| |
| |||||||
Log-Analyse und Auswertung: Win 8.1, System reagiert auf alles sehr langsamWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
04.06.2017, 10:02
| #1 |
 |  Win 8.1, System reagiert auf alles sehr langsam Hallo, das ganze System reagiert manchmal sehr langsam. Wenn ich Photoshop starte, dauert es manchmal bis zu zehn Minuten, bis es dann an ist. Bei einem erneuten Starten geht es dann schneller. Wenn der Rechner neu hochgefahren ist, dauert es wieder so lange. Die Festplatte hat eine Durchschnittliche Antwortszeit von 5.000 bis 10.000 Millisekunden. Vor ein paar Monaten wurde der Arbeitsspeicher von 4 auf 12 GB erhöht. Das hat eine Weile für Besserung gesorgt. Inzwischen ist aber manchmal kaum ein Arbeiten damit möglich. Auch der Browser reagiert manchmal sehr langsam. Gibt man einen Text ein, dauert es manchmal ein paar Sekunden, bis dieser erscheint. Oder das ganze friert regelrecht ein. Die Festplatte ist frisch Defragmentiert. Hat aber nichts gebracht. Hinzu kommt noch, dass es mit den automatischen Updates zu Problemen kommt. Es stehen aktuell noch 13 wichtige Updates aus. Diese lassen sich auch nicht einzeln installieren. Auch verschiedene Hilfetools zur Installation helfen nicht. Zudem werden keine frühere Wiederherstellungspunkte angeboten, obwohl aktiviert ist. Steckt da jetzt irgendwo ein versteckter Virus drinnen, oder ist einfach das System zerschossen? Vielen Dank für die Hilfe und viele Grüße, Rainer Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 02-06-2017 durchgeführt von Rainer (Administrator) auf LIPPERT (04-06-2017 09:51:28) Gestartet von C:\Users\Rainer\Downloads Geladene Profile: Rainer (Verfügbare Profile: Rainer) Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Ascora GmbH) C:\Program Files (x86)\CheckDrive\CheckDrive.exe (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Windows\SysWOW64\PSIService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2461504 2014-09-17] (NVIDIA Corporation) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft) HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [Windows Mobile-based device management] => C:\WINDOWS\WindowsMobile\wmdcBase.exe [660360 2007-05-31] (Microsoft Corporation) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-05-08] (AVAST Software) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation) HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-19] (Intel Corporation) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [1941064 2016-05-16] () HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [29246632 2017-05-30] (Dropbox, Inc.) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-25] (Adobe Systems Incorporated) HKU\S-1-5-21-2560001034-2644125590-1053040255-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8891608 2016-07-13] (Piriform Ltd) HKU\S-1-5-21-2560001034-2644125590-1053040255-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.) HKU\S-1-5-21-2560001034-2644125590-1053040255-1002\...\Policies\Explorer: [Neuer Wert #1] HKU\S-1-5-21-2560001034-2644125590-1053040255-1002\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-2560001034-2644125590-1053040255-1002\...\MountPoints2: {1cb13cc2-321d-11e7-8222-902b34983558} - "H:\iLinker.exe" ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] () ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-08] (AVAST Software) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-08] (AVAST Software) ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NCProTray.lnk [2015-10-04] ShortcutTarget: NCProTray.lnk -> C:\Program Files (x86)\SEC\Natural Color Pro\NCProTray.exe (Samsung) CHR HKU\S-1-5-21-2560001034-2644125590-1053040255-1002\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) ProxyEnable: [.DEFAULT] => Proxy ist aktiviert. ProxyServer: [.DEFAULT] => http=127.0.0.1:49211;https=127.0.0.1:49211 Winsock: Catalog9-x64 01 C:\WINDOWS\system32\LavasoftTcpService64.dll [425744 2015-09-27] (Lavasoft Limited) Winsock: Catalog9-x64 02 C:\WINDOWS\system32\LavasoftTcpService64.dll [425744 2015-09-27] (Lavasoft Limited) Winsock: Catalog9-x64 03 C:\WINDOWS\system32\LavasoftTcpService64.dll [425744 2015-09-27] (Lavasoft Limited) Winsock: Catalog9-x64 04 C:\WINDOWS\system32\LavasoftTcpService64.dll [425744 2015-09-27] (Lavasoft Limited) Winsock: Catalog9-x64 15 C:\WINDOWS\system32\LavasoftTcpService64.dll [425744 2015-09-27] (Lavasoft Limited) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{6AE48693-11EB-4ABC-A197-CAFB1D6475E2}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKU\S-1-5-21-2560001034-2644125590-1053040255-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-2560001034-2644125590-1053040255-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} HKU\S-1-5-21-2560001034-2644125590-1053040255-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid=%7B9733F57E-31BC-4B1E-B531-38B8210D2FD3%7D&mid=8e07fa8749ec47d29cd54162727cdcab-13c9ae5db198e4b1f33d32855e431ef8df3602c4&lang=de&ds=AVG&coid=avgtbavg&cmpid=0516avz&pr=fr&d=2016-04-26%2016:04:02&v=4.2.9.726&pid=wtu&sg=&sap=hp SearchScopes: HKLM -> DefaultScope {3CBC6231-3916-4C5F-A678-8E577F608C79} URL = hxxp://www.startseite24.net/?q={searchTerms} SearchScopes: HKLM -> {3CBC6231-3916-4C5F-A678-8E577F608C79} URL = hxxp://www.startseite24.net/?q={searchTerms} SearchScopes: HKU\S-1-5-21-2560001034-2644125590-1053040255-1002 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={9733F57E-31BC-4B1E-B531-38B8210D2FD3}&mid=8e07fa8749ec47d29cd54162727cdcab-13c9ae5db198e4b1f33d32855e431ef8df3602c4&lang=de&ds=AVG&coid=avgtbavg&cmpid=0516tb&pr=fr&d=2016-04-26 16:04:02&v=4.2.9.726&pid=wtu&sg=&sap=dsp&q={searchTerms} SearchScopes: HKU\S-1-5-21-2560001034-2644125590-1053040255-1002 -> {3CBC6231-3916-4C5F-A678-8E577F608C79} URL = hxxp://www.startseite24.net/?q={searchTerms} SearchScopes: HKU\S-1-5-21-2560001034-2644125590-1053040255-1002 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={9733F57E-31BC-4B1E-B531-38B8210D2FD3}&mid=8e07fa8749ec47d29cd54162727cdcab-13c9ae5db198e4b1f33d32855e431ef8df3602c4&lang=de&ds=AVG&coid=avgtbavg&cmpid=0516tb&pr=fr&d=2016-04-26 16:04:02&v=4.2.9.726&pid=wtu&sg=&sap=dsp&q={searchTerms} BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-04-05] (AVAST Software) BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> Keine Datei BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft) BHO-x32: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated) BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-20] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-04-05] (AVAST Software) BHO-x32: Kein Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> Keine Datei BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23] (Adobe Systems Incorporated) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-20] (Oracle Corporation) BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft) Toolbar: HKU\S-1-5-21-2560001034-2644125590-1053040255-1002 -> Kein Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Keine Datei FireFox: ======== FF DefaultProfile: m6q51650.default-1495173929328 FF ProfilePath: C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\m6q51650.default-1495173929328 [2017-06-04] FF Homepage: Mozilla\Firefox\Profiles\m6q51650.default-1495173929328 -> hxxps://de.wikipedia.org/wiki/Benutzer:Rainer_Lippert FF Extension: (FromDocToPDF) - C:\Users\Rainer\AppData\Roaming\Mozilla\Firefox\Profiles\m6q51650.default-1495173929328\Extensions\_65Members_@download.fromdoctopdf.com [2017-06-04] FF HKU\S-1-5-21-2560001034-2644125590-1053040255-1002\...