Hallo zusammen,
seit kurzem wird mein Internet immer Langsamer und ich weiß nicht warum.
Anfangs ist die Verbindung immer normal und dann wird sie schnell langsamer und wird erst wieder normal schnell wenn ich den Router neu starte.

Hallo rafael25,


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

• Starte jetzt FRST.
• Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
• Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
• Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Zitat:

Anfangs ist die Verbindung immer normal und dann wird sie schnell langsamer und wird erst wieder normal schnell wenn ich den Router neu starte.

Wie lange dauert es denn in etwa, bis die Verbindung wieder schlechter wird und wann fing das in etwa an? Und was hast du bis jetzt ausprobiert, um das Problem zu lösen?

Die Zeitabstände sind sehr unregalmäßigmanchmal dauert es so ca. eine halbe Stunde und manchmal klappt es auch gar nicht(bis jetzt nur einmal).
Die .txt dateien:hxxp://we.tl/JKBAEIKjNn

Hi,

bitte die Logfiles direkt in den Thread posten. Falls das Logfile zu groß ist, bitte auf mehrere Posts aufteilen: http://www.trojaner-board.de/137229-...code-tags.html.

Code: Alles auswählenAufklappen

ATTFilter

Geladene Profile: User (Verfügbare Profile: User & DefaultAppPool)
Platform: Windows 10 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
() C:\Program Files (x86)\No-IP\ducservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Windows\DAODx.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(VIA Technologies, Inc.) C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AAA Internet Publishing, Inc.) C:\Program Files (x86)\WTFast Beta\WTFast.exe
(Visicom Media Inc.) C:\Program Files (x86)\ManyCam\ManyCam.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [AtherosBtStack] => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2010-09-27] (Atheros Commnucations)
HKLM\...\Run: [VIAxHCUtl] => C:\Program Files\VIA XHCI UASP Utility\usb3Monitor
HKLM\...\Run: [IgfxTray] => "C:\Windows\system32\igfxtray.exe"
HKLM\...\Run: [HotKeysCmds] => "C:\Windows\system32\hkcmd.exe"
HKLM\...\Run: [Persistence] => "C:\Windows\system32\igfxpers.exe"
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [mbot_de_014010086] => "C:\Program Files (x86)\mbot_de_014010086\mbot_de_014010086.exe"
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782520 2015-09-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-09-21] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-12] (Logitech Inc.)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [57987712 2015-09-28] (Skype Technologies S.A.)
HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\...\Run: [WTFast Tray] => C:\Program Files (x86)\WTFast Beta\WTFast.exe [5194328 2015-09-14] (AAA Internet Publishing, Inc.)
HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\...\Run: [ManyCam] => C:\Program Files (x86)\ManyCam\ManyCam.exe [9590568 2015-09-23] (Visicom Media Inc.)
HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\...\Policies\Explorer: [NoDrives] 65536

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{12c5caae-8b86-4830-8791-c0f8bb7899cf}: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{1bfc2c8d-e0c5-4534-831d-059649fe28a1}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{613b26f9-f874-4e0e-9968-95711c944f86}: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{6c4bd96b-a427-4d85-884c-39d2ab9856b3}: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{d3be78ae-491a-4eb0-9b35-2aa566efa4d5}: [DhcpNameServer] 10.0.0.1

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3928150652-2756980015-3035233101-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll [2015-10-23] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-23] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2010-09-27] (Atheros Commnucations)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-16] ()
FF Plugin: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-23] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-16] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-3928150652-2756980015-3035233101-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\user.js [2015-07-29]
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\searchplugins\google-images.xml [2015-08-01]
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\searchplugins\google-maps.xml [2015-08-01]
FF Extension: SparPilot - Gutscheine & mehr... - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\Extensions\sparpilot__campaign0@sparpilot.com [2015-10-19]
FF Extension: Cliqz - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\Extensions\cliqz@cliqz.com.xpi [2015-11-03] [ist nicht signiert]
FF Extension: Browser-Security - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\Extensions\firefox@browser-security.de.xpi [2015-08-23]
FF Extension: Browser Service - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\Extensions\{4c251ea9-f334-4cb8-94a1-7cd4fef10ef3}.xpi [2015-08-25] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-25]
FF Extension: Browser Addon - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\Extensions\{e0bb220b-dad2-46f2-83b5-c353f7a982e0}.xpi [2015-10-28] [ist nicht signiert]
FF Extension: Greasemonkey - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-10-25]
FF Extension: Kein Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08] [ist nicht signiert]
FF HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\extensions\cliqz@cliqz.com => nicht gefunden

