Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 08-05-2017
durchgeführt von schweigelicht (Administrator) auf SCHWEIGELICHTPC (12-05-2017 19:39:27)
Gestartet von C:\Users\schweigelicht\Desktop
Geladene Profile: schweigelicht (Verfügbare Profile: schweigelicht)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 10 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ArcSoft) C:\Program Files (x86)\ArcSoft\SimHD IM Plug-In\ArcSoft SimHD IM Plug-In.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Ghost\Agent\VProTray.exe
() C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Acrobat DC\Acrobat\acrotray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Rosetta Stone Ltd.) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.3.1.204\WsAppService.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Symantec) C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe Premiere Pro CC 2017\LogTransport2.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(Huawei) C:\Users\schweigelicht\AppData\Local\Hisuite\userdata\hwtools\hdbtransport.exe
(Spotify Ltd) C:\Users\schweigelicht\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe Premiere Pro CC 2017\Adobe Premiere Pro.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe Premiere Pro CC 2017\32\dynamiclinkmanager.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe Premiere Pro CC 2017\32\Adobe QT32 Server.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Cm106Sound] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm106.dll,CMICtrlWnd
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13657304 2013-10-18] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ArcSimHDHook] => C:\Program Files (x86)\ArcSoft\SimHD IM Plug-In\ArcSoft SimHD IM Plug-In.exe [110592 2009-05-27] (ArcSoft)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-21] ()
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [33648 2007-08-24] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2404952 2017-03-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Norton Ghost 15.0] => C:\Program Files (x86)\Norton Ghost\Agent\VProTray.exe [2596712 2009-10-01] (Symantec Corporation)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [75776 2016-08-30] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2016-08-22] (Razer Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Acrobat DC\Acrobat\Acrotray.exe [1870928 2017-04-05] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1641480961-1619121124-1950988501-1000\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Acrobat DC\Acrobat\AdobeCollabSync.exe [886352 2017-04-05] (Adobe Systems Incorporated)
HKU\S-1-5-21-1641480961-1619121124-1950988501-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1641480961-1619121124-1950988501-1000\...\Run: [Steam] => D:\Steam\steam.exe [3019552 2017-04-26] (Valve Corporation)
HKU\S-1-5-21-1641480961-1619121124-1950988501-1000\...\Run: [Spotify Web Helper] => C:\Users\schweigelicht\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1449584 2017-05-11] (Spotify Ltd)
HKU\S-1-5-21-1641480961-1619121124-1950988501-1000\...\RunOnce: [Uninstall C:\Users\schweigelicht\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\schweigelicht\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64"
HKU\S-1-5-21-1641480961-1619121124-1950988501-1000\...\RunOnce: [Uninstall C:\Users\schweigelicht\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\schweigelicht\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918"
HKU\S-1-5-21-1641480961-1619121124-1950988501-1000\...\RunOnce: [Uninstall C:\Users\schweigelicht\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\schweigelicht\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64"
HKU\S-1-5-21-1641480961-1619121124-1950988501-1000\...\RunOnce: [Uninstall C:\Users\schweigelicht\AppData\Local\Microsoft\OneDrive\17.3.4604.0120] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\schweigelicht\AppData\Local\Microsoft\OneDrive\17.3.4604.0120"
HKU\S-1-5-21-1641480961-1619121124-1950988501-1000\...\Policies\Explorer: [NoDrives] 00000000
HKU\S-1-5-21-1641480961-1619121124-1950988501-1000\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-1641480961-1619121124-1950988501-1000\...\MountPoints2: D - D:\Setup.exe
HKU\S-1-5-21-1641480961-1619121124-1950988501-1000\...\MountPoints2: E - E:\raf-doom3bfg.exe
HKU\S-1-5-21-1641480961-1619121124-1950988501-1000\...\MountPoints2: G - setup.exe
HKU\S-1-5-21-1641480961-1619121124-1950988501-1000\...\MountPoints2: {147222b8-f417-11e4-a67e-001c4af21cd7} - D:\pushinst.exe
HKU\S-1-5-21-1641480961-1619121124-1950988501-1000\...\MountPoints2: {5d33e5b3-35ed-11e7-abff-382c4a64dce3} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1641480961-1619121124-1950988501-1000\...\MountPoints2: {8008a20d-3ed0-11e6-b1c0-b46de653f613} - G:\pushinst.exe
HKU\S-1-5-21-1641480961-1619121124-1950988501-1000\...\MountPoints2: {80dfe748-faaf-11e6-b9e3-382c4a64dce3} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1641480961-1619121124-1950988501-1000\...\MountPoints2: {80dfed34-faaf-11e6-b9e3-382c4a64dce3} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1641480961-1619121124-1950988501-1000\...\MountPoints2: {b11f9e9a-0fe5-11e7-a3e3-382c4a64dce3} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1641480961-1619121124-1950988501-1000\...\MountPoints2: {f05d96f0-c372-11e4-b6ca-e4bf61d89a2e} - E:\pushinst.exe
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-26] (AVAST Software)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{077DADE3-A57A-465F-84FC-95F6F9C10695}: [DhcpNameServer] 192.168.127.127
Tcpip\..\Interfaces\{30C98EFE-6397-4A2E-B442-2338F03735F4}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8B789CAC-3197-466E-B951-9F124FA44CE2}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1641480961-1619121124-1950988501-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-1641480961-1619121124-1950988501-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1641480961-1619121124-1950988501-1000 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1641480961-1619121124-1950988501-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-03-06] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-24] (AVAST Software)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-10-01] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2017-03-06] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-03-06] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-10-01] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-03-06] (Microsoft Corporation)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-24] (AVAST Software)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-10-01] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2017-03-06] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-03-06] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-10-01] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-10-01] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-10-01] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1641480961-1619121124-1950988501-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-10-01] (Adobe Systems Incorporated)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler: WSWSVCUchrome - Kein CLSID Wert
FireFox:
========
FF DefaultProfile: m1u54h1p.default
FF DefaultProfile: b32c0sam.default
FF ProfilePath: C:\Users\schweigelicht\AppData\Roaming\Mozilla\Firefox\Profiles\1qefuc4s.default [2016-08-10]
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\1qefuc4s.default -> Google
FF Homepage: Mozilla\Firefox\Profiles\1qefuc4s.default -> about:home
FF Session Restore: Mozilla\Firefox\Profiles\1qefuc4s.default -> ist aktiviert.
