| |
| |||||||
Log-Analyse und Auswertung: Windows 10: seltsames Setup bei SystemstartWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
14.01.2016, 10:10
| #1 |
 |  Windows 10: seltsames Setup bei Systemstart Hallo, seit neuestem beoachte ich bei Systemstart eine Setup-Routine, die kurz in der Taskbar angezeigt wird (einfach nur "Setup"). Ich habe eben im Taskmanager den Ordner geöffnet, wo angeblich der Prozess liegt. Der Ordner lautet "is-HTMAR.tmp" und ist leer. Das kommt mir doch alles ein wenig spanisch vor. Könntet ihr euch das bitte mal anschauen: FRST.TXT Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:10-01-2015 01
durchgeführt von Thomas Ratzke (Administrator) auf THOMASRATZKE-PC (14-01-2016 09:52:26)
Gestartet von C:\Users\Thomas Ratzke\Downloads
Geladene Profile: Thomas Ratzke (Verfügbare Profile: Thomas Ratzke & Melanie Ratzke & Luke Ratzke & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(© pdfforge GmbH.) C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Spotify Ltd) C:\Users\Thomas Ratzke\AppData\Roaming\Spotify\SpotifyWebHelper.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 4\architect.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 4\ws.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11057768 2010-07-06] (Realtek Semiconductor)
HKLM\...\Run: [UMonit] => C:\WINDOWS\SysWOW64\UMonit64.exe [53832 2015-07-09] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2771576 2015-12-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-17] (AVAST Software)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\Run: [EPSON Stylus SX400 Series] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIEGE.EXE [221696 2007-12-17] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\Run: [Spotify Web Helper] => C:\Users\Thomas Ratzke\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-04-20] (Spotify Ltd)
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\...\MountPoints2: {5955485e-a071-11e5-99fb-806e6f6e6963} - "G:\StarCraft II Setup.exe"
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\PhotoScreensaver.scr [583680 2015-10-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thomas Ratzke\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-12-17] (AVAST Software)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => Keine Datei
Startup: C:\Users\Melanie Ratzke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk.disabled [2013-01-29]
ShortcutTarget: OpenOffice.org 3.3.lnk.disabled -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (Keine Datei)
GroupPolicyUsers\S-1-5-21-1218043409-3151763047-2122344536-1003\User: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{0192c832-e6e0-490e-92f9-73e0c6b769e5}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{7f4fdd21-863d-44aa-968e-9b58e8c6888f}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.globasearch.com/?serie=211&b=3&installkey=0yFIRIZ2hSXP5LAbSwJa
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1218043409-3151763047-2122344536-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.globasearch.com/?serie=211&b=3&installkey=0yFIRIZ2hSXP5LAbSwJa
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.globasearch.com/?serie=211&installkey=0yFIRIZ2hSXP5LAbSwJa&b=3&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.globasearch.com/?serie=211&installkey=0yFIRIZ2hSXP5LAbSwJa&b=3&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.globasearch.com/?serie=211&installkey=0yFIRIZ2hSXP5LAbSwJa&b=3&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.globasearch.com/?serie=211&installkey=0yFIRIZ2hSXP5LAbSwJa&b=3&q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-11-28] (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-11-28] (AVAST Software)
Toolbar: HKU\S-1-5-21-1218043409-3151763047-2122344536-1001 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
FireFox:
========
FF ProfilePath: C:\Users\Thomas Ratzke\AppData\Roaming\Mozilla\Firefox\Profiles\46keo9mh.default
FF Homepage: hxxp://www.globasearch.com/?serie=211&b=2&installkey=0yFIRIZ2hSXP5LAbSwJa
FF NewTab: hxxp://www.globasearch.com/?serie=211&b=2&installkey=0yFIRIZ2hSXP5LAbSwJa&newtab
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-04-10] (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: PDF Architect 4 -> C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2015-10-19] (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-1218043409-3151763047-2122344536-1001: @doubletwist.com/NPPodcast -> C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-1218043409-3151763047-2122344536-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Thomas Ratzke\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-1218043409-3151763047-2122344536-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Thomas Ratzke\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-1218043409-3151763047-2122344536-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Thomas Ratzke\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-1218043409-3151763047-2122344536-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2015-11-20] (Sony Network Entertainment International LLC)
FF Plugin HKU\S-1-5-21-1218043409-3151763047-2122344536-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-07-11] ()
FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension
FF Extension: PDF Architect 4 Creator - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2015-12-22] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-17]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2015-12-17]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-11-28]
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <nicht gefunden>
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-17] (AVAST Software)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [36904 2015-08-01] (CHENGDU YIWO Tech Development Co., Ltd)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [Datei ist nicht signiert]
S4 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert]
S3 GalaxyClientService; C:\Program Files (x86)\GOG.com GalaxyClient\GalaxyClientService.exe [1616440 2015-12-27] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7184440 2015-12-27] (GOG.com)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156216 2015-12-09] (NVIDIA Corporation)
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MSSQL$MYMOVIES; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-12-09] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8185464 2015-12-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [6477432 2015-12-09] (NVIDIA Corporation)
S4 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2012-10-08] () [Datei ist nicht signiert]
R3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2417376 2015-10-19] (pdfforge GmbH)
S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2015-10-19] (pdfforge GmbH)
R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2015-10-19] (pdfforge GmbH)
R2 PDF Architect 4 Manager; C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe [959248 2015-10-05] (© pdfforge GmbH.)