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [932912 2015-09-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-09-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-09-23] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1147720 2015-10-14] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [240360 2015-09-21] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-09-10] (Microsoft Corporation)
R2 NoIPDUCService4; C:\Program Files (x86)\No-IP\ducservice.exe [12288 2015-07-20] () [Datei ist nicht signiert]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-09-10] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-09-10] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137800 2015-09-23] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-09-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-03-17] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [74440 2015-09-23] (Avira Operations GmbH & Co. KG)
R3 CMUSBDAC; C:\Windows\system32\DRIVERS\CMUSBDAC.sys [595456 2014-09-19] (C-MEDIA)
R3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (Visicom Media Inc.)
R3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-09-10] (Microsoft Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek                                            )
R3 Sftfs; C:\Windows\System32\DRIVERS\Sftfswin7.sys [767648 2014-10-08] (Microsoft Corporation)
R3 Sftplay; C:\Windows\System32\DRIVERS\Sftplaywin7.sys [273576 2014-10-08] (Microsoft Corporation)
R3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirwin7.sys [29864 2014-10-08] (Microsoft Corporation)
R3 Sftvol; C:\Windows\System32\DRIVERS\Sftvolwin7.sys [23208 2014-10-08] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R2 WtfEngineDrv; C:\Windows\system32\DRIVERS\WtfEngineDrv.sys [27392 2015-04-02] (AAA Internet Publishing, Inc.)
U3 idsvc; kein ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-05 21:07 - 2015-11-05 21:07 - 00016607 _____ C:\Users\User\Downloads\FRST.txt
2015-11-05 21:06 - 2015-11-05 21:07 - 00000000 ____D C:\FRST
2015-11-05 21:05 - 2015-11-05 21:05 - 02198528 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2015-11-05 20:58 - 2015-11-05 20:58 - 00016148 _____ C:\WINDOWS\system32\USER-PC_User_HistoryPrediction.bin
2015-11-05 20:06 - 2015-11-05 20:53 - 626196580 _____ C:\Users\User\Desktop\PvP-Lesson mit SnowdomTV.mp4
2015-11-05 16:57 - 2015-11-05 19:05 - 00000216 _____ C:\Users\User\Desktop\Neues Textdokument (2).txt
2015-11-04 19:23 - 2015-11-04 19:23 - 07016240 _____ (Initex & AAA Internet Publishing ) C:\Users\User\Desktop\WTFastSetup.3.5.9.511.exe
2015-11-04 19:16 - 2015-11-04 19:16 - 00064984 _____ C:\Users\User\Documents\Ohne Titel.veg
2015-11-04 19:13 - 2015-11-04 19:13 - 00000000 ____D C:\Users\User\Desktop\game
2015-11-04 17:51 - 2015-11-04 18:28 - 496438553 _____ C:\Users\User\Desktop\PvP montage.mp4
2015-11-04 17:49 - 2015-11-04 17:49 - 00085408 _____ C:\Users\User\Desktop\Outro.avi.sfk
2015-11-04 04:08 - 2013-07-10 00:47 - 00000021 _____ C:\Users\User\Desktop\ender_pearl.png.mcmeta
2015-11-03 22:36 - 2015-11-03 22:36 - 00038962 _____ C:\Users\User\AppData\Local\recently-used.xbel
2015-11-03 22:01 - 2015-11-03 22:01 - 00008938 _____ C:\Users\User\Documents\Vorlage animation wooden sword.xcf
2015-11-03 21:30 - 2015-11-03 21:30 - 00032945 _____ C:\Users\User\Documents\Unbenannt.xcf
2015-11-03 20:55 - 2015-11-03 20:55 - 00000000 _____ C:\Users\User\Desktop\64x20304.txt
2015-11-03 16:22 - 2015-11-03 16:22 - 00000000 ____D C:\Users\User\AppData\Local\webkit
2015-11-02 15:13 - 2015-11-02 15:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-11-02 15:12 - 2015-11-02 15:12 - 00000000 ____D C:\ProgramData\Sony
2015-11-02 15:12 - 2015-11-02 15:12 - 00000000 ____D C:\Program Files\Sony
2015-11-02 15:12 - 2015-11-02 15:12 - 00000000 ____D C:\Program Files (x86)\Sony
2015-11-02 15:04 - 2015-11-02 15:12 - 411058696 _____ (Sony Creative Software Inc.) C:\Users\User\Desktop\Sony Vegas Pro 13.exe
2015-11-02 15:04 - 2015-11-02 15:04 - 00705308 _____ C:\Users\User\Desktop\vegas.pro.13.0.(64-bit)-patch (1).rar
2015-11-01 15:57 - 2015-11-01 15:47 - 00510381 _____ C:\Users\User\Desktop\NotEnoughItems-1.8-1.0.5.104-universal.jar
2015-11-01 15:54 - 2015-11-01 15:55 - 00007531 _____ C:\Users\User\Downloads\forge-1.8-11.14.3.1543-installer.jar.log
2015-11-01 15:54 - 2015-11-01 15:54 - 03605266 _____ C:\Users\User\Downloads\forge-1.8-11.14.3.1543-installer.jar
2015-11-01 15:40 - 2015-11-01 15:40 - 00119712 _____ C:\Users\User\Downloads\MSM-SNAP-3.0.0e-For-MC-1.7.10.jar
2015-11-01 15:28 - 2015-11-03 22:36 - 00000000 ____D C:\Users\User\Desktop\Modpack
2015-11-01 15:20 - 2014-06-18 12:46 - 354230360 ____R (Sony Creative Software Inc.) C:\Users\User\Desktop\vegaspro13.0.310_64bit.exe
2015-11-01 15:19 - 2015-11-01 15:19 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2015-11-01 13:27 - 2015-11-01 13:27 - 02607013 _____ C:\Users\User\Downloads\Fraps Files(1).rar
2015-11-01 13:22 - 2015-11-03 22:34 - 00000000 ____D C:\Users\User\Desktop\Neuer Ordner
2015-10-30 18:33 - 2015-10-28 00:38 - 21871616 ____C (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-30 18:33 - 2015-10-28 00:16 - 18801664 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-30 18:33 - 2015-10-21 13:45 - 00541024 ____C (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-10-30 18:33 - 2015-10-21 13:44 - 00459104 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-10-30 18:33 - 2015-10-21 13:43 - 01392480 ____C (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-30 18:33 - 2015-10-21 13:39 - 03621248 ____C (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-10-30 18:33 - 2015-10-21 13:00 - 24595968 ____C (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-30 18:33 - 2015-10-21 13:00 - 03248128 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-30 18:33 - 2015-10-21 12:59 - 00076800 ____C (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-10-30 18:33 - 2015-10-21 12:57 - 02418688 ____C (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-30 18:33 - 2015-10-21 12:52 - 02987520 ____C (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-30 18:33 - 2015-10-21 12:50 - 00333312 ____C (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-10-30 18:33 - 2015-10-21 12:48 - 01068032 ____C (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-30 18:33 - 2015-10-21 12:47 - 00453120 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-10-30 18:33 - 2015-10-21 12:46 - 02179584 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-30 18:33 - 2015-10-21 12:46 - 01602560 ____C (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-10-30 18:33 - 2015-10-21 12:44 - 00713216 ____C (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-10-30 18:33 - 2015-10-21 12:44 - 00579072 ____C (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-30 18:33 - 2015-10-21 12:43 - 02675200 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-10-30 18:33 - 2015-10-21 12:42 - 00627712 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-30 18:33 - 2015-10-21 12:41 - 01795072 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-30 18:33 - 2015-10-21 12:40 - 00145408 ____C (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-10-30 18:33 - 2015-10-21 12:38 - 00502272 ____C (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-10-30 18:33 - 2015-10-21 06:53 - 00961376 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-30 18:33 - 2015-10-21 06:49 - 02878512 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-10-30 18:33 - 2015-10-21 06:13 - 19326464 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-30 18:33 - 2015-10-21 06:11 - 02647040 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-30 18:33 - 2015-10-21 06:08 - 01918976 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-30 18:33 - 2015-10-21 06:05 - 02639872 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-30 18:33 - 2015-10-21 06:03 - 01380864 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-10-30 18:33 - 2015-10-21 06:03 - 00311296 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-10-30 18:33 - 2015-10-21 05:58 - 02049536 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-10-30 18:33 - 2015-10-21 05:58 - 00464896 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-30 18:33 - 2015-10-21 05:55 - 00441344 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-10-30 02:02 - 2015-10-30 02:36 - 483239885 _____ C:\Users\User\Desktop\Minecraft Quuuuicksg #5.mp4
2015-10-30 01:48 - 2015-10-30 02:08 - 00000000 ____D C:\Users\User\Desktop\THUMBNAILS
2015-10-30 00:29 - 2015-10-27 10:36 - 46888189 _____ C:\Users\User\Downloads\GOARMY.zip
2015-10-29 22:14 - 2015-10-29 22:55 - 353519548 _____ C:\Users\User\Desktop\Minecraft timolia #4.mp4
2015-10-29 22:12 - 2015-10-29 23:13 - 00106240 _____ C:\Users\User\Desktop\Funny - Music.mp3.sfk
2015-10-29 22:06 - 2015-10-29 22:08 - 3150654888 _____ C:\Users\User\Desktop\Outro.avi
2015-10-29 21:55 - 2015-10-29 21:56 - 4242983080 _____ C:\Users\User\Desktop\javaw 2015-10-29 21-55-13-63.avi
2015-10-27 14:01 - 2015-10-27 15:02 - 520585962 _____ C:\Users\User\Desktop\Quuuuuicksg #4.mp4
2015-10-27 00:36 - 2015-10-27 11:06 - 00106240 _____ C:\Users\User\Downloads\Funny - Music.mp3.sfk
2015-10-27 00:14 - 2015-10-27 00:14 - 1758971944 _____ C:\Users\User\Desktop\javaw 2015-10-27 00-14-17-60.avi
2015-10-26 20:07 - 2015-10-26 20:08 - 34864620 _____ C:\Users\User\Downloads\Brobi V2 Pack(2).zip
2015-10-24 13:34 - 2015-10-24 13:38 - 33743229 _____ C:\Users\User\Desktop\Minecraft Varo Battle2.mp4
2015-10-24 00:46 - 2015-10-24 00:48 - 00000000 ____D C:\Users\User\Desktop\Screens
2015-10-23 19:13 - 2015-11-05 18:00 - 00000482 _____ C:\WINDOWS\Tasks\ParetoLogic Registration3.job
2015-10-23 19:13 - 2015-10-23 19:13 - 00003294 _____ C:\WINDOWS\System32\Tasks\ParetoLogic Registration3
2015-10-23 19:13 - 2015-10-23 19:13 - 00000000 ____D C:\Users\User\AppData\Roaming\ParetoLogic
2015-10-23 19:13 - 2015-10-23 19:13 - 00000000 ____D C:\Users\User\AppData\Roaming\DriverCure
2015-10-23 19:12 - 2015-11-05 14:53 - 00000508 _____ C:\WINDOWS\Tasks\ParetoLogic Update Version3 Startup Task.job
2015-10-23 19:12 - 2015-10-30 00:50 - 00000456 _____ C:\WINDOWS\Tasks\ParetoLogic Update Version3.job
2015-10-23 19:12 - 2015-10-23 19:15 - 00000000 ____D C:\ProgramData\ParetoLogic
2015-10-23 19:12 - 2015-10-23 19:12 - 05813872 _____ (ParetoLogic Inc.) C:\Users\User\Downloads\ParetoLogic PC Health Advisor_de.exe
2015-10-23 19:12 - 2015-10-23 19:12 - 00003418 _____ C:\WINDOWS\System32\Tasks\ParetoLogic Update Version3
2015-10-23 19:12 - 2015-10-23 19:12 - 00003112 _____ C:\WINDOWS\System32\Tasks\ParetoLogic Update Version3 Startup Task
2015-10-23 15:05 - 2015-10-23 15:05 - 00954523 _____ C:\Users\User\Downloads\OptiFine_1-8-8_HD_U_E2.jar
2015-10-23 13:35 - 2015-10-23 13:35 - 00138968 _____ C:\Users\User\Desktop\OUTRO NEXT VIDEO.avi.sfk
2015-10-23 13:19 - 2015-10-23 13:19 - 00000746 _____ C:\Users\User\Desktop\Bilder - Verknüpfung.lnk
2015-10-23 12:24 - 2015-10-23 12:24 - 01247112 _____ (Mojang) C:\Users\User\Desktop\Minecraft.exe
2015-10-23 10:08 - 2015-10-23 10:08 - 00000000 ____D C:\ProgramData\ATI
2015-10-23 00:53 - 2015-10-23 00:53 - 00000753 _____ C:\Users\User\Documents\Downloads - Verknüpfung.lnk
2015-10-22 20:25 - 2015-10-22 20:25 - 00062133 _____ C:\WINDOWS\SysWOW64\CCCInstall_201510222125048155.log
2015-10-22 20:25 - 2015-10-22 20:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-10-22 20:24 - 2015-10-22 20:24 - 00061253 _____ C:\WINDOWS\SysWOW64\CCCInstall_201510222124019710.log
2015-10-22 20:24 - 2015-10-22 20:24 - 00000000 ____D C:\Program Files\ATI Technologies
2015-10-22 20:24 - 2015-10-22 20:24 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2015-10-22 20:23 - 2015-10-22 20:23 - 00000000 ____D C:\Users\Default\AppData\Roaming\ATI
2015-10-22 20:23 - 2015-10-22 20:23 - 00000000 ____D C:\Users\Default\AppData\Local\ATI
2015-10-22 20:23 - 2015-10-22 20:23 - 00000000 ____D C:\Users\Default User\AppData\Roaming\ATI
2015-10-22 20:23 - 2015-10-22 20:23 - 00000000 ____D C:\Users\Default User\AppData\Local\ATI
2015-10-22 20:21 - 2015-10-22 20:21 - 47794160 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 39712768 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 30776304 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 27544560 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 22327280 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 15725552 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 14310896 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 09355016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 07683096 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 06686192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 05216240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2015-10-22 20:21 - 2015-10-22 20:21 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2015-10-22 20:21 - 2015-10-22 20:21 - 01196032 _____ C:\WINDOWS\system32\amdocl_as64.exe
2015-10-22 20:21 - 2015-10-22 20:21 - 01070592 _____ C:\WINDOWS\system32\amdocl_ld64.exe
2015-10-22 20:21 - 2015-10-22 20:21 - 01004032 _____ C:\WINDOWS\SysWOW64\amdocl_as32.exe
2015-10-22 20:21 - 2015-10-22 20:21 - 00935408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00833800 _____ C:\WINDOWS\system32\amdicdxx.dat
2015-10-22 20:21 - 2015-10-22 20:21 - 00807424 _____ C:\WINDOWS\SysWOW64\amdocl_ld32.exe
2015-10-22 20:21 - 2015-10-22 20:21 - 00662392 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2015-10-22 20:21 - 2015-10-22 20:21 - 00662392 _____ C:\WINDOWS\system32\atiapfxx.blb
2015-10-22 20:21 - 2015-10-22 20:21 - 00631280 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00524272 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00471312 _____ C:\WINDOWS\system32\amdmiracast.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00375792 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2015-10-22 20:21 - 2015-10-22 20:21 - 00341488 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe
2015-10-22 20:21 - 2015-10-22 20:21 - 00243696 _____ C:\WINDOWS\system32\clinfo.exe
2015-10-22 20:21 - 2015-10-22 20:21 - 00213488 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00199664 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00198640 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00177344 _____ C:\WINDOWS\system32\ativce03.dat
2015-10-22 20:21 - 2015-10-22 20:21 - 00175648 _____ C:\WINDOWS\system32\amde31a.dat
2015-10-22 20:21 - 2015-10-22 20:21 - 00168944 _____ C:\WINDOWS\system32\atieah64.exe
2015-10-22 20:21 - 2015-10-22 20:21 - 00165360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00152560 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2015-10-22 20:21 - 2015-10-22 20:21 - 00151936 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00143344 _____ C:\WINDOWS\system32\amdhdl64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00138376 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00136176 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00132080 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00122352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00117600 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00111600 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00111088 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00110312 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00103408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00100816 _____ C:\WINDOWS\system32\ativce02.dat
2015-10-22 20:21 - 2015-10-22 20:21 - 00097776 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00096752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00089584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00088000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00087992 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00083952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00081168 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00081160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00078320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00073712 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00071152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00068080 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00064496 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00060912 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00059888 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe
2015-10-22 20:21 - 2015-10-22 20:21 - 00059376 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00057840 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00052208 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00048112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00047664 _____ C:\WINDOWS\system32\kapp_ci.sbin
2015-10-22 20:21 - 2015-10-22 20:21 - 00043536 _____ C:\WINDOWS\system32\kapp_si.sbin
2015-10-22 20:21 - 2015-10-22 20:21 - 00038384 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00012784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00012784 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2015-10-21 22:42 - 2015-10-21 23:00 - 331668153 _____ C:\Users\User\Desktop\Minecraft Quuuuuicksg #2.mp4
2015-10-21 22:40 - 2015-10-21 22:41 - 00213496 _____ C:\Users\User\Desktop\javaw 2015-10-14 19-44-15-89.avi.sfk
2015-10-21 22:40 - 2015-10-21 22:41 - 00032448 _____ C:\Users\User\Desktop\Outro form.mp4.sfk
2015-10-21 16:41 - 2015-10-21 16:37 - 00026671 _____ C:\Users\User\Downloads\Xray Ultimate 1.8.zip
2015-10-20 13:07 - 2015-10-20 13:07 - 08173005 _____ C:\Users\User\Downloads\Huzuni 3.5.zip
2015-10-20 13:01 - 2015-10-20 13:01 - 06051033 _____ C:\Users\User\Downloads\huzuni-new.zip
2015-10-20 09:30 - 2015-10-20 09:31 - 00000000 ____D C:\Users\User\Downloads\GarPloit 1.3
2015-10-20 09:27 - 2015-10-20 09:27 - 06445168 _____ C:\Users\User\Downloads\GarPloit 1.3.zip
2015-10-17 13:13 - 2015-10-17 13:13 - 00000617 _____ C:\Users\User\Desktop\Fraps.lnk
2015-10-17 13:13 - 2015-10-17 13:13 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps
2015-10-17 13:09 - 2015-10-17 13:09 - 00001276 _____ C:\Users\Public\Desktop\Einfaches Video und Filmschnittprogramm LoiLo.lnk
2015-10-17 13:09 - 2015-10-17 13:09 - 00001079 _____ C:\Users\Public\Desktop\LoiLo Game Recorder.lnk
2015-10-17 13:09 - 2015-10-17 13:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LoiLoScope 2
2015-10-17 13:09 - 2015-10-17 13:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LoiLo Game Recorder
2015-10-17 13:04 - 2015-10-17 13:04 - 01461024 _____ C:\Users\User\Downloads\LoiLo Game Recorder - CHIP-Installer(4).exe
2015-10-16 13:02 - 2015-11-02 14:27 - 00000000 ____D C:\Users\User\Desktop\trash
2015-10-14 23:34 - 2015-10-14 23:34 - 00032296 _____ C:\Users\User\Documents\Untitled.veg
2015-10-14 20:49 - 2015-11-04 11:57 - 00000000 ____D C:\Users\User\Desktop\aufnahme
2015-10-14 17:17 - 2015-10-14 17:19 - 00000000 ____D C:\Users\User\AppData\Roaming\Minecraft Skin Viewer
2015-10-14 17:16 - 2015-10-14 17:17 - 00155858 _____ C:\Users\User\Downloads\Minecraft Skin Viewer.zip
2015-10-14 15:15 - 2015-10-06 04:03 - 16708608 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-14 15:15 - 2015-10-06 03:46 - 13027840 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-14 15:15 - 2015-10-01 05:00 - 08020320 ____C (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-14 15:15 - 2015-09-25 04:02 - 07523840 ____C (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-14 15:15 - 2015-09-25 04:01 - 04792320 ____C (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-14 15:15 - 2015-09-25 04:01 - 03586560 ____C (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-14 15:15 - 2015-09-25 04:00 - 01382400 ____C (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-14 15:15 - 2015-09-25 03:38 - 03580416 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-14 15:15 - 2015-09-25 03:36 - 05454848 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-14 15:14 - 2015-09-25 04:33 - 01997336 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-14 15:14 - 2015-09-25 04:26 - 20858360 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-14 15:14 - 2015-09-25 04:11 - 00257024 ____C (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-14 15:14 - 2015-09-25 04:11 - 00223232 ____C (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-14 15:14 - 2015-09-25 04:07 - 01276416 ____C (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-14 15:14 - 2015-09-25 04:04 - 00771072 ____C (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-14 15:14 - 2015-09-25 04:03 - 00796160 ____C (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-14 15:14 - 2015-09-25 04:00 - 01423872 ____C (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-14 15:14 - 2015-09-25 04:00 - 00856576 ____C (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-14 15:14 - 2015-09-25 03:59 - 01205248 ____C (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-14 15:14 - 2015-09-25 03:59 - 00720896 ____C (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-14 15:14 - 2015-09-25 03:59 - 00685568 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-14 15:14 - 2015-09-25 03:59 - 00590336 ____C (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-14 15:14 - 2015-09-25 03:59 - 00288256 ____C (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-14 15:14 - 2015-09-25 03:59 - 00163840 ____C (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-14 15:14 - 2015-09-25 03:47 - 00195584 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-14 15:14 - 2015-09-25 03:47 - 00172032 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-14 15:14 - 2015-09-25 03:38 - 00650240 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-14 15:14 - 2015-09-25 03:38 - 00574464 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-14 15:14 - 2015-09-25 03:38 - 00504320 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-14 15:14 - 2015-09-25 03:37 - 00766976 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-14 15:14 - 2015-09-25 03:37 - 00613376 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-14 15:14 - 2015-09-25 03:37 - 00480256 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-14 15:14 - 2015-09-25 03:36 - 11262976 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-14 15:14 - 2015-09-25 03:34 - 00928256 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-14 15:14 - 2015-09-25 03:34 - 00625152 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-14 15:14 - 2015-09-25 03:34 - 00579584 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-14 15:14 - 2015-09-25 03:34 - 00557568 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-14 15:14 - 2015-09-25 03:34 - 00525312 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-14 15:14 - 2015-09-25 03:33 - 00131072 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-14 15:14 - 2015-09-25 03:32 - 01594368 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-14 15:14 - 2015-09-25 03:32 - 00466432 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-14 15:12 - 2015-09-25 05:01 - 00498016 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-14 15:11 - 2015-10-10 08:12 - 00078528 ____C (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-14 15:11 - 2015-10-01 05:01 - 01294352 ____C (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-14 15:11 - 2015-10-01 05:01 - 01123400 ____C (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-14 15:11 - 2015-10-01 05:01 - 01018568 ____C (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-14 15:11 - 2015-10-01 05:01 - 00858408 ____C (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-14 15:11 - 2015-10-01 04:03 - 00757760 ____C (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-14 15:11 - 2015-09-25 05:01 - 02573768 ____C (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-14 15:11 - 2015-09-25 04:56 - 22322624 ____C (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-14 15:11 - 2015-09-25 04:52 - 00980832 ____C (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-14 15:11 - 2015-09-25 04:09 - 12504064 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-14 15:11 - 2015-09-25 04:04 - 00826880 ____C (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-14 15:11 - 2015-09-25 04:03 - 00576000 ____C (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-14 15:11 - 2015-09-25 04:02 - 00949248 ____C (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-14 15:11 - 2015-09-25 04:02 - 00689152 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-14 15:11 - 2015-09-25 04:00 - 00752640 ____C (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-14 15:11 - 2015-09-25 03:58 - 01871360 ____C (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-12 23:51 - 2015-10-30 02:08 - 00000000 ____D C:\Users\User\Desktop\Thumbnails skyra
2015-10-12 23:50 - 2015-10-12 23:50 - 00884390 _____ C:\Users\User\Documents\SKYRA VORLAGE.xcf
2015-10-12 18:21 - 2015-10-12 18:23 - 74713080 _____ (LoiLo inc. ) C:\Users\User\Downloads\LoiLoGameRecorder1.1.0.1(1).exe
2015-10-12 12:46 - 2015-10-12 12:46 - 01457952 _____ C:\Users\User\Downloads\LoiLo Game Recorder - CHIP-Installer(3).exe
2015-10-12 12:45 - 2015-10-12 12:45 - 00000000 ____D C:\Users\User\Desktop\minecraft skyra
2015-10-11 22:09 - 2015-10-11 22:10 - 74612920 _____ (LoiLo inc. ) C:\Users\User\Downloads\LoiLoGameRecorder1-1-0-0(2).exe
2015-10-10 16:58 - 2015-10-10 17:00 - 00018952 _____ C:\Users\User\Downloads\Intro Skyra (Minecraft Projekt) __ Beste Kamerafahrt_ xD __ ~Roeni.mp4.sfk
2015-10-09 21:02 - 2015-10-09 21:02 - 00000000 ____D C:\Users\User\AppData\Roaming\Sony Creative Software Inc
2015-10-09 21:00 - 2015-10-09 21:00 - 00852576 _____ C:\Users\User\Documents\Minecraft Survivalgames #2.mp4.sfk
2015-10-08 14:48 - 2015-10-08 14:48 - 00241720 _____ C:\Users\User\Downloads\DUCSetup_v4_1_1.exe
2015-10-08 14:48 - 2015-10-08 14:48 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC
2015-10-08 14:48 - 2015-10-08 14:48 - 00000000 ____D C:\Users\User\AppData\Local\Vitalwerks
2015-10-08 14:48 - 2015-10-08 14:48 - 00000000 ____D C:\ProgramData\Vitalwerks
2015-10-08 14:48 - 2015-10-08 14:48 - 00000000 ____D C:\Program Files (x86)\No-IP
2015-10-08 13:40 - 2015-10-08 13:40 - 14975209 _____ C:\Users\User\Downloads\Varo-Map.gz
2015-10-08 13:40 - 2015-10-08 13:40 - 00000000 ____D C:\Users\User\Downloads\Varo-Map
2015-10-07 17:18 - 2015-10-08 14:15 - 00000000 ____D C:\Users\User\Desktop\SERVER VARO
2015-10-07 17:11 - 2015-10-07 17:11 - 00059621 _____ C:\Users\User\Downloads\MrVaro-2.6.jar
2015-10-06 19:48 - 2015-10-06 19:48 - 00000185 _____ C:\Users\User\Downloads\eula.txt
2015-10-06 19:48 - 2015-10-06 19:48 - 00000062 _____ C:\Users\User\Downloads\server.properties
2015-10-06 19:45 - 2015-10-07 17:21 - 00000000 ____D C:\Users\User\AppData\Roaming\Notepad++
2015-10-06 19:45 - 2015-10-06 19:45 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-10-06 19:45 - 2015-10-06 19:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-10-06 19:45 - 2015-10-06 19:45 - 00000000 ____D C:\Program Files (x86)\Notepad++
2015-10-06 19:44 - 2015-10-06 19:44 - 07674224 _____ C:\Users\User\Downloads\npp.6.6.7.Installer.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-05 21:04 - 2015-07-28 18:00 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype
2015-11-05 20:59 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-05 20:55 - 2015-08-05 19:31 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-05 20:31 - 2015-07-10 13:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-05 19:47 - 2015-07-28 16:45 - 00000000 ____D C:\Users\User\AppData\Roaming\.minecraft
2015-11-05 15:54 - 2015-09-10 23:11 - 02074382 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-05 15:54 - 2015-07-10 17:34 - 00882838 _____ C:\WINDOWS\system32\perfh007.dat
2015-11-05 15:54 - 2015-07-10 17:34 - 00195532 _____ C:\WINDOWS\system32\perfc007.dat
2015-11-05 15:16 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-04 20:45 - 2015-09-19 18:36 - 00049190 _____ C:\WINDOWS\system32\lvcoinst.log
2015-11-04 20:39 - 2015-07-15 13:51 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2015-11-04 20:39 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-04 20:39 - 2015-07-10 10:05 - 00131072 ___SH C:\WINDOWS\system32\config\BBI
2015-11-04 20:36 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-11-04 19:16 - 2015-08-27 19:55 - 00000000 ___DC C:\Program Files (x86)\WTFast Beta
2015-11-04 19:16 - 2015-08-27 19:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WTFast Beta
2015-11-03 22:36 - 2015-09-30 17:38 - 00000000 ____D C:\Users\User\AppData\Local\gtk-2.0
2015-11-03 22:36 - 2015-09-30 16:54 - 00000000 ____D C:\Users\User\.gimp-2.8
2015-11-02 18:20 - 2015-09-15 18:41 - 00001219 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2015-11-02 18:20 - 2015-09-15 18:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-11-02 18:20 - 2015-09-10 23:09 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-02 15:12 - 2015-10-01 13:49 - 00000000 ____D C:\Users\User\AppData\Roaming\Sony
2015-11-02 15:03 - 2015-10-01 14:14 - 00045900 _____ C:\WINDOWS\system32\--traceoff
2015-11-01 13:24 - 2015-09-08 11:02 - 00000000 ____D C:\Users\User\Downloads\EvilHack v.3.6 by Vladymyr96
2015-11-01 12:37 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-31 13:16 - 2015-07-28 17:12 - 00000000 ____D C:\Users\User\AppData\Roaming\TS3Client
2015-10-31 13:00 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-30 02:43 - 2015-08-10 22:10 - 00000000 ____D C:\Users\User\AppData\Roaming\Audacity
2015-10-27 15:01 - 2015-10-04 22:02 - 00000207 _____ C:\Users\User\Desktop\Beschreibung.txt
2015-10-27 10:34 - 2015-09-11 05:27 - 00002363 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-10-27 10:34 - 2015-09-11 05:27 - 00000000 ___RD C:\Users\User\OneDrive
2015-10-23 19:13 - 2011-06-26 21:05 - 00001754 _____ C:\Users\Public\Desktop\CDBurner.lnk
2015-10-23 19:13 - 2011-06-26 21:05 - 00001704 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2015-10-23 12:16 - 2015-07-28 18:53 - 00000000 ____D C:\ProgramData\Oracle
2015-10-23 12:06 - 2015-08-29 09:11 - 00000000 ____D C:\Users\User\.oracle_jre_usage
2015-10-23 12:06 - 2015-07-28 18:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-23 12:05 - 2015-07-28 18:54 - 00110176 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-10-23 12:05 - 2015-07-28 18:53 - 00000000 ___DC C:\Program Files\Java
2015-10-23 00:53 - 2015-09-14 17:13 - 00000000 ____D C:\Users\User\Desktop\sounds
2015-10-22 20:25 - 2015-09-11 05:26 - 00000000 ____D C:\Users\User\AppData\Local\AMD
2015-10-22 20:24 - 2015-09-10 23:09 - 00000000 ____D C:\ProgramData\AMD
2015-10-22 20:23 - 2015-09-10 23:08 - 00000000 ____D C:\AMD
2015-10-22 20:21 - 2015-08-20 20:51 - 12088000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2015-10-22 20:21 - 2015-08-20 20:51 - 10211008 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2015-10-22 20:21 - 2015-08-20 20:51 - 08982440 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2015-10-22 20:21 - 2015-08-20 20:51 - 08864920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2015-10-22 20:21 - 2015-08-20 20:51 - 08009360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2015-10-22 20:21 - 2015-08-20 20:51 - 07482552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2015-10-22 20:21 - 2015-08-20 20:51 - 01479808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2015-10-22 20:21 - 2015-08-20 20:51 - 01223552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2015-10-22 20:21 - 2015-08-20 20:51 - 00162232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2015-10-22 20:21 - 2015-08-20 20:51 - 00143048 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2015-10-22 20:21 - 2015-08-20 20:51 - 00130072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2015-10-22 20:21 - 2015-08-20 20:51 - 00112360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2015-10-22 20:21 - 2015-08-20 20:46 - 25320432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2015-10-22 20:21 - 2015-08-20 20:46 - 21648880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2015-10-22 20:21 - 2015-08-20 20:46 - 01256432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2015-10-22 20:21 - 2015-08-20 20:46 - 00935408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2015-10-22 20:21 - 2015-08-20 20:46 - 00874480 _____ (AMD) C:\WINDOWS\system32\coinst_15.20.dll
2015-10-22 20:21 - 2015-08-20 20:46 - 00683504 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2015-10-22 20:21 - 2015-08-20 20:46 - 00674288 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2015-10-22 20:21 - 2015-08-20 20:46 - 00451056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2015-10-22 20:21 - 2015-08-20 20:46 - 00255472 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2015-10-22 20:21 - 2015-08-20 20:46 - 00150512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2015-10-22 20:21 - 2015-08-20 20:46 - 00078320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2015-10-22 18:32 - 2015-07-28 17:12 - 00000000 ___DC C:\Program Files (x86)\TeamSpeak 3 Client
2015-10-21 14:13 - 2015-10-01 13:06 - 00000000 ____D C:\Users\User\AppData\Roaming\OBS
2015-10-21 14:08 - 2015-10-01 13:06 - 00000000 ____D C:\Program Files\OBS
2015-10-17 13:13 - 2015-09-26 09:54 - 00000000 ____D C:\Fraps
2015-10-17 13:09 - 2015-08-08 12:29 - 00000000 ___DC C:\Program Files\LoiLo
2015-10-16 04:10 - 2015-10-01 14:06 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-16 04:10 - 2015-10-01 14:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-15 13:16 - 2013-07-15 12:29 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-15 13:11 - 2013-07-14 16:33 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-14 21:56 - 2015-07-28 17:59 - 00000000 __RDC C:\Program Files (x86)\Skype
2015-10-12 14:05 - 2015-09-30 20:07 - 00000000 ____D C:\Users\User\Desktop\Varo
2015-10-10 17:17 - 2015-09-09 21:02 - 00000000 ____D C:\Users\User\AppData\Roaming\Anvsoft
2015-10-07 15:14 - 2015-07-28 17:59 - 00000000 ____D C:\ProgramData\Skype