FF Extension: (Adblock Plus) - C:\Users\schweigelicht\AppData\Roaming\Mozilla\Firefox\Profiles\1qefuc4s.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-05]
FF Extension: (Kein Name) - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com_xpi\ [nicht gefunden]
FF ProfilePath: C:\Users\schweigelicht\AppData\Roaming\Profiles\m1u54h1p.default [2016-09-04]
FF Extension: (Adblock Plus) - C:\Users\schweigelicht\AppData\Roaming\Profiles\m1u54h1p.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-05]
FF SearchPlugin: C:\Users\schweigelicht\AppData\Roaming\Profiles\m1u54h1p.default\searchplugins\zub7psmg.xml [2016-07-29]
FF ProfilePath: C:\Users\schweigelicht\AppData\Roaming\CLIQZ\Profiles\b32c0sam.default [2017-05-11]
FF Extension: (Cliqz) - C:\Users\schweigelicht\AppData\Roaming\CLIQZ\Profiles\b32c0sam.default\features\{fe612096-3c64-49d7-a4ed-515cbba5e0c1}\cliqz@cliqz.com.xpi [2017-04-26] [ist nicht signiert]
FF Extension: (HTTPS Everywhere) - C:\Users\schweigelicht\AppData\Roaming\CLIQZ\Profiles\b32c0sam.default\features\{fe612096-3c64-49d7-a4ed-515cbba5e0c1}\https-everywhere@cliqz.com.xpi [2017-04-26] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-26]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-26]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2017-04-15]
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-03-27] (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-03-06] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-03-06] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-08-28] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Acrobat DC\Acrobat\Air\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-03-27] (Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin HKU\S-1-5-21-1641480961-1619121124-1950988501-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\schweigelicht\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2017-01-25] (Zoom Video Communications, Inc.)
Chrome:
=======
CHR DefaultProfile: ghifackarapulyfinck
CHR HomePage: ghifackarapulyfinck -> hxxps://moodle.hu-berlin.de/login/index.php
CHR StartupUrls: ghifackarapulyfinck -> "hxxp://www.google.com/","hxxp://www.trotux.com/?z=c89a3274c3b8d7b65ee9b4eg0zaq6t8b6e3wdm3mdb&from=epf1&uid=SamsungXSSDX840XEVOX120GB_S1D5NSDF447963A&type=hp"
CHR Session Restore: ghifackarapulyfinck -> ist aktiviert.
CHR Profile: C:\Users\schweigelicht\AppData\Local\Google\Chrome\User Data\Default [2016-12-17]
CHR Extension: (Adobe Acrobat) - C:\Users\schweigelicht\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-12-17]
CHR Extension: (Avast SafePrice) - C:\Users\schweigelicht\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-12-17]
CHR Extension: (Avast Online Security) - C:\Users\schweigelicht\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-17]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\schweigelicht\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-17]
CHR Extension: (Chrome Media Router) - C:\Users\schweigelicht\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-17]
CHR Profile: C:\Users\schweigelicht\AppData\Local\Google\Chrome\User Data\ghifackarapulyfinck [2017-05-12] <==== ACHTUNG
CHR Extension: (Web Developer) - C:\Users\schweigelicht\AppData\Local\Google\Chrome\User Data\ghifackarapulyfinck\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2017-02-16]
CHR Extension: (Skype-Anrufe) - C:\Users\schweigelicht\AppData\Local\Google\Chrome\User Data\ghifackarapulyfinck\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2017-01-13]
CHR Extension: (YouTube) - C:\Users\schweigelicht\AppData\Local\Google\Chrome\User Data\ghifackarapulyfinck\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-26]
CHR Extension: (Adblock Plus) - C:\Users\schweigelicht\AppData\Local\Google\Chrome\User Data\ghifackarapulyfinck\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-21]
CHR Extension: (Adblock für Youtube™) - C:\Users\schweigelicht\AppData\Local\Google\Chrome\User Data\ghifackarapulyfinck\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2017-05-09]
CHR Extension: (Google-Suche) - C:\Users\schweigelicht\AppData\Local\Google\Chrome\User Data\ghifackarapulyfinck\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (Video Downloader professional) - C:\Users\schweigelicht\AppData\Local\Google\Chrome\User Data\ghifackarapulyfinck\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2016-07-18]
CHR Extension: (Avast SafePrice) - C:\Users\schweigelicht\AppData\Local\Google\Chrome\User Data\ghifackarapulyfinck\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-03-17]
CHR Extension: (XML Tree) - C:\Users\schweigelicht\AppData\Local\Google\Chrome\User Data\ghifackarapulyfinck\Extensions\gbammbheopgpmaagmckhpjbfgdfkpadb [2016-12-23]
CHR Extension: (Facebook™ Chat Privacy) - C:\Users\schweigelicht\AppData\Local\Google\Chrome\User Data\ghifackarapulyfinck\Extensions\gfpgaanechfneiboempkfjghninbibjn [2016-07-18]
CHR Extension: (Google Docs Offline) - C:\Users\schweigelicht\AppData\Local\Google\Chrome\User Data\ghifackarapulyfinck\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-04]
CHR Extension: (AdBlock) - C:\Users\schweigelicht\AppData\Local\Google\Chrome\User Data\ghifackarapulyfinck\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-04-14]