S4 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [483864 2013-04-24] (Sony Corporation)
S4 ProtexisLicensing; C:\windows\SysWOW64\PSIService.exe [177704 2007-06-05] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1750712 2015-06-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2102496 2015-06-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [224712 2015-07-24] (Safer-Networking Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-12-17] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-12-19] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-12-17] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-12-17] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1055560 2015-12-17] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [451040 2015-12-19] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [155304 2015-12-17] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-12-17] (AVAST Software)
S3 athrusb; C:\Windows\System32\DRIVERS\athrxusb.sys [1037312 2007-04-20] (Atheros Communications, Inc.)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\WINDOWS\SysWOW64\epmntdrv.sys [14944 2014-11-18] ()
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48168 2014-12-15] ()
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\WINDOWS\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
R3 GeneStor; C:\Windows\system32\DRIVERS\GeneStor.sys [115704 2015-07-09] (GenesysLogic)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-12-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S3 USTOR2K; C:\Windows\System32\DRIVERS\ustor2k.sys [52224 2010-02-22] (Genesys Logic)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R0 WinI2C-DDC; C:\Windows\System32\drivers\DDCDrv.sys [20832 2008-04-08] (Nicomsoft Ltd.)
R0 WinI2C-DDC; C:\Windows\SysWOW64\drivers\DDCDrv.sys [15712 2010-03-22] (Nicomsoft Ltd.)
U3 idsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-01-14 09:52 - 2016-01-14 09:53 - 00022005 _____ C:\Users\Thomas Ratzke\Downloads\FRST.txt
2016-01-14 09:52 - 2016-01-14 09:52 - 00000000 ____D C:\FRST
2016-01-14 09:37 - 2016-01-14 09:52 - 02370560 _____ (Farbar) C:\Users\Thomas Ratzke\Downloads\FRST64.exe
2016-01-12 18:41 - 2016-01-12 18:41 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Local\{6D29EF02-426D-4F59-A035-00DCCF55824D}
2016-01-09 09:50 - 2016-01-09 09:50 - 00184016 _____ C:\Users\Melanie Ratzke\Downloads\DHL-Marke-3UZYKA79LE.pdf
2016-01-09 09:44 - 2016-01-09 09:44 - 00106184 _____ C:\Users\Thomas Ratzke\Downloads\Briefmarken.1Stk.09.01.2016_0943.pdf
2016-01-09 09:36 - 2016-01-09 09:36 - 00106547 ____T C:\Users\Public\Documents\Briefe und Maße_deutsche Post_2.pdf
2016-01-09 09:34 - 2016-01-09 09:34 - 00056983 _____ C:\Users\Public\Documents\Briefe und Maße_deutsche Post.pdf
2016-01-08 09:16 - 2016-01-08 09:28 - 00000000 ____D C:\AdwCleaner
2016-01-08 08:25 - 2016-01-14 09:35 - 01599336 _____ (Malwarebytes) C:\Users\Thomas Ratzke\Downloads\JRT.exe
2016-01-08 08:24 - 2016-01-08 09:16 - 01749504 _____ C:\Users\Thomas Ratzke\Downloads\AdwCleaner_5.028.exe
2016-01-06 09:45 - 2016-01-08 09:17 - 00001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-01-06 09:45 - 2016-01-08 09:17 - 00001214 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-01-06 09:44 - 2016-01-06 09:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-06 09:44 - 2016-01-06 09:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-06 09:32 - 2016-01-06 09:32 - 00251057 _____ C:\Users\Thomas Ratzke\Downloads\Briefmarken.8Stk.06.01.2016_0931.pdf
2016-01-05 16:14 - 2016-01-05 16:15 - 00114330 _____ C:\Users\Thomas Ratzke\Downloads\Briefmarken.2Stk.05.01.2016_1614.pdf
2016-01-04 11:21 - 2016-01-04 11:21 - 00000695 _____ C:\Users\Thomas Ratzke\Downloads\sync
2016-01-04 11:10 - 2016-01-04 11:11 - 00000000 ____D C:\Users\Public\Documents\Melanie
2016-01-04 11:10 - 2016-01-04 11:10 - 00071904 _____ C:\Users\Thomas Ratzke\Downloads\Einkaufsliste.pdf
2016-01-04 10:58 - 2016-01-04 11:00 - 00125793 _____ C:\Users\Thomas Ratzke\Downloads\Dein-Wochenplan-Paleo360°-Lifestyle-Challenge.pdf
2016-01-03 10:15 - 2016-01-03 10:15 - 03340204 _____ C:\Users\Thomas Ratzke\Downloads\lo-oo-ressources-linguistiques-fr-v5.3.oxt
2015-12-27 11:41 - 2016-01-11 16:39 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Local\Deployment
2015-12-27 09:32 - 2015-12-28 16:48 - 00000000 ____D C:\Users\Thomas Ratzke\Documents\Movie Studio Platinum 13.0 Projekte
2015-12-25 16:39 - 2016-01-08 09:15 - 00001140 _____ C:\Users\Thomas Ratzke\Desktop\Format Factory.lnk
2015-12-25 16:39 - 2015-12-25 16:40 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2015-12-25 16:37 - 2015-12-25 16:40 - 00000000 ____D C:\Program Files (x86)\FormatFactory
2015-12-25 16:33 - 2015-12-25 16:33 - 00000000 ____D C:\WINDOWS\System32\Tasks\Leader Technologies
2015-12-25 16:32 - 2015-12-25 16:32 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Roaming\Leadertech
2015-12-24 12:36 - 2015-12-24 12:36 - 00003476 _____ C:\WINDOWS\System32\Tasks\Format Factory