\Firefox\Extensions: [lyrix@lyrixeeker.co] - C:\Program Files (x86)\LyriXeeker\128.xpi => nicht gefunden FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-10] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-10] () FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2010-03-26] (GARMIN Corp.) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-10-20] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-10-20] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-01] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-01] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems) Chrome: ======= CHR DefaultSearchURL: Default -> hxxp://www.ultimateshoppingsearch.com/default?q={searchTerms}&PCSF=SU_DEFAULT CHR DefaultSearchKeyword: Default -> ultimateshoppingsearch.com CHR DefaultSuggestURL: Default -> hxxp://www.ultimateshoppingsearch.com/suggest/CSuggestJson.ashx?prefix={searchTerms}&PCSF=SU_SUGGEST CHR Profile: C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default [2017-06-01] CHR Extension: (Google Präsentationen) - C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-10] CHR Extension: (Google Docs) - C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-10] CHR Extension: (Google Drive) - C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-10] CHR Extension: (YouTube) - C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-10] CHR Extension: (ultimateshoppingsearch) - C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiibddcohpjhajbnfkpboacmohommppp [2017-05-20] CHR Extension: (Google Tabellen) - C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-10] CHR Extension: (Google Docs Offline) - C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-10] CHR Extension: (Avast Online Security) - C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-06-01] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-14] CHR Extension: (Google Mail) - C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-10] CHR Extension: (Chrome Media Router) - C:\Users\Rainer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-23] CHR HKLM-x32\...\Chrome\Extension: [eiibddcohpjhajbnfkpboacmohommppp] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-01-08] (Adobe Systems) [Datei ist nicht signiert] S3 AdobeActiveFileMonitor13.0; C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe [231120 2015-01-30] (Adobe Systems Incorporated) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2207960 2016-09-26] (Adobe Systems, Incorporated) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7346208 2017-05-08] (AVAST Software s.r.o.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-05-08] (AVAST Software) S4 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH) [Datei ist nicht signiert] S4 DBService; C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe [189776 2010-10-28] (DATA BECKER GmbH & Co KG) S4 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-08] (Dropbox, Inc.) S4 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-08] (Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [48944 2017-05-30] (Dropbox, Inc.) S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2013-01-09] (Macrovision Europe Ltd.) [Datei ist nicht signiert] R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-09-17] (NVIDIA Corporation) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert] R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-05] (Intel Corporation) R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960160 2016-04-22] (IObit) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-09-17] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19440960 2014-09-17] (NVIDIA Corporation) R2 ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [177704 2007-06-05] () S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234096 2015-10-10] (soft Xpansion) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH) S3 vToolbarUpdater40.3.1; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.1\ToolbarUpdater.exe [1323080 2016-05-16] (AVG Secure Search) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) S3 WPEServ; C:\Program Files (x86)\Common Files\WPE\wpeserv.exe [323584 2006-12-21] (soft Xpansion) [Datei ist nicht signiert] S2 WtuSystemSupport; "C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe" [X] ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [311808 2017-05-08] (AVAST Software s.r.o.) R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [190256 2017-05-08] (AVAST Software s.r.o.) R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334576 2017-05-08] (AVAST Software s.r.o.) R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [49016 2017-05-08] (AVAST Software s.r.o.) S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-05-08] (AVAST Software) R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32600 2017-05-08] (AVAST Software) R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [128648 2017-05-08] (AVAST Software) R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [101152 2017-05-08] (AVAST Software) R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-05-08] (AVAST Software) R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1007160 2017-05-08] (AVAST Software) R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [569192 2017-05-08] (AVAST Software) R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [158880 2017-05-13] (AVAST Software) R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [339696 2017-05-08] (AVAST Software) S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider) S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider) R2 