CHR Extension: (Avast Online Security) - C:\Users\schweigelicht\AppData\Local\Google\Chrome\User Data\ghifackarapulyfinck\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-04-05]
CHR Extension: (anonymoX) - C:\Users\schweigelicht\AppData\Local\Google\Chrome\User Data\ghifackarapulyfinck\Extensions\icpklikeghomkemdellmmkoifgfbakio [2016-09-09]
CHR Extension: (Unseen) - C:\Users\schweigelicht\AppData\Local\Google\Chrome\User Data\ghifackarapulyfinck\Extensions\iicapmagmhahddefgokbabbgieiogjop [2017-03-19]
CHR Extension: (Black and Red Theme for YouTube™) - C:\Users\schweigelicht\AppData\Local\Google\Chrome\User Data\ghifackarapulyfinck\Extensions\ldgblendkekanjhdamohllnfpcdbgmbj [2017-04-20]
CHR Extension: (Facebook AdBlock) - C:\Users\schweigelicht\AppData\Local\Google\Chrome\User Data\ghifackarapulyfinck\Extensions\lfpacabphcagfehdgnigmfnbjdampbaa [2016-05-12]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\schweigelicht\AppData\Local\Google\Chrome\User Data\ghifackarapulyfinck\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Smart URL Shortener) - C:\Users\schweigelicht\AppData\Local\Google\Chrome\User Data\ghifackarapulyfinck\Extensions\oachdcjmgdmholeacnbjkadmekggfcfk [2016-12-24]
CHR Extension: (Mute Tab Shortcuts) - C:\Users\schweigelicht\AppData\Local\Google\Chrome\User Data\ghifackarapulyfinck\Extensions\opcjanmpjbdbdpnjfjbboacibokblbhl [2016-08-27]
CHR Extension: (Google Mail) - C:\Users\schweigelicht\AppData\Local\Google\Chrome\User Data\ghifackarapulyfinck\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-26]
CHR Extension: (Chrome Media Router) - C:\Users\schweigelicht\AppData\Local\Google\Chrome\User Data\ghifackarapulyfinck\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-31]
CHR Profile: C:\Users\schweigelicht\AppData\Local\Google\Chrome\User Data\System Profile [2016-08-10]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <nicht gefunden>
Opera:
=======
OPR Extension: (YouTube™ Flash-HTML5) - C:\Users\schweigelicht\AppData\Roaming\Opera Software\Opera Stable\Extensions\abpeogmjbjonedcakbihofgpoelmfbgj [2016-09-04]
OPR Extension: (Adblock Plus) - C:\Users\schweigelicht\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2016-09-04]
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [771672 2017-03-14] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-02-27] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-26] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [223600 2016-09-26] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3737792 2017-03-26] (Microsoft Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-04-03] (Digital Wave Ltd.)
S3 GenericMount Helper Service; C:\Program Files (x86)\Norton Ghost\Shared\Drivers\GenericMountHelper.exe [1571336 2009-09-21] (Symantec)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2016-11-25] () [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Norton Ghost; C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe [4584288 2009-10-01] (Symantec Corporation)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187824 2016-07-20] ()
R3 SymSnapService; C:\Program Files (x86)\Norton Ghost\Shared\Drivers\SymSnapServicex64.exe [2963960 2009-09-21] (Symantec)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.3.1.204\WsAppService.exe [437392 2016-11-16] (Wondershare)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [671512 2014-12-22] (Wacom Technology, Corp.)
S4 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]
S4 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [X]
S3 Symantec SymSnap VSS Provider; C:\Windows\system32\dllhost.exe /Processid:{81F18BB3-F438-4480-AE4C-9F432E31B2E0}
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S1 acedrv07; C:\Windows\system32\drivers\acedrv07.sys [125440 2013-08-21] () [Datei ist nicht signiert]
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-26] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-26] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-26] (AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [28312 2016-09-26] (AVAST Software)
R1 aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [453192 2016-09-26] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-26] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-26] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-26] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-09-26] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-26] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-13] (AVAST Software)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2014-03-08] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2014-11-21] (AVM Berlin)
R3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18816 2016-11-25] (Huawei Technologies Co., Ltd.)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH) [Datei ist nicht signiert]
S3 fwlanusb5; C:\Windows\System32\DRIVERS\fwlanusb5.sys [982784 2012-08-21] (AVM GmbH)
S3 fwlanusb5_nv2; C:\Windows\System32\DRIVERS\fwlanusb5_nv2.sys [1322824 2014-11-21] (AVM GmbH)
R3 GenericMount; C:\Windows\System32\DRIVERS\GenericMount.sys [54320 2009-09-21] (Symantec Corporation)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-11-25] (Huawei Technologies Co., Ltd.)