2015-12-24 12:34 - 2015-12-24 12:35 - 04506061 _____ (Free Time Inc ) C:\Users\Thomas Ratzke\Downloads\FormatFactory-3.8.0.2.exe
2015-12-23 15:32 - 2015-12-23 15:32 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Roaming\Publish Providers
2015-12-23 15:29 - 2016-01-08 09:17 - 00001259 _____ C:\Users\Public\Desktop\Movie Studio Platinum 13.0 (64-bit).lnk
2015-12-23 15:28 - 2015-12-23 15:28 - 00000000 ____D C:\Program Files\Sony
2015-12-23 13:45 - 2015-12-23 15:26 - 484066528 _____ (Sony Creative Software Inc.) C:\Users\Thomas Ratzke\Downloads\moviestudiope13.0.955_64bit.exe
2015-12-23 13:08 - 2015-12-23 13:10 - 142602520 _____ (Microsoft Corporation) C:\Users\Thomas Ratzke\Downloads\wlsetup-all_16.4.3508.0205.exe
2015-12-23 12:15 - 2015-12-23 12:15 - 00000000 ____D C:\Users\Thomas Ratzke\.MCTranscodingSDK
2015-12-23 12:05 - 2015-12-23 12:12 - 67203112 _____ (Lightworks) C:\Users\Thomas Ratzke\Downloads\lightworks_v12.5.0_full_64bit_setup.exe
2015-12-23 12:00 - 2015-12-23 12:30 - 00000000 ____D C:\Users\Public\Documents\Lightworks
2015-12-23 12:00 - 2015-12-23 12:00 - 00000000 ____D C:\ProgramData\Geevs
2015-12-23 08:44 - 2016-01-08 09:17 - 00001816 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-12-23 08:44 - 2015-12-23 08:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-12-23 08:43 - 2015-12-23 08:44 - 00000000 ____D C:\Program Files\iTunes
2015-12-23 08:43 - 2015-12-23 08:43 - 00000000 ____D C:\Program Files\iPod
2015-12-23 08:38 - 2015-12-23 08:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-12-22 19:21 - 2016-01-08 09:17 - 00002204 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-12-22 19:20 - 2015-12-16 15:54 - 00523384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-12-22 19:20 - 2015-12-16 15:54 - 00075056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-12-22 19:20 - 2015-12-16 15:19 - 00103216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-12-22 19:18 - 2015-12-16 17:59 - 31098488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-12-22 19:18 - 2015-12-16 17:59 - 24923768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-12-22 19:18 - 2015-12-16 17:59 - 21131424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-12-22 19:18 - 2015-12-16 17:59 - 17568432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-12-22 19:18 - 2015-12-16 17:59 - 17123736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-12-22 19:18 - 2015-12-16 17:59 - 00938104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-12-22 19:18 - 2015-12-16 17:59 - 00872056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-12-22 19:18 - 2015-12-16 17:59 - 00735024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-12-22 19:18 - 2015-12-16 17:59 - 00681592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-12-22 19:18 - 2015-12-16 17:59 - 00541000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-12-22 19:18 - 2015-12-16 17:59 - 00445728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-12-22 19:18 - 2015-12-16 17:59 - 00175368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-12-22 19:18 - 2015-12-16 17:59 - 00153208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-12-22 19:18 - 2015-12-16 17:59 - 00151184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-12-22 19:18 - 2015-12-16 17:59 - 00128696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-12-22 19:17 - 2015-12-16 17:59 - 42976888 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-12-22 19:17 - 2015-12-16 17:59 - 37608568 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-12-22 19:17 - 2015-12-16 17:59 - 20672376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-12-22 19:17 - 2015-12-16 17:59 - 17164160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-12-22 19:17 - 2015-12-16 17:59 - 17104016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-12-22 19:17 - 2015-12-16 17:59 - 02560816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-12-22 19:17 - 2015-12-16 17:59 - 02214192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-12-22 19:17 - 2015-12-16 17:59 - 01915512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436143.dll
2015-12-22 19:17 - 2015-12-16 17:59 - 01564976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436143.dll
2015-12-22 09:19 - 2016-01-08 09:17 - 00000879 _____ C:\Users\Public\Desktop\PDF Architect 4.lnk
2015-12-22 09:19 - 2015-12-23 07:54 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Roaming\PDF Architect 4
2015-12-22 09:19 - 2015-12-22 09:19 - 00000000 ____D C:\ProgramData\pdfforge
2015-12-22 09:19 - 2015-12-22 09:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 4
2015-12-22 09:18 - 2015-12-22 09:19 - 00000000 ____D C:\Program Files\PDF Architect 4
2015-12-22 09:18 - 2015-12-22 09:19 - 00000000 ____D C:\Program Files (x86)\PDF Architect 4
2015-12-22 09:18 - 2015-12-22 09:18 - 00000000 ____D C:\Users\Thomas Ratzke\Documents\PDF Architect
