steam\SteamApps\common\Duke Nukem 3D\bin\dosbox\dosbox.exe
FirewallRules: [{45A2F578-CDB9-49A7-A94E-A15349B71677}] => (Allow) C:\Games\Steam\SteamApps\common\Duke Nukem 3D\bin\build.exe
FirewallRules: [{667BDA52-EDF8-4A8B-86D5-EA5577A4BE7B}] => (Allow) C:\Games\Steam\SteamApps\common\Duke Nukem 3D\bin\build.exe
FirewallRules: [{951713AF-7FE8-4539-B913-1C3EA73F2896}] => (Allow) C:\Games\Steam\SteamApps\common\prey\prey.exe
FirewallRules: [{4BD4E341-9631-4DBE-8E69-088017501F89}] => (Allow) C:\Games\Steam\SteamApps\common\prey\prey.exe
FirewallRules: [{75AF6457-4FBB-405A-923F-232E7D168C12}] => (Allow) C:\Games\Steam\SteamApps\common\Homeworld\HWLauncher\Launcher.exe
FirewallRules: [{95E871EB-0947-41D4-B1AE-5F847E8554D4}] => (Allow) C:\Games\Steam\SteamApps\common\Homeworld\HWLauncher\Launcher.exe
FirewallRules: [{C705FF64-BEFB-430D-83AB-96EBCE3ACA69}] => (Allow) C:\Games\Steam\SteamApps\common\Age of Mythology\Launcher.exe
FirewallRules: [{2702D9C8-EE86-4EA3-886E-33CB7901579E}] => (Allow) C:\Games\Steam\SteamApps\common\Age of Mythology\Launcher.exe
FirewallRules: [{D665FACA-A466-446F-86FF-605E8A4EF592}] => (Allow) C:\Games\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{C64697F9-A477-4BA0-ACA4-1864E872F22C}] => (Allow) C:\Games\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{B17FEE93-7974-4B5F-85C6-62D98EE16645}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{3CC50FEE-F114-463C-95F1-8DD957FC02D6}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{AAABA71E-0106-4A0D-88CA-5FC1A24D0CF2}] => (Allow) C:\Games\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{BA2456C3-1B6E-4C00-888D-194D56763A42}] => (Allow) C:\Games\Steam\SteamApps\common\Anno 2070\Anno5.exe
FirewallRules: [{E72F42EC-4D5E-466D-BBF9-8D26EFAD3675}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{ACC2A916-BAEB-455D-9AD6-E9C19B098342}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{33929DC2-1F43-4ABC-8914-1DC001385D48}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{1D789DE4-B6FC-48F0-B6E1-7678024946F3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{818C4A5C-1ABE-4F9E-8E7B-79ED4E61205D}] => (Allow) C:\Games\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{D0B9316E-EA42-497E-BFE6-E6C6A30A16E2}] => (Allow) C:\Games\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{21CC47CB-54D6-42FC-A8E1-9D0F1AA5DEE9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{4EE678C5-B977-47A9-BA8C-71488AE9C778}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3C6B7EE3-525C-491B-8DAC-94A55405EC1D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{1D2BA8DD-4E32-4D90-8DC7-3306F53925E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CF05F847-DE9A-4D41-8960-E4D1C54557A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{96B68E34-1841-42E3-83D9-4491A41EAE44}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{41561100-0144-41BA-A679-6181E4627F32}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{E697DA5A-A3BC-4679-B0D8-CF85AEEC669F}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{2EB5466B-689C-46DD-8AA6-CB511B5AFE25}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{7EDFA8D2-16AE-4902-BAE8-0C8DE3E540F5}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{96756778-CF8F-4012-932F-117091513BF6}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{C21ED57A-D7FF-4491-A105-2862C25E2C88}] => (Allow) C:\Games\Steam\bin\steamwebhelper.exe
FirewallRules: [{12E5CD79-3B73-4EAA-917E-2B7E5EEADC41}] => (Allow) C:\Games\Steam\bin\steamwebhelper.exe
FirewallRules: [{F2CC8125-2F2A-41ED-80AB-21FFBE05B6C5}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{BA959C4F-D6B3-4137-B6A0-B5566DB831DD}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{BEBA6E23-8D98-4292-8F19-F6A132F2335C}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{E617B5C7-28AD-4477-987C-DFAFA5BB9C48}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{FCD652D3-CBF6-49FB-81CE-EC4182657BDA}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{629DFFEB-0D78-4D9E-99A0-A16F797CBB9B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3CD68F0A-2EFC-409A-AEEF-E09778E94D1A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{5F592455-67BD-40A9-AA23-FE684938C851}C:\users\thomas ratzke\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\thomas ratzke\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{8806C541-BEE9-4CD9-9013-48612083B901}C:\users\thomas ratzke\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\thomas ratzke\appdata\roaming\dropbox\bin\dropbox.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\DVD Profiler\dvdpro.exe] => Enabled:DVD Profiler
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
==================== Wiederherstellungspunkte =========================
25-12-2015 16:41:52 Revo Uninstaller's restore point - DailyPCClean v4.1
03-01-2016 09:44:34 Windows Update
06-01-2016 10:53:42 Windows Update
08-01-2016 09:33:54 JRT Pre-Junkware Removal
12-01-2016 18:55:01 Revo Uninstaller's restore point - Lightworks
14-01-2016 16:52:34 Revo Uninstaller's restore point - Avast Free Antivirus
15-01-2016 09:07:43 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (01/15/2016 09:07:56 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (01/15/2016 08:54:09 AM) (Source: MSSQL$MYMOVIES) (EventID: 8317) (User: )