DRHARD64; C:\Windows\system32\drivers\DRHARD64.sys [21984 2011-11-03] (Licensed for Gebhard Software) R2 DRHARD64; C:\Windows\SysWOW64\drivers\DRHARD64.sys [21984 2011-11-03] (Licensed for Gebhard Software) R2 DRHMSR64; C:\Windows\system32\drivers\DRHMSR64.sys [14760 2011-12-06] () R2 DRHMSR64; C:\Windows\SysWOW64\drivers\DRHMSR64.sys [14760 2011-12-06] () R3 GeneStor; C:\WINDOWS\system32\DRIVERS\GeneStor.sys [130648 2016-08-22] (GenesysLogic) R2 inpoutx64; C:\WINDOWS\System32\Drivers\inpoutx64.sys [15008 2012-11-12] (Highresolution Enterprises [www.highrez.co.uk]) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20288 2014-09-17] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation) R0 PxHlpa64; C:\WINDOWS\System32\Drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) U3 DfSdkS; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-06-04 09:52 - 2017-06-04 09:52 - 00000000 ____D C:\ProgramData\SWCUTemp 2017-06-04 09:51 - 2017-06-04 09:53 - 00032837 _____ C:\Users\Rainer\Downloads\FRST.txt 2017-06-04 09:49 - 2017-06-04 09:49 - 02433536 _____ (Farbar) C:\Users\Rainer\Downloads\FRST64.exe 2017-06-03 11:43 - 2017-06-03 11:45 - 464207224 _____ (DxO) C:\Users\Rainer\Downloads\DxO_OpticsPro11_Setup.exe 2017-06-03 08:02 - 2017-06-03 08:03 - 107349327 _____ C:\Users\Rainer\Downloads\Windows8.1-KB3172614-x64.msu 2017-06-03 08:02 - 2017-06-03 08:02 - 10994806 _____ C:\Users\Rainer\Downloads\Windows8.1-KB3173424-x64.msu 2017-06-03 08:02 - 2017-06-03 08:02 - 10868562 _____ C:\Users\Rainer\Downloads\Windows8.1-KB3021910-x64.msu 2017-06-02 23:24 - 2017-06-02 23:24 - 00848064 _____ (IDG Magazine Media GmbH ) C:\Users\Rainer\Downloads\pcwFixWindowsUpdate.exe 2017-06-02 12:45 - 2017-06-02 12:45 - 00001296 _____ C:\Users\Rainer\Desktop\Auslogics Disk Defrag.lnk 2017-06-02 12:45 - 2017-06-02 12:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics 2017-06-02 12:45 - 2017-06-02 12:45 - 00000000 ____D C:\ProgramData\Auslogics 2017-06-02 12:45 - 2017-06-02 12:45 - 00000000 ____D C:\Program Files (x86)\Auslogics 2017-06-01 18:13 - 2017-06-01 18:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2017-05-30 18:56 - 2017-05-30 18:56 - 00000000 ____D C:\Program Files (x86)\VulkanRT 2017-05-30 18:56 - 2017-05-01 22:14 - 00134592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe 2017-05-30 18:56 - 2017-03-10 23:17 - 00536864 _____ C:\WINDOWS\system32\vulkan-1.dll 2017-05-30 18:56 - 2017-03-10 23:17 - 00525600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2017-05-30 18:56 - 2017-03-10 23:17 - 00254240 _____ C:\WINDOWS\system32\vulkaninfo.exe 2017-05-30 18:56 - 2017-03-10 23:17 - 00233760 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2017-05-30 18:55 - 2017-05-01 22:52 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat 2017-05-30 18:55 - 2017-05-01 22:51 - 00548800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2017-05-30 18:55 - 2017-05-01 22:51 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2017-05-30 16:08 - 2017-05-30 16:08 - 00000000 ____D C:\Users\Rainer\AppData\Local\TeamViewer 2017-05-30 16:07 - 2017-05-31 13:17 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2017-05-30 16:07 - 2017-05-30 16:07 - 00001066 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk 2017-05-30 16:07 - 2017-05-30 16:07 - 00001054 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk 2017-05-30 12:34 - 2017-05-30 12:34 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ser2pl64_01009.Wdf 2017-05-30 12:34 - 2017-05-30 12:34 - 00000000 ____D C:\WINDOWS\SysWOW64\sda 2017-05-30 12:34 - 2017-05-30 12:34 - 00000000 ____D C:\Program Files (x86)\Genesys Logic 2017-05-30 12:33 - 2017-05-31 09:29 - 00000000 ____D C:\Users\Rainer\AppData\Roaming\Skype 2017-05-30 12:33 - 2017-05-30 12:33 - 00000000 ____D C:\Users\Rainer\AppData\Local\Skype 2017-05-30 12:32 - 2017-05-30 12:33 - 00000000 ____D C:\ProgramData\Skype 2017-05-30 12:32 - 2017-05-30 12:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2017-05-30 12:32 - 2017-05-30 12:32 - 00002715 _____ C:\Users\Public\Desktop\Skype.lnk 2017-05-30 12:32 - 2017-05-30 12:32 - 00000000 ___RD C:\Program Files (x86)\Skype 2017-05-30 12:22 - 2017-05-30 12:22 - 00048944 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2017-05-30 11:14 - 2015-12-16 19:11 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll 2017-05-30 11:14 - 2015-12-16 18:51 - 00868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll 2017-05-30 09:02 - 2014-11-17 22:17 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe 2017-05-30 09:02 - 2014-11-14 08:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll 2017-05-27 22:22 - 2017-06-04 09:30 - 00000000 ____D C:\Users\Rainer\1, Neuer Ordner 2017-05-25 12:36 - 2017-05-25 12:36 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices 2017-05-25 12:36 - 2017-05-25 12:36 - 00000000 ____D C:\WINDOWS\system32\BestPractices 2017-05-25 12:36 - 2017-05-25 12:36 - 00000000 ____D C:\inetpub 2017-05-23 13:19 - 2016-03-09 16:02 - 00515584 _____ (CANON INC.) C:\WINDOWS\system32\CNQ4809L.dll 2017-05-23 13:19 - 2016-03-09 16:02 - 00438272 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNQ4809L.dll 2017-05-20 08:41 - 2017-05-20 08:41 - 00000000 ____D C:\Users\Rainer\Documents\DxO Optics Pro v9 crashes 2017-05-19 22:36 - 2017-05-20 20:15 - 00000000 ____D C:\Program Files (x86)\Rizal 2017-05-19 22:36 - 2017-05-20 20:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rizal 2017-05-19 22:36 - 2017-05-19 22:36 - 00001144 _____ C:\Users\Rainer\Desktop\Super Ram Booster.lnk 2017-05-19 22:36 - 2002-11-18 19:43 - 00172032 _____ ( ) C:\WINDOWS\SysWOW64\ASILOCK.DLL 2017-05-19 22:36 - 2002-07-26 17:18 - 00024576 _____ (Arihant Software) C:\WINDOWS\SysWOW64\CLSMEM.DLL 2017-05-19 22:36 - 2001-08-17 00:00 - 00569616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComCtl32.ocx 2017-05-19 22:36 - 1998-06-24 00:00 - 00164144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComCt232.ocx 2017-05-19 22:30 - 2017-05-19 22:30 - 00001223 _____ C:\Users\Rainer\Desktop\CrystalDiskInfo.lnk 2017-05-19 22:30 - 2017-05-19 22:30 - 00000000 ____D C:\Program Files (x86)\CrystalDiskInfo 2017-05-19 19:59 - 2017-05-19 19:59 - 00001054 _____ C:\Users\Public\Desktop\CheckDrive.lnk 2017-05-19 19:59 - 2017-05-19 19:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CheckDrive 2017-05-19 19:59 - 2017-05-19 19:59 - 00000000 ____D C:\Program Files (x86)\CheckDrive 2017-05-19 19:58 - 2017-05-19 19:58 - 00000000 ____D C:\Program Files (x86)\Chip Digital GmbH 2017-05-19 18:06 - 2017-05-19 18:06 - 