S3 L6TPortA; C:\Windows\System32\Drivers\L6TPortA64.sys [894336 2010-03-10] (Line 6)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2014-03-08] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
S3 RDID1102; C:\Windows\System32\Drivers\rdwm1102.sys [81920 2009-09-18] (Roland Corporation)
R3 rzjstk; C:\Windows\System32\DRIVERS\rzjstk.sys [36568 2015-08-13] (Razer Inc)
R3 rzkeypadendpt; C:\Windows\System32\DRIVERS\rzkeypadendpt.sys [44760 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-05-07] (Razer, Inc.)
S2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [136312 2016-06-27] (Razer, Inc.)
R0 symsnap; C:\Windows\System32\DRIVERS\symsnap.sys [170032 2009-09-21] (StorageCraft)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
S3 USBMULCD; C:\Windows\System32\drivers\CM10664.sys [1306624 2009-05-14] (C-Media Electronics Inc)
S3 VProEventMonitor; C:\Windows\System32\DRIVERS\vproeventmonitor.sys [20528 2009-09-21] (Symantec Corporation)
S3 ysusb64; C:\Windows\System32\drivers\ysusb64.sys [123904 2015-06-11] (Yamaha Corporation)
S3 athr; system32\DRIVERS\athrx.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
U2 V2iMount; kein ImagePath
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-12 19:39 - 2017-05-12 19:39 - 02429440 _____ (Farbar) C:\Users\schweigelicht\Desktop\FRST64.exe
2017-05-12 19:39 - 2017-05-12 19:39 - 00038968 _____ C:\Users\schweigelicht\Desktop\FRST.txt
2017-05-12 19:25 - 2017-05-12 19:25 - 00000000 ____D C:\Users\schweigelicht\AppData\Roaming\reconquest
2017-05-12 19:25 - 2017-05-12 19:25 - 00000000 ____D C:\Users\schweigelicht\AppData\LocalLow\StormCube Games
2017-05-12 19:05 - 2017-05-12 19:05 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign5fc2225dc1bb1e2e
2017-05-12 19:05 - 2017-05-12 19:05 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign20baec6bec89bca0
2017-05-11 16:14 - 2017-05-11 16:14 - 00000000 ____D C:\Users\schweigelicht\Desktop\Verkaufe Facebook
2017-05-11 12:11 - 2017-05-11 12:11 - 00000000 ____D C:\Program Files\RdDrv001
2017-05-11 12:11 - 2009-09-18 22:49 - 00056832 _____ C:\Windows\system32\RDCP1102.CPL
2017-05-11 12:11 - 2009-09-18 19:39 - 00410624 _____ (Roland Corporation) C:\Windows\system32\RDDP1102.DAT
2017-05-11 12:11 - 2009-09-18 18:39 - 00081920 _____ (Roland Corporation) C:\Windows\system32\Drivers\Rdwm1102.sys
2017-05-11 12:11 - 2009-09-18 18:28 - 00009216 _____ C:\Windows\system32\RdCi1102.dll
2017-05-10 21:16 - 2017-05-10 21:16 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign95bb63fa01120ae5
2017-05-10 21:16 - 2017-05-10 21:16 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign808e475cbd72d68d
2017-05-10 21:06 - 2017-05-10 21:06 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsignb6f9ad92d62b4006
2017-05-10 21:00 - 2017-05-10 21:00 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsignde0b3a73aea6ed94
2017-05-10 21:00 - 2017-05-10 21:00 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign9286e4bed2e30a19
2017-05-09 20:45 - 2017-05-09 20:45 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsignf1f9c0d8aba1b166
2017-05-09 20:41 - 2017-05-09 20:41 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign5d316dc5fe3cfd5c
2017-05-09 20:41 - 2017-05-09 20:41 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign2f8b615508af5a71
2017-05-09 09:43 - 2017-05-09 09:43 - 00000000 ___HD C:\Program Files\Common Files\EAInstaller
2017-05-08 12:46 - 2017-05-08 12:46 - 00000000 ____D C:\Users\schweigelicht\AppData\Roaming\Music Recognition
2017-05-08 12:46 - 2017-05-08 12:46 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\assistant
2017-05-08 12:45 - 2017-05-08 20:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AmazingMIDI
2017-05-04 22:32 - 2017-05-04 22:32 - 00000894 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2017.lnk
2017-05-02 22:13 - 2017-05-02 22:13 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Halo Wars
2017-05-02 20:26 - 2017-05-02 20:26 - 00000000 ____D C:\Users\schweigelicht\Documents\Petroglyph
2017-05-01 19:21 - 2017-05-01 19:21 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign8f40c927227789ce
2017-05-01 19:21 - 2017-05-01 19:21 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign31afecd7f09239ee
2017-05-01 19:21 - 2017-05-01 19:21 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign180d135478f5ac57
2017-05-01 14:29 - 2017-05-01 14:29 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsignf074deea97a5f738
2017-05-01 14:29 - 2017-05-01 14:29 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsignd96df1bc389430de
2017-05-01 14:29 - 2017-05-01 14:29 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign9f3e4d2af1d3402e
2017-04-29 21:12 - 2017-04-29 21:13 - 00000000 ____D C:\Users\schweigelicht\Documents\PCSX2
2017-04-29 15:34 - 2017-04-29 15:34 - 00000000 ____D C:\Users\Public\Documents\Steam
2017-04-28 11:54 - 2017-04-28 11:54 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign61849e1df25ee461
2017-04-28 11:50 - 2017-04-28 11:50 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsigne3b855059d7af2fb
2017-04-28 11:50 - 2017-04-28 11:50 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign83186c741e126536