2015-12-22 09:17 - 2016-01-08 09:17 - 00000915 _____ C:\Users\Public\Desktop\PDFCreator.lnk
2015-12-22 09:17 - 2015-12-22 09:22 - 00000000 ____D C:\ProgramData\PDF Architect 4
2015-12-22 09:17 - 2015-12-22 09:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2015-12-22 09:11 - 2015-12-22 09:16 - 27005440 _____ (pdfforge GmbH) C:\Users\Thomas Ratzke\Downloads\PDFCreator-2_2_2-setup.exe
2015-12-22 09:09 - 2016-01-14 09:39 - 00000000 ____D C:\Users\Public\Documents\Geschäftliches
2015-12-21 10:29 - 2015-12-21 10:29 - 00186303 _____ C:\Users\Thomas Ratzke\Downloads\DHL-Marke-9238YYDQPY.pdf
2015-12-20 16:30 - 2015-11-25 00:07 - 00112760 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-12-20 16:30 - 2015-11-25 00:07 - 00105080 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-12-20 16:28 - 2015-11-25 00:07 - 01905272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435906.dll
2015-12-20 16:28 - 2015-11-25 00:07 - 01564792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435906.dll
2015-12-20 16:12 - 2015-12-09 02:51 - 00111520 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2015-12-18 15:58 - 2015-12-07 05:57 - 00973664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-12-18 15:58 - 2015-12-07 05:55 - 01281376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-12-18 15:58 - 2015-12-07 05:49 - 00412512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2015-12-18 15:58 - 2015-12-07 05:48 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 01155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 01092456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 01065080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 01020096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00983464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00884256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00823264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00526856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00450904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00337840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00245848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2015-12-18 15:58 - 2015-12-07 05:48 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2015-12-18 15:58 - 2015-12-07 05:47 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-12-18 15:58 - 2015-12-07 05:47 - 00898184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-12-18 15:58 - 2015-12-07 05:47 - 00716928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-12-18 15:58 - 2015-12-07 05:47 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2015-12-18 15:58 - 2015-12-07 05:46 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-18 15:58 - 2015-12-07 05:46 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-18 15:58 - 2015-12-07 05:45 - 00264544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-12-18 15:58 - 2015-12-07 05:15 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2015-12-18 15:58 - 2015-12-07 05:15 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
2015-12-18 15:58 - 2015-12-07 05:10 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2015-12-18 15:58 - 2015-12-07 05:09 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2015-12-18 15:58 - 2015-12-07 05:09 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2015-12-18 15:58 - 2015-12-07 05:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2015-12-18 15:58 - 2015-12-07 05:07 - 16984064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-12-18 15:58 - 2015-12-07 05:07 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2015-12-18 15:58 - 2015-12-07 05:07 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2015-12-18 15:58 - 2015-12-07 05:06 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2015-12-18 15:58 - 2015-12-07 05:06 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-12-18 15:58 - 2015-12-07 05:06 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-12-18 15:58 - 2015-12-07 05:05 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-12-18 15:58 - 2015-12-07 05:05 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe
2015-12-18 15:58 - 2015-12-07 05:04 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2015-12-18 15:58 - 2015-12-07 05:04 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2015-12-18 15:58 - 2015-12-07 05:03 - 13017600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-12-18 15:58 - 2015-12-07 05:02 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2015-12-18 15:58 - 2015-12-07 05:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2015-12-18 15:58 - 2015-12-07 05:01 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-12-18 15:58 - 2015-12-07 05:01 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe
2015-12-18 15:58 - 2015-12-07 05:00 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2015-12-18 15:58 - 2015-12-07 05:00 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2015-12-18 15:58 - 2015-12-07 05:00 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-12-18 15:58 - 2015-12-07 05:00 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2015-12-18 15:58 - 2015-12-07 04:59 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-12-18 15:58 - 2015-12-07 04:59 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-12-18 15:58 - 2015-12-07 04:59 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-12-18 15:58 - 2015-12-07 04:59 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2015-12-18 15:58 - 2015-12-07 04:58 - 24601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-18 15:58 - 2015-12-07 04:58 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-12-18 15:58 - 2015-12-07 04:57 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2015-12-18 15:58 - 2015-12-07 04:57 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2015-12-18 15:58 - 2015-12-07 04:57 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2015-12-18 15:58 - 2015-12-07 04:56 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-12-18 15:58 - 2015-12-07 04:56 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-12-18 15:58 - 2015-12-07 04:55 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-12-18 15:58 - 2015-12-07 04:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-12-18 15:58 - 2015-12-07 04:54 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-12-18 15:58 - 2015-12-07 04:54 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2015-12-18 15:58 - 2015-12-07 04:53 - 19339264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-18 15:58 - 2015-12-07 04:53 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-12-18 15:58 - 2015-12-07 04:51 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-12-18 15:58 - 2015-12-07 04:51 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2015-12-18 15:58 - 2015-12-07 04:50 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2015-12-18 15:58 - 2015-12-07 04:49 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2015-12-18 15:58 - 2015-12-07 04:48 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-12-18 15:58 - 2015-12-07 04:47 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-12-18 15:58 - 2015-12-07 04:45 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-12-18 15:58 - 2015-12-07 04:45 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2015-12-18 15:58 - 2015-12-07 04:45 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2015-12-18 15:58 - 2015-12-07 04:44 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-12-18 15:58 - 2015-12-07 04:43 - 02598400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-12-18 15:58 - 2015-12-07 04:43 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2015-12-18 15:58 - 2015-12-07 04:41 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-12-18 15:58 - 2015-12-07 04:40 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-12-18 15:58 - 2015-12-07 04:40 - 01995776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-12-18 15:58 - 2015-12-07 04:40 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2015-12-18 15:58 - 2015-12-07 04:39 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-12-18 15:58 - 2015-12-07 04:38 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2015-12-18 15:58 - 2015-12-07 04:33 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2015-12-18 15:58 - 2015-12-07 04:32 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2015-12-17 18:43 - 2015-12-17 18:43 - 00093759 _____ C:\Users\Thomas Ratzke\Downloads\Download (2).dvdprofiler
2015-12-17 18:40 - 2015-12-17 18:40 - 00122406 _____ C:\Users\Thomas Ratzke\Downloads\Download (1).dvdprofiler
2015-12-17 10:21 - 2016-01-08 09:17 - 00002023 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2015-12-17 10:21 - 2016-01-08 09:17 - 00002005 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-12-17 10:20 - 2015-12-17 10:20 - 00386096 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-12-17 10:20 - 2015-12-17 10:20 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-12-16 16:23 - 2015-12-16 16:23 - 00000000 ____D C:\Users\Luke Ratzke\AppData\Local\Publishers
2015-12-16 16:23 - 2015-12-16 16:23 - 00000000 ____D C:\Users\Luke Ratzke\AppData\Local\ActiveSync
2015-12-16 16:21 - 2015-12-16 16:24 - 00000000 ____D C:\Users\Luke Ratzke\AppData\Local\Packages
2015-12-16 16:21 - 2015-12-16 16:21 - 00000668 __RSH C:\Users\Luke Ratzke\ntuser.pol
2015-12-16 16:21 - 2015-12-16 16:21 - 00000020 ___SH C:\Users\Luke Ratzke\ntuser.ini
2015-12-16 16:21 - 2015-12-16 16:21 - 00000000 ____D C:\Users\Luke Ratzke\AppData\Local\TileDataLayer
2015-12-16 11:03 - 2015-12-16 11:03 - 00000000 ____D C:\Users\Melanie Ratzke\AppData\Local\ActiveSync
2015-12-16 10:59 - 2015-12-16 10:59 - 00000020 ___SH C:\Users\Melanie Ratzke\ntuser.ini
2015-12-15 16:24 - 2015-12-15 16:25 - 02845281 _____ C:\Users\Thomas Ratzke\Documents\Verkaufsliste_3.pdf
2015-12-15 11:11 - 2016-01-08 09:17 - 00001001 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-01-14 09:52 - 2015-10-30 07:28 - 00000000 ____D C:\Windows