00013868 _____ C:\Malware.txt 2017-05-19 17:50 - 2017-05-19 17:50 - 35357264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll 2017-05-19 17:50 - 2017-05-19 17:50 - 28601424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll 2017-05-19 17:49 - 2017-05-19 17:49 - 14278736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys 2017-05-19 17:49 - 2017-05-19 17:49 - 00969624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2017-05-19 17:49 - 2017-05-19 17:49 - 00920664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2017-05-19 17:49 - 2017-05-19 17:49 - 00618392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2017-05-19 17:49 - 2017-05-19 17:49 - 00507800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2017-05-19 17:48 - 2017-05-19 17:48 - 03441560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2017-05-19 17:48 - 2017-05-19 17:48 - 03020696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2017-05-19 17:48 - 2017-05-19 17:48 - 01996696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438205.dll 2017-05-19 17:48 - 2017-05-19 17:48 - 01609232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll 2017-05-19 17:48 - 2017-05-19 17:48 - 01598360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438205.dll 2017-05-19 17:48 - 2017-05-19 17:48 - 01062488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2017-05-19 17:48 - 2017-05-19 17:48 - 00999832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2017-05-19 17:48 - 2017-05-19 17:48 - 00226712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys 2017-05-19 17:48 - 2017-05-19 17:48 - 00054680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll 2017-05-19 17:47 - 2017-05-19 17:47 - 40210520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll 2017-05-19 17:47 - 2017-05-19 17:47 - 35290200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll 2017-05-19 17:45 - 2017-05-19 17:45 - 11161992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll 2017-05-19 17:45 - 2017-05-19 17:45 - 10648696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2017-05-19 17:45 - 2017-05-19 17:45 - 09102480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll 2017-05-19 17:45 - 2017-05-19 17:45 - 08891344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2017-05-19 17:45 - 2017-05-19 17:45 - 00912456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll 2017-05-19 17:45 - 2017-05-19 17:45 - 00419168 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll 2017-05-19 17:45 - 2017-05-19 17:45 - 00163600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll 2017-05-19 17:45 - 2017-05-19 17:45 - 00141736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll 2017-05-19 17:44 - 2017-05-19 17:44 - 11129704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2017-05-19 17:44 - 2017-05-19 17:44 - 09335336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2017-05-19 17:44 - 2017-05-19 17:44 - 00703880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll 2017-05-19 17:44 - 2017-05-19 17:44 - 00591672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll 2017-05-19 17:44 - 2017-05-19 17:44 - 00520832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2017-05-19 17:44 - 2017-05-19 17:44 - 00438736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2017-05-19 17:44 - 2017-05-19 17:44 - 00180736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll 2017-05-19 17:44 - 2017-05-19 17:44 - 00158176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll 2017-05-19 16:40 - 2017-05-19 16:40 - 00000000 ____D C:\Users\Rainer\AppData\Local\ESET 2017-05-19 14:22 - 2017-05-19 14:22 - 00042897 _____ C:\WINDOWS\system32\nvinfo.pb 2017-05-19 14:22 - 2017-05-19 14:22 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json 2017-05-19 14:22 - 2017-05-19 14:22 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json 2017-05-18 23:04 - 2017-05-18 23:04 - 25741312 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-05-18 23:04 - 2017-05-18 23:04 - 20278272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-05-18 23:04 - 2017-05-18 23:04 - 15250944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-05-18 23:04 - 2017-05-18 23:04 - 13661184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2017-05-18 23:04 - 2017-05-18 23:04 - 05977600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2017-05-18 23:04 - 2017-05-18 23:04 - 04548608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2017-05-18 23:04 - 2017-05-18 23:04 - 03241472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2017-05-18 23:04 - 2017-05-18 23:04 - 02899456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2017-05-18 23:04 - 2017-05-18 23:04 - 02767872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2017-05-18 23:04 - 2017-05-18 23:04 - 02290176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2017-05-18 23:04 - 2017-05-18 23:04 - 02132992 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2017-05-18 23:04 - 2017-05-18 23:04 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2017-05-18 23:04 - 2017-05-18 23:04 - 01544704 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2017-05-18 23:04 - 2017-05-18 23:04 - 01314816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2017-05-18 23:04 - 2017-05-18 23:04 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2017-05-18 23:04 - 2017-05-18 23:04 - 00880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2017-05-18 23:04 - 2017-05-18 23:04 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2017-05-18 23:04 - 2017-05-18 23:04 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2017-05-18 23:04 - 2017-05-18 23:04 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2017-05-18 23:04 - 2017-05-18 23:04 - 00725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2017-05-18 23:04 - 2017-05-18 23:04 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2017-05-18 23:04 - 2017-05-18 23:04 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2017-05-18 23:04 - 2017-05-18 23:04 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2017-05-18 23:04 - 2017-05-18 23:04 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2017-05-18 23:04 - 2017-05-18 23:04 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2017-05-18 23:04 - 2017-05-18 23:04 - 00378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2017-05-18 23:04 - 2017-05-18 23:04 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2017-05-18 23:04 - 2017-05-18 23:04 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2017-05-18 23:04 - 2017-05-18 23:04 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2017-05-18 