2017-04-27 17:34 - 2017-04-27 17:34 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign4042834bd50ea66a
2017-04-27 17:34 - 2017-04-27 17:34 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign3cb35b159deec0cf
2017-04-27 13:28 - 2017-04-27 13:28 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsignf12185b7f79f45f4
2017-04-27 12:45 - 2017-04-27 12:45 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign7bd42e3141216c20
2017-04-27 12:45 - 2017-04-27 12:45 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign6228a861f9aaf3ef
2017-04-27 12:45 - 2017-04-27 12:45 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign0bcc5049b1166c21
2017-04-26 20:28 - 2017-04-26 20:28 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign58d8db12e0023ad0
2017-04-26 20:28 - 2017-04-26 20:28 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign52f0ecc6b0af3d45
2017-04-26 20:28 - 2017-04-26 20:28 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign1986bb2fc7c54dcc
2017-04-26 19:52 - 2017-04-26 19:52 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsignea8f60f2d13b6f34
2017-04-26 19:52 - 2017-04-26 19:52 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsigna6eb7b7ad967880f
2017-04-26 19:52 - 2017-04-26 19:52 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign318aefdfd2eab3d2
2017-04-25 21:42 - 2017-05-09 22:11 - 00046772 ____H C:\Users\schweigelicht\Desktop\~WRL2778.tmp
2017-04-25 18:09 - 2017-04-25 18:09 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign62548f6f3915fefd
2017-04-25 18:09 - 2017-04-25 18:09 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign1191aa730ee9443f
2017-04-25 18:09 - 2017-04-25 18:09 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign0a40addaf9a8e21b
2017-04-25 17:29 - 2017-04-25 17:29 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsignd4e8a4442c849d17
2017-04-25 17:29 - 2017-04-25 17:29 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign29ef211c27f8a738
2017-04-25 00:43 - 2017-04-25 00:43 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsignbd4694f809087777
2017-04-25 00:43 - 2017-04-25 00:43 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsignafe90d87ec78a4ca
2017-04-24 22:55 - 2017-04-24 22:55 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsignd5356f73f6224082
2017-04-24 22:55 - 2017-04-24 22:55 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign447c35ed00875be5
2017-04-24 20:05 - 2017-04-24 20:05 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsignb21e2e6cccfcaf9a
2017-04-24 20:05 - 2017-04-24 20:05 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign8e8275e31b3dfdd7
2017-04-24 20:03 - 2017-04-24 20:03 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsignbdc661ba7288f1c7
2017-04-24 20:03 - 2017-04-24 20:03 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign9ea30450f18c98b7
2017-04-24 20:03 - 2017-04-24 20:03 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign19a98fd604d90839
2017-04-24 18:13 - 2017-04-24 18:13 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsignf2fd7c226a861e6c
2017-04-24 18:11 - 2017-04-24 18:11 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsigna9ecb68e6bba89f3
2017-04-24 18:11 - 2017-04-24 18:11 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign2e0eda0dc7a969e3
2017-04-24 01:19 - 2017-04-24 01:19 - 00000000 ____D C:\Users\schweigelicht\Documents\EA Games
2017-04-24 01:16 - 2017-04-24 01:16 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\EA Games
2017-04-24 01:04 - 2017-04-24 01:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dead Space 2
2017-04-23 22:56 - 2017-04-23 22:56 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsigneef65bee47bbd27b
2017-04-23 22:56 - 2017-04-23 22:56 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsigne9f6e7edb7f393ad
2017-04-23 22:56 - 2017-04-23 22:56 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign6867baf1db8a8a12
2017-04-23 20:55 - 2017-04-23 20:55 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsigncf0686176384603d
2017-04-23 20:52 - 2017-04-23 20:52 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign646ef66f1215d8eb
2017-04-23 20:52 - 2017-04-23 20:52 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign1c88f7e5d61b09f6
2017-04-23 20:19 - 2017-04-23 20:19 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsignc74a0512437c9a2f
2017-04-23 20:19 - 2017-04-23 20:19 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsigna8f5c26a0b88d24d
2017-04-23 20:19 - 2017-04-23 20:19 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign023037ef598d0f90
2017-04-23 17:05 - 2017-04-23 17:09 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\My Games
2017-04-23 17:04 - 2017-04-23 17:04 - 00000000 ____D C:\Users\schweigelicht\AppData\Roaming\My Games
2017-04-23 11:59 - 2017-04-23 17:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2017-04-23 11:05 - 2017-04-23 11:05 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsignc86a1584522ac651
2017-04-23 11:05 - 2017-04-23 11:05 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign0b925f868cc4b0fb
2017-04-22 20:02 - 2017-04-22 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Citizen Launcher
