Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Windows 10: Email-Kontakte erhalten Spam-Mails (https://www.trojaner-board.de/175850-windows-10-email-kontakte-erhalten-spam-mails.html)

igordi 09.02.2016 15:52
Windows 10: Email-Kontakte erhalten Spam-Mails
 
Hallo,

sämtliche Leute, mit denen ich mal über mein Yahoo-Emailkonto in Kontakt stand, erhalten Rundmails mit Spam - zwar nicht direkt von meinem Emailkonto, aber unter meinem Namen. Das hatte ich das erste Mal vor ziemlich genau 2 Jahren (Damals noch WIndows 7, mittlerweile Upgrade auf Windows 10 ausgeführt). Auf meinem Emailkonto konnte ich sonst kein Fremdzugriff feststellen (hat mir der Yahoo-Support damals auch soweit bestätigt), und Schadsoftware hatte ich mit Avira Antivir auch keine finden können.

Jetzt passiert das aber regelmäßig in sehr großen Abständen wieder (vor paar Tagen dürfte es das dritte oder vierte Mal gewesen sein). Daher würde ich jetzt gerne Eure Hilfe in Anspruch nehmen.

Ich habe jetzt FRST und MalwareBytes AntiRootkit (MBAR) laufen lassen. Letzteres ist auch fündig geworden.

FRST.txt:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:27-01-2016
durchgeführt von jubei (Administrator) auf JUBEI-WIN7 (06-02-2016 23:47:21)
Gestartet von C:\Users\jubei\Downloads
Geladene Profile: jubei (Verfügbare Profile: jubei & DefaultAppPool)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
() C:\Windows\SysWOW64\XSrvSetup.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Google Inc.) C:\Users\jubei\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jubei\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jubei\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jubei\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jubei\AppData\Local\Google\Chrome\Application\chrome.exe
(AppWork GmbH) C:\Users\jubei\AppData\Local\JDownloader 2.0\JDownloader2.exe
(Google Inc.) C:\Users\jubei\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jubei\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Google Inc.) C:\Users\jubei\AppData\Local\Google\Chrome\Application\chrome.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Google Inc.) C:\Users\jubei\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jubei\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jubei\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jubei\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jubei\AppData\Local\Google\Chrome\Application\chrome.exe
(BitTorrent Inc.) C:\Users\jubei\AppData\Roaming\uTorrent\uTorrent.exe
(BitTorrent Inc.) C:\Users\jubei\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe
(BitTorrent Inc.) C:\Users\jubei\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe
(Google Inc.) C:\Users\jubei\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jubei\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-15] (Adobe Systems Incorporated)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323584 2009-09-22] (Alcor Micro Corp.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM-x32\...\Run: [AsioThk32Reg] => REGSVR32.EXE /S CTASIO.DLL
HKLM-x32\...\Run: [CTHelper] => CTHELPER.EXE
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-01-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-18] (Advanced Micro Devices, Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-514761637-1918450526-2249266115-1001\...\Run: [Google Update] => C:\Users\jubei\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-04] (Google Inc.)
HKU\S-1-5-21-514761637-1918450526-2249266115-1001\...\Run: [Dropbox Update] => C:\Users\jubei\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\S-1-5-21-514761637-1918450526-2249266115-1001\...\Run: [WatchMyCam] => [X]
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{53eb09f4-5615-47cf-9426-39c64db513cf}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{53eb09f4-5615-47cf-9426-39c64db513cf}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\S-1-5-21-514761637-1918450526-2249266115-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
SearchScopes: HKU\S-1-5-21-514761637-1918450526-2249266115-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll => Keine Datei
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-10-21] (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-10-21] (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15118/CTPID.cab

FireFox:
========
FF ProfilePath: C:\Users\jubei\AppData\Roaming\Mozilla\Firefox\Profiles\0kdtfrm7.default
FF SearchEngineOrder.1: Ask Search
FF SelectedSearchEngine: Ask Search
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-19] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-19] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-10-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-10-21] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.5 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll [2010-09-02] (Wacom, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-514761637-1918450526-2249266115-1001: @tools.google.com/Google Update;version=3 -> C:\Users\jubei\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-514761637-1918450526-2249266115-1001: @tools.google.com/Google Update;version=9 -> C:\Users\jubei\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-514761637-1918450526-2249266115-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\jubei\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-04-10] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-514761637-1918450526-2249266115-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-06-19] ()
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-04-11] [ist nicht signiert]
FF Extension: Flash and Video Download - C:\Users\jubei\AppData\Roaming\Mozilla\Firefox\Profiles\0kdtfrm7.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-06-25] [ist nicht signiert]
FF Extension: Avira Browser Safety - C:\Users\jubei\AppData\Roaming\Mozilla\Firefox\Profiles\0kdtfrm7.default\Extensions\abs@avira.com [2015-08-09] [ist nicht signiert]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011-09-13] [ist nicht signiert]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2011-09-13] [ist nicht signiert]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-06-30] [ist nicht signiert]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-09-01] [ist nicht signiert]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2012-10-19] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt

Chrome:
=======
CHR Session Restore: Default -> ist aktiviert.
CHR Plugin: (Shockwave Flash) - C:\Users\jubei\AppData\Local\Google\Chrome\Application\48.0.2564.103\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll => Keine Datei
CHR Plugin: (Native Client) - C:\Users\jubei\AppData\Local\Google\Chrome\Application\48.0.2564.103\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Users\jubei\AppData\Local\Google\Chrome\Application\48.0.2564.103\pdf.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => Keine Datei
CHR Plugin: (Java(TM) Platform SE 6 U37) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll => Keine Datei
CHR Plugin: (Java Deployment Toolkit 6.0.370.6) - C:\Windows\SysWOW64\npdeployJava1.dll => Keine Datei
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll => Keine Datei
CHR Plugin: ( Wacom Dynamic Link Library) - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
CHR Plugin: (Google Update) - C:\Users\jubei\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll => Keine Datei
CHR Profile: C:\Users\jubei\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\jubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Adblock Plus) - C:\Users\jubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-04]
CHR Extension: (uBlock Origin) - C:\Users\jubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2016-01-12]
CHR Extension: (Google-Suche) - C:\Users\jubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\jubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2016-02-05]
CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\jubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak [2013-06-17] [UpdateUrl: hxxp://www.interoperabilitybridges.com/ChromeWMP/wmpChromeupdates.xml] <==== ACHTUNG
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\jubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24]
CHR Extension: (Google Mail) - C:\Users\jubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome - C:\Users\jubei\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249120 2016-01-05] (Avira Operations GmbH & Co. KG)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2011-09-13] (Creative Labs) [Datei ist nicht signiert]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2011-09-26] (Creative Labs) [Datei ist nicht signiert]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [Datei ist nicht signiert]
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [Datei ist nicht signiert]
R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72280 2010-09-07] ()
R2 MSSQL$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S4 msvsmon80; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4476096 2005-09-23] (Microsoft Corporation)
S4 nTuneService; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [276584 2010-03-22] (NVIDIA)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-07-22] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-01] (Avira Operations GmbH & Co. KG)
R3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (Visicom Media Inc.)