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-08-08 13:24 - 2015-08-08 13:24 - 0000000 ___RH () C:\Users\User\AppData\Roaming\58844d229ddd151bfaed973f37cacc782
2015-07-28 17:39 - 2015-07-28 17:39 - 0000000 _____ () C:\Users\User\AppData\Roaming\gdfw.log
2015-07-28 17:39 - 2015-07-28 17:39 - 0000779 _____ () C:\Users\User\AppData\Roaming\gdscan.log
2015-11-03 22:36 - 2015-11-03 22:36 - 0038962 _____ () C:\Users\User\AppData\Local\recently-used.xbel

Einige Dateien in TEMP:
====================
C:\Users\User\AppData\Local\Temp\amt_oursurfing.exe
C:\Users\User\AppData\Local\Temp\avgnt.exe
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-1173118353540883979.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-1752491449186567265.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-2201368011938689380.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-2618505133473098253.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-2789096141553947812.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-3178197316843515632.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-3337577410216099377.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-3338435204503217700.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-3411612963100103806.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-4277737730885816029.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-4518289107014804270.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-4978473378334862119.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-5302791949231867198.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-562625377389265797.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-6209107839186503279.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-6780039731937162160.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-679197715991657064.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-7124270682324496586.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-723213453837226422.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-7329611553722246076.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-7623161908290565895.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-7645752524606657152.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-8431555853405383488.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-8486430122786041732.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-8533431977384716520.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-904572956628475557.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-9169397324662788991.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Spigot-06ad352-4a7472d-1824604573805871449.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Spigot-06ad352-4a7472d-2929798892950962521.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Spigot-06ad352-4a7472d-3147840678608630587.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Spigot-06ad352-4a7472d-3891697023572236362.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Spigot-06ad352-4a7472d-4815437255598979394.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Spigot-06ad352-4a7472d-4947822979305072009.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Spigot-06ad352-4a7472d-770436404729900341.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Spigot-06ad352-4a7472d-8127840553139350778.dll
C:\Users\User\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\User\AppData\Local\Temp\tmp4928.exe
C:\Users\User\AppData\Local\Temp\WdfCoInstaller01007.dll
C:\Users\User\AppData\Local\Temp\xmlUpdater.exe
         

Code: Alles auswählenAufklappen

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-11-2015
durchgeführt von User (2015-11-05 21:08:05)
Gestartet von C:\Users\User\Downloads
Windows 10 Pro (X64) (2015-09-11 04:21:43)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3928150652-2756980015-3035233101-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3928150652-2756980015-3035233101-503 - Limited - Disabled)
Gast (S-1-5-21-3928150652-2756980015-3035233101-501 - Limited - Disabled)
User (S-1-5-21-3928150652-2756980015-3035233101-1000 - Administrator - Enabled) => C:\Users\User

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Any Video Converter 5.8.3 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.10.150607 - )
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.210 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{d6a7cfcc-1f1c-4638-8f9e-0f184696fcdb}) (Version: 1.1.48.9049 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.48.9049 - Avira Operations GmbH & Co. KG) Hidden
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.34 - Atheros Communications)
Browser-Security (HKLM-x32\...\Browser-Security) (Version: 1.0.5.0 - )
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.8.2568 - CDBurnerXP)
CLIQZ (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 1.0.22 - CLIQZ.com)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
HandBrake 0.10.2 (HKLM-x32\...\HandBrake) (Version: 0.10.2 - )
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3408 - Intel Corporation)
ITE Infrared Transceiver (HKLM-x32\...\{40580068-9B10-40B5-9548-536CE88AB23C}) (Version: 1.00.0000 - ITE)
Java 8 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
LoiLo Game Recorder (HKLM\...\{89E4163C-BD19-45A9-BCEB-980741786799}_is1) (Version: 1.1.0.1 - LoiLo inc.)
LoiLoScope 2 (HKLM-x32\...\{CAB75FFC-2377-4B95-A8FA-C9234B812A92}_is1) (Version: 2.5.4.2 - LoiLo inc)
ManyCam 5.0.5 (HKLM-x32\...\ManyCam) (Version: 5.0.5 - Visicom Media Inc.)
Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.6122.5000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.6129.5001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Mozilla Firefox 38.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MyBestOffersToday 014.014010086 (HKLM-x32\...\mbot_de_014010086_is1) (Version:  - MYBESTOFFERSTODAY) <==== ACHTUNG
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.1.1 - Vitalwerks Internet Solutions LLC)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.7 - Notepad++ Team)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Platform (x32 Version: 1.40 - VIA Technologies, Inc.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.65.1025.2012 - Realtek)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
RivaTuner Statistics Server 6.3.0 (HKLM-x32\...\RTSS) (Version: 6.3.0 - Unwinder)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Unity Web Player (HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS)
Vegas Pro 13.0 (64-bit) (HKLM\...\{386F5740-091D-11E4-B13E-F04DA23A5C58}) (Version: 13.0.373 - Sony)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.40 - VIA Technologies, Inc.)
VideoPad Video-Editor (HKLM-x32\...\VideoPad) (Version: 4.02 - NCH Software)
WavePad Audio-Editor (HKLM-x32\...\WavePad) (Version: 6.12 - NCH Software)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WTFast Beta 4.0 (HKLM-x32\...\{162DC956-6167-407C-8265-4CC3B8E61B96}_is1) (Version: 4.0.4.511 - Initex & AAA Internet Publishing)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3928150652-2756980015-3035233101-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)

==================== Wiederherstellungspunkte =========================


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {02D70DE6-9458-4E62-A58D-F25788B3F8E9} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {03AE6D54-1218-45EC-9B15-F1AC90546954} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {05541BE3-9E6E-4851-B508-DF20692D3D4E} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {15682BCE-76A0-4575-8E05-761C3B5F8E6C} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {1FF40C7F-04BE-41F9-8DD9-35D5E9D20EB9} - System32\Tasks\ParetoLogic Update Version3 Startup Task => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2014-12-08] ()
Task: {21B1F005-8405-484C-A734-BAFA294ED322} - System32\Tasks\ASUS\RunDAOD => C:\Windows\DAODx.exe [2009-03-30] ()
Task: {2452EBB3-883B-41B3-82C2-882BFF39495D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {36B0A95C-A4F4-4D8A-B457-18E11F5F5352} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {3E7AE004-41A3-4D7B-A4B5-BFD1BEC4B2FF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {4165B6D2-FFF6-4091-8B74-275F9732386A} - System32\Tasks\PostPoneInstall => C:\Users\User\AppData\Local\Temp\ce98ac2e-20c0-4a93-86f6-bdb3e61caf55.exe <==== ACHTUNG
Task: {441AD14E-03D0-4EA0-BBF0-01C4780A2DFC} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {55E755CB-2EEE-4EE4-B094-7DBDDF2C3FC9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-16] (Adobe Systems Incorporated)
Task: {5A75F67D-F024-4DBE-8169-CEF8C4B0D36F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {60D69590-4D40-4FD4-AF06-2D948546068E} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {639586DB-DC21-48DF-8DD9-12B41854A0BC} - System32\Tasks\ParetoLogic Update Version3 => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2014-12-08] ()
Task: {63DEAB81-B0C7-4588-92F6-5921E535393F} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {6927545F-50A6-4500-B092-612D840D417D} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {6B98FD87-8858-472D-83E7-46673CE6CCD9} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {70720BEC-E3DD-43E0-A85A-EAF97AE445A2} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {7AC3B49C-9E21-41CB-80C4-4E9C2B161740} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {7CFD0B51-2EB8-4656-A49D-EF332159CE80} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {82E25899-A919-4205-A89B-56EAEFD2C1F3} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {842A76CE-05D7-4166-BA12-6800B78162BB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {8716169D-B94E-4805-84B0-07C384118668} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {9D759583-D093-4D62-8787-AA5A33B65F8F} - \ASUS\i-Setup042718 -> Keine Datei <==== ACHTUNG
Task: {A0FF1C4C-B44D-432C-AFCB-8A38CAAB8ADC} - \Microsoft\Windows\File Classification Infrastructure\Property Definition Sync -> Keine Datei <==== ACHTUNG
Task: {A7DA2270-ABB5-412B-8A6E-E8F0EFA9B158} - System32\Tasks\CGN => C:\Program Files (x86)\Common Files\ClaraUpdater\ClaraUpdater.exe
Task: {A82F0EE0-B201-4030-8769-F4F7D863669D} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {B557E95B-0AE6-4B40-AE69-F0CD0F3A435D} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {B9EDCED0-B1FC-4C7F-AD96-8F5BF5D52551} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {BB67C0D6-CB5A-40FC-85E6-1E69B0016A6A} - System32\Tasks\{5CEAF446-3749-40CC-89FC-AF5ED531B654} => pcalua.exe -a "C:\Users\User\Desktop\Virenscanner (bitte installieren!)\G-DATA Internet Security 2015 Vollversion.exe" -d "C:\Users\User\Desktop\Virenscanner (bitte installieren!)"
Task: {BC867EF6-2451-401C-A02F-CE5CE9045127} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {C01E02BB-3EBA-4A5F-95F4-20601A7B7D6B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {C0F583AA-DE3E-4ACE-97BB-34A19BB11CB3} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {C1A2D5B2-1D01-4A4F-9352-36E57C48D8C0} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {C45C02FA-FF9A-4675-8107-36C99A063789} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {C56A92FD-0817-4CC2-9332-FBBC0841A527} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {CB2447F2-850C-45FD-B407-71BA2D0274CC} - System32\Tasks\ParetoLogic Registration3 => Rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns
Task: {D1308B97-A7A2-4F0A-844E-92BCE4A5C2E6} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {D853D46E-4181-4143-A953-DA36484E03B6} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {F1803F23-34F0-4B09-AC5A-42D71EBBA98C} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {F5F1A482-36CB-48D4-AF6A-352490DE49C2} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {F691EEFA-414B-4AE5-AABC-3F037C793F69} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {FFE83BD0-F839-44D3-A55F-866BE92E2491} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\ParetoLogic Registration3.job => C:\WINDOWS\system32\rundll32.exeGC:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll
Task: C:\WINDOWS\Tasks\ParetoLogic Update Version3 Startup Task.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\WINDOWS\Tasks\ParetoLogic Update Version3.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-09-10 23:58 - 2015-09-10 23:58 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-09-10 23:58 - 2015-09-10 23:58 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-08-21 21:09 - 2015-08-21 21:09 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 00817152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2015-07-20 16:34 - 2015-07-20 16:34 - 00012288 _____ () C:\Program Files (x86)\No-IP\ducservice.exe
2015-10-01 13:13 - 2015-09-17 07:48 - 02494712 ____C () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 13:13 - 2015-09-17 07:48 - 02494712 ____C () C:\WINDOWS\System32\CoreUIComponents.dll
2009-03-30 07:32 - 2009-03-30 07:32 - 00032768 ____R () C:\Windows\DAODx.exe
2015-10-01 13:13 - 2015-09-17 06:48 - 00429056 ____C () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-01 13:13 - 2015-09-17 06:44 - 06569472 ____C () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-01 13:13 - 2015-09-17 06:42 - 00471040 ____C () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-01 13:13 - 2015-09-17 06:42 - 01808384 ____C () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 13:13 - 2015-09-17 06:43 - 02274816 ____C () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 12:00 - 2015-07-10 17:43 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 00264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2015-08-21 21:09 - 2015-08-21 21:09 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2015-07-20 16:34 - 2015-07-20 16:34 - 00073728 _____ () C:\Program Files (x86)\No-IP\ducapi.dll
2014-10-01 10:23 - 2014-10-01 10:23 - 02140672 _____ () C:\Program Files (x86)\ManyCam\opencv_core2410.dll
2014-10-01 10:24 - 2014-10-01 10:24 - 01891840 _____ () C:\Program Files (x86)\ManyCam\opencv_imgproc2410.dll
2014-10-01 10:25 - 2014-10-01 10:25 - 00654848 _____ () C:\Program Files (x86)\ManyCam\opencv_objdetect2410.dll
2014-10-01 10:24 - 2014-10-01 10:24 - 02147840 _____ () C:\Program Files (x86)\ManyCam\opencv_highgui2410.dll
2014-10-01 10:24 - 2014-10-01 10:24 - 00360960 _____ () C:\Program Files (x86)\ManyCam\opencv_video2410.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 07955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 02144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 00341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 00028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-12 23:38 - 2012-09-12 23:38 - 00127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2012-09-12 23:39 - 2012-09-12 23:39 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\User\Desktop\bANNER.png
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{8CAE1BC7-6A06-48D8-B4DF-61585C328612}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [UDP Query User{E7B89B8C-23EE-4E27-BEBF-B83D646F7354}C:\users\user\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\user\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{5095B2F0-9237-4147-9C65-20117355851F}C:\users\user\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\user\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{0287C706-E0A6-483C-9F7D-9A0D0AF860C2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D2A42ED0-202B-4359-93CE-915A23061F42}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{3B0D4014-0301-44AC-933C-6F577E19EEFE}C:\program files (x86)\wtfast beta\wtfast.exe] => (Allow) C:\program files (x86)\wtfast beta\wtfast.exe
FirewallRules: [UDP Query User{8B228082-10C6-4302-A047-6394C6271689}C:\program files (x86)\wtfast beta\wtfast.exe] => (Allow) C:\program files (x86)\wtfast beta\wtfast.exe
FirewallRules: [TCP Query User{D4811527-B6E6-4CC3-8B48-14985A03CB44}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [UDP Query User{928B8F1B-568F-4BBD-9740-053F6C0CFB6A}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [{F4B32180-1938-4311-B4A7-C90456286858}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{E6CE4BA7-2530-4F0C-BFAA-299231C0993F}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{003C8121-3A15-4124-96B6-E78A38E80E85}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{BD407FA6-774D-4ACE-94F9-4FBB1FA224B6}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{57C04943-2FBA-459E-AD38-18ABB4EF6A66}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{4DAF1FC0-65FC-4063-85CB-3FF9DC1E3441}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{1064C771-1944-4FD3-9A45-7B042E202613}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{60116153-9C0B-4F2D-B1BE-3EB948FB1FFC}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [TCP Query User{90A8DECB-699D-491F-9B62-72DB69EED554}C:\program files\java\jre1.8.0_60\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\java.exe
FirewallRules: [UDP Query User{B5B90AB2-A3E1-4034-A27B-EAFE3266145F}C:\program files\java\jre1.8.0_60\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\java.exe
FirewallRules: [TCP Query User{7D5AB115-0B5D-423D-9359-D93A214AD59B}C:\users\user\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\user\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{6720FBED-946C-456B-B109-54FDCAF56817}C:\users\user\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\user\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{00C8E5C0-E229-4940-B91F-8A5D6D1D8393}C:\program files\java\jre1.8.0_65\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_65\bin\javaw.exe
FirewallRules: [UDP Query User{A07BD9E8-F722-473B-99F4-58CE4CAC6674}C:\program files\java\jre1.8.0_65\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_65\bin\javaw.exe
FirewallRules: [{74F5E0CC-AA4F-4375-A4A5-9CA52D828027}] => (Block) %ProgramFiles%\Sony\Vegas Pro 13.0\vegas130.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/05/2015 08:10:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm javaw.exe, Version 8.0.650.17 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 22a8

Startzeit: 01d117fd8256c085

Beendigungszeit: 31

Anwendungspfad: C:\Program Files\Java\jre1.8.0_65\bin\javaw.exe

Berichts-ID: d84a6e44-83f0-11e5-9bf6-b8975ab1b7a1

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (11/04/2015 09:31:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: USER-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (11/04/2015 08:43:21 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (2800) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.

Error: (11/04/2015 08:43:21 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (2800) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.

Error: (11/04/2015 08:43:11 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (2800) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.

Error: (11/04/2015 08:43:11 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (2800) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.

Error: (11/04/2015 08:43:01 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (2800) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.

Error: (11/04/2015 08:43:01 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (2800) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.

Error: (11/04/2015 08:42:50 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (2800) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.

Error: (11/04/2015 08:42:50 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (2800) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.