2017-04-22 19:33 - 2017-04-22 19:33 - 00000972 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CC 2017.lnk
2017-04-22 19:32 - 2017-04-22 19:32 - 00000000 ____D C:\Program Files\Adobe Media Encoder CC 2017
2017-04-22 19:29 - 2017-04-22 19:29 - 00000927 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition CC 2017.lnk
2017-04-22 19:29 - 2017-04-22 19:29 - 00000000 ____D C:\Program Files\Adobe Audition CC 2017
2017-04-22 19:28 - 2017-04-22 19:28 - 00001076 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CC 2017.lnk
2017-04-22 19:20 - 2017-04-22 19:20 - 00001182 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Character Animator CC (Beta).lnk
2017-04-22 19:20 - 2017-04-22 19:20 - 00000000 ____D C:\Program Files\Adobe Character Animator CC (Beta)
2017-04-22 19:18 - 2017-04-22 19:18 - 00000960 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2017.lnk
2017-04-22 19:16 - 2017-04-22 19:17 - 00000000 ____D C:\Program Files\Adobe Premiere Pro CC 2017
2017-04-22 19:15 - 2017-04-22 19:15 - 00000000 ____D C:\Users\schweigelicht\Documents\UnrealTournament
2017-04-22 19:14 - 2017-04-22 19:14 - 00000000 ____D C:\Users\Public\Documents\AdobeInstalledCodecs
2017-04-22 17:30 - 2017-04-22 17:30 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\SKIDROW
2017-04-22 11:11 - 2017-04-22 19:12 - 00000000 ____D C:\Users\schweigelicht\Documents\Heroes of the Storm
2017-04-22 01:34 - 2017-04-22 01:34 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign3f48785404e3b082
2017-04-22 01:33 - 2017-04-22 01:33 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsignd9f8912253f269e5
2017-04-22 01:33 - 2017-04-22 01:33 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign190349db578bae34
2017-04-22 00:37 - 2017-04-22 00:37 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsigndd08fb508a0641a9
2017-04-22 00:37 - 2017-04-22 00:37 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign39c96da9f6d1f2c0
2017-04-22 00:31 - 2017-04-22 00:31 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsignf602c396aadde00d
2017-04-22 00:31 - 2017-04-22 00:31 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign01584d33592652e7
2017-04-21 17:53 - 2017-04-21 17:53 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsigndb7fd8cb6e279a76
2017-04-21 17:53 - 2017-04-21 17:53 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsignb599ddd0c50af7ae
2017-04-21 17:53 - 2017-04-21 17:53 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign5657345653427832
2017-04-17 23:33 - 2017-04-17 23:33 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsigncd68cc93c52d5fdd
2017-04-17 23:33 - 2017-04-17 23:33 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign991d58ebf4e4ac15
2017-04-17 23:33 - 2017-04-17 23:33 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign236aac21cb747beb
2017-04-17 02:14 - 2017-04-17 02:14 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsignb7257f637bfa7acf
2017-04-17 02:13 - 2017-04-17 02:13 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsigncf65da74590c69bb
2017-04-17 02:13 - 2017-04-17 02:13 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign7ce7c344a4b83bc5
2017-04-16 22:56 - 2017-04-16 22:56 - 00000000 ____D C:\Users\schweigelicht\Documents\Red Alert 3 Uprising
2017-04-14 23:24 - 2017-04-14 23:24 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsigned86b663febadb2b
2017-04-14 23:24 - 2017-04-14 23:24 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsigna94c3d7a72842fa5
2017-04-14 23:24 - 2017-04-14 23:24 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign49bb4d6ea08431a2
2017-04-14 21:44 - 2017-04-14 21:44 - 00003212 _____ C:\Windows\System32\Tasks\{DFFF7107-A637-4CAD-B507-EB1201EF2DD7}
2017-04-13 19:34 - 2017-04-13 19:34 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign618fc4fc9522c5bf
2017-04-13 19:34 - 2017-04-13 19:34 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign3e0f40f0bdedc96a
2017-04-13 19:34 - 2017-04-13 19:34 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign17ca5592d41047df
2017-04-13 11:44 - 2017-04-13 11:44 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign665fface24cdbefb
2017-04-13 11:41 - 2017-04-13 11:41 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign9c5fe32117b43855
2017-04-13 11:41 - 2017-04-13 11:41 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign4e75721f6afc5b04
2017-04-13 11:26 - 2017-04-13 11:26 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign70abd00ce5708e5a
2017-04-13 11:24 - 2017-04-13 11:24 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsignc03b6f76639ff881
2017-04-13 11:24 - 2017-04-13 11:24 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign27855acfd983c1b7
2017-04-13 11:02 - 2017-04-13 11:02 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsigna3d5b4257ad9d00b
2017-04-13 11:02 - 2017-04-13 11:02 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign4e9a48de4045350e
2017-04-13 10:55 - 2017-04-13 10:55 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsigne3d5abd297a016da
2017-04-13 10:55 - 2017-04-13 10:55 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsigna3493df0e2d07f38