23:04 - 2017-05-18 23:04 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2017-05-18 23:04 - 2017-05-18 23:04 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2017-05-18 23:04 - 2017-05-18 23:04 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2017-05-18 23:04 - 2017-05-18 23:04 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2017-05-18 23:04 - 2017-05-18 23:04 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe 2017-05-18 23:04 - 2017-05-18 23:04 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2017-05-18 23:04 - 2017-05-18 23:04 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll 2017-05-18 23:04 - 2017-05-18 23:04 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx 2017-05-18 23:04 - 2017-05-18 23:04 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2017-05-18 23:04 - 2017-05-18 23:04 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx 2017-05-18 23:04 - 2017-05-18 23:04 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2017-05-18 22:33 - 2017-05-18 22:33 - 04169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2017-05-18 22:33 - 2017-05-18 22:33 - 03714560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-05-18 22:33 - 2017-05-18 22:33 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2017-05-18 22:33 - 2017-05-18 22:33 - 02240512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2017-05-18 22:33 - 2017-05-18 22:33 - 01763888 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2017-05-18 22:33 - 2017-05-18 22:33 - 01697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll 2017-05-18 22:33 - 2017-05-18 22:33 - 01661064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2017-05-18 22:33 - 2017-05-18 22:33 - 01549144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2017-05-18 22:33 - 2017-05-18 22:33 - 01501184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll 2017-05-18 22:33 - 2017-05-18 22:33 - 01489608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2017-05-18 22:33 - 2017-05-18 22:33 - 01375960 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2017-05-18 22:33 - 2017-05-18 22:33 - 01212760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2017-05-18 22:33 - 2017-05-18 22:33 - 01094656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2017-05-18 22:33 - 2017-05-18 22:33 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2017-05-18 22:33 - 2017-05-18 22:33 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2017-05-18 22:33 - 2017-05-18 22:33 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2017-05-18 22:33 - 2017-05-18 22:33 - 00388440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2017-05-18 22:33 - 2017-05-18 22:33 - 00373080 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2017-05-18 22:33 - 2017-05-18 22:33 - 00315224 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2017-05-18 22:33 - 2017-05-18 22:33 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll 2017-05-18 22:33 - 2017-05-18 22:33 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll 2017-05-18 22:33 - 2017-05-18 22:33 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2017-05-18 22:33 - 2017-05-18 22:33 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2017-05-18 22:33 - 2017-05-18 22:33 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll 2017-05-18 22:33 - 2017-05-18 22:33 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2017-05-18 22:33 - 2017-05-18 22:33 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll 2017-05-18 22:33 - 2017-05-18 22:33 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll 2017-05-18 22:33 - 2017-05-18 22:33 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2017-05-18 22:33 - 2017-05-18 22:33 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll 2017-05-18 22:33 - 2017-05-18 22:33 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2017-05-18 22:33 - 2017-05-18 22:33 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe 2017-05-18 22:33 - 2017-05-18 22:33 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2017-05-18 22:33 - 2017-05-18 22:33 - 00033792 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys 2017-05-18 22:33 - 2017-05-18 22:33 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe 2017-05-18 22:26 - 2017-05-18 22:26 - 03606528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2017-05-18 22:26 - 2017-05-18 22:26 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2017-05-18 22:26 - 2017-05-18 22:26 - 02778624 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2017-05-18 22:26 - 2017-05-18 22:26 - 02463744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2017-05-18 22:26 - 2017-05-18 22:26 - 01541240 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2017-05-18 22:26 - 2017-05-18 22:26 - 01376768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2017-05-18 22:26 - 2017-05-18 22:26 - 00738104 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll 2017-05-18 22:26 - 2017-05-18 22:26 - 00613632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll 2017-05-18 22:26 - 2017-05-18 22:26 - 00567152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2017-05-18 22:26 - 2017-05-18 22:26 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2017-05-18 22:26 - 2017-05-18 22:26 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2017-05-18 22:26 - 2017-05-18 22:26 - 00377176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2017-05-18 22:26 - 2017-05-18 22:26 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2017-05-18 22:26 - 2017-05-18 22:26 - 00152856 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll 2017-05-18 22:26 - 2017-05-18 22:26 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll 2017-05-18 22:26 - 2017-05-18 22:26 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe 2017-05-18 22:26 - 2017-05-18 22:26 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe 2017-05-18 22:20 - 2017-05-18 22:20 - 03754496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll 2017-05-18 22:20 - 2017-05-18 22:20 - 02410496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll 2017-05-18 22:20 - 2017-05-18 22:20 - 01445376 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2017-05-18 22:20 - 2017-05-18 22:20 - 01385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2017-05-18 22:20 - 2017-05-18 22:20 - 01124376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2017-05-18 22:20 - 2017-05-18 22:20 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll 2017-05-18 22:20 - 2017-05-18 22:20 - 00551256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2017-05-18 22:20 - 2017-05-18 22:20 - 