R3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-26] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-06 23:47 - 2016-02-06 23:47 - 00022383 _____ C:\Users\jubei\Downloads\FRST.txt
2016-02-06 23:46 - 2016-02-06 23:47 - 00000000 ____D C:\FRST
2016-02-06 23:45 - 2016-02-06 23:45 - 02370560 _____ (Farbar) C:\Users\jubei\Downloads\FRST64.exe
2016-02-06 23:00 - 2016-02-06 23:00 - 00026431 _____ C:\Users\jubei\Downloads\[kat.cr]digitaldesire.13.05.15.florence.dolce.xxx.720p.mp4.payiso.torrent
2016-02-06 22:59 - 2016-02-06 22:59 - 00014818 _____ C:\Users\jubei\Downloads\[kat.cr]florence.dolce.florence.dolce.rammed.hardcore.480x854.torrent
2016-02-06 22:59 - 2016-02-06 22:59 - 00000000 ____D C:\Users\jubei\AppData\LocalLow\uTorrent
2016-02-06 01:39 - 2016-02-06 01:39 - 00000118 _____ C:\Users\jubei\Desktop\New Super Mario Bros. U 100% Co-op Walkthrough Part 23 - YouTube.url
2016-02-06 00:49 - 2016-02-06 00:49 - 00121620 _____ C:\Users\jubei\Downloads\[kat.cr]x.art.16.02.04.caprice.and.jillian.the.luckiest.man.alive.xxx.1080p.mp4.ktr.rarbg.torrent
2016-02-06 00:49 - 2016-02-06 00:49 - 00017958 _____ C:\Users\jubei\Downloads\[kat.cr]alaina.dawson.jordan.ash.cute.little.things.2.2016.720p.torrent
2016-02-05 23:35 - 2016-02-05 23:35 - 00017001 _____ C:\Users\jubei\Downloads\[kat.cr]defloration.mirella.csikis.losing.of.virginity.720p.hd.torrent
2016-02-05 23:34 - 2016-02-05 23:34 - 00021228 _____ C:\Users\jubei\Downloads\[kat.cr]blacked.elsa.jean.zoey.monroe.blonde.babes.enjoy.bbc.foursome.05.02.16.rq.720p.mp4.torrent
2016-02-05 23:11 - 2016-02-05 23:11 - 00013673 _____ C:\Users\jubei\Downloads\[kat.cr]pornstarslikeitbig.brazzers.misha.cross.misha.cross.cums.clean.05.02.16.torrent
2016-02-05 22:29 - 2016-02-05 22:29 - 00016004 _____ C:\Users\jubei\Downloads\t1278715.torrent
2016-02-04 21:51 - 2016-02-04 21:51 - 00013543 _____ C:\Users\jubei\Downloads\[kat.cr]wowgirls.16.02.04.nancey.how.to.do.it.right.xxx.1080p.mp4.ktr.torrent
2016-02-04 21:49 - 2016-02-04 21:49 - 00011310 _____ C:\Users\jubei\Downloads\t1278320.torrent
2016-02-04 21:47 - 2016-02-04 21:47 - 00094328 _____ C:\Users\jubei\Downloads\[kat.cr]my.stepdad.took.my.virginity.2016.webrip.sd.split.scenes.torrent
2016-02-04 15:23 - 2016-02-04 15:23 - 00010922 _____ C:\Users\jubei\Downloads\[kat.cr]elitepain.life.in.the.eliteclub.19.mood.pictures.2015.torrent
2016-02-04 15:21 - 2016-02-04 15:21 - 00014739 _____ C:\Users\jubei\Downloads\[kat.cr]babes.chloe.amour.true.amour.04.02.2016.torrent
2016-02-04 15:21 - 2016-02-04 15:21 - 00013524 _____ C:\Users\jubei\Downloads\[kat.cr]welivetogether.valentina.nappi.luna.star.thrust.and.lust.04.02.16.rq.576p.mp4.torrent
2016-02-04 15:20 - 2016-02-04 15:20 - 00005156 _____ C:\Users\jubei\Downloads\[kat.cr]pornmegaload.16.02.03.adria.rae.my.moms.boyfriend.says.i.suck.cock.better.than.her.xxx.sd.mp4.rarbg.torrent
2016-02-03 22:43 - 2016-02-03 22:43 - 00014977 _____ C:\Users\jubei\Downloads\[kat.cr]innocenthigh.kharlie.stone.kharlies.cupcake.sale.03.02.2016.rq.540p.mp4.torrent
2016-02-03 18:09 - 2016-02-03 18:09 - 00151099 _____ C:\Users\jubei\Downloads\[kat.cr]bang.casting.jan.29.2016.alice.andrea.alice.andrea.first.interracial.scene.720p.torrent
2016-02-03 18:09 - 2016-02-03 18:09 - 00151099 _____ C:\Users\jubei\Downloads\[kat.cr]bang.casting.jan.29.2016.alice.andrea.alice.andrea.first.interracial.scene.720p (1).torrent
2016-02-03 15:06 - 2016-02-03 15:06 - 00071648 _____ C:\Users\jubei\Downloads\[kat.cr]sex.addicts.orgy.split.scenes.torrent
2016-02-03 14:58 - 2016-02-03 14:58 - 00012698 _____ C:\Users\jubei\Downloads\[kat.cr]houseoftaboo.tina.kay.gym.humiliation.brunette.submissive.receives.spanking.03.02.16.rq.540p.mp4.torrent
2016-02-03 14:55 - 2016-02-03 14:55 - 00119916 _____ C:\Users\jubei\Downloads\[kat.cr]whengirlsplay.16.02.03.celeste.star.and.leah.gotti.innocent.look.xxx.1080p.mp4.ktr.rarbg.torrent
2016-02-03 14:53 - 2016-02-03 14:53 - 00018964 _____ C:\Users\jubei\Downloads\[kat.cr]armani.monae.the.perfect.body.of.armani.1080x1920.torrent
2016-02-03 14:52 - 2016-02-03 14:52 - 00042504 _____ C:\Users\jubei\Downloads\[kat.cr]meanawolf.clips4sale.meana.wolf.newtons.handjob.torrent
2016-02-03 14:47 - 2016-02-03 14:47 - 00013356 _____ C:\Users\jubei\Downloads\[kat.cr]apolonia.lapiedra.apolonia.surfs.with.bruce.venture.2016.hd.720p.torrent
2016-02-03 14:40 - 2016-02-03 14:40 - 00018289 _____ C:\Users\jubei\Downloads\[kat.cr]facefuckingfacialabuse.lily.lovecraft.the.hooker.bimbo.does.facefucking.720p.torrent
2016-02-03 14:38 - 2016-02-03 14:38 - 00011530 _____ C:\Users\jubei\Downloads\[kat.cr]facefucking.facialabuse.may.west.2016.torrent
2016-02-03 14:37 - 2016-02-03 14:37 - 00066236 _____ C:\Users\jubei\Downloads\[kat.cr]facefucking.facialabuse.lexi.jaxson.4.720p.01.08.2016.mp4.torrent
2016-02-03 14:37 - 2016-02-03 14:37 - 00010933 _____ C:\Users\jubei\Downloads\[kat.cr]facefucking.facialabuse.fallon.west.29.01.2016.torrent