2017-04-13 00:03 - 2017-04-13 00:03 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign8fc905fd6b13ef92
2017-04-13 00:00 - 2017-04-13 00:00 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign74d2267ce0195374
2017-04-13 00:00 - 2017-04-13 00:00 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign45225b533a9215d5
2017-04-12 23:41 - 2017-04-12 23:41 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsigne813f78349d17ddf
2017-04-12 23:41 - 2017-04-12 23:41 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign59b4c12c805fb9b2
2017-04-12 23:41 - 2017-04-12 23:41 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign05fe40e5e66b1eee
2017-04-12 23:32 - 2017-04-12 23:32 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign4cc3c8a080e28ec1
2017-04-12 23:32 - 2017-04-12 23:32 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign4139024035006bda
2017-04-12 23:32 - 2017-04-12 23:32 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign144cb3b2b4575101
2017-04-12 21:58 - 2017-04-12 21:58 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign1d9faeb5fed8c567
2017-04-12 21:52 - 2017-04-12 21:52 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign9beadfe5eaa22959
2017-04-12 21:52 - 2017-04-12 21:52 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign837a5a780be736fa
2017-04-12 21:21 - 2017-04-12 21:21 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsigna778cc3a0604422c
2017-04-12 21:21 - 2017-04-12 21:21 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign58a7d858e2920c82
2017-04-12 21:21 - 2017-04-12 21:21 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign2b49f26928d56339
2017-04-12 21:20 - 2017-04-12 21:20 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign9c46c03a33e0ee8a
2017-04-12 21:20 - 2017-04-12 21:20 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign2c7082430f0c9afd
2017-04-12 21:20 - 2017-04-12 21:20 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign2c4001e8511f8cbe
2017-04-12 21:14 - 2017-04-12 21:14 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsignb2f2ed1d8d47bd19
2017-04-12 21:14 - 2017-04-12 21:14 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign5591e713b6786a96
2017-04-12 21:14 - 2017-04-12 21:14 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign080a8c742645d558
2017-04-12 20:45 - 2017-04-12 20:45 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsigndf7d6af4951bd894
2017-04-12 20:45 - 2017-04-12 20:45 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign365c39c78b3930de
2017-04-12 20:45 - 2017-04-12 20:45 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Tempzxpsign1713402986a4cb6f
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-12 19:39 - 2015-08-16 13:02 - 00000000 ____D C:\FRST
2017-05-12 19:17 - 2013-08-22 16:52 - 01214007 _____ C:\Users\schweigelicht\Documents\MuseLog.txt
2017-05-12 19:03 - 2016-02-09 14:23 - 00000000 ____D C:\Users\schweigelicht\AppData\Roaming\Azureus
2017-05-12 15:19 - 2013-08-20 19:52 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Adobe
2017-05-12 10:05 - 2009-07-14 06:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-05-12 10:05 - 2009-07-14 06:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-05-12 10:04 - 2013-08-21 07:51 - 00000000 ____D C:\Users\schweigelicht\AppData\Roaming\vlc
2017-05-12 10:00 - 2016-09-13 01:31 - 00000000 ____D C:\ProgramData\KMSAutoS
2017-05-12 05:45 - 2016-11-03 01:09 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Spotify
2017-05-12 03:25 - 2016-11-03 01:09 - 00000000 ____D C:\Users\schweigelicht\AppData\Roaming\Spotify
2017-05-11 20:11 - 2015-06-05 18:46 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2017-05-11 12:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2017-05-11 10:14 - 2017-04-08 22:45 - 00000000 ____D C:\Users\schweigelicht\AppData\LocalLow\Mozilla
2017-05-10 21:17 - 2014-05-09 15:33 - 00001456 _____ C:\Users\schweigelicht\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2017-05-10 20:58 - 2014-08-10 06:53 - 00000033 _____ C:\Users\schweigelicht\AppData\Roaming\AdobeWLCMCache.dat
2017-05-10 17:06 - 2015-08-09 18:21 - 00000000 ___RD C:\Users\schweigelicht\Creative Cloud Files
2017-05-10 17:06 - 2015-05-02 03:31 - 00000000 ____D C:\ProgramData\boost_interprocess
2017-05-10 16:21 - 2011-04-12 09:43 - 00700986 _____ C:\Windows\system32\perfh007.dat
2017-05-10 16:21 - 2011-04-12 09:43 - 00149886 _____ C:\Windows\system32\perfc007.dat
2017-05-10 16:21 - 2009-07-14 07:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2017-05-10 16:15 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-05-09 20:12 - 2017-01-21 21:11 - 00004876 _____ C:\Users\schweigelicht\Desktop\sc3.tmp
2017-05-09 09:48 - 2016-07-28 22:55 - 00000000 ____D C:\Users\schweigelicht\Documents\BioWare
2017-05-09 09:43 - 2014-04-24 15:52 - 00000000 ____D C:\ProgramData\Package Cache
2017-05-09 09:33 - 2016-08-05 23:43 - 00000000 ____D C:\ProgramData\Origin
2017-05-08 13:03 - 2014-04-30 19:09 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\CrashDumps
2017-05-08 13:01 - 2013-09-04 23:20 - 00000000 ____D C:\Users\schweigelicht\AppData\Roaming\Celemony Software GmbH