Description: Cannot query value 'First Counter' associated with registry key 'HKLM\SYSTEM\CurrentControlSet\Services\MSSQL$MYMOVIES\Performance'. SQL Server performance counters are disabled.
Error: (01/15/2016 08:52:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MicrosoftEdge.exe, Version: 11.0.10586.63, Zeitstempel: 0x568b202a
Name des fehlerhaften Moduls: CoreUIComponents.dll, Version: 0.0.0.0, Zeitstempel: 0x565185e4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000780cd
ID des fehlerhaften Prozesses: 0x33ec
Startzeit der fehlerhaften Anwendung: 0xMicrosoftEdge.exe0
Pfad der fehlerhaften Anwendung: MicrosoftEdge.exe1
Pfad des fehlerhaften Moduls: MicrosoftEdge.exe2
Berichtskennung: MicrosoftEdge.exe3
Vollständiger Name des fehlerhaften Pakets: MicrosoftEdge.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge.exe5
Error: (01/15/2016 03:29:50 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: THOMASRATZKE-PC)
Description: Bei der Aktivierung der App „Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (01/14/2016 09:35:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4797
Error: (01/14/2016 09:35:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4797
Error: (01/14/2016 09:35:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/14/2016 09:35:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3609
Error: (01/14/2016 09:35:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3609
Error: (01/14/2016 09:35:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Systemfehler:
=============
Error: (01/15/2016 09:08:16 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/15/2016 08:54:05 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (01/15/2016 08:53:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (01/15/2016 08:53:14 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "WSearch" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%50
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (01/15/2016 08:53:08 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_1a595a" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/15/2016 08:53:08 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _1a595a" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/15/2016 08:53:08 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_1a595a" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/15/2016 08:53:08 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_1a595a" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/15/2016 08:52:44 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Steam Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/15/2016 08:52:44 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Nero Update" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===================================
Date: 2016-01-14 14:03:32.555
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-10 18:43:03.594
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-10 18:43:03.582
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-10 18:41:31.970
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-10 18:41:31.959
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-10 18:20:50.775
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-10 18:20:50.764
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-10 18:08:06.860
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-10 18:08:06.848
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-10 16:54:40.611
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 26%
Installierter physikalischer RAM: 6126.53 MB
Verfügbarer physikalischer RAM: 4492.06 MB
Summe virtueller Speicher: 12270.53 MB
Verfügbarer virtueller Speicher: 10662.98 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:905.9 GB) (Free:136.78 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive g: (StarCraft II 3.0 Disc 1) (CDROM) (Total:7.91 GB) (Free:0 GB) CDFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 94BB371C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=905.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=25.1 GB) - (Type=12)
==================== Ende von Addition.txt ============================
|
|
15.01.2016, 10:11
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: seltsames Setup bei Systemstart FRST-Fix Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft! Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter Task: {18328E56-666F-4FBB-8645-6356DC741DBD} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {2A880E2A-4823-4B1A-95CC-8A37511BB490} - System32\Tasks\Format Factory => C:\Users\Thomas Ratzke\AppData\Local\Temp\is-1C0LD.tmp\prsetup.exe [2015-10-24] (Free Time ) <==== ACHTUNG
Task: {38CFA671-3EBE-45FE-BF10-941FC8258D63} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {3EEA0947-99CC-4D10-8CBE-E929E3FDC5EB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {6A6CA0A2-0A16-4AC1-B7F2-8B83130A24D5} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