00497448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2017-05-18 22:20 - 2017-05-18 22:20 - 00444248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2017-05-18 22:20 - 2017-05-18 22:20 - 00399776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2017-05-18 22:20 - 2017-05-18 22:20 - 00333656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2017-05-18 22:20 - 2017-05-18 22:20 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll 2017-05-18 22:20 - 2017-05-18 22:20 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll 2017-05-18 22:20 - 2017-05-18 22:20 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAnimation.dll 2017-05-18 22:20 - 2017-05-18 22:20 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll 2017-05-18 22:20 - 2017-05-18 22:20 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll 2017-05-18 22:20 - 2017-05-18 22:20 - 00101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys 2017-05-18 22:20 - 2017-05-18 22:20 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2017-05-18 18:09 - 2017-05-30 19:03 - 00517512 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-05-17 18:30 - 2017-05-17 18:30 - 00000000 ____D C:\Users\Rainer\Documents\DxO OpticsPro 11 crashes 2017-05-08 07:34 - 2017-05-08 07:34 - 00400456 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2017-05-07 23:15 - 2017-05-07 23:15 - 00000218 _____ C:\Users\Rainer\AppData\Local\recently-used.xbel ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-06-04 09:53 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp 2017-06-04 09:51 - 2013-09-22 08:27 - 00000000 ____D C:\FRST 2017-06-04 09:48 - 2016-11-16 08:45 - 00000000 ____D C:\Users\Rainer\AppData\LocalLow\Mozilla 2017-06-04 09:07 - 2012-12-21 15:45 - 00000000 ____D C:\Users\Rainer\AppData\Local\Adobe 2017-06-04 09:03 - 2016-01-08 15:40 - 00001230 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2017-06-04 08:35 - 2014-10-19 23:33 - 00000000 ____D C:\Users\Rainer\AppData\Roaming\ClassicShell 2017-06-04 07:39 - 2014-10-22 19:22 - 00003930 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A6B9F15D-9543-4E36-BE01-F59635C82EC4} 2017-06-04 07:18 - 2016-11-14 20:41 - 00000450 _____ C:\WINDOWS\Tasks\AVG-SSU_1116sp_DELETE.job 2017-06-04 07:18 - 2016-11-14 20:41 - 00000382 _____ C:\WINDOWS\Tasks\AVG-SSU_1116sp.job 2017-06-04 07:18 - 2016-06-09 14:18 - 00000456 _____ C:\WINDOWS\Tasks\AVG-SSU_0616tb_DELETE.job 2017-06-04 07:18 - 2016-06-09 14:14 - 00000594 _____ C:\WINDOWS\Tasks\AVG-SSU_0616tb.job 2017-06-04 07:18 - 2016-01-08 15:40 - 00001226 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2017-06-04 07:18 - 2014-10-19 22:04 - 00000000 ____D C:\ProgramData\NVIDIA 2017-06-04 07:18 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-06-03 23:38 - 2016-05-14 17:29 - 00007607 _____ C:\Users\Rainer\AppData\Local\Resmon.ResmonCfg 2017-06-03 20:12 - 2016-11-26 15:45 - 00000000 ____D C:\Users\Rainer\Documents\Forstbotanisches Merkbuch 2017-06-03 13:22 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\AppLocker 2017-06-03 07:31 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf 2017-06-02 23:16 - 2012-12-21 15:45 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2560001034-2644125590-1053040255-1002 2017-06-02 17:23 - 2016-08-28 23:34 - 00000000 ____D C:\Users\Rainer\AppData\Local\CrashDumps 2017-06-02 15:42 - 2014-10-25 17:40 - 31918080 ___SH C:\Users\Rainer\Downloads\Thumbs.db 2017-06-02 13:26 - 2012-12-30 12:23 - 00000000 ____D C:\WsWin 2017-06-01 18:13 - 2016-01-08 15:40 - 00000000 ____D C:\Program Files (x86)\Dropbox 2017-05-31 12:26 - 2013-09-01 18:38 - 00000000 ____D C:\Users\Rainer\Desktop\Lightroom 2017-05-30 18:57 - 2014-10-20 23:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2017-05-30 18:57 - 2014-10-19 22:03 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2017-05-30 18:57 - 2014-10-19 22:03 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2017-05-30 18:55 - 2014-10-19 22:03 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2017-05-30 16:07 - 2014-10-21 19:38 - 00000000 ____D C:\Users\Rainer\AppData\Roaming\TeamViewer 2017-05-30 15:13 - 2015-09-05 16:25 - 01393152 ___SH C:\Users\Rainer\Documents\Thumbs.db 2017-05-30 12:20 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache 2017-05-30 09:25 - 2014-12-13 23:18 - 00001456 _____ C:\Users\Rainer\AppData\Local\Adobe Für Web speichern 13.0 Prefs 2017-05-30 09:11 - 2014-10-19 22:11 - 00000000 ____D C:\Users\Rainer 2017-05-29 07:33 - 2016-07-10 07:38 - 00000000 ____D C:\ProgramData\ProductData 2017-05-27 23:35 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2017-05-25 12:37 - 2014-09-24 08:17 - 02045060 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-05-25 12:37 - 2014-09-24 07:43 - 00876964 _____ C:\WINDOWS\system32\perfh007.dat 2017-05-25 12:37 - 2014-09-24 07:43 - 00201112 _____ C:\WINDOWS\system32\perfc007.dat 2017-05-25 12:37 - 2012-11-12 12:51 - 01998038 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI 2017-05-25 12:36 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv 2017-05-25 12:36 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\inetsrv 2017-05-25 12:35 - 2015-03-08 11:20 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll 2017-05-25 12:35 - 2015-03-08 11:20 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll 2017-05-25 12:35 - 2015-03-08 11:18 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll 2017-05-25 12:35 - 2015-03-08 11:17 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll 2017-05-25 12:35 - 2015-03-08 11:17 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll 2017-05-25 12:35 - 2015-03-08 11:17 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll 2017-05-25 12:35 - 2015-03-08 11:17 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe 2017-05-25 12:35 - 2015-03-08 11:16 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe 2017-05-25 12:35 - 2015-03-08 11:16 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll 2017-05-25 12:35 - 2015-03-08 11:16 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll 2017-05-25 12:35 - 2015-03-08 11:16 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll 2017-05-25 12:35 - 2015-03-08 11:16 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll 2017-05-25 07:43 - 2016-01-08 15:40 - 00000000 ____D C:\Users\Rainer\AppData\Local\Dropbox 2017-05-25 07:28 - 2016-11-22 08:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2017-05-25 07:28 - 2012-12-21 16:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-05-25 00:07 - 2017-03-19 14:02 - 00236615 ____H C:\Users\Rainer\AppData\Local\IconCache.db.backup 