2016-02-03 00:06 - 2016-02-03 00:06 - 00027123 _____ C:\Users\jubei\Downloads\[kat.cr]propertysex.chanell.heart.stripper.pole.eviction.xxx.january.29.2016.new.torrent
2016-02-03 00:01 - 2016-02-03 00:01 - 00013371 _____ C:\Users\jubei\Downloads\t1277782.torrent
2016-02-02 22:21 - 2016-02-02 22:21 - 00053710 _____ C:\Users\jubei\Downloads\[kat.cr]punishteens.16.02.01.lyra.and.raven.xxx.1080p.mp4.ktr.torrent
2016-02-02 16:04 - 2016-02-02 16:04 - 00111427 _____ C:\Users\jubei\Downloads\[kat.cr]evilangel.the.trans.x.perience.rain.degrey.eva.cassini.720p.torrent
2016-02-02 16:04 - 2016-02-02 16:04 - 00094942 _____ C:\Users\jubei\Downloads\[kat.cr]hdmassageporn.16.02.02.lana.sweet.xxx.1080p.torrent
2016-02-02 14:28 - 2016-02-02 14:28 - 00062921 _____ C:\Users\jubei\Downloads\[kat.cr]babes.kassondra.raine.fallen.model.new.february.02.2016.720p.torrent
2016-02-02 14:14 - 2016-02-02 14:14 - 00016722 _____ C:\Users\jubei\Downloads\t1277508.torrent
2016-02-02 02:30 - 2016-02-02 02:30 - 00049731 _____ C:\Users\jubei\Downloads\[kat.cr]shemales.from.hell.adriana.rodrigues.hidden.love.to.members.mp4.torrent
2016-02-02 02:26 - 2016-02-02 02:26 - 00109178 _____ C:\Users\jubei\Downloads\[kat.cr]my.wife.is.my.pornstar.jan.25.2016.kagney.linn.karter.720p.torrent
2016-02-02 00:40 - 2016-02-02 00:40 - 00127743 _____ C:\Users\jubei\Downloads\[kat.cr]straplessdildo.16.02.01.maria.pie.and.mia.strapon.sex.in.leotards.xxx.1080p.torrent
2016-02-02 00:00 - 2016-02-02 00:00 - 00077985 _____ C:\Users\jubei\Downloads\[kat.cr]allgirlmassage.aspen.rae.dj.darcie.dolce.clit.massage.lesson.fantasymassage.1080p.new.february.01.2016.torrent
2016-02-01 23:52 - 2016-02-01 23:52 - 00007307 _____ C:\Users\jubei\Downloads\[kat.cr]aspen.first.anal.sex.with.young.sexy.aspen.540x960.torrent
2016-02-01 23:29 - 2016-02-01 23:29 - 00015576 _____ C:\Users\jubei\Downloads\[kat.cr]pornfidelity.cece.capella.massage.me.31.01.16.rq.mp4.torrent
2016-02-01 23:13 - 2016-02-01 23:13 - 00020625 _____ C:\Users\jubei\Downloads\[kat.cr]tushy.chloe.amour.real.estate.babe.gets.anal.01.02.16.rq.720p.mp4.torrent
2016-02-01 23:12 - 2016-02-01 23:12 - 00021105 _____ C:\Users\jubei\Downloads\[kat.cr]sierra.nevadah.soapy.shower.2016.hd.720p.torrent
2016-02-01 23:11 - 2016-02-01 23:11 - 00011943 _____ C:\Users\jubei\Downloads\[kat.cr]jamesdeen.niki.snow.anti.underwear.gaming.01.02.2016.rq.mp4.torrent
2016-02-01 23:10 - 2016-02-01 23:10 - 00014761 _____ C:\Users\jubei\Downloads\[kat.cr]brutalinvasion.lovenia.lux.2016.teen.3some.anal.720p.torrent
2016-02-01 23:00 - 2016-02-01 23:00 - 00012087 _____ C:\Users\jubei\Downloads\[kat.cr]punishteens.lilith.shayton.real.estate.babe.gets.anal.15.02.2016.rq.mp4.torrent
2016-02-01 14:12 - 2016-02-01 14:12 - 00015263 _____ C:\Users\jubei\Downloads\t1276950.torrent
2016-02-01 00:14 - 2016-02-01 00:14 - 00017420 _____ C:\Users\jubei\Downloads\[kat.cr]orgasmworldchampionship.yonitale.2016.01.20.alexis.crystal.vs.alexis.crystal.2016.1080p.torrent
2016-01-31 22:07 - 2016-01-31 22:07 - 00011795 _____ C:\Users\jubei\Downloads\t1276888.torrent
2016-01-31 22:06 - 2016-01-31 22:06 - 00012443 _____ C:\Users\jubei\Downloads\t1276525.torrent
2016-01-31 20:14 - 2016-01-31 20:14 - 00026489 _____ C:\Users\jubei\Downloads\[kat.cr]girlfriends.rita.tess.baking.love.together.xxx.new.released.23.january.2016.torrent
2016-01-31 20:14 - 2016-01-31 20:14 - 00012222 _____ C:\Users\jubei\Downloads\[kat.cr]girlfriends.eileen.sue.tess.intimate.lovers.gfx.1164.540p.16.01.2016.torrent
2016-01-31 20:12 - 2016-01-31 20:12 - 00021078 _____ C:\Users\jubei\Downloads\[kat.cr]blacked.kate.england.blonde.gets.anal.from.huge.black.cock.31.01.16.rq.720p.mp4.torrent
2016-01-31 20:09 - 2016-01-31 20:09 - 00112436 _____ C:\Users\jubei\Downloads\[kat.cr]videorama.gina.wild.jetzt.wird.es.schmutzig.xxx.dvdrip.avi.torrent
2016-01-31 20:09 - 2016-01-31 20:09 - 00020965 _____ C:\Users\jubei\Downloads\[kat.cr]woodmancastingx.rachel.james.updated.casting.x.151.13.01.16.rq.480p.full.version.mp4.torrent
2016-01-31 19:54 - 2016-01-31 19:54 - 00011432 _____ C:\Users\jubei\Downloads\[kat.cr]tsseduction.yasmin.lee.robert.axel.marcus.ruhl.21.05.14.540p.torrent
2016-01-31 19:52 - 2016-01-31 19:52 - 00012919 _____ C:\Users\jubei\Downloads\[kat.cr]eurogirlsongirls.ddfnetwork.timea.bela.and.diana.dolce.720p.31.01.2016.torrent
2016-01-31 15:20 - 2016-01-31 15:20 - 00016337 _____ C:\Users\jubei\Downloads\t1276411.torrent
2016-01-31 00:15 - 2016-01-31 00:15 - 00022218 _____ C:\Users\jubei\Downloads\[kat.cr]australian.open.2016.w.s.final.30.jan.1.s.williams.usa.v.7.a.kerber.ger.1080i.en.ru.sanchez2011.torrent
2016-01-30 22:46 - 2016-01-30 22:46 - 00114469 _____ C:\Users\jubei\Downloads\[kat.cr]i.vizi.anali.delle.collegiali.goldlight.xxx.italian.dvdrip.torrent