Task: {723638DC-4A6A-4EB4-9328-C6E5591847C4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {731AED53-0655-439F-BAA6-0ED7E5585FFE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {9683E79B-EA41-4ADF-95BC-4DF39B7E698C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {9BF1CCD1-4116-429E-860F-AA055C334D1B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {A0BCA1B8-C642-40A5-B23F-855725EFFC4F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {A918B0E8-CEFC-4A4F-8B09-29BA61F5F416} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {ACC81702-DF3D-4CB5-BA50-01FC0F20F285} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {B7B600EB-1AE8-4443-8193-C01DCE5D7262} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
C:\ProgramData\flashax10.exe
emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.01.2016, 12:06
| #9 |
| | Windows 10: seltsames Setup bei Systemstart Hallo Cosinus, habe ich erledigt: Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:10-01-2015 01
durchgeführt von Thomas Ratzke (2016-01-15 12:02:13) Run:1
Gestartet von C:\Users\Thomas Ratzke\Downloads
Geladene Profile: Thomas Ratzke (Verfügbare Profile: Thomas Ratzke & Melanie Ratzke & Luke Ratzke & DefaultAppPool)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
Task: {18328E56-666F-4FBB-8645-6356DC741DBD} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {2A880E2A-4823-4B1A-95CC-8A37511BB490} - System32\Tasks\Format Factory => C:\Users\Thomas Ratzke\AppData\Local\Temp\is-1C0LD.tmp\prsetup.exe [2015-10-24] (Free Time ) <==== ACHTUNG
Task: {38CFA671-3EBE-45FE-BF10-941FC8258D63} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {3EEA0947-99CC-4D10-8CBE-E929E3FDC5EB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {6A6CA0A2-0A16-4AC1-B7F2-8B83130A24D5} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
Task: {723638DC-4A6A-4EB4-9328-C6E5591847C4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {731AED53-0655-439F-BAA6-0ED7E5585FFE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {9683E79B-EA41-4ADF-95BC-4DF39B7E698C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {9BF1CCD1-4116-429E-860F-AA055C334D1B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {A0BCA1B8-C642-40A5-B23F-855725EFFC4F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {A918B0E8-CEFC-4A4F-8B09-29BA61F5F416} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {ACC81702-DF3D-4CB5-BA50-01FC0F20F285} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {B7B600EB-1AE8-4443-8193-C01DCE5D7262} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
C:\ProgramData\flashax10.exe
emptytemp:
*****************
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{18328E56-666F-4FBB-8645-6356DC741DBD}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18328E56-666F-4FBB-8645-6356DC741DBD}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2A880E2A-4823-4B1A-95CC-8A37511BB490}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2A880E2A-4823-4B1A-95CC-8A37511BB490}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Format Factory => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Format Factory" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{38CFA671-3EBE-45FE-BF10-941FC8258D63}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{38CFA671-3EBE-45FE-BF10-941FC8258D63}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3EEA0947-99CC-4D10-8CBE-E929E3FDC5EB}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3EEA0947-99CC-4D10-8CBE-E929E3FDC5EB}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6A6CA0A2-0A16-4AC1-B7F2-8B83130A24D5}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A6CA0A2-0A16-4AC1-B7F2-8B83130A24D5}" => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC => Schlüssel nicht gefunden.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{723638DC-4A6A-4EB4-9328-C6E5591847C4}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{723638DC-4A6A-4EB4-9328-C6E5591847C4}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{731AED53-0655-439F-BAA6-0ED7E5585FFE}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{731AED53-0655-439F-BAA6-0ED7E5585FFE}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9683E79B-EA41-4ADF-95BC-4DF39B7E698C}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9683E79B-EA41-4ADF-95BC-4DF39B7E698C}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9BF1CCD1-4116-429E-860F-AA055C334D1B}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9BF1CCD1-4116-429E-860F-AA055C334D1B}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A0BCA1B8-C642-40A5-B23F-855725EFFC4F}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0BCA1B8-C642-40A5-B23F-855725EFFC4F}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A918B0E8-CEFC-4A4F-8B09-29BA61F5F416}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A918B0E8-CEFC-4A4F-8B09-29BA61F5F416}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ACC81702-DF3D-4CB5-BA50-01FC0F20F285}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ACC81702-DF3D-4CB5-BA50-01FC0F20F285}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B7B600EB-1AE8-4443-8193-C01DCE5D7262}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B7B600EB-1AE8-4443-8193-C01DCE5D7262}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => Schlüssel erfolgreich entfernt
C:\ProgramData\flashax10.exe => erfolgreich verschoben
EmptyTemp: => 20.8 GB temporäre Dateien entfernt.