2017-05-23 17:49 - 2013-08-14 17:34 - 00000000 ____D C:\WINDOWS\system32\MRT 2017-05-23 17:46 - 2012-12-21 16:01 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-05-23 15:34 - 2015-11-02 19:30 - 00043008 ___SH C:\Users\Rainer\Desktop\Thumbs.db 2017-05-20 20:15 - 2016-08-31 15:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RawTherapee 4.2.1148 2017-05-20 20:15 - 2016-08-27 20:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RTmasterrelease4.2.936 2017-05-20 20:15 - 2016-07-10 07:40 - 00000000 ____D C:\Users\Rainer\AppData\Roaming\ProductData 2017-05-20 20:15 - 2014-08-26 19:41 - 00000000 ____D C:\ProgramData\Ashampoo 2017-05-20 20:15 - 2012-11-12 12:30 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2017-05-20 20:15 - 2012-11-12 12:30 - 00000000 ____D C:\Program Files (x86)\Realtek 2017-05-20 20:14 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps 2017-05-20 20:12 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\registration 2017-05-20 20:11 - 2012-12-25 14:15 - 00000000 ____D C:\ProgramData\Sony Corporation 2017-05-20 20:10 - 2012-12-25 14:15 - 00000000 ____D C:\Program Files (x86)\Sony 2017-05-20 08:22 - 2016-08-22 01:12 - 00000000 ____D C:\Users\Rainer\Documents\DxO Optics Pro v9 logs 2017-05-20 07:36 - 2014-08-15 18:00 - 00000000 ____D C:\Users\Rainer\AppData\Local\Abelssoft 2017-05-20 07:28 - 2017-04-20 20:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-05-19 20:00 - 2014-08-15 18:00 - 00000000 ____D C:\WINDOWS\System32\Tasks\Abelssoft 2017-05-19 20:00 - 2014-08-15 18:00 - 00000000 ____D C:\Users\Rainer\AppData\Roaming\Abelssoft 2017-05-19 19:58 - 2013-07-07 20:41 - 00000000 ____D C:\Users\Rainer\AppData\Local\Downloaded Installations 2017-05-19 19:26 - 2013-04-04 18:25 - 00000000 ____D C:\Program Files (x86)\Corel 2017-05-19 19:20 - 2013-04-04 18:25 - 00000000 ____D C:\ProgramData\Ulead Systems 2017-05-19 19:16 - 2014-01-24 00:19 - 00000000 ____D C:\Program Files (x86)\ISL 2017-05-19 19:08 - 2013-07-07 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung 2017-05-19 19:08 - 2013-07-07 20:42 - 00000000 ____D C:\Program Files (x86)\Samsung 2017-05-19 18:20 - 2017-02-05 11:50 - 00000000 ____D C:\Users\Rainer\AppData\Local\Amazon 2017-05-19 18:09 - 2013-08-22 17:36 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files 2017-05-19 17:52 - 2014-10-19 22:04 - 00521624 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2017-05-19 17:52 - 2014-10-19 22:04 - 00427416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2017-05-19 17:46 - 2013-07-07 20:42 - 00000000 ____D C:\ProgramData\Samsung 2017-05-19 17:45 - 2015-08-31 21:45 - 00504208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll 2017-05-19 17:45 - 2014-08-19 22:15 - 20248040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll 2017-05-19 17:45 - 2014-08-19 22:15 - 17584440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll 2017-05-19 17:44 - 2015-08-31 21:45 - 16587184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll 2017-05-19 17:44 - 2015-06-01 21:44 - 03632536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2017-05-19 17:44 - 2014-10-20 23:12 - 13527280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll 2017-05-19 17:44 - 2014-08-19 22:14 - 04120440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2017-05-19 17:34 - 2014-04-05 18:03 - 00000000 ____D C:\Users\Rainer\AppData\Roaming\ProtectDisc 2017-05-19 17:29 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-05-19 17:29 - 2012-12-21 15:39 - 00000000 ____D C:\Users\Rainer\AppData\Local\Packages 2017-05-19 17:23 - 2013-07-06 17:37 - 00000000 ____D C:\ProgramData\PhotoME 2017-05-19 17:19 - 2014-01-18 19:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panasonic 2017-05-19 17:04 - 2014-10-22 22:19 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-05-19 17:01 - 2012-12-31 16:54 - 00000000 ____D C:\Users\Rainer\AppData\Roaming\IrfanView 2017-05-19 16:51 - 2014-05-17 21:54 - 00000000 ____D C:\Program Files\Calibre2 2017-05-19 16:48 - 2013-07-06 17:34 - 00000000 ____D C:\Program Files (x86)\Exifer 2017-05-19 16:48 - 2013-07-06 17:24 - 00000000 ____D C:\WINDOWS\uninstall 2017-05-19 16:35 - 2013-09-02 10:11 - 00000000 ____D C:\Users\Rainer\AppData\Roaming\PhotoScape 2017-05-19 16:23 - 2013-02-22 12:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities 2017-05-19 16:23 - 2013-02-05 20:11 - 00000000 ____D C:\Program Files (x86)\Canon 2017-05-19 08:05 - 2013-04-25 19:41 - 00000000 ____D C:\Users\Rainer\Desktop\Alte Firefox-Daten 2017-05-18 23:12 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2017-05-18 20:59 - 2014-12-13 20:37 - 00000000 ____D C:\ProgramData\Package Cache 2017-05-18 20:29 - 2016-10-25 23:32 - 00000000 ____D C:\Users\Rainer\AppData\Roaming\Notepad++ 2017-05-18 19:56 - 2012-12-24 22:22 - 00000000 ____D C:\Users\Rainer\AppData\Local\ElevatedDiagnostics 2017-05-18 18:06 - 2016-11-18 00:59 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software 2017-05-18 18:06 - 2016-08-23 12:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DxO OpticsPro 11 2017-05-18 18:06 - 2016-08-22 01:11 - 00000000 ____D C:\Program Files\DxO Labs 2017-05-17 00:08 - 2016-08-23 12:40 - 00000000 ____D C:\Users\Rainer\Documents\DxO OpticsPro 11 logs 2017-05-16 07:56 - 2016-06-10 22:17 - 00002214 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-05-14 21:20 - 2016-08-23 12:36 - 00001997 _____ C:\Users\Public\Desktop\DxO OpticsPro 11.lnk 2017-05-14 21:19 - 2013-09-01 18:11 - 00000000 ____D C:\ProgramData\DxO Labs 2017-05-13 06:40 - 2016-11-18 00:59 - 00158880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys 2017-05-11 23:56 - 2013-09-01 19:20 - 00000000 ____D C:\Users\Rainer\Documents\Capture One Catalog 2017-05-11 23:34 - 2013-09-01 19:19 - 00000000 ____D C:\Users\Rainer\AppData\Local\CaptureOne 2017-05-10 18:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-05-10 18:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\Macromed 2017-05-10 18:02 - 2012-12-21 16:25 - 00004342 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2017-05-09 07:36 - 2016-11-18 01:00 - 00003914 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1479423647 2017-05-09 07:32 - 2017-03-18 12:35 - 00003914 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update 2017-05-08 07:35 - 2016-11-18 01:00 - 00001066 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk 2017-05-08 07:34 - 2016-11-18 00:59 - 00569192 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2017-05-08 07:34 - 2016-11-18 00:59 - 00339696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2017-05-08 