2016-01-30 22:31 - 2016-01-30 22:31 - 00015698 _____ C:\Users\jubei\Downloads\[kat.cr]australian.open.2016.w.s.sf.28.jan.7.a.kerber.ger.v.j.konta.ger.1080i.en.ru.sanchez2011.torrent
2016-01-30 22:30 - 2016-01-30 22:30 - 00014642 _____ C:\Users\jubei\Downloads\[kat.cr]australian.open.2016.w.s.r4.25.jan.7.a.kerber.ger.v.a.beck.ger.1080i.en.ru.sanchez2011.torrent
2016-01-30 21:36 - 2016-01-30 21:36 - 00018894 _____ C:\Users\jubei\Downloads\[kat.cr]defloration.16.01.07.alice.moss.hardcore.xxx.1080p.mp4.ktr.n1c.torrent
2016-01-30 21:32 - 2016-01-30 21:32 - 00021287 _____ C:\Users\jubei\Downloads\[kat.cr]megan.rain.marley.brinx.naughty.slut.puppies.looking.for.anal.sex.2016.hd.720p.torrent
2016-01-30 21:28 - 2016-01-30 21:28 - 00015373 _____ C:\Users\jubei\Downloads\[kat.cr]teencurves.mandy.muse.mandys.monstrous.curves.30.01.2016.rq.540p.mp4.torrent
2016-01-30 21:25 - 2016-01-30 21:25 - 00025503 _____ C:\Users\jubei\Downloads\[kat.cr]theartporn.wtfpass.rita.rush.youre.only.young.once.new.30.01.2016.mp4.torrent
2016-01-30 21:22 - 2016-01-30 21:22 - 00011568 _____ C:\Users\jubei\Downloads\[kat.cr]czechcasting.czechav.sabina.2424.30.01.2016.torrent
2016-01-30 21:21 - 2016-01-30 21:21 - 00011221 _____ C:\Users\jubei\Downloads\[kat.cr]sexually.broken.devilynne.bound.in.half.and.tag.team.fucked.by.huge.cock.finished.off.with.fucking.machine.devilynne.matt.williams.jack.hammer.high.torrent
2016-01-30 00:25 - 2016-01-30 00:25 - 00012281 _____ C:\Users\jubei\Downloads\t1275974.torrent
2016-01-30 00:08 - 2016-01-30 00:08 - 00011662 _____ C:\Users\jubei\Downloads\t1236747.torrent
2016-01-29 22:25 - 2016-01-29 22:25 - 00059046 _____ C:\Users\jubei\Downloads\[kat.cr]teenmegaworld.anal.beauty.lita.phoenix.teen.anal.hottie.mp4.torrent
2016-01-29 22:20 - 2016-01-29 22:20 - 00021422 _____ C:\Users\jubei\Downloads\t1275956.torrent
2016-01-29 20:50 - 2016-01-29 20:50 - 00113711 _____ C:\Users\jubei\Downloads\[kat.cr]immorallive.16.01.11.jordan.kennedy.xxx.1080p.mp4.ktr.rarbg.torrent
2016-01-29 20:41 - 2016-01-29 20:41 - 00008625 _____ C:\Users\jubei\Downloads\[kat.cr]claudia.jamsson.private.superfuckers.1999.dvdrip.torrent
2016-01-29 17:58 - 2016-01-29 17:58 - 00012231 _____ C:\Users\jubei\Downloads\[kat.cr]evilangel.harper.kelly.ts.tarynxo.trans.visions.7.29.jan.2016.rq.mp4.torrent
2016-01-29 17:57 - 2016-01-29 17:57 - 00010996 _____ C:\Users\jubei\Downloads\[kat.cr]elegantanal.babes.nikky.dream.the.closer.i.get.to.you.29.01.2016.torrent
2016-01-29 17:54 - 2016-01-29 17:54 - 00102612 _____ C:\Users\jubei\Downloads\[kat.cr]x.art.16.01.28.caprice.and.anny.aurora.4.way.in.4k.xxx.1080p.mp4.ktr.rarbg.torrent
2016-01-29 13:26 - 2016-01-29 13:26 - 01715625 _____ C:\Users\jubei\Downloads\numerik3.pdf
2016-01-28 18:20 - 2016-01-16 07:23 - 08728920 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-01-28 18:20 - 2016-01-16 07:20 - 06971752 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-01-28 18:20 - 2016-01-16 06:44 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-01-28 18:20 - 2016-01-16 06:35 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-01-28 18:20 - 2016-01-16 06:32 - 24602624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-01-28 18:20 - 2016-01-16 06:26 - 19338752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-01-28 18:20 - 2016-01-16 06:24 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-01-28 18:19 - 2016-01-16 07:37 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-01-28 18:19 - 2016-01-16 07:36 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-28 18:19 - 2016-01-16 07:36 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-28 18:19 - 2016-01-16 07:34 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-28 18:19 - 2016-01-16 07:24 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-01-28 18:19 - 2016-01-16 07:23 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-28 18:19 - 2016-01-16 07:23 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-28 18:19 - 2016-01-16 07:23 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-01-28 18:19 - 2016-01-16 07:23 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-01-28 18:19 - 2016-01-16 07:23 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-01-28 18:19 - 2016-01-16 07:21 - 22572624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-01-28 18:19 - 2016-01-16 07:21 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-01-28 18:19 - 2016-01-16 07:20 - 06600904 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-01-28 18:19 - 2016-01-16 07:20 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-28 18:19 - 2016-01-16 07:20 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-01-28 18:19 - 2016-01-16 07:20 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-01-28 18:19 - 2016-01-16 07:19 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-28 18:19 - 2016-01-16 07:19 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-01-28 