Das System musste neu gestartet werden.
==== Ende von Fixlog 12:03:18 ====
|
|
15.01.2016, 12:08
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: seltsames Setup bei Systemstart Okay, dann Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte: 1. Schritt: MBAM Downloade Dir bitte  Malwarebytes Anti-Malware
2. Schritt: ESET ESET Online Scanner
3. Schritt: SecurityCheck Downloade Dir bitte  SecurityCheck und:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.01.2016, 21:05
| #11 |
| |  Windows 10: seltsames Setup bei Systemstart Hallo Cosinus, es hat etwas gedauert, aber hier die LOGs: mbam.txt Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 15.01.2016 Suchlaufzeit: 12:13 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2016.01.15.03 Rootkit-Datenbank: v2016.01.09.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: Thomas Ratzke Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 534233 Abgelaufene Zeit: 35 Min., 32 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 2 PUP.Optional.GlobalSearch.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, In Quarantäne, [f5fada5fecadc4722848854d0002ae52], PUP.Optional.GlobalSearch.ShrtCln, HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, In Quarantäne, [836c162328713ff76708b81aa062857b], Registrierungswerte: 2 PUP.Optional.GlobalSearch.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, hxxp://www.globasearch.com/?serie=211&installkey=0yFIRIZ2hSXP5LAbSwJa&b=3&q={searchTerms}, In Quarantäne, [f5fada5fecadc4722848854d0002ae52] PUP.Optional.GlobalSearch.ShrtCln, HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, hxxp://www.globasearch.com/?serie=211&installkey=0yFIRIZ2hSXP5LAbSwJa&b=3&q={searchTerms}, In Quarantäne, [836c162328713ff76708b81aa062857b] Registrierungsdaten: 2 Hijack.GlobaSearch.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.globasearch.com/?serie=211&b=3&installkey=0yFIRIZ2hSXP5LAbSwJa, Gut: (www.google.com), Schlecht: (hxxp://www.globasearch.com/?serie=211&b=3&installkey=0yFIRIZ2hSXP5LAbSwJa),Ersetzt,[eb0448f1debb8caa412ce0d07d8709f7] Hijack.GlobaSearch.C, HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.globasearch.com/?serie=211&b=3&installkey=0yFIRIZ2hSXP5LAbSwJa, Gut: (www.google.com), Schlecht: (hxxp://www.globasearch.com/?serie=211&b=3&installkey=0yFIRIZ2hSXP5LAbSwJa),Ersetzt,[d31c72c7c4d5c86e303cd6da897b659b] Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 2 PUP.Optional.GlobalSearch.ShrtCln, C:\Users\Thomas Ratzke\AppData\Roaming\Mozilla\Firefox\Profiles\46keo9mh.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "hxxp://www.globasearch.com/?serie=211&b=2&installkey=0yFIRIZ2hSXP5LAbSwJa&newtab");), Ersetzt,[0be423169207979f32757e589e66bc44] PUP.Optional.GlobalSearch.ShrtCln, C:\Users\Thomas Ratzke\AppData\Roaming\Mozilla\Firefox\Profiles\46keo9mh.default\prefs.js, Gut: (user_pref("browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser/), Schlecht: (user_pref("browser.startup.homepage", "hxxp://www.globasearch.com), Ersetzt,[22cd2e0bb3e656e0dd60ac33c93bd828] Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3f7b88516a1e8047b730e120ca79a22a
# end=init
# utc_time=2016-01-15 12:14:09
# local_time=2016-01-15 01:14:09 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 27659
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=3f7b88516a1e8047b730e120ca79a22a
# end=updated
# utc_time=2016-01-15 12:18:23
# local_time=2016-01-15 01:18:23 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=3f7b88516a1e8047b730e120ca79a22a
# engine=27659
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-01-15 05:42:28