2016-01-14 09:52 - 2015-04-20 19:01 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Local\Spotify
2016-01-14 09:43 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-14 09:43 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-14 09:38 - 2013-02-13 11:56 - 00000000 ____D C:\Users\Thomas Ratzke\Desktop\Scans
2016-01-14 09:36 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-14 09:33 - 2011-04-20 18:55 - 00004188 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{73A8952D-2499-43E8-851C-D88DA5E487FD}
2016-01-14 09:31 - 2011-05-08 18:55 - 00001184 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1218043409-3151763047-2122344536-1001UA.job
2016-01-14 09:29 - 2015-04-20 19:00 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Roaming\Spotify
2016-01-12 19:05 - 2011-04-20 21:08 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Local\Google
2016-01-12 19:05 - 2011-04-20 21:08 - 00000000 ____D C:\Program Files (x86)\Google
2016-01-12 19:02 - 2011-04-20 21:08 - 00000000 ____D C:\ProgramData\Google
2016-01-12 18:56 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-01-12 18:50 - 2015-08-08 17:55 - 00000000 ____D C:\Users\Thomas Ratzke\Documents\Tagebuch
2016-01-12 18:49 - 2011-04-22 10:40 - 00000000 ____D C:\Users\Thomas Ratzke\E-Mail
2016-01-12 18:41 - 2015-12-13 10:25 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Local\CrashDumps
2016-01-12 17:13 - 2013-03-16 10:53 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-01-10 19:41 - 2011-04-30 10:16 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Local\DVD Profiler
2016-01-10 16:49 - 2015-12-12 03:27 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-10 16:49 - 2015-12-12 02:47 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-10 16:49 - 2015-10-30 07:28 - 01835008 ___SH C:\WINDOWS\system32\config\BBI
2016-01-08 09:17 - 2015-12-13 10:26 - 00002200 _____ C:\Users\Public\Desktop\EaseUS Todo Backup Free 8.9 .lnk
2016-01-08 09:17 - 2015-12-13 10:22 - 00001459 _____ C:\Users\Public\Desktop\EaseUS Partition Master 10.8.lnk
2016-01-08 09:17 - 2015-12-12 03:09 - 00001495 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-01-08 09:17 - 2015-11-21 11:27 - 00001464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-01-08 09:17 - 2015-11-21 11:27 - 00001446 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-01-08 09:17 - 2015-11-11 12:23 - 00001126 _____ C:\Users\Public\Desktop\OpenOffice 4.1.2.lnk
2016-01-08 09:17 - 2015-07-19 17:03 - 00000993 _____ C:\Users\Public\Desktop\DVDFab 9.lnk
2016-01-08 09:17 - 2015-07-16 18:42 - 00002693 _____ C:\Users\Public\Desktop\Skype.lnk
2016-01-08 09:17 - 2015-07-12 16:02 - 00002103 _____ C:\Users\Public\Desktop\Nero MediaHome.lnk
2016-01-08 09:17 - 2015-07-12 15:57 - 00002791 _____ C:\Users\Public\Desktop\Nero Video 11.lnk
2016-01-08 09:17 - 2015-06-07 18:31 - 00000909 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-01-08 09:17 - 2015-06-07 09:34 - 00000868 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VidCoder.lnk
2016-01-08 09:17 - 2015-03-24 20:07 - 00001448 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-01-08 09:17 - 2015-03-21 19:39 - 00001839 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2016-01-08 09:17 - 2015-03-05 17:18 - 00001762 _____ C:\Users\Public\Desktop\Defraggler.lnk
2016-01-08 09:17 - 2015-01-29 09:21 - 00002093 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2016-01-08 09:17 - 2015-01-06 17:25 - 00001952 _____ C:\Users\Public\Desktop\Media Go.lnk
2016-01-08 09:17 - 2014-12-29 12:27 - 00002325 _____ C:\Users\Public\Desktop\Logitech Harmony Remote Software 7.lnk
2016-01-08 09:17 - 2014-11-06 08:59 - 00001106 _____ C:\Users\Public\Desktop\SUPER ©.lnk
2016-01-08 09:17 - 2014-09-21 18:18 - 00002199 _____ C:\Users\Public\Desktop\SteuerSparErklärung 2014.lnk
2016-01-08 09:17 - 2014-09-10 18:34 - 00001169 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-01-08 09:17 - 2013-07-11 16:25 - 00001978 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home.lnk
2016-01-08 09:17 - 2012-11-21 19:37 - 00001283 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inhaltsmanager-Assistent für PlayStation(R).lnk
2016-01-08 09:17 - 2011-12-27 19:16 - 00001137 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warner Bros. Digital Copy Manager.lnk
2016-01-08 09:17 - 2011-05-20 18:15 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-01-08 09:17 - 2010-12-17 23:49 - 00002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk
2016-01-08 09:17 - 2010-12-17 23:46 - 00002534 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2016-01-08 09:17 - 2010-12-17 23:46 - 00001490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2016-01-08 09:17 - 2010-12-17 23:46 - 00001374 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
2016-01-08 09:17 - 2010-12-17 23:46 - 00001305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