18:19 - 2016-01-16 07:17 - 21125400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-01-28 18:19 - 2016-01-16 07:16 - 05238360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-01-28 18:19 - 2016-01-16 07:13 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-01-28 18:19 - 2016-01-16 07:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-01-28 18:19 - 2016-01-16 07:12 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-01-28 18:19 - 2016-01-16 07:09 - 01089880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-01-28 18:19 - 2016-01-16 07:08 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-01-28 18:19 - 2016-01-16 07:08 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-01-28 18:19 - 2016-01-16 06:46 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-01-28 18:19 - 2016-01-16 06:45 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-01-28 18:19 - 2016-01-16 06:44 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-01-28 18:19 - 2016-01-16 06:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll
2016-01-28 18:19 - 2016-01-16 06:44 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2016-01-28 18:19 - 2016-01-16 06:43 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2016-01-28 18:19 - 2016-01-16 06:42 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-01-28 18:19 - 2016-01-16 06:42 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll
2016-01-28 18:19 - 2016-01-16 06:41 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-01-28 18:19 - 2016-01-16 06:40 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-01-28 18:19 - 2016-01-16 06:40 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2016-01-28 18:19 - 2016-01-16 06:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2016-01-28 18:19 - 2016-01-16 06:40 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe
2016-01-28 18:19 - 2016-01-16 06:39 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2016-01-28 18:19 - 2016-01-16 06:38 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-01-28 18:19 - 2016-01-16 06:38 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-01-28 18:19 - 2016-01-16 06:38 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-01-28 18:19 - 2016-01-16 06:38 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
2016-01-28 18:19 - 2016-01-16 06:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-01-28 18:19 - 2016-01-16 06:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-01-28 18:19 - 2016-01-16 06:37 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-01-28 18:19 - 2016-01-16 06:37 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-01-28 18:19 - 2016-01-16 06:36 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-01-28 18:19 - 2016-01-16 06:36 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2016-01-28 18:19 - 2016-01-16 06:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-01-28 18:19 - 2016-01-16 06:36 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-01-28 18:19 - 2016-01-16 06:36 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2016-01-28 18:19 - 2016-01-16 06:35 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-01-28 18:19 - 2016-01-16 06:35 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll
2016-01-28 18:19 - 2016-01-16 06:34 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-01-28 18:19 - 2016-01-16 06:34 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-01-28 18:19 - 2016-01-16 06:34 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2016-01-28 18:19 - 2016-01-16 06:34 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-01-28 18:19 - 2016-01-16 06:34 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2016-01-28 18:19 - 2016-01-16 06:33 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2016-01-28 18:19 - 2016-01-16 06:33 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-01-28 18:19 - 2016-01-16 06:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-01-28 18:19 - 2016-01-16 06:32 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-01-28 18:19 - 2016-01-16 06:32 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2016-01-28 18:19 - 2016-01-16 06:31 - 00851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-01-28 18:19 - 2016-01-16 06:31 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-01-28 18:19 - 2016-01-16 06:31 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-01-28 18:19 - 2016-01-16 06:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-01-28 18:19 - 2016-01-16 06:31 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe
2016-01-28 18:19 - 2016-01-16 06:30 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-01-28 18:19 - 2016-01-16 06:30 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-01-28 18:19 - 2016-01-16 06:30 - 01053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-01-28 18:19 - 2016-01-16 06:30 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-01-28 18:19 - 2016-01-16 06:30 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-01-28 18:19 - 2016-01-16 06:30 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