07:34 - 2016-11-18 00:59 - 00128648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2017-05-08 07:34 - 2016-11-18 00:59 - 00101152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2017-05-08 07:34 - 2016-11-18 00:59 - 00075704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2017-05-08 07:34 - 2016-11-18 00:59 - 00038296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys 2017-05-08 07:33 - 2017-03-18 12:35 - 00334576 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys 2017-05-08 07:33 - 2017-03-18 12:35 - 00311808 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys 2017-05-08 07:33 - 2017-03-18 12:35 - 00190256 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys 2017-05-08 07:33 - 2017-03-18 12:35 - 00049016 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys 2017-05-08 07:33 - 2016-11-18 01:00 - 00032600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys 2017-05-08 07:33 - 2016-11-18 00:59 - 01007160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2017-05-05 07:39 - 2015-07-23 16:08 - 00004476 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2012-12-24 14:36 - 1992-07-09 14:00 - 1298592 _____ () C:\Program Files\WINWORD.EXE 2012-12-30 12:22 - 2006-10-20 00:23 - 0017233 _____ () C:\Program Files (x86)\current_.txt 2013-07-06 17:42 - 2013-07-06 17:42 - 0000030 _____ () C:\Program Files (x86)\Exiferupdate.ini 2012-12-30 12:22 - 2011-06-18 16:40 - 0220299 _____ () C:\Program Files (x86)\info.txt 2012-12-30 12:22 - 2002-09-20 17:40 - 0086528 _____ () C:\Program Files (x86)\lame_enc.dll 2012-12-30 12:22 - 2003-01-11 20:12 - 0009148 _____ () C:\Program Files (x86)\libSMBM.js 2012-12-30 12:22 - 2011-01-01 18:32 - 0001250 _____ () C:\Program Files (x86)\License.txt 2012-12-30 12:22 - 2010-01-05 16:05 - 0009567 _____ () C:\Program Files (x86)\sunmoon_.txt 2012-12-30 12:22 - 2005-02-26 20:46 - 0002224 _____ () C:\Program Files (x86)\template_d_.txt 2012-12-30 12:22 - 2009-01-24 11:51 - 0002968 _____ () C:\Program Files (x86)\template_m_.txt 2012-12-30 12:22 - 2009-01-24 11:49 - 0002933 _____ () C:\Program Files (x86)\template_noaa_m_.txt 2012-12-30 12:22 - 2009-01-24 11:50 - 0004455 _____ () C:\Program Files (x86)\template_noaa_y_.txt 2012-12-30 12:22 - 2005-02-26 20:46 - 0010349 _____ () C:\Program Files (x86)\template_yest_.txt 2012-12-30 12:22 - 2009-01-24 12:46 - 0004668 _____ () C:\Program Files (x86)\template_y_.txt 2012-12-30 12:22 - 2004-08-15 23:00 - 0000728 _____ () C:\Program Files (x86)\ticker_.txt 2012-12-30 12:22 - 2012-12-30 12:22 - 0021635 _____ () C:\Program Files (x86)\unins000.dat 2012-12-30 12:22 - 2012-12-30 12:21 - 1179547 _____ () C:\Program Files (x86)\unins000.exe 2012-12-30 12:22 - 2006-03-07 12:17 - 0045056 _____ () C:\Program Files (x86)\USB.dll 2012-12-30 12:22 - 2001-05-03 01:48 - 0001592 _____ () C:\Program Files (x86)\wap_.txt 2012-12-30 12:22 - 2001-04-30 10:43 - 0083968 _____ () C:\Program Files (x86)\Wsarchiv0.mdb 2012-12-30 12:22 - 2011-06-18 22:52 - 2028544 _____ (none) C:\Program Files (x86)\Wswin32.exe 2012-12-30 12:22 - 2010-12-26 00:24 - 8564172 _____ () C:\Program Files (x86)\Wswin32.hlp 2012-12-30 12:22 - 2008-09-23 00:10 - 0167936 _____ () C:\Program Files (x86)\WsWinAprs.exe 2012-12-30 12:22 - 2009-03-31 22:55 - 0000578 _____ () C:\Program Files (x86)\wswin_x-csv_elv_ws300.cfg 2012-12-30 12:22 - 2009-03-17 18:03 - 0000607 _____ () C:\Program Files (x86)\wswin_x-csv_elv_ws550.cfg 2012-12-30 12:22 - 2011-06-09 01:58 - 0001889 _____ () C:\Program Files (x86)\wswin_x-csv_envoy8x.cfg 2012-12-30 12:22 - 2011-06-09 23:16 - 0003529 _____ () C:\Program Files (x86)\wswin_x-csv_Envoy8x.csv 2012-12-30 12:22 - 2009-12-03 01:49 - 0000545 _____ () C:\Program Files (x86)\wswin_x-csv_eusotec_vantage.cfg 2012-12-30 12:22 - 2009-03-12 17:40 - 0000295 _____ () C:\Program Files (x86)\wswin_x-csv_hygrosens.cfg 2012-12-30 12:22 - 2010-10-06 01:24 - 0000610 _____ () C:\Program Files (x86)\wswin_x-csv_logger_te923.cfg 2012-12-30 12:22 - 2009-03-12 17:42 - 0000503 _____ () C:\Program Files (x86)\wswin_x-csv_reinhardt_mws.cfg 2012-12-30 12:22 - 2009-03-17 18:36 - 0000694 _____ () C:\Program Files (x86)\wswin_x-csv_tfa-nexus.cfg 2012-12-30 12:22 - 2010-10-06 23:32 - 0000475 _____ () C:\Program Files (x86)\wswin_x-csv_wdcsv.cfg 2012-12-30 12:22 - 2009-03-17 18:37 - 0000571 _____ () C:\Program Files (x86)\wswin_x-csv_wh1080.cfg 2012-12-30 12:22 - 2005-02-26 20:46 - 0043289 _____ () C:\Program Files (x86)\wswin_xml_.txt 2012-12-30 12:22 - 2002-09-28 22:04 - 0017467 _____ () C:\Program Files (x86)\ws_alarm_.wav 2012-12-30 12:22 - 2005-02-26 20:46 - 0000582 _____ () C:\Program Files (x86)\ws_speech1h_.txt 2012-12-30 12:22 - 2005-02-26 20:46 - 0001980 _____ () C:\Program Files (x86)\ws_speech_.txt 2012-12-30 12:22 - 2011-06-18 12:48 - 0161349 _____ () C:\Program Files (x86)\ws_variables.txt 2012-12-30 12:22 - 2009-02-05 01:22 - 0003382 _____ () C:\Program Files (x86)\www_template_example.txt 2012-12-30 12:22 - 2011-04-16 22:29 - 0000709 _____ () C:\Program Files (x86)\www_template_pws.txt 2013-05-26 16:59 - 2014-07-02 14:07 - 1456640 _____ () C:\Program Files (x86)\Common Files\Falk Navi-Manager.msi 2014-06-08 19:16 - 2014-07-06 09:30 - 0016897 _____ () C:\Users\Rainer\AppData\Roaming\.ptbt0 2016-08-19 22:46 - 2016-08-19 22:46 - 0000132 _____ () C:\Users\Rainer\AppData\Roaming\Adobe BMP-Format CC - Voreinstellungen 2016-11-29 23:05 - 2016-11-29 23:05 - 0000132 _____ () C:\Users\Rainer\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen 2013-03-24 19:26 - 2016-09-02 11:39 - 0001158 _____ () C:\Users\Rainer\AppData\Roaming\ShiftN.ini 2014-12-13 23:18 - 2017-05-30 09:25 - 0001456 _____ () C:\Users\Rainer\AppData\Local\Adobe Für Web speichern 13.0 Prefs 2013-01-26 20:39 - 2013-07-02 19:58 - 0003584 _____ () C:\Users\Rainer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2017-05-07 23:15 - 2017-05-07 23:15 - 0000218 _____ () C:\Users\Rainer\AppData\Local\recently-used.xbel 2016-05-14 17:29 - 2017-06-03 23:38 - 0007607 _____ () C:\Users\Rainer\AppData\Local\Resmon.ResmonCfg ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2017-06-02 23:16 ==================== Ende von FRST.txt ============================ |
| Themen zu Win 8.1, System reagiert auf alles sehr langsam |
| antivirus, browser, canon, cid, desktop, festplatte, firefox, flash player, google, helper, homepage, installation, langsam, lavasofttcpservice64.dll, mozilla, prozesse, realtek, registry, rundll, scan, secure search, security, software, starten, super, system, updates, virus, windows |
Baum-Darstellung