Systemfehler:
=============
Error: (11/04/2015 09:31:12 PM) (Source: DCOM) (EventID: 10010) (User: USER-PC)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca

Error: (11/04/2015 09:31:10 PM) (Source: DCOM) (EventID: 10010) (User: USER-PC)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (11/04/2015 09:31:09 PM) (Source: DCOM) (EventID: 10010) (User: USER-PC)
Description: Windows.Media.Capture.Internal.AppCaptureShell

Error: (11/04/2015 09:31:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/04/2015 09:31:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/04/2015 09:31:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/04/2015 09:31:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/04/2015 08:39:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Net.Tcp-Listeneradapter" ist vom Dienst "Net.Tcp-Portfreigabedienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (11/04/2015 08:39:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst Synchronisierungshost_Session1 erreicht.

Error: (11/04/2015 08:39:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (60000 ms) wurde beim Verbindungsversuch mit dem Dienst Benutzerdatenspeicher _Session1 erreicht.


==================== Speicherinformationen =========================== 

Prozessor: AMD A10-5800K APU with Radeon(tm) HD Graphics 
Prozentuale Nutzung des RAM: 34%
Installierter physikalischer RAM: 7344.2 MB
Verfügbarer physikalischer RAM: 4782.34 MB
Summe virtueller Speicher: 14768.2 MB
Verfügbarer virtueller Speicher: 11762.86 MB

==================== Laufwerke ================================

Drive c: (Windows7) (Fixed) (Total:930.97 GB) (Free:310.08 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0DA7C2E8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=449 MB) - (Type=27)

==================== Ende von Addition.txt ============================
         

Hi,

das erste Logfile ist immer noch nicht vollständig. Bitte nochmal posten (nur die FRST.txt) und darauf achten, dass du alles mitkopierst.

habe ausversehen vergessen ganz runter zu scrollen__

Code: Alles auswählenAufklappen

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-11-2015
durchgeführt von User (Administrator) auf USER-PC (05-11-2015 21:07:01)
Gestartet von C:\Users\User\Downloads
Geladene Profile: User (Verfügbare Profile: User & DefaultAppPool)
Platform: Windows 10 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
() C:\Program Files (x86)\No-IP\ducservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Windows\DAODx.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(VIA Technologies, Inc.) C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AAA Internet Publishing, Inc.) C:\Program Files (x86)\WTFast Beta\WTFast.exe
(Visicom Media Inc.) C:\Program Files (x86)\ManyCam\ManyCam.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [AtherosBtStack] => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2010-09-27] (Atheros Commnucations)
HKLM\...\Run: [VIAxHCUtl] => C:\Program Files\VIA XHCI UASP Utility\usb3Monitor
HKLM\...\Run: [IgfxTray] => "C:\Windows\system32\igfxtray.exe"
HKLM\...\Run: [HotKeysCmds] => "C:\Windows\system32\hkcmd.exe"
HKLM\...\Run: [Persistence] => "C:\Windows\system32\igfxpers.exe"
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [mbot_de_014010086] => "C:\Program Files (x86)\mbot_de_014010086\mbot_de_014010086.exe"
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782520 2015-09-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-09-21] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-12] (Logitech Inc.)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [57987712 2015-09-28] (Skype Technologies S.A.)
HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\...\Run: [WTFast Tray] => C:\Program Files (x86)\WTFast Beta\WTFast.exe [5194328 2015-09-14] (AAA Internet Publishing, Inc.)
HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\...\Run: [ManyCam] => C:\Program Files (x86)\ManyCam\ManyCam.exe [9590568 2015-09-23] (Visicom Media Inc.)
HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\...\Policies\Explorer: [NoDrives] 65536

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{12c5caae-8b86-4830-8791-c0f8bb7899cf}: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{1bfc2c8d-e0c5-4534-831d-059649fe28a1}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{613b26f9-f874-4e0e-9968-95711c944f86}: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{6c4bd96b-a427-4d85-884c-39d2ab9856b3}: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{d3be78ae-491a-4eb0-9b35-2aa566efa4d5}: [DhcpNameServer] 10.0.0.1

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3928150652-2756980015-3035233101-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll [2015-10-23] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-23] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2010-09-27] (Atheros Commnucations)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-16] ()
FF Plugin: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-23] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-16] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-3928150652-2756980015-3035233101-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\user.js [2015-07-29]
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\searchplugins\google-images.xml [2015-08-01]
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\searchplugins\google-maps.xml [2015-08-01]
FF Extension: SparPilot - Gutscheine & mehr... - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\Extensions\sparpilot__campaign0@sparpilot.com [2015-10-19]
FF Extension: Cliqz - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\Extensions\cliqz@cliqz.com.xpi [2015-11-03] [ist nicht signiert]
FF Extension: Browser-Security - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\Extensions\firefox@browser-security.de.xpi [2015-08-23]
FF Extension: Browser Service - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\Extensions\{4c251ea9-f334-4cb8-94a1-7cd4fef10ef3}.xpi [2015-08-25] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-25]
FF Extension: Browser Addon - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\Extensions\{e0bb220b-dad2-46f2-83b5-c353f7a982e0}.xpi [2015-10-28] [ist nicht signiert]
FF Extension: Greasemonkey - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-10-25]
FF Extension: Kein Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08] [ist nicht signiert]
FF HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\extensions\cliqz@cliqz.com => nicht gefunden