2016-01-08 09:16 - 2015-08-01 16:42 - 00002456 _____ C:\Users\Thomas Ratzke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-01-08 09:16 - 2015-08-01 16:40 - 00001051 _____ C:\Users\Thomas Ratzke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2016-01-08 09:16 - 2015-04-20 19:01 - 00001838 _____ C:\Users\Thomas Ratzke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-01-08 09:16 - 2013-07-13 16:06 - 00001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2016-01-08 09:16 - 2011-05-20 21:23 - 00001125 _____ C:\Users\Thomas Ratzke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trillian.lnk
2016-01-08 09:15 - 2015-11-29 09:57 - 00001488 _____ C:\Users\Thomas Ratzke\Desktop\CopyTrans Control Center.lnk
2016-01-08 09:15 - 2015-04-29 19:25 - 00001733 _____ C:\Users\Thomas Ratzke\Desktop\GOG.com - Verknüpfung.lnk
2016-01-08 09:15 - 2015-04-20 19:01 - 00001852 _____ C:\Users\Thomas Ratzke\Desktop\Spotify.lnk
2016-01-08 09:15 - 2015-03-05 19:25 - 00000983 _____ C:\Users\Thomas Ratzke\Desktop\AllDup.lnk
2016-01-08 09:15 - 2014-09-10 16:59 - 00001268 _____ C:\Users\Thomas Ratzke\Desktop\Revo Uninstaller.lnk
2016-01-08 09:15 - 2012-10-03 09:12 - 00001113 _____ C:\Users\Thomas Ratzke\Desktop\DVD Profiler.lnk
2016-01-08 09:15 - 2012-08-29 17:53 - 00001835 _____ C:\Users\Thomas Ratzke\Desktop\SRServer.exe.lnk
2016-01-08 09:15 - 2011-12-28 18:30 - 00001215 _____ C:\Users\Thomas Ratzke\Desktop\iSkysoft DRM Removal.lnk
2016-01-08 09:15 - 2011-05-22 19:30 - 00001929 _____ C:\Users\Thomas Ratzke\Desktop\XML Notepad 2007.lnk
2016-01-08 09:15 - 2011-05-20 21:23 - 00001095 _____ C:\Users\Thomas Ratzke\Desktop\Trillian.lnk
2016-01-08 09:15 - 2011-04-22 22:14 - 00001193 _____ C:\Users\Thomas Ratzke\Desktop\SDK Manager - Verknüpfung.lnk
2016-01-08 09:12 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-01-08 09:11 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-01-08 09:10 - 2011-04-28 20:39 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-01-08 08:21 - 2014-09-10 18:35 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-01-07 11:17 - 2011-05-09 18:01 - 00000000 ____D C:\Users\Melanie Ratzke\AppData\Local\Google
2016-01-04 11:34 - 2011-04-20 19:23 - 00000000 ____D C:\temp
2016-01-04 10:52 - 2015-12-12 02:52 - 02083424 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-04 10:52 - 2015-10-30 19:35 - 00887110 _____ C:\WINDOWS\system32\perfh007.dat
2016-01-04 10:52 - 2015-10-30 19:35 - 00196754 _____ C:\WINDOWS\system32\perfc007.dat
2016-01-03 10:00 - 2011-11-18 20:54 - 00000000 ____D C:\ProgramData\DVD Shrink
2016-01-03 02:40 - 2015-10-30 08:26 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-01-03 02:40 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-29 07:53 - 2015-08-01 16:38 - 00000000 __RHD C:\Users\Public\AccountPictures
2015-12-29 07:53 - 2011-04-25 10:52 - 00000000 ___RD C:\Users\Thomas Ratzke\Virtual Machines
2015-12-28 22:57 - 2011-11-19 15:59 - 00000000 ____D C:\Users\Thomas Ratzke\Nero Images
2015-12-28 22:34 - 2011-11-19 15:28 - 00000000 ____D C:\Users\Thomas Ratzke\Documents\NeroVideo
2015-12-27 18:45 - 2015-03-05 19:25 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Roaming\AllDup
2015-12-27 10:11 - 2015-07-16 19:22 - 00000000 ____D C:\Program Files (x86)\GOG.com GalaxyClient
2015-12-27 02:31 - 2011-05-08 18:55 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1218043409-3151763047-2122344536-1001Core.job
2015-12-24 13:14 - 2011-11-19 15:28 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Roaming\Nero
2015-12-24 12:33 - 2015-12-12 02:53 - 00000000 ____D C:\Users\Thomas Ratzke
2015-12-23 21:48 - 2015-01-06 17:23 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Roaming\Sony
2015-12-23 15:30 - 2015-01-06 17:24 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Local\Sony
2015-12-23 15:29 - 2015-01-06 17:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-12-23 15:28 - 2015-01-06 17:13 - 00000000 ____D C:\ProgramData\Sony
2015-12-23 15:28 - 2011-04-24 17:16 - 00000000 ____D C:\Program Files (x86)\Sony
2015-12-23 13:14 - 2011-04-22 10:39 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Local\Windows Live
2015-12-23 12:11 - 2011-04-20 18:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2015-12-23 12:11 - 2011-04-20 18:33 - 00000000 ____D C:\Program Files (x86)\MAGIX
2015-12-23 12:10 - 2011-04-20 18:33 - 00000000 ____D C:\ProgramData\MAGIX
2015-12-23 12:07 - 2011-04-20 18:32 - 00000000 ____D C:\WINDOWS\SysWOW64\MAGIX
2015-12-23 12:06 - 2011-04-21 13:40 - 00000000 ____D C:\Program Files (x86)\NewBlue
2015-12-23 12:01 - 2014-07-26 14:03 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Local\Amazon Music
2015-12-23 11:30 - 2011-04-20 18:33 - 00000000 ____D C:\Users\Thomas Ratzke\Documents\MAGIX_Video_deluxe_15_Premium_Sonderedition
2015-12-23 08:43 - 2011-11-18 21:10 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-12-23 08:43 - 2011-05-20 18:15 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-12-22 19:21 - 2015-12-12 02:47 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-12-22 19:21 - 2015-03-24 20:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-12-22 09:20 - 2013-11-29 19:11 - 00000000 ____D C:\Program Files\PDFCreator