2016-01-28 18:19 - 2016-01-16 06:29 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-01-28 18:19 - 2016-01-16 06:29 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-01-28 18:19 - 2016-01-16 06:28 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-01-28 18:19 - 2016-01-16 06:28 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-01-28 18:19 - 2016-01-16 06:28 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-01-28 18:19 - 2016-01-16 06:28 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2016-01-28 18:19 - 2016-01-16 06:28 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-01-28 18:19 - 2016-01-16 06:27 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-01-28 18:19 - 2016-01-16 06:26 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-01-28 18:19 - 2016-01-16 06:26 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-01-28 18:19 - 2016-01-16 06:26 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll
2016-01-28 18:19 - 2016-01-16 06:26 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-01-28 18:19 - 2016-01-16 06:25 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2016-01-28 18:19 - 2016-01-16 06:25 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-01-28 18:19 - 2016-01-16 06:25 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-01-28 18:19 - 2016-01-16 06:24 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-01-28 18:19 - 2016-01-16 06:24 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-01-28 18:19 - 2016-01-16 06:24 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-01-28 18:19 - 2016-01-16 06:24 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-01-28 18:19 - 2016-01-16 06:23 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-01-28 18:19 - 2016-01-16 06:23 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-01-28 18:19 - 2016-01-16 06:21 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-01-28 18:19 - 2016-01-16 06:20 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-01-28 18:19 - 2016-01-16 06:20 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-01-28 18:19 - 2016-01-16 06:20 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-01-28 18:19 - 2016-01-16 06:20 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2016-01-28 18:19 - 2016-01-16 06:19 - 12126208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-01-28 18:19 - 2016-01-16 06:19 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-01-28 18:19 - 2016-01-16 06:19 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-01-28 18:19 - 2016-01-16 06:19 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-01-28 18:19 - 2016-01-16 06:19 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-01-28 18:19 - 2016-01-16 06:18 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-01-28 18:19 - 2016-01-16 06:18 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-28 18:19 - 2016-01-16 06:17 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-01-28 18:19 - 2016-01-16 06:16 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-01-28 18:19 - 2016-01-16 06:16 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-28 18:19 - 2016-01-16 06:15 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-01-28 18:19 - 2016-01-16 06:14 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-01-28 18:19 - 2016-01-16 06:14 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-01-28 18:19 - 2016-01-16 06:11 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-01-28 18:19 - 2016-01-16 06:09 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-01-28 17:27 - 2016-01-28 17:27 - 00012988 _____ C:\Users\jubei\Downloads\[kat.cr]czechmassage.czechav.massage.214.21.01.2016.torrent
2016-01-28 17:26 - 2016-01-28 17:26 - 00011086 _____ C:\Users\jubei\Downloads\[kat.cr]czechmassage.czechav.massage.212.720p.14.01.2016.torrent
2016-01-28 17:22 - 2016-01-28 17:22 - 00053028 _____ C:\Users\jubei\Downloads\[kat.cr]freejanine.janine.lindemulder.and.vaniity.female.and.shemale.hd.torrent
2016-01-28 17:20 - 2016-01-28 17:20 - 00011242 _____ C:\Users\jubei\Downloads\[kat.cr]mia.isabella.vaniity.penis.pump.bts.2011.siterip.torrent
2016-01-28 17:19 - 2016-01-28 17:19 - 00016324 _____ C:\Users\jubei\Downloads\[kat.cr]exxxtrasmall.amara.romani.short.teen.fucked.by.pool.boy.28.01.2016.rq.540p.mp4.torrent
2016-01-28 17:18 - 2016-01-28 17:18 - 00018450 _____ C:\Users\jubei\Downloads\[kat.cr]welivetogether.rilynn.rae.abigail.mac.and.kenna.james.good.licks.xxx.torrent
2016-01-28 17:17 - 2016-01-28 17:17 - 00020753 _____ C:\Users\jubei\Downloads\[kat.cr]brazzersexxtra.brazzers.megan.rain.peta.jensen.sibling.rivalry.2.28.01.16.torrent