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [932912 2015-09-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-09-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-09-23] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1147720 2015-10-14] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [240360 2015-09-21] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-09-10] (Microsoft Corporation)
R2 NoIPDUCService4; C:\Program Files (x86)\No-IP\ducservice.exe [12288 2015-07-20] () [Datei ist nicht signiert]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-09-10] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-09-10] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137800 2015-09-23] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-09-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-03-17] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [74440 2015-09-23] (Avira Operations GmbH & Co. KG)
R3 CMUSBDAC; C:\Windows\system32\DRIVERS\CMUSBDAC.sys [595456 2014-09-19] (C-MEDIA)
R3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (Visicom Media Inc.)
R3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-09-10] (Microsoft Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek                                            )
R3 Sftfs; C:\Windows\System32\DRIVERS\Sftfswin7.sys [767648 2014-10-08] (Microsoft Corporation)
R3 Sftplay; C:\Windows\System32\DRIVERS\Sftplaywin7.sys [273576 2014-10-08] (Microsoft Corporation)
R3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirwin7.sys [29864 2014-10-08] (Microsoft Corporation)
R3 Sftvol; C:\Windows\System32\DRIVERS\Sftvolwin7.sys [23208 2014-10-08] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R2 WtfEngineDrv; C:\Windows\system32\DRIVERS\WtfEngineDrv.sys [27392 2015-04-02] (AAA Internet Publishing, Inc.)
U3 idsvc; kein ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-05 21:07 - 2015-11-05 21:07 - 00016607 _____ C:\Users\User\Downloads\FRST.txt
2015-11-05 21:06 - 2015-11-05 21:07 - 00000000 ____D C:\FRST
2015-11-05 21:05 - 2015-11-05 21:05 - 02198528 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2015-11-05 20:58 - 2015-11-05 20:58 - 00016148 _____ C:\WINDOWS\system32\USER-PC_User_HistoryPrediction.bin
2015-11-05 20:06 - 2015-11-05 20:53 - 626196580 _____ C:\Users\User\Desktop\PvP-Lesson mit SnowdomTV.mp4
2015-11-05 16:57 - 2015-11-05 19:05 - 00000216 _____ C:\Users\User\Desktop\Neues Textdokument (2).txt
2015-11-04 19:23 - 2015-11-04 19:23 - 07016240 _____ (Initex & AAA Internet Publishing ) C:\Users\User\Desktop\WTFastSetup.3.5.9.511.exe
2015-11-04 19:16 - 2015-11-04 19:16 - 00064984 _____ C:\Users\User\Documents\Ohne Titel.veg
2015-11-04 19:13 - 2015-11-04 19:13 - 00000000 ____D C:\Users\User\Desktop\game
2015-11-04 17:51 - 2015-11-04 18:28 - 496438553 _____ C:\Users\User\Desktop\PvP montage.mp4
2015-11-04 17:49 - 2015-11-04 17:49 - 00085408 _____ C:\Users\User\Desktop\Outro.avi.sfk
2015-11-04 04:08 - 2013-07-10 00:47 - 00000021 _____ C:\Users\User\Desktop\ender_pearl.png.mcmeta
2015-11-03 22:36 - 2015-11-03 22:36 - 00038962 _____ C:\Users\User\AppData\Local\recently-used.xbel
2015-11-03 22:01 - 2015-11-03 22:01 - 00008938 _____ C:\Users\User\Documents\Vorlage animation wooden sword.xcf
2015-11-03 21:30 - 2015-11-03 21:30 - 00032945 _____ C:\Users\User\Documents\Unbenannt.xcf
2015-11-03 20:55 - 2015-11-03 20:55 - 00000000 _____ C:\Users\User\Desktop\64x20304.txt
2015-11-03 16:22 - 2015-11-03 16:22 - 00000000 ____D C:\Users\User\AppData\Local\webkit
2015-11-02 15:13 - 2015-11-02 15:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-11-02 15:12 - 2015-11-02 15:12 - 00000000 ____D C:\ProgramData\Sony
2015-11-02 15:12 - 2015-11-02 15:12 - 00000000 ____D C:\Program Files\Sony
2015-11-02 15:12 - 2015-11-02 15:12 - 00000000 ____D C:\Program Files (x86)\Sony
2015-11-02 15:04 - 2015-11-02 15:12 - 411058696 _____ (Sony Creative Software Inc.) C:\Users\User\Desktop\Sony Vegas Pro 13.exe
2015-11-02 15:04 - 2015-11-02 15:04 - 00705308 _____ C:\Users\User\Desktop\vegas.pro.13.0.(64-bit)-patch (1).rar
2015-11-01 15:57 - 2015-11-01 15:47 - 00510381 _____ C:\Users\User\Desktop\NotEnoughItems-1.8-1.0.5.104-universal.jar
2015-11-01 15:54 - 2015-11-01 15:55 - 00007531 _____ C:\Users\User\Downloads\forge-1.8-11.14.3.1543-installer.jar.log
2015-11-01 15:54 - 2015-11-01 15:54 - 03605266 _____ C:\Users\User\Downloads\forge-1.8-11.14.3.1543-installer.jar
2015-11-01 15:40 - 2015-11-01 15:40 - 00119712 _____ C:\Users\User\Downloads\MSM-SNAP-3.0.0e-For-MC-1.7.10.jar
2015-11-01 15:28 - 2015-11-03 22:36 - 00000000 ____D C:\Users\User\Desktop\Modpack
2015-11-01 15:20 - 2014-06-18 12:46 - 354230360 ____R (Sony Creative Software Inc.) C:\Users\User\Desktop\vegaspro13.0.310_64bit.exe
2015-11-01 15:19 - 2015-11-01 15:19 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2015-11-01 13:27 - 2015-11-01 13:27 - 02607013 _____ C:\Users\User\Downloads\Fraps Files(1).rar
2015-11-01 13:22 - 2015-11-03 22:34 - 00000000 ____D C:\Users\User\Desktop\Neuer Ordner
2015-10-30 18:33 - 2015-10-28 00:38 - 21871616 ____C (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-30 18:33 - 2015-10-28 00:16 - 18801664 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-30 18:33 - 2015-10-21 13:45 - 00541024 ____C (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-10-30 18:33 - 2015-10-21 13:44 - 00459104 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-10-30 18:33 - 2015-10-21 13:43 - 01392480 ____C (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-30 18:33 - 2015-10-21 13:39 - 03621248 ____C (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-10-30 18:33 - 2015-10-21 13:00 - 24595968 ____C (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-30 18:33 - 2015-10-21 13:00 - 03248128 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-30 18:33 - 2015-10-21 12:59 - 00076800 ____C (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-10-30 18:33 - 2015-10-21 12:57 - 02418688 ____C (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-30 18:33 - 2015-10-21 12:52 - 02987520 ____C (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-30 18:33 - 2015-10-21 12:50 - 00333312 ____C (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-10-30 18:33 - 2015-10-21 12:48 - 01068032 ____C (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-30 18:33 - 2015-10-21 12:47 - 00453120 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-10-30 18:33 - 2015-10-21 12:46 - 02179584 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-30 18:33 - 2015-10-21 12:46 - 01602560 ____C (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-10-30 18:33 - 2015-10-21 12:44 - 00713216 ____C (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-10-30 18:33 - 2015-10-21 12:44 - 00579072 ____C (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-30 18:33 - 2015-10-21 12:43 - 02675200 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-10-30 18:33 - 2015-10-21 12:42 - 00627712 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-30 18:33 - 2015-10-21 12:41 - 01795072 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-30 18:33 - 2015-10-21 12:40 - 00145408 ____C (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-10-30 18:33 - 2015-10-21 12:38 - 00502272 ____C (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-10-30 18:33 - 2015-10-21 06:53 - 00961376 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-30 18:33 - 2015-10-21 06:49 - 02878512 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-10-30 18:33 - 2015-10-21 06:13 - 19326464 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-30 18:33 - 2015-10-21 06:11 - 02647040 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-30 18:33 - 2015-10-21 06:08 - 01918976 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-30 18:33 - 2015-10-21 06:05 - 02639872 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-30 18:33 - 2015-10-21 06:03 - 01380864 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-10-30 18:33 - 2015-10-21 06:03 - 00311296 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-10-30 18:33 - 2015-10-21 05:58 - 02049536 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-10-30 18:33 - 2015-10-21 05:58 - 00464896 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-30 18:33 - 2015-10-21 05:55 - 00441344 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-10-30 02:02 - 2015-10-30 02:36 - 483239885 _____ C:\Users\User\Desktop\Minecraft Quuuuicksg #5.mp4
2015-10-30 01:48 - 2015-10-30 02:08 - 00000000 ____D C:\Users\User\Desktop\THUMBNAILS
2015-10-30 00:29 - 2015-10-27 10:36 - 46888189 _____ C:\Users\User\Downloads\GOARMY.zip
2015-10-29 22:14 - 2015-10-29 22:55 - 353519548 _____ C:\Users\User\Desktop\Minecraft timolia #4.mp4
2015-10-29 22:12 - 2015-10-29 23:13 - 00106240 _____ C:\Users\User\Desktop\Funny - Music.mp3.sfk
2015-10-29 22:06 - 2015-10-29 22:08 - 3150654888 _____ C:\Users\User\Desktop\Outro.avi
2015-10-29 21:55 - 2015-10-29 21:56 - 4242983080 _____ C:\Users\User\Desktop\javaw 2015-10-29 21-55-13-63.avi
2015-10-27 14:01 - 2015-10-27 15:02 - 520585962 _____ C:\Users\User\Desktop\Quuuuuicksg #4.mp4
2015-10-27 00:36 - 2015-10-27 11:06 - 00106240 _____ C:\Users\User\Downloads\Funny - Music.mp3.sfk
2015-10-27 00:14 - 2015-10-27 00:14 - 1758971944 _____ C:\Users\User\Desktop\javaw 2015-10-27 00-14-17-60.avi
2015-10-26 20:07 - 2015-10-26 20:08 - 34864620 _____ C:\Users\User\Downloads\Brobi V2 Pack(2).zip
2015-10-24 13:34 - 2015-10-24 13:38 - 33743229 _____ C:\Users\User\Desktop\Minecraft Varo Battle2.mp4
2015-10-24 00:46 - 2015-10-24 00:48 - 00000000 ____D C:\Users\User\Desktop\Screens
2015-10-23 19:13 - 2015-11-05 18:00 - 00000482 _____ C:\WINDOWS\Tasks\ParetoLogic Registration3.job
2015-10-23 19:13 - 2015-10-23 19:13 - 00003294 _____ C:\WINDOWS\System32\Tasks\ParetoLogic Registration3
2015-10-23 19:13 - 2015-10-23 19:13 - 00000000 ____D C:\Users\User\AppData\Roaming\ParetoLogic
2015-10-23 19:13 - 2015-10-23 19:13 - 00000000 ____D C:\Users\User\AppData\Roaming\DriverCure
2015-10-23 19:12 - 2015-11-05 14:53 - 00000508 _____ C:\WINDOWS\Tasks\ParetoLogic Update Version3 Startup Task.job
2015-10-23 19:12 - 2015-10-30 00:50 - 00000456 _____ C:\WINDOWS\Tasks\ParetoLogic Update Version3.job
2015-10-23 19:12 - 2015-10-23 19:15 - 00000000 ____D C:\ProgramData\ParetoLogic
2015-10-23 19:12 - 2015-10-23 19:12 - 05813872 _____ (ParetoLogic Inc.) C:\Users\User\Downloads\ParetoLogic PC Health Advisor_de.exe
2015-10-23 19:12 - 2015-10-23 19:12 - 00003418 _____ C:\WINDOWS\System32\Tasks\ParetoLogic Update Version3
2015-10-23 19:12 - 2015-10-23 19:12 - 00003112 _____ C:\WINDOWS\System32\Tasks\ParetoLogic Update Version3 Startup Task
2015-10-23 15:05 - 2015-10-23 15:05 - 00954523 _____ C:\Users\User\Downloads\OptiFine_1-8-8_HD_U_E2.jar
2015-10-23 13:35 - 2015-10-23 13:35 - 00138968 _____ C:\Users\User\Desktop\OUTRO NEXT VIDEO.avi.sfk
2015-10-23 13:19 - 2015-10-23 13:19 - 00000746 _____ C:\Users\User\Desktop\Bilder - Verknüpfung.lnk
2015-10-23 12:24 - 2015-10-23 12:24 - 01247112 _____ (Mojang) C:\Users\User\Desktop\Minecraft.exe
2015-10-23 10:08 - 2015-10-23 10:08 - 00000000 ____D C:\ProgramData\ATI
2015-10-23 00:53 - 2015-10-23 00:53 - 00000753 _____ C:\Users\User\Documents\Downloads - Verknüpfung.lnk
2015-10-22 20:25 - 2015-10-22 20:25 - 00062133 _____ C:\WINDOWS\SysWOW64\CCCInstall_201510222125048155.log
2015-10-22 20:25 - 2015-10-22 20:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-10-22 20:24 - 2015-10-22 20:24 - 00061253 _____ C:\WINDOWS\SysWOW64\CCCInstall_201510222124019710.log
2015-10-22 20:24 - 2015-10-22 20:24 - 00000000 ____D C:\Program Files\ATI Technologies
2015-10-22 20:24 - 2015-10-22 20:24 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2015-10-22 20:23 - 2015-10-22 20:23 - 00000000 ____D C:\Users\Default\AppData\Roaming\ATI
2015-10-22 20:23 - 2015-10-22 20:23 - 00000000 ____D C:\Users\Default\AppData\Local\ATI
2015-10-22 20:23 - 2015-10-22 20:23 - 00000000 ____D C:\Users\Default User\AppData\Roaming\ATI
2015-10-22 20:23 - 2015-10-22 20:23 - 00000000 ____D C:\Users\Default User\AppData\Local\ATI
2015-10-22 20:21 - 2015-10-22 20:21 - 47794160 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 39712768 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 30776304 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 27544560 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 22327280 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 15725552 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 14310896 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 09355016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 07683096 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 06686192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 05216240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2015-10-22 20:21 - 2015-10-22 20:21 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2015-10-22 20:21 - 2015-10-22 20:21 - 01196032 _____ C:\WINDOWS\system32\amdocl_as64.exe
2015-10-22 20:21 - 2015-10-22 20:21 - 01070592 _____ C:\WINDOWS\system32\amdocl_ld64.exe
2015-10-22 20:21 - 2015-10-22 20:21 - 01004032 _____ C:\WINDOWS\SysWOW64\amdocl_as32.exe
2015-10-22 20:21 - 2015-10-22 20:21 - 00935408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00833800 _____ C:\WINDOWS\system32\amdicdxx.dat
2015-10-22 20:21 - 2015-10-22 20:21 - 00807424 _____ C:\WINDOWS\SysWOW64\amdocl_ld32.exe
2015-10-22 20:21 - 2015-10-22 20:21 - 00662392 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2015-10-22 20:21 - 2015-10-22 20:21 - 00662392 _____ C:\WINDOWS\system32\atiapfxx.blb
2015-10-22 20:21 - 2015-10-22 20:21 - 00631280 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00524272 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00471312 _____ C:\WINDOWS\system32\amdmiracast.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00375792 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2015-10-22 20:21 - 2015-10-22 20:21 - 00341488 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe
2015-10-22 20:21 - 2015-10-22 20:21 - 00243696 _____ C:\WINDOWS\system32\clinfo.exe
2015-10-22 20:21 - 2015-10-22 20:21 - 00213488 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00199664 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00198640 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00177344 _____ C:\WINDOWS\system32\ativce03.dat
2015-10-22 20:21 - 2015-10-22 20:21 - 00175648 _____ C:\WINDOWS\system32\amde31a.dat
2015-10-22 20:21 - 2015-10-22 20:21 - 00168944 _____ C:\WINDOWS\system32\atieah64.exe
2015-10-22 20:21 - 2015-10-22 20:21 - 00165360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00152560 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2015-10-22 20:21 - 2015-10-22 20:21 - 00151936 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00143344 _____ C:\WINDOWS\system32\amdhdl64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00138376 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00136176 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00132080 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00122352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00117600 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00111600 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00111088 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00110312 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00103408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00100816 _____ C:\WINDOWS\system32\ativce02.dat
2015-10-22 20:21 - 2015-10-22 20:21 - 00097776 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00096752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00089584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00088000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00087992 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00083952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00081168 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00081160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00078320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00073712 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00071152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00068080 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00064496 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00060912 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00059888 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe
2015-10-22 20:21 - 2015-10-22 20:21 - 00059376 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00057840 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00052208 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00048112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00047664 _____ C:\WINDOWS\system32\kapp_ci.sbin
2015-10-22 20:21 - 2015-10-22 20:21 - 00043536 _____ C:\WINDOWS\system32\kapp_si.sbin
2015-10-22 20:21 - 2015-10-22 20:21 - 00038384 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00012784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00012784 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2015-10-21 22:42 - 2015-10-21 23:00 - 331668153 _____ C:\Users\User\Desktop\Minecraft Quuuuuicksg #2.mp4
2015-10-21 22:40 - 2015-10-21 22:41 - 00213496 _____ C:\Users\User\Desktop\javaw 2015-10-14 19-44-15-89.avi.sfk
2015-10-21 22:40 - 2015-10-21 22:41 - 00032448 _____ C:\Users\User\Desktop\Outro form.mp4.sfk
2015-10-21 16:41 - 2015-10-21 16:37 - 00026671 _____ C:\Users\User\Downloads\Xray Ultimate 1.8.zip
2015-10-20 13:07 - 2015-10-20 13:07 - 08173005 _____ C:\Users\User\Downloads\Huzuni 3.5.zip
2015-10-20 13:01 - 2015-10-20 13:01 - 06051033 _____ C:\Users\User\Downloads\huzuni-new.zip
2015-10-20 09:30 - 2015-10-20 09:31 - 00000000 ____D C:\Users\User\Downloads\GarPloit 1.3
2015-10-20 09:27 - 2015-10-20 09:27 - 06445168 _____ C:\Users\User\Downloads\GarPloit 1.3.zip
2015-10-17 13:13 - 2015-10-17 13:13 - 00000617 _____ C:\Users\User\Desktop\Fraps.lnk
2015-10-17 13:13 - 2015-10-17 13:13 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps
2015-10-17 13:09 - 2015-10-17 13:09 - 00001276 _____ C:\Users\Public\Desktop\Einfaches Video und Filmschnittprogramm LoiLo.lnk
2015-10-17 13:09 - 2015-10-17 13:09 - 00001079 _____ C:\Users\Public\Desktop\LoiLo Game Recorder.lnk
2015-10-17 13:09 - 2015-10-17 13:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LoiLoScope 2
2015-10-17 13:09 - 2015-10-17 13:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LoiLo Game Recorder
2015-10-17 13:04 - 2015-10-17 13:04 - 01461024 _____ C:\Users\User\Downloads\LoiLo Game Recorder - CHIP-Installer(4).exe
2015-10-16 13:02 - 2015-11-02 14:27 - 00000000 ____D C:\Users\User\Desktop\trash
2015-10-14 23:34 - 2015-10-14 23:34 - 00032296 _____ C:\Users\User\Documents\Untitled.veg
2015-10-14 20:49 - 2015-11-04 11:57 - 00000000 ____D C:\Users\User\Desktop\aufnahme
2015-10-14 17:17 - 2015-10-14 17:19 - 00000000 ____D C:\Users\User\AppData\Roaming\Minecraft Skin Viewer
2015-10-14 17:16 - 2015-10-14 17:17 - 00155858 _____ C:\Users\User\Downloads\Minecraft Skin Viewer.zip
2015-10-14 15:15 - 2015-10-06 04:03 - 16708608 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-14 15:15 - 2015-10-06 03:46 - 13027840 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-14 15:15 - 2015-10-01 05:00 - 08020320 ____C (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-14 15:15 - 2015-09-25 04:02 - 07523840 ____C (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-14 15:15 - 2015-09-25 04:01 - 04792320 ____C (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-14 15:15 - 2015-09-25 04:01 - 03586560 ____C (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-14 15:15 - 2015-09-25 04:00 - 01382400 ____C (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-14 15:15 - 2015-09-25 03:38 - 03580416 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-14 15:15 - 2015-09-25 03:36 - 05454848 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-14 15:14 - 2015-09-25 04:33 - 01997336 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-14 15:14 - 2015-09-25 04:26 - 20858360 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-14 15:14 - 2015-09-25 04:11 - 00257024 ____C (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-14 15:14 - 2015-09-25 04:11 - 00223232 ____C (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-14 15:14 - 2015-09-25 04:07 - 01276416 ____C (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-14 15:14 - 2015-09-25 04:04 - 00771072 ____C (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-14 15:14 - 2015-09-25 04:03 - 00796160 ____C (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-14 15:14 - 2015-09-25 04:00 - 01423872 ____C (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-14 15:14 - 2015-09-25 04:00 - 00856576 ____C (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-14 15:14 - 2015-09-25 03:59 - 01205248 ____C (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-14 15:14 - 2015-09-25 03:59 - 00720896 ____C (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-14 15:14 - 2015-09-25 03:59 - 00685568 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-14 15:14 - 2015-09-25 03:59 - 00590336 ____C (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-14 15:14 - 2015-09-25 03:59 - 00288256 ____C (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-14 15:14 - 2015-09-25 03:59 - 00163840 ____C (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-14 15:14 - 2015-09-25 03:47 - 00195584 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-14 15:14 - 2015-09-25 03:47 - 00172032 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-14 15:14 - 2015-09-25 03:38 - 00650240 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-14 15:14 - 2015-09-25 03:38 - 00574464 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-14 15:14 - 2015-09-25 03:38 - 00504320 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-14 15:14 - 2015-09-25 03:37 - 00766976 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-14 15:14 - 2015-09-25 03:37 - 00613376 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-14 15:14 - 2015-09-25 03:37 - 00480256 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-14 15:14 - 2015-09-25 03:36 - 11262976 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-14 15:14 - 2015-09-25 03:34 - 00928256 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-14 15:14 - 2015-09-25 03:34 - 00625152 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-14 15:14 - 2015-09-25 03:34 - 00579584 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-14 15:14 - 2015-09-25 03:34 - 00557568 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-14 15:14 - 2015-09-25 03:34 - 00525312 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-14 15:14 - 2015-09-25 03:33 - 00131072 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-14 15:14 - 2015-09-25 03:32 - 01594368 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-14 15:14 - 2015-09-25 03:32 - 00466432 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-14 15:12 - 2015-09-25 05:01 - 00498016 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-14 15:11 - 2015-10-10 08:12 - 00078528 ____C (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-14 15:11 - 2015-10-01 05:01 - 01294352 ____C (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-14 15:11 - 2015-10-01 05:01 - 01123400 ____C (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-14 15:11 - 2015-10-01 05:01 - 01018568 ____C (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-14 15:11 - 2015-10-01 05:01 - 00858408 ____C (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-14 15:11 - 2015-10-01 04:03 - 00757760 ____C (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-14 15:11 - 2015-09-25 05:01 - 02573768 ____C (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-14 15:11 - 2015-09-25 04:56 - 22322624 ____C (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-14 15:11 - 2015-09-25 04:52 - 00980832 ____C (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-14 15:11 - 2015-09-25 04:09 - 12504064 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-14 15:11 - 2015-09-25 04:04 - 00826880 ____C (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-14 15:11 - 2015-09-25 04:03 - 00576000 ____C (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-14 15:11 - 2015-09-25 04:02 - 00949248 ____C (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-14 15:11 - 2015-09-25 04:02 - 00689152 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-14 15:11 - 2015-09-25 04:00 - 00752640 ____C (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-14 15:11 - 2015-09-25 03:58 - 01871360 ____C (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-12 23:51 - 2015-10-30 02:08 - 00000000 ____D C:\Users\User\Desktop\Thumbnails skyra
2015-10-12 23:50 - 2015-10-12 23:50 - 00884390 _____ C:\Users\User\Documents\SKYRA VORLAGE.xcf
2015-10-12 18:21 - 2015-10-12 18:23 - 74713080 _____ (LoiLo inc. ) C:\Users\User\Downloads\LoiLoGameRecorder1.1.0.1(1).exe
2015-10-12 12:46 - 2015-10-12 12:46 - 01457952 _____ C:\Users\User\Downloads\LoiLo Game Recorder - CHIP-Installer(3).exe
2015-10-12 12:45 - 2015-10-12 12:45 - 00000000 ____D C:\Users\User\Desktop\minecraft skyra
2015-10-11 22:09 - 2015-10-11 22:10 - 74612920 _____ (LoiLo inc. ) C:\Users\User\Downloads\LoiLoGameRecorder1-1-0-0(2).exe
2015-10-10 16:58 - 2015-10-10 17:00 - 00018952 _____ C:\Users\User\Downloads\Intro Skyra (Minecraft Projekt) __ Beste Kamerafahrt_ xD __ ~Roeni.mp4.sfk
2015-10-09 21:02 - 2015-10-09 21:02 - 00000000 ____D C:\Users\User\AppData\Roaming\Sony Creative Software Inc
2015-10-09 21:00 - 2015-10-09 21:00 - 00852576 _____ C:\Users\User\Documents\Minecraft Survivalgames #2.mp4.sfk
2015-10-08 14:48 - 2015-10-08 14:48 - 00241720 _____ C:\Users\User\Downloads\DUCSetup_v4_1_1.exe
2015-10-08 14:48 - 2015-10-08 14:48 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC
2015-10-08 14:48 - 2015-10-08 14:48 - 00000000 ____D C:\Users\User\AppData\Local\Vitalwerks
2015-10-08 14:48 - 2015-10-08 14:48 - 00000000 ____D C:\ProgramData\Vitalwerks
2015-10-08 14:48 - 2015-10-08 14:48 - 00000000 ____D C:\Program Files (x86)\No-IP
2015-10-08 13:40 - 2015-10-08 13:40 - 14975209 _____ C:\Users\User\Downloads\Varo-Map.gz
2015-10-08 13:40 - 2015-10-08 13:40 - 00000000 ____D C:\Users\User\Downloads\Varo-Map
2015-10-07 17:18 - 2015-10-08 14:15 - 00000000 ____D C:\Users\User\Desktop\SERVER VARO
2015-10-07 17:11 - 2015-10-07 17:11 - 00059621 _____ C:\Users\User\Downloads\MrVaro-2.6.jar
2015-10-06 19:48 - 2015-10-06 19:48 - 00000185 _____ C:\Users\User\Downloads\eula.txt
2015-10-06 19:48 - 2015-10-06 19:48 - 00000062 _____ C:\Users\User\Downloads\server.properties
2015-10-06 19:45 - 2015-10-07 17:21 - 00000000 ____D C:\Users\User\AppData\Roaming\Notepad++
2015-10-06 19:45 - 2015-10-06 19:45 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-10-06 19:45 - 2015-10-06 19:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-10-06 19:45 - 2015-10-06 19:45 - 00000000 ____D C:\Program Files (x86)\Notepad++
2015-10-06 19:44 - 2015-10-06 19:44 - 07674224 _____ C:\Users\User\Downloads\npp.6.6.7.Installer.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-05 21:04 - 2015-07-28 18:00 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype
2015-11-05 20:59 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-05 20:55 - 2015-08-05 19:31 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-05 20:31 - 2015-07-10 13:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-05 19:47 - 2015-07-28 16:45 - 00000000 ____D C:\Users\User\AppData\Roaming\.minecraft
2015-11-05 15:54 - 2015-09-10 23:11 - 02074382 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-05 15:54 - 2015-07-10 17:34 - 00882838 _____ C:\WINDOWS\system32\perfh007.dat
2015-11-05 15:54 - 2015-07-10 17:34 - 00195532 _____ C:\WINDOWS\system32\perfc007.dat
2015-11-05 15:16 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-04 20:45 - 2015-09-19 18:36 - 00049190 _____ C:\WINDOWS\system32\lvcoinst.log
2015-11-04 20:39 - 2015-07-15 13:51 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2015-11-04 20:39 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-04 20:39 - 2015-07-10 10:05 - 00131072 ___SH C:\WINDOWS\system32\config\BBI
2015-11-04 20:36 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-11-04 19:16 - 2015-08-27 19:55 - 00000000 ___DC C:\Program Files (x86)\WTFast Beta
2015-11-04 19:16 - 2015-08-27 19:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WTFast Beta
2015-11-03 22:36 - 2015-09-30 17:38 - 00000000 ____D C:\Users\User\AppData\Local\gtk-2.0
2015-11-03 22:36 - 2015-09-30 16:54 - 00000000 ____D C:\Users\User\.gimp-2.8
2015-11-02 18:20 - 2015-09-15 18:41 - 00001219 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2015-11-02 18:20 - 2015-09-15 18:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-11-02 18:20 - 2015-09-10 23:09 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-02 15:12 - 2015-10-01 13:49 - 00000000 ____D C:\Users\User\AppData\Roaming\Sony
2015-11-02 15:03 - 2015-10-01 14:14 - 00045900 _____ C:\WINDOWS\system32\--traceoff
2015-11-01 13:24 - 2015-09-08 11:02 - 00000000 ____D C:\Users\User\Downloads\EvilHack v.3.6 by Vladymyr96
2015-11-01 12:37 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-31 13:16 - 2015-07-28 17:12 - 00000000 ____D C:\Users\User\AppData\Roaming\TS3Client
2015-10-31 13:00 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-30 02:43 - 2015-08-10 22:10 - 00000000 ____D C:\Users\User\AppData\Roaming\Audacity
2015-10-27 15:01 - 2015-10-04 22:02 - 00000207 _____ C:\Users\User\Desktop\Beschreibung.txt
2015-10-27 10:34 - 2015-09-11 05:27 - 00002363 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-10-27 10:34 - 2015-09-11 05:27 - 00000000 ___RD C:\Users\User\OneDrive
2015-10-23 19:13 - 2011-06-26 21:05 - 00001754 _____ C:\Users\Public\Desktop\CDBurner.lnk
2015-10-23 19:13 - 2011-06-26 21:05 - 00001704 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2015-10-23 12:16 - 2015-07-28 18:53 - 00000000 ____D C:\ProgramData\Oracle
2015-10-23 12:06 - 2015-08-29 09:11 - 00000000 ____D C:\Users\User\.oracle_jre_usage
2015-10-23 12:06 - 2015-07-28 18:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-23 12:05 - 2015-07-28 18:54 - 00110176 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-10-23 12:05 - 2015-07-28 18:53 - 00000000 ___DC C:\Program Files\Java
2015-10-23 00:53 - 2015-09-14 17:13 - 00000000 ____D C:\Users\User\Desktop\sounds
2015-10-22 20:25 - 2015-09-11 05:26 - 00000000 ____D C:\Users\User\AppData\Local\AMD
2015-10-22 20:24 - 2015-09-10 23:09 - 00000000 ____D C:\ProgramData\AMD
2015-10-22 20:23 - 2015-09-10 23:08 - 00000000 ____D C:\AMD
2015-10-22 20:21 - 2015-08-20 20:51 - 12088000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2015-10-22 20:21 - 2015-08-20 20:51 - 10211008 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2015-10-22 20:21 - 2015-08-20 20:51 - 08982440 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2015-10-22 20:21 - 2015-08-20 20:51 - 08864920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2015-10-22 20:21 - 2015-08-20 20:51 - 08009360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2015-10-22 20:21 - 2015-08-20 20:51 - 07482552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2015-10-22 20:21 - 2015-08-20 20:51 - 01479808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2015-10-22 20:21 - 2015-08-20 20:51 - 01223552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2015-10-22 20:21 - 2015-08-20 20:51 - 00162232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2015-10-22 20:21 - 2015-08-20 20:51 - 00143048 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2015-10-22 20:21 - 2015-08-20 20:51 - 00130072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2015-10-22 20:21 - 2015-08-20 20:51 - 00112360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2015-10-22 20:21 - 2015-08-20 20:46 - 25320432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2015-10-22 20:21 - 2015-08-20 20:46 - 21648880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2015-10-22 20:21 - 2015-08-20 20:46 - 01256432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2015-10-22 20:21 - 2015-08-20 20:46 - 00935408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2015-10-22 20:21 - 2015-08-20 20:46 - 00874480 _____ (AMD) C:\WINDOWS\system32\coinst_15.20.dll
2015-10-22 20:21 - 2015-08-20 20:46 - 00683504 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2015-10-22 20:21 - 2015-08-20 20:46 - 00674288 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2015-10-22 20:21 - 2015-08-20 20:46 - 00451056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2015-10-22 20:21 - 2015-08-20 20:46 - 00255472 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2015-10-22 20:21 - 2015-08-20 20:46 - 00150512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2015-10-22 20:21 - 2015-08-20 20:46 - 00078320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2015-10-22 18:32 - 2015-07-28 17:12 - 00000000 ___DC C:\Program Files (x86)\TeamSpeak 3 Client
2015-10-21 14:13 - 2015-10-01 13:06 - 00000000 ____D C:\Users\User\AppData\Roaming\OBS
2015-10-21 14:08 - 2015-10-01 13:06 - 00000000 ____D C:\Program Files\OBS
2015-10-17 13:13 - 2015-09-26 09:54 - 00000000 ____D C:\Fraps
2015-10-17 13:09 - 2015-08-08 12:29 - 00000000 ___DC C:\Program Files\LoiLo
2015-10-16 04:10 - 2015-10-01 14:06 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-16 04:10 - 2015-10-01 14:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-15 13:16 - 2013-07-15 12:29 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-15 13:11 - 2013-07-14 16:33 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-14 21:56 - 2015-07-28 17:59 - 00000000 __RDC C:\Program Files (x86)\Skype
2015-10-12 14:05 - 2015-09-30 20:07 - 00000000 ____D C:\Users\User\Desktop\Varo
2015-10-10 17:17 - 2015-09-09 21:02 - 00000000 ____D C:\Users\User\AppData\Roaming\Anvsoft
2015-10-07 15:14 - 2015-07-28 17:59 - 00000000 ____D C:\ProgramData\Skype