2017-05-08 04:33 - 2013-08-20 22:29 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\ElevatedDiagnostics
2017-05-04 22:32 - 2016-12-14 22:47 - 00000000 ____D C:\Program Files\Adobe Photoshop CC 2017
2017-05-04 22:32 - 2013-08-22 14:41 - 00000000 ____D C:\Users\schweigelicht\Documents\Adobe
2017-05-03 14:50 - 2015-11-03 22:17 - 00000000 ____D C:\ProgramData\CanonIJPLM
2017-05-02 20:26 - 2017-01-11 23:17 - 00000000 ____D C:\Users\schweigelicht\AppData\Roaming\Petroglyph
2017-04-30 14:54 - 2017-04-09 19:53 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\Battle.net
2017-04-29 21:42 - 2014-10-23 11:33 - 00000000 ___RD C:\Users\schweigelicht\Virtual Machines
2017-04-29 21:11 - 2013-08-22 14:09 - 00000000 ____D C:\Windows\SysWOW64\directx
2017-04-29 18:03 - 2013-08-20 18:28 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-04-29 15:34 - 2016-12-27 19:36 - 00000000 ____D C:\Users\schweigelicht\Documents\My Games
2017-04-28 10:55 - 2016-07-31 19:54 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-28 10:55 - 2016-07-31 19:54 - 00003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-26 19:06 - 2013-08-21 07:43 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2017-04-26 10:40 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2017-04-25 02:00 - 2017-01-26 15:40 - 00000000 ____D C:\Users\schweigelicht\AppData\Roaming\Audacity
2017-04-24 17:48 - 2017-04-10 11:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games
2017-04-24 14:15 - 2016-08-27 17:08 - 00000000 ____D C:\Users\schweigelicht\AppData\Roaming\obs-studio
2017-04-23 18:51 - 2016-02-09 15:09 - 00000000 ____D C:\Users\schweigelicht\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2017-04-23 18:03 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-04-22 19:28 - 2017-01-31 18:02 - 00000000 ____D C:\Program Files\Adobe After Effects CC 2017
2017-04-22 19:27 - 2013-08-20 19:56 - 00000000 ____D C:\ProgramData\Adobe
2017-04-22 19:18 - 2013-08-22 15:00 - 00000000 ____D C:\Users\Public\Documents\Adobe
2017-04-22 19:15 - 2017-01-16 19:43 - 00000000 ____D C:\Users\schweigelicht\AppData\Local\UnrealEngine
2017-04-22 19:12 - 2016-08-02 18:34 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2017-04-21 21:18 - 2013-10-18 11:22 - 00000000 ____D C:\Program Files\Vuze
2017-04-20 10:07 - 2014-10-03 03:05 - 00008150 _____ C:\Users\schweigelicht\Desktop\DesktopOK.ini
2017-04-16 23:20 - 2017-03-29 09:04 - 00000000 ____D C:\Users\schweigelicht\Documents\The Witcher 3
2017-04-15 21:05 - 2017-04-08 22:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2017-04-15 06:44 - 2016-12-14 18:21 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-04-15 06:44 - 2016-12-14 18:21 - 00002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2017-04-15 06:44 - 2016-12-14 18:21 - 00001943 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2017-04-15 06:43 - 2016-12-14 18:18 - 00000000 ____D C:\Program Files (x86)\Acrobat DC
2017-04-14 21:44 - 2017-04-08 22:17 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2017-04-13 18:35 - 2017-04-08 22:17 - 00000000 ____D C:\Users\schweigelicht\AppData\Roaming\DVDVideoSoft
2017-04-12 14:20 - 2017-04-11 13:09 - 30785536 _____ C:\Users\schweigelicht\Desktop\#3 Inhalt Sonderausgabe.indd
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-12-26 15:33 - 2014-06-10 22:27 - 0000132 _____ () C:\Users\schweigelicht\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2014-08-10 06:53 - 2017-05-10 20:58 - 0000033 _____ () C:\Users\schweigelicht\AppData\Roaming\AdobeWLCMCache.dat
2016-08-27 19:50 - 2017-01-25 18:10 - 0001470 _____ () C:\Users\schweigelicht\AppData\Roaming\Coolorus 2
2015-04-26 05:44 - 2016-08-27 19:28 - 0000028 _____ () C:\Users\schweigelicht\AppData\Roaming\kulerdata.json
2014-08-17 01:56 - 2014-08-17 01:56 - 0551424 ____T (MultiMedia Soft) C:\Users\schweigelicht\AppData\Roaming\Microsoft\engine_ag.dll
2014-05-09 15:33 - 2017-05-10 21:17 - 0001456 _____ () C:\Users\schweigelicht\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2016-01-28 23:19 - 2016-01-28 23:43 - 0001456 _____ () C:\Users\schweigelicht\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-10-23 20:45 - 2015-10-23 20:45 - 0003584 _____ () C:\Users\schweigelicht\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-29 18:31 - 2014-07-29 18:31 - 0001497 _____ () C:\Users\schweigelicht\AppData\Local\RecConfig.xml
2015-05-07 15:51 - 2015-09-18 20:16 - 0007602 _____ () C:\Users\schweigelicht\AppData\Local\resmon.resmoncfg
2015-03-05 22:06 - 2015-03-05 22:06 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-08-20 20:34 - 2016-02-07 15:45 - 0021124 _____ () C:\ProgramData\hpzinstall.log
2016-08-18 13:53 - 2016-08-18 13:53 - 0001534 _____ () C:\ProgramData\ss.ini
Einige Dateien in TEMP:
====================
2017-05-08 16:47 - 2017-05-10 20:00 - 0035224 _____ () C:\Users\schweigelicht\AppData\Local\Temp\i4jdel0.exe
2017-05-10 01:52 - 2012-11-30 06:53 - 1114112 _____ (Microsoft Corporation) C:\Users\schweigelicht\AppData\Local\Temp\kernel32.dll
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-05-03 11:56
==================== Ende von FRST.txt ============================ |