2015-12-22 09:17 - 2013-11-29 19:11 - 00120200 _____ (pdfforge GmbH) C:\WINDOWS\system32\pdfcmon.dll
2015-12-20 16:12 - 2014-05-16 06:12 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-19 08:15 - 2014-09-21 19:09 - 00451040 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-12-19 08:15 - 2014-09-21 19:09 - 00097648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys
2015-12-18 22:18 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-12-18 22:18 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Provisioning
2015-12-18 22:18 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2015-12-18 09:48 - 2015-11-10 22:03 - 12426896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-12-17 10:21 - 2014-09-21 19:08 - 00000000 ____D C:\ProgramData\AVAST Software
2015-12-17 10:20 - 2014-09-21 19:10 - 00004006 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-12-17 10:20 - 2014-09-21 19:09 - 01055560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-12-17 10:20 - 2014-09-21 19:09 - 00273784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-12-17 10:20 - 2014-09-21 19:09 - 00155304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-12-17 10:20 - 2014-09-21 19:09 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-12-17 10:20 - 2014-09-21 19:09 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-12-17 10:20 - 2014-09-21 19:09 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-12-17 09:18 - 2011-04-30 10:15 - 00000000 ____D C:\Users\Thomas Ratzke\Documents\DVD Profiler
2015-12-16 17:59 - 2015-11-10 22:03 - 19727624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-12-16 17:59 - 2015-11-10 22:03 - 14103608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-12-16 17:59 - 2015-11-10 22:03 - 03603368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-12-16 17:59 - 2015-11-10 22:03 - 03184152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-12-16 17:59 - 2015-11-10 22:03 - 00035775 _____ C:\WINDOWS\system32\nvinfo.pb
2015-12-16 16:35 - 2015-08-01 16:38 - 00000000 ____D C:\Users\Thomas Ratzke\AppData\Local\Packages
2015-12-16 16:21 - 2015-12-12 02:53 - 00000000 ____D C:\Users\Luke Ratzke
2015-12-16 16:21 - 2011-11-26 10:27 - 00000000 ___RD C:\Users\Luke Ratzke\Virtual Machines
2015-12-16 15:54 - 2015-12-12 02:47 - 06359672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-12-16 15:54 - 2015-12-12 02:47 - 02985264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-12-16 15:54 - 2015-12-12 02:47 - 02554488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-12-16 15:54 - 2015-12-12 02:47 - 01256240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-12-16 15:54 - 2015-12-12 02:47 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-12-16 15:54 - 2015-12-12 02:47 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-12-16 15:49 - 2015-12-12 02:47 - 06090019 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-12-16 11:21 - 2015-08-01 18:26 - 00000000 ____D C:\Users\Melanie Ratzke\AppData\Local\Packages
2015-12-16 11:00 - 2011-05-09 18:00 - 00000000 ___RD C:\Users\Melanie Ratzke\Virtual Machines
2015-12-16 10:59 - 2015-12-12 02:53 - 00000000 ____D C:\Users\Melanie Ratzke
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2011-04-22 22:18 - 2011-04-22 22:18 - 0000109 _____ () C:\Users\Thomas Ratzke\AppData\Roaming\edition.txt
2011-04-21 20:09 - 2014-09-20 15:37 - 0058368 _____ () C:\Users\Thomas Ratzke\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-06 17:13 - 2015-01-06 17:13 - 28488056 _____ (Sony Mobile Communications ) C:\Users\Thomas Ratzke\AppData\Local\pcc.exe
2012-09-06 18:39 - 2012-09-06 18:39 - 0000017 _____ () C:\Users\Thomas Ratzke\AppData\Local\resmon.resmoncfg
2011-12-28 17:45 - 2015-06-12 18:18 - 0000040 ___SH () C:\ProgramData\.zreglib
2010-12-17 23:44 - 2010-12-17 23:44 - 1914000 _____ (Adobe Systems Incorporated) C:\ProgramData\flashax10.exe
2014-11-09 09:18 - 2014-11-09 09:18 - 0000092 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\flashax10.exe
Einige Dateien in TEMP:
====================
C:\Users\Thomas Ratzke\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Thomas Ratzke\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Thomas Ratzke\AppData\Local\Temp\nvStInst.exe
C:\Users\Thomas Ratzke\AppData\Local\Temp\sqlite3.dll
C:\Users\Thomas Ratzke\AppData\Local\Temp\unwise.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-12-26 16:15
==================== Ende von FRST.txt ============================
|
| Themen zu Windows 10: seltsames Setup bei Systemstart |
| antivirus, askbar, bonjour, defender, desktop, dnsapi.dll, explorer, flash player, format, hijack.globasearch.c, homepage, mozilla, prozess, prozesse, pup.optional.globalsearch.shrtcln, realtek, registry, rundll, security, server, services.exe, software, super, taskmanager, windows, windowsapps, winlogon.exe |
Baum-Darstellung