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-08-08 13:24 - 2015-08-08 13:24 - 0000000 ___RH () C:\Users\User\AppData\Roaming\58844d229ddd151bfaed973f37cacc782
2015-07-28 17:39 - 2015-07-28 17:39 - 0000000 _____ () C:\Users\User\AppData\Roaming\gdfw.log
2015-07-28 17:39 - 2015-07-28 17:39 - 0000779 _____ () C:\Users\User\AppData\Roaming\gdscan.log
2015-11-03 22:36 - 2015-11-03 22:36 - 0038962 _____ () C:\Users\User\AppData\Local\recently-used.xbel

Einige Dateien in TEMP:
====================
C:\Users\User\AppData\Local\Temp\amt_oursurfing.exe
C:\Users\User\AppData\Local\Temp\avgnt.exe
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-1173118353540883979.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-1752491449186567265.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-2201368011938689380.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-2618505133473098253.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-2789096141553947812.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-3178197316843515632.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-3337577410216099377.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-3338435204503217700.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-3411612963100103806.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-4277737730885816029.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-4518289107014804270.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-4978473378334862119.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-5302791949231867198.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-562625377389265797.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-6209107839186503279.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-6780039731937162160.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-679197715991657064.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-7124270682324496586.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-723213453837226422.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-7329611553722246076.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-7623161908290565895.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-7645752524606657152.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-8431555853405383488.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-8486430122786041732.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-8533431977384716520.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-904572956628475557.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-9169397324662788991.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Spigot-06ad352-4a7472d-1824604573805871449.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Spigot-06ad352-4a7472d-2929798892950962521.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Spigot-06ad352-4a7472d-3147840678608630587.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Spigot-06ad352-4a7472d-3891697023572236362.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Spigot-06ad352-4a7472d-4815437255598979394.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Spigot-06ad352-4a7472d-4947822979305072009.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Spigot-06ad352-4a7472d-770436404729900341.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Spigot-06ad352-4a7472d-8127840553139350778.dll
C:\Users\User\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\User\AppData\Local\Temp\tmp4928.exe
C:\Users\User\AppData\Local\Temp\WdfCoInstaller01007.dll
C:\Users\User\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-10-31 12:57

==================== Ende von FRST.txt ============================
         

Code: Alles auswählenAufklappen

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-11-2015
durchgeführt von User (Administrator) auf USER-PC (05-11-2015 21:07:01)
Gestartet von C:\Users\User\Downloads
Geladene Profile: User (Verfügbare Profile: User & DefaultAppPool)
Platform: Windows 10 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
() C:\Program Files (x86)\No-IP\ducservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Windows\DAODx.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(VIA Technologies, Inc.) C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AAA Internet Publishing, Inc.) C:\Program Files (x86)\WTFast Beta\WTFast.exe
(Visicom Media Inc.) C:\Program Files (x86)\ManyCam\ManyCam.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [AtherosBtStack] => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2010-09-27] (Atheros Commnucations)
HKLM\...\Run: [VIAxHCUtl] => C:\Program Files\VIA XHCI UASP Utility\usb3Monitor
HKLM\...\Run: [IgfxTray] => "C:\Windows\system32\igfxtray.exe"
HKLM\...\Run: [HotKeysCmds] => "C:\Windows\system32\hkcmd.exe"
HKLM\...\Run: [Persistence] => "C:\Windows\system32\igfxpers.exe"
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [mbot_de_014010086] => "C:\Program Files (x86)\mbot_de_014010086\mbot_de_014010086.exe"
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782520 2015-09-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-09-21] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-12] (Logitech Inc.)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [57987712 2015-09-28] (Skype Technologies S.A.)
HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\...\Run: [WTFast Tray] => C:\Program Files (x86)\WTFast Beta\WTFast.exe [5194328 2015-09-14] (AAA Internet Publishing, Inc.)
HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\...\Run: [ManyCam] => C:\Program Files (x86)\ManyCam\ManyCam.exe [9590568 2015-09-23] (Visicom Media Inc.)
HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\...\Policies\Explorer: [NoDrives] 65536

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{12c5caae-8b86-4830-8791-c0f8bb7899cf}: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{1bfc2c8d-e0c5-4534-831d-059649fe28a1}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{613b26f9-f874-4e0e-9968-95711c944f86}: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{6c4bd96b-a427-4d85-884c-39d2ab9856b3}: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{d3be78ae-491a-4eb0-9b35-2aa566efa4d5}: [DhcpNameServer] 10.0.0.1

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3928150652-2756980015-3035233101-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll [2015-10-23] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-23] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2010-09-27] (Atheros Commnucations)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-16] ()
FF Plugin: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-23] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-16] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-3928150652-2756980015-3035233101-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\user.js [2015-07-29]
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\searchplugins\google-images.xml [2015-08-01]
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\searchplugins\google-maps.xml [2015-08-01]
FF Extension: SparPilot - Gutscheine & mehr... - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\Extensions\sparpilot__campaign0@sparpilot.com [2015-10-19]
FF Extension: Cliqz - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\Extensions\cliqz@cliqz.com.xpi [2015-11-03] [ist nicht signiert]
FF Extension: Browser-Security - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\Extensions\firefox@browser-security.de.xpi [2015-08-23]
FF Extension: Browser Service - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\Extensions\{4c251ea9-f334-4cb8-94a1-7cd4fef10ef3}.xpi [2015-08-25] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-25]
FF Extension: Browser Addon - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\Extensions\{e0bb220b-dad2-46f2-83b5-c353f7a982e0}.xpi [2015-10-28] [ist nicht signiert]
FF Extension: Greasemonkey - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-10-25]
FF Extension: Kein Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08] [ist nicht signiert]
FF HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\extensions\cliqz@cliqz.com => nicht gefunden