# local_time=2016-01-15 06:42:28 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 27255 6693891 0 0
# scanned=645986
# found=2
# cleaned=0
# scan_time=19444
sh=BF0FB5ED7D451851B98B1B42FA472A817035393A ft=1 fh=d429b31d34dfdb2b vn="Variante von Win32/Adware.EoRezo.BD Anwendung" ac=I fn="C:\Users\Thomas Ratzke\AppData\Local\Microsoft\Windows\INetCache\IE\2VJIJ7ED\setup_dpcc_en[1].exe"
sh=148BC745CB91B9DFDD09FF955DCE01CA6DC10F5A ft=1 fh=cce6864c1bf4fbda vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Thomas Ratzke\Downloads\PDFCreator-2_2_2-setup.exe"
Code:
ATTFilter Results of screen317's Security Check version 1.009
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Defender
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
MVPS Hosts File
Mozilla Firefox (43.0.3)
````````Process Check: objlist.exe by Laurent````````
Windows Defender MSMpEng.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
|
|
16.01.2016, 13:24
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: seltsames Setup bei Systemstart Nur ein paar Reste. Un Erkennungen im Setup vom PDF-Creator, weil das Teil Junkware nachladen und installieren kann wenn man nicht aufpasst. Sieht soweit ok aus  Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.01.2016, 19:43
| #13 |
| | Windows 10: seltsames Setup bei Systemstart Hallo Cosinus, das merkwürdige Setup ist jedenfalls verschwunden, daher sieht es erst mal gut aus. Danke.  Muss ich mich um die "Reste" nicht sorgen? Nachdem ich "PDF Creator" einmal installiert habe, brauche ich mir aber keine Sorgen mehr zu machen? Habe ich das richtig verstanden: "Windows Defender" ist als Virenschutz und Firewall ausreichend? Oder gibt es noch empfehlenswerte Software? Wie halte ich mein System sauber? Ich bin nun wirklich nicht gerade jemand, der auf "zwielichtigen Web-Seiten" surft oder alles anklickt, was lustig blinkt...  Wo lade ich Programme zuverlässig und sicher herunter? Danke nochmal, Thomas |
|
17.01.2016, 00:27
| #14 | ||||||||||
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10: seltsames Setup bei Systemstart Dann wären wir durch! Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.  Abschließend müssen wir noch ein paar Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.  Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde:  Combofix deinstallieren
Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.  Absicherung: Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:
Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und/oder mit dem ESET Online Scanner scannen. Optional:  NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. NoScript kann gerade bei technisch nicht allzu versierten Nutzern beim Surfen zum Nervfaktor werden; ob das Tool geeignet ist, muss jeder selbst mal ausprobieren und dann für sich entscheiden. Alternativen zu NoScript (wenn um das das Verhindern von Usertracking und Werbung auf Webseiten) geht wären da Ghostery oder uBlock. Ghostery ist eine sehr bekannte Erweiterung, die aber auch in Kritik geraten ist, vgl. dazu bitte diesen Thread => Ghostery schleift Werbung durch Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden. Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.01.2016, 09:32
| #15 |
| |  Windows 10: seltsames Setup bei Systemstart Super, vielen Dank! Noch ein paar abschließende Fragen:
Danke! |
|
| Themen zu Windows 10: seltsames Setup bei Systemstart |
| antivirus, askbar, bonjour, defender, desktop, dnsapi.dll, explorer, flash player, format, hijack.globasearch.c, homepage, mozilla, prozess, prozesse, pup.optional.globalsearch.shrtcln, realtek, registry, rundll, security, server, services.exe, software, super, taskmanager, windows, windowsapps, winlogon.exe |
+ R Taste und schreibe Combofix /Uninstall in das 
Linear-Darstellung