2016-01-28 17:15 - 2016-01-28 17:15 - 00059511 _____ C:\Users\jubei\Downloads\[kat.cr]nubilefilms.16.01.11.apolonia.lapiedra.passionate.beauty.xxx.1080p.mp4.ktr.torrent
2016-01-28 00:27 - 2016-01-28 00:27 - 00012993 _____ C:\Users\jubei\Downloads\[kat.cr]interracial.squirt.2016.web.dl.torrent
2016-01-28 00:23 - 2016-01-28 00:23 - 00014293 _____ C:\Users\jubei\Downloads\t1274952.torrent
2016-01-27 16:45 - 2016-01-27 16:45 - 00133640 _____ C:\Users\jubei\Downloads\[kat.cr]straplessdildo.maria.pie.and.rossy.bush.sex.in.silky.black.pantyhose.xxx.1080p.mp4.ktr.rarbg.new.release.january.26.2016.torrent
2016-01-27 14:46 - 2016-01-27 14:46 - 00053996 _____ C:\Users\jubei\Downloads\[kat.cr]passion.hd.keisha.grey.stretched.out.720p.new.january.27.2016.torrent
2016-01-27 14:43 - 2016-01-27 14:43 - 00014540 _____ C:\Users\jubei\Downloads\[kat.cr]babes.stepmomlessons.ania.kinski.christen.courtney.a.tasty.distraction.27.01.16.torrent
2016-01-27 00:18 - 2016-01-27 00:18 - 00019468 _____ C:\Users\jubei\Downloads\[kat.cr]wakeupnfuck.linda.sweet.terka.angeline.wunf.177.xxx.new.released.24.january.2016.torrent
2016-01-26 22:23 - 2016-01-26 22:23 - 00018353 _____ C:\Users\jubei\Downloads\[kat.cr]petiteballerinasfucked.vinna.reed.tiny.blonde.ballerina.26.01.16.rq.720p.mp4.torrent
2016-01-26 22:21 - 2016-01-26 22:21 - 00012334 _____ C:\Users\jubei\Downloads\[kat.cr]21naturals.21sextury.carla.crouz.paint.it.black.400157.15.11.15.torrent
2016-01-26 22:20 - 2016-01-26 22:20 - 00011630 _____ C:\Users\jubei\Downloads\[kat.cr]blacked.trillium.niki.snow.stepsisters.share.bbc.26.01.16.rq.720p.mp4.torrent
2016-01-26 21:09 - 2016-01-26 21:09 - 00094097 _____ C:\Users\jubei\Downloads\[kat.cr]carisha.all.sets.and.videos.torrent
2016-01-26 20:03 - 2016-01-26 20:03 - 00064143 _____ C:\Users\jubei\Downloads\[kat.cr]throated.16.01.15.olivia.austin.xxx.1080p.mp4.ktr.torrent
2016-01-26 16:09 - 2016-01-26 16:09 - 00014596 _____ C:\Users\jubei\Downloads\[kat.cr]fuckstudies.mila.nuar.tattooed.teen.ass.fucked.xxx.new.released.23.january.2016.torrent
2016-01-26 14:40 - 2016-01-26 14:40 - 00107227 _____ C:\Users\jubei\Downloads\[kat.cr]burningangel.16.01.23.axis.evol.oil.sex.xxx.1080p.mp4.ktr.rarbg.torrent
2016-01-26 14:40 - 2016-01-26 14:40 - 00044982 _____ C:\Users\jubei\Downloads\[kat.cr]21naturals.liz.polishing.the.hardware.hd.torrent
2016-01-26 14:38 - 2016-01-26 14:38 - 00011364 _____ C:\Users\jubei\Downloads\[kat.cr]whengirlsplay.twistys.kathrynn.st.croixx.shyla.jennings.new.year.new.girl.16.01.26.torrent
2016-01-26 14:37 - 2016-01-26 14:37 - 00179132 _____ C:\Users\jubei\Downloads\[kat.cr]big.butts.like.it.big.jan.26.2016.kagney.linn.karter.dont.touch.her.720p.torrent
2016-01-25 20:32 - 2016-01-25 20:32 - 00012251 _____ C:\Users\jubei\Downloads\[kat.cr]tushy.gracie.glam.student.takes.anal.from.older.guy.25.01.16.rq.720p.mp4.torrent
2016-01-25 14:21 - 2016-01-25 14:21 - 00115018 _____ C:\Users\jubei\Downloads\t1273547.torrent
2016-01-25 00:01 - 2016-01-25 00:01 - 00020918 _____ C:\Users\jubei\Downloads\[kat.cr]blacked.valentina.nappi.august.ames.two.rich.cheating.housewives.share.a.bbc.21.01.16.rq.720p.mp4.torrent
2016-01-24 14:03 - 2016-01-24 14:04 - 00018437 _____ C:\Users\jubei\Downloads\t1272963.torrent
2016-01-23 20:45 - 2016-01-23 20:45 - 00011472 _____ C:\Users\jubei\Downloads\[kat.cr]hoesntoes.3dxstar.tori.black.charmed.indeed.08.08.2013.torrent
2016-01-23 20:44 - 2016-01-23 20:44 - 00018469 _____ C:\Users\jubei\Downloads\[kat.cr]darkx.allie.haze.allie.haze.anal.15.01.16.torrent
2016-01-23 20:17 - 2016-01-23 20:17 - 00015909 _____ C:\Users\jubei\Downloads\t1272771.torrent
2016-01-23 17:49 - 2016-01-23 17:49 - 00015823 _____ C:\Users\jubei\Downloads\t1272669.torrent
2016-01-23 14:38 - 2016-01-23 14:38 - 00023537 _____ C:\Users\jubei\Downloads\t1272676.torrent
2016-01-23 13:42 - 2016-01-23 13:42 - 00011714 _____ C:\Users\jubei\Downloads\t1272508.torrent
2016-01-23 02:05 - 2016-01-23 02:05 - 00122666 _____ C:\Users\jubei\Downloads\[kat.cr]bitchconfessions.15.12.22.apolonia.trains.zoe.doll.xxx.torrent
2016-01-23 02:03 - 2016-01-23 02:03 - 00012118 _____ C:\Users\jubei\Downloads\[kat.cr]apolonia.zoe.doll.apolonia.trains.zoe.doll.2016.fullhd.1080p (1).torrent
2016-01-22 01:44 - 2016-01-22 01:44 - 00062877 _____ C:\Users\jubei\Downloads\[kat.cr]monstercurves.remy.lacroix.serious.curves.realitykings.576p.new.january.09.2016.torrent
2016-01-22 01:43 - 2016-01-22 01:43 - 00012118 _____ C:\Users\jubei\Downloads\[kat.cr]apolonia.zoe.doll.apolonia.trains.zoe.doll.2016.fullhd.1080p.torrent
2016-01-21 18:14 - 2016-01-21 18:14 - 00071169 _____ C:\Users\jubei\Downloads\[kat.cr]passion.hd.shyla.ryder.chloe.couture.vacation.threesome.720p.new.january.21.2016.torrent
2016-01-21 18:13 - 2016-01-21 18:13 - 00018167 _____ C:\Users\jubei\Downloads\[kat.cr]cumlouder.apolonia.zoe.doll.apolonia.trains.zoe.doll.22.01.2016.rq.mp4.torrent
2016-01-21 18:00 - 2016-01-21 18:00 - 00036169 _____ C:\Users\jubei\Downloads\radikalideal.pdf