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [932912 2015-09-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-09-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-09-23] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1147720 2015-10-14] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [240360 2015-09-21] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-09-10] (Microsoft Corporation)
R2 NoIPDUCService4; C:\Program Files (x86)\No-IP\ducservice.exe [12288 2015-07-20] () [Datei ist nicht signiert]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-09-10] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-09-10] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137800 2015-09-23] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-09-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-03-17] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [74440 2015-09-23] (Avira Operations GmbH & Co. KG)
R3 CMUSBDAC; C:\Windows\system32\DRIVERS\CMUSBDAC.sys [595456 2014-09-19] (C-MEDIA)
R3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (Visicom Media Inc.)
R3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-09-10] (Microsoft Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek                                            )
R3 Sftfs; C:\Windows\System32\DRIVERS\Sftfswin7.sys [767648 2014-10-08] (Microsoft Corporation)
R3 Sftplay; C:\Windows\System32\DRIVERS\Sftplaywin7.sys [273576 2014-10-08] (Microsoft Corporation)
R3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirwin7.sys [29864 2014-10-08] (Microsoft Corporation)
R3 Sftvol; C:\Windows\System32\DRIVERS\Sftvolwin7.sys [23208 2014-10-08] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R2 WtfEngineDrv; C:\Windows\system32\DRIVERS\WtfEngineDrv.sys [27392 2015-04-02] (AAA Internet Publishing, Inc.)
U3 idsvc; kein ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-05 21:07 - 2015-11-05 21:07 - 00016607 _____ C:\Users\User\Downloads\FRST.txt
2015-11-05 21:06 - 2015-11-05 21:07 - 00000000 ____D C:\FRST
2015-11-05 21:05 - 2015-11-05 21:05 - 02198528 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2015-11-05 20:58 - 2015-11-05 20:58 - 00016148 _____ C:\WINDOWS\system32\USER-PC_User_HistoryPrediction.bin
2015-11-05 20:06 - 2015-11-05 20:53 - 626196580 _____ C:\Users\User\Desktop\PvP-Lesson mit SnowdomTV.mp4
2015-11-05 16:57 - 2015-11-05 19:05 - 00000216 _____ C:\Users\User\Desktop\Neues Textdokument (2).txt
2015-11-04 19:23 - 2015-11-04 19:23 - 07016240 _____ (Initex & AAA Internet Publishing ) C:\Users\User\Desktop\WTFastSetup.3.5.9.511.exe
2015-11-04 19:16 - 2015-11-04 19:16 - 00064984 _____ C:\Users\User\Documents\Ohne Titel.veg
2015-11-04 19:13 - 2015-11-04 19:13 - 00000000 ____D C:\Users\User\Desktop\game
2015-11-04 17:51 - 2015-11-04 18:28 - 496438553 _____ C:\Users\User\Desktop\PvP montage.mp4
2015-11-04 17:49 - 2015-11-04 17:49 - 00085408 _____ C:\Users\User\Desktop\Outro.avi.sfk
2015-11-04 04:08 - 2013-07-10 00:47 - 00000021 _____ C:\Users\User\Desktop\ender_pearl.png.mcmeta
2015-11-03 22:36 - 2015-11-03 22:36 - 00038962 _____ C:\Users\User\AppData\Local\recently-used.xbel
2015-11-03 22:01 - 2015-11-03 22:01 - 00008938 _____ C:\Users\User\Documents\Vorlage animation wooden sword.xcf
2015-11-03 21:30 - 2015-11-03 21:30 - 00032945 _____ C:\Users\User\Documents\Unbenannt.xcf
2015-11-03 20:55 - 2015-11-03 20:55 - 00000000 _____ C:\Users\User\Desktop\64x20304.txt
2015-11-03 16:22 - 2015-11-03 16:22 - 00000000 ____D C:\Users\User\AppData\Local\webkit
2015-11-02 15:13 - 2015-11-02 15:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-11-02 15:12 - 2015-11-02 15:12 - 00000000 ____D C:\ProgramData\Sony
2015-11-02 15:12 - 2015-11-02 15:12 - 00000000 ____D C:\Program Files\Sony
2015-11-02 15:12 - 2015-11-02 15:12 - 00000000 ____D C:\Program Files (x86)\Sony
2015-11-02 15:04 - 2015-11-02 15:12 - 411058696 _____ (Sony Creative Software Inc.) C:\Users\User\Desktop\Sony Vegas Pro 13.exe
2015-11-02 15:04 - 2015-11-02 15:04 - 00705308 _____ C:\Users\User\Desktop\vegas.pro.13.0.(64-bit)-patch (1).rar
2015-11-01 15:57 - 2015-11-01 15:47 - 00510381 _____ C:\Users\User\Desktop\NotEnoughItems-1.8-1.0.5.104-universal.jar
2015-11-01 15:54 - 2015-11-01 15:55 - 00007531 _____ C:\Users\User\Downloads\forge-1.8-11.14.3.1543-installer.jar.log
2015-11-01 15:54 - 2015-11-01 15:54 - 03605266 _____ C:\Users\User\Downloads\forge-1.8-11.14.3.1543-installer.jar
2015-11-01 15:40 - 2015-11-01 15:40 - 00119712 _____ C:\Users\User\Downloads\MSM-SNAP-3.0.0e-For-MC-1.7.10.jar
2015-11-01 15:28 - 2015-11-03 22:36 - 00000000 ____D C:\Users\User\Desktop\Modpack
2015-11-01 15:20 - 2014-06-18 12:46 - 354230360 ____R (Sony Creative Software Inc.) C:\Users\User\Desktop\vegaspro13.0.310_64bit.exe
2015-11-01 15:19 - 2015-11-01 15:19 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2015-11-01 13:27 - 2015-11-01 13:27 - 02607013 _____ C:\Users\User\Downloads\Fraps Files(1).rar
2015-11-01 13:22 - 2015-11-03 22:34 - 00000000 ____D C:\Users\User\Desktop\Neuer Ordner
2015-10-30 18:33 - 2015-10-28 00:38 - 21871616 ____C (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-30 18:33 - 2015-10-28 00:16 - 18801664 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-30 18:33 - 2015-10-21 13:45 - 00541024 ____C (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-10-30 18:33 - 2015-10-21 13:44 - 00459104 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-10-30 18:33 - 2015-10-21 13:43 - 01392480 ____C (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-30 18:33 - 2015-10-21 13:39 - 03621248 ____C (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-10-30 18:33 - 2015-10-21 13:00 - 24595968 ____C (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-30 18:33 - 2015-10-21 13:00 - 03248128 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-30 18:33 - 2015-10-21 12:59 - 00076800 ____C (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-10-30 18:33 - 2015-10-21 12:57 - 02418688 ____C (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-30 18:33 - 2015-10-21 12:52 - 02987520 ____C (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-30 18:33 - 2015-10-21 12:50 - 00333312 ____C (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-10-30 18:33 - 2015-10-21 12:48 - 01068032 ____C (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-30 18:33 - 2015-10-21 12:47 - 00453120 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-10-30 18:33 - 2015-10-21 12:46 - 02179584 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-30 18:33 - 2015-10-21 12:46 - 01602560 ____C (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-10-30 18:33 - 2015-10-21 12:44 - 00713216 ____C (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-10-30 18:33 - 2015-10-21 12:44 - 00579072 ____C (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-30 18:33 - 2015-10-21 12:43 - 02675200 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-10-30 18:33 - 2015-10-21 12:42 - 00627712 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-30 18:33 - 2015-10-21 12:41 - 01795072 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-30 18:33 - 2015-10-21 12:40 - 00145408 ____C (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-10-30 18:33 - 2015-10-21 12:38 - 00502272 ____C (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-10-30 18:33 - 2015-10-21 06:53 - 00961376 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-30 18:33 - 2015-10-21 06:49 - 02878512 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-10-30 18:33 - 2015-10-21 06:13 - 19326464 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-30 18:33 - 2015-10-21 06:11 - 02647040 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-30 18:33 - 2015-10-21 06:08 - 01918976 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-30 18:33 - 2015-10-21 06:05 - 02639872 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-30 18:33 - 2015-10-21 06:03 - 01380864 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-10-30 18:33 - 2015-10-21 06:03 - 00311296 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-10-30 18:33 - 2015-10-21 05:58 - 02049536 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-10-30 18:33 - 2015-10-21 05:58 - 00464896 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-30 18:33 - 2015-10-21 05:55 - 00441344 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-10-30 02:02 - 2015-10-30 02:36 - 483239885 _____ C:\Users\User\Desktop\Minecraft Quuuuicksg #5.mp4
2015-10-30 01:48 - 2015-10-30 02:08 - 00000000 ____D C:\Users\User\Desktop\THUMBNAILS
2015-10-30 00:29 - 2015-10-27 10:36 - 46888189 _____ C:\Users\User\Downloads\GOARMY.zip
2015-10-29 22:14 - 2015-10-29 22:55 - 353519548 _____ C:\Users\User\Desktop\Minecraft timolia #4.mp4
2015-10-29 22:12 - 2015-10-29 23:13 - 00106240 _____ C:\Users\User\Desktop\Funny - Music.mp3.sfk
2015-10-29 22:06 - 2015-10-29 22:08 - 3150654888 _____ C:\Users\User\Desktop\Outro.avi
2015-10-29 21:55 - 2015-10-29 21:56 - 4242983080 _____ C:\Users\User\Desktop\javaw 2015-10-29 21-55-13-63.avi
2015-10-27 14:01 - 2015-10-27 15:02 - 520585962 _____ C:\Users\User\Desktop\Quuuuuicksg #4.mp4
2015-10-27 00:36 - 2015-10-27 11:06 - 00106240 _____ C:\Users\User\Downloads\Funny - Music.mp3.sfk
2015-10-27 00:14 - 2015-10-27 00:14 - 1758971944 _____ C:\Users\User\Desktop\javaw 2015-10-27 00-14-17-60.avi
2015-10-26 20:07 - 2015-10-26 20:08 - 34864620 _____ C:\Users\User\Downloads\Brobi V2 Pack(2).zip
2015-10-24 13:34 - 2015-10-24 13:38 - 33743229 _____ C:\Users\User\Desktop\Minecraft Varo Battle2.mp4
2015-10-24 00:46 - 2015-10-24 00:48 - 00000000 ____D C:\Users\User\Desktop\Screens
2015-10-23 19:13 - 2015-11-05 18:00 - 00000482 _____ C:\WINDOWS\Tasks\ParetoLogic Registration3.job
2015-10-23 19:13 - 2015-10-23 19:13 - 00003294 _____ C:\WINDOWS\System32\Tasks\ParetoLogic Registration3
2015-10-23 19:13 - 2015-10-23 19:13 - 00000000 ____D C:\Users\User\AppData\Roaming\ParetoLogic
2015-10-23 19:13 - 2015-10-23 19:13 - 00000000 ____D C:\Users\User\AppData\Roaming\DriverCure
2015-10-23 19:12 - 2015-11-05 14:53 - 00000508 _____ C:\WINDOWS\Tasks\ParetoLogic Update Version3 Startup Task.job
2015-10-23 19:12 - 2015-10-30 00:50 - 00000456 _____ C:\WINDOWS\Tasks\ParetoLogic Update Version3.job
2015-10-23 19:12 - 2015-10-23 19:15 - 00000000 ____D C:\ProgramData\ParetoLogic
2015-10-23 19:12 - 2015-10-23 19:12 - 05813872 _____ (ParetoLogic Inc.) C:\Users\User\Downloads\ParetoLogic PC Health Advisor_de.exe
2015-10-23 19:12 - 2015-10-23 19:12 - 00003418 _____ C:\WINDOWS\System32\Tasks\ParetoLogic Update Version3
2015-10-23 19:12 - 2015-10-23 19:12 - 00003112 _____ C:\WINDOWS\System32\Tasks\ParetoLogic Update Version3 Startup Task
2015-10-23 15:05 - 2015-10-23 15:05 - 00954523 _____ C:\Users\User\Downloads\OptiFine_1-8-8_HD_U_E2.jar
2015-10-23 13:35 - 2015-10-23 13:35 - 00138968 _____ C:\Users\User\Desktop\OUTRO NEXT VIDEO.avi.sfk
2015-10-23 13:19 - 2015-10-23 13:19 - 00000746 _____ C:\Users\User\Desktop\Bilder - Verknüpfung.lnk
2015-10-23 12:24 - 2015-10-23 12:24 - 01247112 _____ (Mojang) C:\Users\User\Desktop\Minecraft.exe
2015-10-23 10:08 - 2015-10-23 10:08 - 00000000 ____D C:\ProgramData\ATI
2015-10-23 00:53 - 2015-10-23 00:53 - 00000753 _____ C:\Users\User\Documents\Downloads - Verknüpfung.lnk
2015-10-22 20:25 - 2015-10-22 20:25 - 00062133 _____ C:\WINDOWS\SysWOW64\CCCInstall_201510222125048155.log
2015-10-22 20:25 - 2015-10-22 20:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-10-22 20:24 - 2015-10-22 20:24 - 00061253 _____ C:\WINDOWS\SysWOW64\CCCInstall_201510222124019710.log
2015-10-22 20:24 - 2015-10-22 20:24 - 00000000 ____D C:\Program Files\ATI Technologies
2015-10-22 20:24 - 2015-10-22 20:24 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2015-10-22 20:23 - 2015-10-22 20:23 - 00000000 ____D C:\Users\Default\AppData\Roaming\ATI
2015-10-22 20:23 - 2015-10-22 20:23 - 00000000 ____D C:\Users\Default\AppData\Local\ATI
2015-10-22 20:23 - 2015-10-22 20:23 - 00000000 ____D C:\Users\Default User\AppData\Roaming\ATI
2015-10-22 20:23 - 2015-10-22 20:23 - 00000000 ____D C:\Users\Default User\AppData\Local\ATI
2015-10-22 20:21 - 2015-10-22 20:21 - 47794160 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 39712768 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 30776304 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 27544560 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 22327280 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 15725552 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 14310896 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 09355016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 07683096 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 06686192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 05216240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2015-10-22 20:21 - 2015-10-22 20:21 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2015-10-22 20:21 - 2015-10-22 20:21 - 01196032 _____ C:\WINDOWS\system32\amdocl_as64.exe
2015-10-22 20:21 - 2015-10-22 20:21 - 01070592 _____ C:\WINDOWS\system32\amdocl_ld64.exe
2015-10-22 20:21 - 2015-10-22 20:21 - 01004032 _____ C:\WINDOWS\SysWOW64\amdocl_as32.exe
2015-10-22 20:21 - 2015-10-22 20:21 - 00935408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00833800 _____ C:\WINDOWS\system32\amdicdxx.dat
2015-10-22 20:21 - 2015-10-22 20:21 - 00807424 _____ C:\WINDOWS\SysWOW64\amdocl_ld32.exe
2015-10-22 20:21 - 2015-10-22 20:21 - 00662392 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2015-10-22 20:21 - 2015-10-22 20:21 - 00662392 _____ C:\WINDOWS\system32\atiapfxx.blb
2015-10-22 20:21 - 2015-10-22 20:21 - 00631280 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00524272 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00471312 _____ C:\WINDOWS\system32\amdmiracast.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00375792 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2015-10-22 20:21 - 2015-10-22 20:21 - 00341488 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe
2015-10-22 20:21 - 2015-10-22 20:21 - 00243696 _____ C:\WINDOWS\system32\clinfo.exe
2015-10-22 20:21 - 2015-10-22 20:21 - 00213488 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00199664 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00198640 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00177344 _____ C:\WINDOWS\system32\ativce03.dat
2015-10-22 20:21 - 2015-10-22 20:21 - 00175648 _____ C:\WINDOWS\system32\amde31a.dat
2015-10-22 20:21 - 2015-10-22 20:21 - 00168944 _____ C:\WINDOWS\system32\atieah64.exe
2015-10-22 20:21 - 2015-10-22 20:21 - 00165360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00152560 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2015-10-22 20:21 - 2015-10-22 20:21 - 00151936 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00143344 _____ C:\WINDOWS\system32\amdhdl64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00138376 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00136176 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00132080 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00122352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00117600 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00111600 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00111088 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00110312 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00103408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00100816 _____ C:\WINDOWS\system32\ativce02.dat
2015-10-22 20:21 - 2015-10-22 20:21 - 00097776 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00096752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00089584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00088000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00087992 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00083952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00081168 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00081160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00078320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00073712 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00071152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00068080 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00064496 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00060912 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00059888 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe
2015-10-22 20:21 - 2015-10-22 20:21 - 00059376 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00057840 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00052208 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00048112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00047664 _____ C:\WINDOWS\system32\kapp_ci.sbin
2015-10-22 20:21 - 2015-10-22 20:21 - 00043536 _____ C:\WINDOWS\system32\kapp_si.sbin
2015-10-22 20:21 - 2015-10-22 20:21 - 00038384 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00012784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2015-10-22 20:21 - 2015-10-22 20:21 - 00012784 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2015-10-21 22:42 - 2015-10-21 23:00 - 331668153 _____ C:\Users\User\Desktop\Minecraft Quuuuuicksg #2.mp4
2015-10-21 22:40 - 2015-10-21 22:41 - 00213496 _____ C:\Users\User\Desktop\javaw 2015-10-14 19-44-15-89.avi.sfk
2015-10-21 22:40 - 2015-10-21 22:41 - 00032448 _____ C:\Users\User\Desktop\Outro form.mp4.sfk
2015-10-21 16:41 - 2015-10-21 16:37 - 00026671 _____ C:\Users\User\Downloads\Xray Ultimate 1.8.zip
2015-10-20 13:07 - 2015-10-20 13:07 - 08173005 _____ C:\Users\User\Downloads\Huzuni 3.5.zip
2015-10-20 13:01 - 2015-10-20 13:01 - 06051033 _____ C:\Users\User\Downloads\huzuni-new.zip
2015-10-20 09:30 - 2015-10-20 09:31 - 00000000 ____D C:\Users\User\Downloads\GarPloit 1.3
2015-10-20 09:27 - 2015-10-20 09:27 - 06445168 _____ C:\Users\User\Downloads\GarPloit 1.3.zip
2015-10-17 13:13 - 2015-10-17 13:13 - 00000617 _____ C:\Users\User\Desktop\Fraps.lnk
2015-10-17 13:13 - 2015-10-17 13:13 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps
2015-10-17 13:09 - 2015-10-17 13:09 - 00001276 _____ C:\Users\Public\Desktop\Einfaches Video und Filmschnittprogramm LoiLo.lnk
2015-10-17 13:09 - 2015-10-17 13:09 - 00001079 _____ C:\Users\Public\Desktop\LoiLo Game Recorder.lnk
2015-10-17 13:09 - 2015-10-17 13:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LoiLoScope 2
2015-10-17 13:09 - 2015-10-17 13:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LoiLo Game Recorder
2015-10-17 13:04 - 2015-10-17 13:04 - 01461024 _____ C:\Users\User\Downloads\LoiLo Game Recorder - CHIP-Installer(4).exe
2015-10-16 13:02 - 2015-11-02 14:27 - 00000000 ____D C:\Users\User\Desktop\trash
2015-10-14 23:34 - 2015-10-14 23:34 - 00032296 _____ C:\Users\User\Documents\Untitled.veg
2015-10-14 20:49 - 2015-11-04 11:57 - 00000000 ____D C:\Users\User\Desktop\aufnahme
2015-10-14 17:17 - 2015-10-14 17:19 - 00000000 ____D C:\Users\User\AppData\Roaming\Minecraft Skin Viewer
2015-10-14 17:16 - 2015-10-14 17:17 - 00155858 _____ C:\Users\User\Downloads\Minecraft Skin Viewer.zip
2015-10-14 15:15 - 2015-10-06 04:03 - 16708608 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-14 15:15 - 2015-10-06 03:46 - 13027840 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-14 15:15 - 2015-10-01 05:00 - 08020320 ____C (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-14 15:15 - 2015-09-25 04:02 - 07523840 ____C (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-14 15:15 - 2015-09-25 04:01 - 04792320 ____C (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-14 15:15 - 2015-09-25 04:01 - 03586560 ____C (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-14 15:15 - 2015-09-25 04:00 - 01382400 ____C (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-14 15:15 - 2015-09-25 03:38 - 03580416 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-14 15:15 - 2015-09-25 03:36 - 05454848 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-14 15:14 - 2015-09-25 04:33 - 01997336 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-14 15:14 - 2015-09-25 04:26 - 20858360 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-14 15:14 - 2015-09-25 04:11 - 00257024 ____C (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-14 15:14 - 2015-09-25 04:11 - 00223232 ____C (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-14 15:14 - 2015-09-25 04:07 - 01276416 ____C (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-14 15:14 - 2015-09-25 04:04 - 00771072 ____C (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-14 15:14 - 2015-09-25 04:03 - 00796160 ____C (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-14 15:14 - 2015-09-25 04:00 - 01423872 ____C (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-14 15:14 - 2015-09-25 04:00 - 00856576 ____C (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-14 15:14 - 2015-09-25 03:59 - 01205248 ____C (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-14 15:14 - 2015-09-25 03:59 - 00720896 ____C (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-14 15:14 - 2015-09-25 03:59 - 00685568 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-14 15:14 - 2015-09-25 03:59 - 00590336 ____C (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-14 15:14 - 2015-09-25 03:59 - 00288256 ____C (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-14 15:14 - 2015-09-25 03:59 - 00163840 ____C (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-14 15:14 - 2015-09-25 03:47 - 00195584 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-14 15:14 - 2015-09-25 03:47 - 00172032 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-14 15:14 - 2015-09-25 03:38 - 00650240 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-14 15:14 - 2015-09-25 03:38 - 00574464 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-14 15:14 - 2015-09-25 03:38 - 00504320 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-14 15:14 - 2015-09-25 03:37 - 00766976 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-14 15:14 - 2015-09-25 03:37 - 00613376 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-14 15:14 - 2015-09-25 03:37 - 00480256 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-14 15:14 - 2015-09-25 03:36 - 11262976 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-14 15:14 - 2015-09-25 03:34 - 00928256 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-14 15:14 - 2015-09-25 03:34 - 00625152 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-14 15:14 - 2015-09-25 03:34 - 00579584 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-14 15:14 - 2015-09-25 03:34 - 00557568 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-14 15:14 - 2015-09-25 03:34 - 00525312 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-14 15:14 - 2015-09-25 03:33 - 00131072 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-14 15:14 - 2015-09-25 03:32 - 01594368 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-14 15:14 - 2015-09-25 03:32 - 00466432 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-14 15:12 - 2015-09-25 05:01 - 00498016 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-14 15:11 - 2015-10-10 08:12 - 00078528 ____C (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-14 15:11 - 2015-10-01 05:01 - 01294352 ____C (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-14 15:11 - 2015-10-01 05:01 - 01123400 ____C (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-14 15:11 - 2015-10-01 05:01 - 01018568 ____C (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-14 15:11 - 2015-10-01 05:01 - 00858408 ____C (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-14 15:11 - 2015-10-01 04:03 - 00757760 ____C (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-14 15:11 - 2015-09-25 05:01 - 02573768 ____C (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-14 15:11 - 2015-09-25 04:56 - 22322624 ____C (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-14 15:11 - 2015-09-25 04:52 - 00980832 ____C (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-14 15:11 - 2015-09-25 04:09 - 12504064 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-14 15:11 - 2015-09-25 04:04 - 00826880 ____C (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-14 15:11 - 2015-09-25 04:03 - 00576000 ____C (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-14 15:11 - 2015-09-25 04:02 - 00949248 ____C (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-14 15:11 - 2015-09-25 04:02 - 00689152 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-14 15:11 - 2015-09-25 04:00 - 00752640 ____C (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-14 15:11 - 2015-09-25 03:58 - 01871360 ____C (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-12 23:51 - 2015-10-30 02:08 - 00000000 ____D C:\Users\User\Desktop\Thumbnails skyra
2015-10-12 23:50 - 2015-10-12 23:50 - 00884390 _____ C:\Users\User\Documents\SKYRA VORLAGE.xcf
2015-10-12 18:21 - 2015-10-12 18:23 - 74713080 _____ (LoiLo inc. ) C:\Users\User\Downloads\LoiLoGameRecorder1.1.0.1(1).exe
2015-10-12 12:46 - 2015-10-12 12:46 - 01457952 _____ C:\Users\User\Downloads\LoiLo Game Recorder - CHIP-Installer(3).exe
2015-10-12 12:45 - 2015-10-12 12:45 - 00000000 ____D C:\Users\User\Desktop\minecraft skyra
2015-10-11 22:09 - 2015-10-11 22:10 - 74612920 _____ (LoiLo inc. ) C:\Users\User\Downloads\LoiLoGameRecorder1-1-0-0(2).exe
2015-10-10 16:58 - 2015-10-10 17:00 - 00018952 _____ C:\Users\User\Downloads\Intro Skyra (Minecraft Projekt) __ Beste Kamerafahrt_ xD __ ~Roeni.mp4.sfk
2015-10-09 21:02 - 2015-10-09 21:02 - 00000000 ____D C:\Users\User\AppData\Roaming\Sony Creative Software Inc
2015-10-09 21:00 - 2015-10-09 21:00 - 00852576 _____ C:\Users\User\Documents\Minecraft Survivalgames #2.mp4.sfk
2015-10-08 14:48 - 2015-10-08 14:48 - 00241720 _____ C:\Users\User\Downloads\DUCSetup_v4_1_1.exe
2015-10-08 14:48 - 2015-10-08 14:48 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC
2015-10-08 14:48 - 2015-10-08 14:48 - 00000000 ____D C:\Users\User\AppData\Local\Vitalwerks
2015-10-08 14:48 - 2015-10-08 14:48 - 00000000 ____D C:\ProgramData\Vitalwerks
2015-10-08 14:48 - 2015-10-08 14:48 - 00000000 ____D C:\Program Files (x86)\No-IP
2015-10-08 13:40 - 2015-10-08 13:40 - 14975209 _____ C:\Users\User\Downloads\Varo-Map.gz
2015-10-08 13:40 - 2015-10-08 13:40 - 00000000 ____D C:\Users\User\Downloads\Varo-Map
2015-10-07 17:18 - 2015-10-08 14:15 - 00000000 ____D C:\Users\User\Desktop\SERVER VARO
2015-10-07 17:11 - 2015-10-07 17:11 - 00059621 _____ C:\Users\User\Downloads\MrVaro-2.6.jar
2015-10-06 19:48 - 2015-10-06 19:48 - 00000185 _____ C:\Users\User\Downloads\eula.txt
2015-10-06 19:48 - 2015-10-06 19:48 - 00000062 _____ C:\Users\User\Downloads\server.properties
2015-10-06 19:45 - 2015-10-07 17:21 - 00000000 ____D C:\Users\User\AppData\Roaming\Notepad++
2015-10-06 19:45 - 2015-10-06 19:45 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-10-06 19:45 - 2015-10-06 19:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-10-06 19:45 - 2015-10-06 19:45 - 00000000 ____D C:\Program Files (x86)\Notepad++
2015-10-06 19:44 - 2015-10-06 19:44 - 07674224 _____ C:\Users\User\Downloads\npp.6.6.7.Installer.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-05 21:04 - 2015-07-28 18:00 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype
2015-11-05 20:59 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-05 20:55 - 2015-08-05 19:31 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-05 20:31 - 2015-07-10 13:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-05 19:47 - 2015-07-28 16:45 - 00000000 ____D C:\Users\User\AppData\Roaming\.minecraft
2015-11-05 15:54 - 2015-09-10 23:11 - 02074382 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-05 15:54 - 2015-07-10 17:34 - 00882838 _____ C:\WINDOWS\system32\perfh007.dat
2015-11-05 15:54 - 2015-07-10 17:34 - 00195532 _____ C:\WINDOWS\system32\perfc007.dat
2015-11-05 15:16 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-04 20:45 - 2015-09-19 18:36 - 00049190 _____ C:\WINDOWS\system32\lvcoinst.log
2015-11-04 20:39 - 2015-07-15 13:51 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2015-11-04 20:39 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-04 20:39 - 2015-07-10 10:05 - 00131072 ___SH C:\WINDOWS\system32\config\BBI
2015-11-04 20:36 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-11-04 19:16 - 2015-08-27 19:55 - 00000000 ___DC C:\Program Files (x86)\WTFast Beta
2015-11-04 19:16 - 2015-08-27 19:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WTFast Beta
2015-11-03 22:36 - 2015-09-30 17:38 - 00000000 ____D C:\Users\User\AppData\Local\gtk-2.0
2015-11-03 22:36 - 2015-09-30 16:54 - 00000000 ____D C:\Users\User\.gimp-2.8
2015-11-02 18:20 - 2015-09-15 18:41 - 00001219 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2015-11-02 18:20 - 2015-09-15 18:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-11-02 18:20 - 2015-09-10 23:09 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-02 15:12 - 2015-10-01 13:49 - 00000000 ____D C:\Users\User\AppData\Roaming\Sony
2015-11-02 15:03 - 2015-10-01 14:14 - 00045900 _____ C:\WINDOWS\system32\--traceoff
2015-11-01 13:24 - 2015-09-08 11:02 - 00000000 ____D C:\Users\User\Downloads\EvilHack v.3.6 by Vladymyr96
2015-11-01 12:37 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-31 13:16 - 2015-07-28 17:12 - 00000000 ____D C:\Users\User\AppData\Roaming\TS3Client
2015-10-31 13:00 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-30 02:43 - 2015-08-10 22:10 - 00000000 ____D C:\Users\User\AppData\Roaming\Audacity
2015-10-27 15:01 - 2015-10-04 22:02 - 00000207 _____ C:\Users\User\Desktop\Beschreibung.txt
2015-10-27 10:34 - 2015-09-11 05:27 - 00002363 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-10-27 10:34 - 2015-09-11 05:27 - 00000000 ___RD C:\Users\User\OneDrive
2015-10-23 19:13 - 2011-06-26 21:05 - 00001754 _____ C:\Users\Public\Desktop\CDBurner.lnk
2015-10-23 19:13 - 2011-06-26 21:05 - 00001704 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2015-10-23 12:16 - 2015-07-28 18:53 - 00000000 ____D C:\ProgramData\Oracle
2015-10-23 12:06 - 2015-08-29 09:11 - 00000000 ____D C:\Users\User\.oracle_jre_usage
2015-10-23 12:06 - 2015-07-28 18:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-23 12:05 - 2015-07-28 18:54 - 00110176 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-10-23 12:05 - 2015-07-28 18:53 - 00000000 ___DC C:\Program Files\Java
2015-10-23 00:53 - 2015-09-14 17:13 - 00000000 ____D C:\Users\User\Desktop\sounds
2015-10-22 20:25 - 2015-09-11 05:26 - 00000000 ____D C:\Users\User\AppData\Local\AMD
2015-10-22 20:24 - 2015-09-10 23:09 - 00000000 ____D C:\ProgramData\AMD
2015-10-22 20:23 - 2015-09-10 23:08 - 00000000 ____D C:\AMD
2015-10-22 20:21 - 2015-08-20 20:51 - 12088000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2015-10-22 20:21 - 2015-08-20 20:51 - 10211008 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2015-10-22 20:21 - 2015-08-20 20:51 - 08982440 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2015-10-22 20:21 - 2015-08-20 20:51 - 08864920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2015-10-22 20:21 - 2015-08-20 20:51 - 08009360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2015-10-22 20:21 - 2015-08-20 20:51 - 07482552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2015-10-22 20:21 - 2015-08-20 20:51 - 01479808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2015-10-22 20:21 - 2015-08-20 20:51 - 01223552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2015-10-22 20:21 - 2015-08-20 20:51 - 00162232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2015-10-22 20:21 - 2015-08-20 20:51 - 00143048 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2015-10-22 20:21 - 2015-08-20 20:51 - 00130072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2015-10-22 20:21 - 2015-08-20 20:51 - 00112360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2015-10-22 20:21 - 2015-08-20 20:46 - 25320432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2015-10-22 20:21 - 2015-08-20 20:46 - 21648880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2015-10-22 20:21 - 2015-08-20 20:46 - 01256432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2015-10-22 20:21 - 2015-08-20 20:46 - 00935408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2015-10-22 20:21 - 2015-08-20 20:46 - 00874480 _____ (AMD) C:\WINDOWS\system32\coinst_15.20.dll
2015-10-22 20:21 - 2015-08-20 20:46 - 00683504 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2015-10-22 20:21 - 2015-08-20 20:46 - 00674288 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2015-10-22 20:21 - 2015-08-20 20:46 - 00451056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2015-10-22 20:21 - 2015-08-20 20:46 - 00255472 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2015-10-22 20:21 - 2015-08-20 20:46 - 00150512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2015-10-22 20:21 - 2015-08-20 20:46 - 00078320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2015-10-22 18:32 - 2015-07-28 17:12 - 00000000 ___DC C:\Program Files (x86)\TeamSpeak 3 Client
2015-10-21 14:13 - 2015-10-01 13:06 - 00000000 ____D C:\Users\User\AppData\Roaming\OBS
2015-10-21 14:08 - 2015-10-01 13:06 - 00000000 ____D C:\Program Files\OBS
2015-10-17 13:13 - 2015-09-26 09:54 - 00000000 ____D C:\Fraps
2015-10-17 13:09 - 2015-08-08 12:29 - 00000000 ___DC C:\Program Files\LoiLo
2015-10-16 04:10 - 2015-10-01 14:06 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-16 04:10 - 2015-10-01 14:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-15 13:16 - 2013-07-15 12:29 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-15 13:11 - 2013-07-14 16:33 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-14 21:56 - 2015-07-28 17:59 - 00000000 __RDC C:\Program Files (x86)\Skype
2015-10-12 14:05 - 2015-09-30 20:07 - 00000000 ____D C:\Users\User\Desktop\Varo
2015-10-10 17:17 - 2015-09-09 21:02 - 00000000 ____D C:\Users\User\AppData\Roaming\Anvsoft
2015-10-07 15:14 - 2015-07-28 17:59 - 00000000 ____D C:\ProgramData\Skype

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-08-08 13:24 - 2015-08-08 13:24 - 0000000 ___RH () C:\Users\User\AppData\Roaming\58844d229ddd151bfaed973f37cacc782
2015-07-28 17:39 - 2015-07-28 17:39 - 0000000 _____ () C:\Users\User\AppData\Roaming\gdfw.log
2015-07-28 17:39 - 2015-07-28 17:39 - 0000779 _____ () C:\Users\User\AppData\Roaming\gdscan.log
2015-11-03 22:36 - 2015-11-03 22:36 - 0038962 _____ () C:\Users\User\AppData\Local\recently-used.xbel

Einige Dateien in TEMP:
====================
C:\Users\User\AppData\Local\Temp\amt_oursurfing.exe
C:\Users\User\AppData\Local\Temp\avgnt.exe
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-1173118353540883979.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-1752491449186567265.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-2201368011938689380.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-2618505133473098253.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-2789096141553947812.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-3178197316843515632.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-3337577410216099377.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-3338435204503217700.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-3411612963100103806.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-4277737730885816029.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-4518289107014804270.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-4978473378334862119.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-5302791949231867198.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-562625377389265797.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-6209107839186503279.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-6780039731937162160.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-679197715991657064.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-7124270682324496586.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-723213453837226422.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-7329611553722246076.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-7623161908290565895.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-7645752524606657152.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-8431555853405383488.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-8486430122786041732.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-8533431977384716520.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-904572956628475557.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Bukkit-4a7472d-9169397324662788991.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Spigot-06ad352-4a7472d-1824604573805871449.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Spigot-06ad352-4a7472d-2929798892950962521.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Spigot-06ad352-4a7472d-3147840678608630587.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Spigot-06ad352-4a7472d-3891697023572236362.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Spigot-06ad352-4a7472d-4815437255598979394.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Spigot-06ad352-4a7472d-4947822979305072009.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Spigot-06ad352-4a7472d-770436404729900341.dll
C:\Users\User\AppData\Local\Temp\jansi-64-git-Spigot-06ad352-4a7472d-8127840553139350778.dll
C:\Users\User\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\User\AppData\Local\Temp\tmp4928.exe
C:\Users\User\AppData\Local\Temp\WdfCoInstaller01007.dll
C:\Users\User\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-10-31 12:57

==================== Ende von FRST.txt ============================
         

Hi,

Schritt 1
Bitte deinstalliere folgende Programme:

• Browser-Security
• MyBestOffersToday 014.014010086

Gehe dafür auf:

Windows XP: Start -> Systemsteuerung -> Kategorieansicht auswählen (falls nicht voreingestellt) -> Software
Windows Vista/7: Start -> Systemsteuerung -> Anzeige (oben-rechts) auf Kategorie stellen (falls nicht voreingestellt) -> Programme deinstallieren (Unterpunkt von Programme)
Windows 8: Suchen --> "Systemsteuerung" in das Suchfeld eingeben --> Systemsteuerung auswählen --> Programme deinstallieren (Unterpunkt von Programme)

und wähle die angegeben Programme aus. Drücke Entfernen (Windows XP) oder Deinstallieren (Windows Vista/7/8).

Schritt 2
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code: Alles auswählenAufklappen

ATTFilter

HKLM-x32\...\Run: [mbot_de_014010086] => "C:\Program Files (x86)\mbot_de_014010086\mbot_de_014010086.exe"
FF Extension: SparPilot - Gutscheine & mehr... - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\Extensions\sparpilot__campaign0@sparpilot.com [2015-10-19]
FF Extension: Cliqz - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\Extensions\cliqz@cliqz.com.xpi [2015-11-03] [ist nicht signiert]
FF Extension: Browser-Security - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\Extensions\firefox@browser-security.de.xpi [2015-08-23]
FF Extension: Browser Service - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\Extensions\{4c251ea9-f334-4cb8-94a1-7cd4fef10ef3}.xpi [2015-08-25] [ist nicht signiert]
FF Extension: Kein Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08] [ist nicht signiert]
FF HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\extensions\cliqz@cliqz.com => nicht gefunden
Task: {4165B6D2-FFF6-4091-8B74-275F9732386A} - System32\Tasks\PostPoneInstall => C:\Users\User\AppData\Local\Temp\ce98ac2e-20c0-4a93-86f6-bdb3e61caf55.exe <==== ACHTUNG
C:\Program Files (x86)\mbot_de_014010086
EmptyTemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

• Starte nun FRST erneut und klicke den Entfernen Button.
• Das Tool erstellt eine Fixlog.txt.
• Poste mir deren Inhalt.

Schritt 3
Downloade Dir bitte Malwarebytes Anti-Malware

• Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
• Starte Malwarebytes' Anti-Malware (MBAM).
• Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
• Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
• Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
• Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
• Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
• Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 4

ESET Online Scanner

• Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
• Lade und starte Eset Online Scanner
• Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
• Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
• Klicke auf Starten.
• Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
• Klicke am Ende des Suchlaufs auf Fertig stellen.
• Schließe das Fenster von ESET.
• Explorer öffnen.
• C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
• Logfile hier posten.
• Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
• Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Kannst du nochmal genauer beschreiben, wie sich dein Problem äußert? Bist du am PC und die Verbindung wird schlagartig langsamer, oder eher in "Schritten"? Sind auch andere Geräte, die über deinen Router mit dem Internet verbunden sind davon betroffen?

Code: Alles auswählenAufklappen

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-11-2015
durchgeführt von User (2015-11-06 18:36:59) Run:1
Gestartet von C:\Users\User\Downloads
Geladene Profile: User (Verfügbare Profile: User & DefaultAppPool)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
HKLM-x32\...\Run: [mbot_de_014010086] => "C:\Program Files (x86)\mbot_de_014010086\mbot_de_014010086.exe"
FF Extension: SparPilot - Gutscheine & mehr... - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\Extensions\sparpilot__campaign0@sparpilot.com [2015-10-19]
FF Extension: Cliqz - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\Extensions\cliqz@cliqz.com.xpi [2015-11-03] [ist nicht signiert]
FF Extension: Browser-Security - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\Extensions\firefox@browser-security.de.xpi [2015-08-23]
FF Extension: Browser Service - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\Extensions\{4c251ea9-f334-4cb8-94a1-7cd4fef10ef3}.xpi [2015-08-25] [ist nicht signiert]
FF Extension: Kein Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08] [ist nicht signiert]
FF HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\extensions\cliqz@cliqz.com => nicht gefunden
Task: {4165B6D2-FFF6-4091-8B74-275F9732386A} - System32\Tasks\PostPoneInstall => C:\Users\User\AppData\Local\Temp\ce98ac2e-20c0-4a93-86f6-bdb3e61caf55.exe <==== ACHTUNG
C:\Program Files (x86)\mbot_de_014010086
EmptyTemp:
         
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mbot_de_014010086 => Wert erfolgreich entfernt
C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\Extensions\sparpilot__campaign0@sparpilot.com => erfolgreich verschoben
C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\Extensions\cliqz@cliqz.com.xpi [2015-11-03] => nicht gefunden.
C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\Extensions\firefox@browser-security.de.xpi => nicht gefunden.
C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\4hhvybtg.default-1438097917018\Extensions\{4c251ea9-f334-4cb8-94a1-7cd4fef10ef3}.xpi [2015-08-25] => nicht gefunden.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08] => nicht gefunden.
HKU\S-1-5-21-3928150652-2756980015-3035233101-1000\Software\Mozilla\Firefox\Extensions\\cliqz@cliqz.com => Wert erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4165B6D2-FFF6-4091-8B74-275F9732386A}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4165B6D2-FFF6-4091-8B74-275F9732386A}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\PostPoneInstall => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PostPoneInstall" => Schlüssel erfolgreich entfernt
"C:\Program Files (x86)\mbot_de_014010086" => nicht gefunden.
EmptyTemp: => 34 GB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 18:40:38 ====
         

Also wenn ich am PC bin wird meine Verbindung schlagartig langsamer.
Es sind schon ein paar geräte mit dem Router Verbunden, doch bei denen läuft es ohne probleme.

Code: Alles auswählenAufklappen

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org


Error, 06.11.2015 18:40, SYSTEM, USER-PC, Protection, IsLicensed, 13, 
Protection, 06.11.2015 18:40, SYSTEM, USER-PC, Protection, Malware Protection, Stopping, 
Protection, 06.11.2015 18:40, SYSTEM, USER-PC, Protection, Malware Protection, Stopped, 
Error, 06.11.2015 18:40, SYSTEM, USER-PC, Protection, IsLicensed, 13, 
Protection, 06.11.2015 18:40, SYSTEM, USER-PC, Protection, Malware Protection, Stopping, 
Protection, 06.11.2015 18:40, SYSTEM, USER-PC, Protection, Malware Protection, Stopped, 
Protection, 06.11.2015 18:40, SYSTEM, USER-PC, Protection, Malware Protection, Starting, 
Protection, 06.11.2015 18:40, SYSTEM, USER-PC, Protection, Malware Protection, Started, 
Protection, 06.11.2015 18:40, SYSTEM, USER-PC, Protection, Malicious Website Protection, Starting, 
Protection, 06.11.2015 18:40, SYSTEM, USER-PC, Protection, Malicious Website Protection, Started, 
Update, 06.11.2015 18:40, SYSTEM, USER-PC, Manual, Rootkit Database, 2015.9.18.1, 2015.11.4.2, 
Update, 06.11.2015 18:40, SYSTEM, USER-PC, Manual, IP Database, 2015.9.21.2, 2015.11.5.2, 
Update, 06.11.2015 18:40, SYSTEM, USER-PC, Manual, Domain Database, 2015.9.22.3, 2015.11.5.10, 
Update, 06.11.2015 18:40, SYSTEM, USER-PC, Manual, Remediation Database, 2015.9.16.1, 2015.11.4.1, 
Protection, 06.11.2015 18:42, SYSTEM, USER-PC, Protection, Malware Protection, Starting, 
Protection, 06.11.2015 18:42, SYSTEM, USER-PC, Protection, Malware Protection, Started, 
Protection, 06.11.2015 18:42, SYSTEM, USER-PC, Protection, Malicious Website Protection, Starting, 
Protection, 06.11.2015 18:42, SYSTEM, USER-PC, Protection, Malicious Website Protection, Started, 
Update, 06.11.2015 19:49, SYSTEM, USER-PC, Manual, Malware Database, 2015.9.22.5, 2015.11.6.5, 
Protection, 06.11.2015 19:49, SYSTEM, USER-PC, Protection, Refresh, Starting, 
Protection, 06.11.2015 19:49, SYSTEM, USER-PC, Protection, Malicious Website Protection, Stopping, 
Protection, 06.11.2015 19:49, SYSTEM, USER-PC, Protection, Malicious Website Protection, Stopped, 
Protection, 06.11.2015 19:49, SYSTEM, USER-PC, Protection, Refresh, Success, 
Protection, 06.11.2015 19:49, SYSTEM, USER-PC, Protection, Malicious Website Protection, Starting, 
Protection, 06.11.2015 19:49, SYSTEM, USER-PC, Protection, Malicious Website Protection, Started, 
Scan, 06.11.2015 20:03, SYSTEM, USER-PC, Manual, Start: 06.11.2015 19:49, Dauer: 13 Min. 47 Sek., Bedrohungssuchlauf, Abgeschlossen, 1 Malware-Erkennung, 4 Nicht-Malware-Erkennungen, 
Protection, 06.11.2015 20:04, SYSTEM, USER-PC, Protection, Malware Protection, Starting, 
Protection, 06.11.2015 20:04, SYSTEM, USER-PC, Protection, Malware Protection, Started, 
Protection, 06.11.2015 20:04, SYSTEM, USER-PC, Protection, Malicious Website Protection, Starting, 
Protection, 06.11.2015 20:04, SYSTEM, USER-PC, Protection, Malicious Website Protection, Started, 

(end)
         

Ich habe keine log.txt datei finden können

Hi,

das von dir gepostete MBAM-Logfile ist nicht das richtige. Bitte nochmal genau gucken, wie du das richtige Logfile postest: Malwarebytes Anti-Malware Logfile finden - Anleitungen.

Zitat:

Ich habe keine log.txt datei finden können

Hast du wirklich im richtigen Verzeichnis nachgeguckt (http://www.trojaner-board.de/125889-...tml#post941546)?

Hi,

ich hab schon länger keine Antwort mehr von dir erhalten. Brauchst du weiterhin noch Hilfe?

Hinweis: Wir sind noch nicht fertig! Auch wenn die Symptome verschwunden sein sollten, kann dein System weiterhin infiziert sein und über Sicherheitslücken verfügen, welche eine erneute Infektion ermöglichen.