2016-01-21 14:17 - 2016-01-21 14:17 - 01034195 _____ C:\Users\jubei\Downloads\kommutative_algebra.pdf
2016-01-21 00:26 - 2016-01-21 00:26 - 00019453 _____ C:\Users\jubei\Downloads\t1271265.torrent
2016-01-21 00:25 - 2016-01-21 00:25 - 00020050 _____ C:\Users\jubei\Downloads\t1271266.torrent
2016-01-21 00:23 - 2016-01-21 00:23 - 00141772 _____ C:\Users\jubei\Downloads\[kat.cr]primalfetish.clips4sale.amateurs.the.yoga.master.namaste.part.1.720p.torrent
2016-01-21 00:23 - 2016-01-21 00:23 - 00124052 _____ C:\Users\jubei\Downloads\[kat.cr]primalfetish.clips4sale.amateurs.the.yoga.master.namaste.part.2.720p.torrent
2016-01-21 00:21 - 2016-01-21 00:21 - 00039528 _____ C:\Users\jubei\Downloads\[kat.cr]vipissy.16.01.20.nicole.vice.and.delphine.xxx.1080p.mp4.ktr.torrent
2016-01-20 22:57 - 2016-01-20 22:57 - 00018071 _____ C:\Users\jubei\Downloads\[kat.cr]skin.diamond.kleio.valentien.a.lesbian.romance.2016.fullhd.1080p.torrent
2016-01-20 22:55 - 2016-01-20 22:55 - 00015356 _____ C:\Users\jubei\Downloads\[kat.cr]tori.black.fucking.machines.pack.all.her.fm.6.scenes.720p.ttb.torrent
2016-01-20 22:40 - 2016-01-20 22:40 - 00012591 _____ C:\Users\jubei\Downloads\[kat.cr]femdomempire.mia.malkova.stretched.to.gape.18.01.2016г.torrent
2016-01-20 19:50 - 2016-01-20 19:50 - 00032550 _____ C:\Users\jubei\Downloads\[kat.cr]wowgirls.paula.shy.time.to.pay.the.fiddler.720p.new.january.20.2016.torrent
2016-01-20 19:49 - 2016-01-20 19:49 - 00011857 _____ C:\Users\jubei\Downloads\[kat.cr]handsonhardcore.ddfnetwork.tina.kay.good.morning.sunshine.starting.the.day.with.heavy.pussy.stuffing.19.01.16.torrent
2016-01-20 19:48 - 2016-01-20 19:48 - 00015883 _____ C:\Users\jubei\Downloads\[kat.cr]trickyspa.16.01.20.devyn.heart.fooling.the.family.part.four.xxx.1080p.mp4.ktr.torrent
2016-01-20 19:46 - 2016-01-20 19:46 - 00015825 _____ C:\Users\jubei\Downloads\[kat.cr]mormongirlz.16.01.15.grace.first.seeding.xxx.1080p.mp4.ktr.torrent
2016-01-20 19:45 - 2016-01-20 19:45 - 00016284 _____ C:\Users\jubei\Downloads\[kat.cr]mormongirlz.16.01.08.grace.disciplinary.action.xxx.1080p.mp4.ktr.torrent
2016-01-20 19:44 - 2016-01-20 19:44 - 00049707 _____ C:\Users\jubei\Downloads\[kat.cr]teenbitchclub.jessi.gold.jessis.golden.experience.21sextury.720p.new.january.20.2016.torrent
2016-01-20 00:30 - 2016-01-20 00:30 - 00016399 _____ C:\Users\jubei\Downloads\[kat.cr]kleio.valentien.spizoo.kleio.anal.pov (1).torrent
2016-01-19 23:41 - 2016-01-19 23:41 - 00077485 _____ C:\Users\jubei\Downloads\[kat.cr]firstclasspov.kleio.valentien.kleio.anal.pov.720p.16.02.2014.new.release.mp4.torrent
2016-01-19 23:39 - 2016-01-19 23:39 - 00061800 _____ C:\Users\jubei\Downloads\[kat.cr]private.timea.bela.cute.teen.timea.bela.loves.to.ride.big.hard.cock.full.hd.torrent
2016-01-19 23:34 - 2016-01-19 23:34 - 00014198 _____ C:\Users\jubei\Downloads\[kat.cr]neighboraffair.naughtyamerica.katalina.mills.20649.13.01.16 (1).torrent
2016-01-19 23:31 - 2016-01-19 23:31 - 00068865 _____ C:\Users\jubei\Downloads\[kat.cr]passion.hd.marley.brinx.a.strangers.touch.hd.720p.torrent
2016-01-19 23:27 - 2016-01-19 23:27 - 00051234 _____ C:\Users\jubei\Downloads\[kat.cr]mormongirlz.anne.first.seeding.mp4.torrent
2016-01-19 23:26 - 2016-01-19 23:26 - 00015058 _____ C:\Users\jubei\Downloads\[kat.cr]creampie.angels.vega.aka.shrima.malati.bikini.teen.creampie.19.01.16.rq.540p.mp4.torrent
2016-01-19 23:25 - 2016-01-19 23:25 - 00028170 _____ C:\Users\jubei\Downloads\[kat.cr]femaleagent.e336.ricky.xxx.1080p.mov.ktr.torrent
2016-01-19 23:24 - 2016-01-19 23:24 - 00014713 _____ C:\Users\jubei\Downloads\[kat.cr]blackisbetter.babes.melissa.moore.recital.of.her.dreams.19.01.16.torrent
2016-01-19 23:24 - 2016-01-19 23:24 - 00010334 _____ C:\Users\jubei\Downloads\[kat.cr]x.art.16.01.18.lily.ivy.and.madi.meadows.horsing.around.xxx.1080p.mp4.ktr.torrent
2016-01-19 00:18 - 2016-01-19 00:18 - 00012770 _____ C:\Users\jubei\Downloads\[kat.cr]teenpies.uma.jolie.creampie.business.plan.18.01.2016.rq.540p.mp4.torrent
2016-01-19 00:08 - 2016-01-19 00:08 - 00012646 _____ C:\Users\jubei\Downloads\t1270733.torrent
2016-01-18 22:13 - 2016-01-18 22:13 - 00014012 _____ C:\Users\jubei\Downloads\t1270447.torrent
2016-01-18 22:12 - 2016-01-18 22:12 - 00020349 _____ C:\Users\jubei\Downloads\[kat.cr]mia.malkova.immersed.in.desire.03.04.15.2015.hd.720p.torrent
2016-01-18 22:09 - 2016-01-18 22:09 - 00013946 _____ C:\Users\jubei\Downloads\[kat.cr]penthouse.melanie.rios.hot.sexy.tamales.secret.admirer.torrent
2016-01-18 22:09 - 2016-01-18 22:09 - 00013946 _____ C:\Users\jubei\Downloads\[kat.cr]penthouse.melanie.rios.hot.sexy.tamales.secret.admirer (1).torrent
2016-01-18 22:07 - 2016-01-18 22:07 - 00011379 _____ C:\Users\jubei\Downloads\[kat.cr]tushy.arya.fae.hot.teen.gets.first.anal.18.01.16.rq.720p.mp4.torrent
2016-01-18 18:31 - 2016-01-18 18:31 - 00018516 _____ C:\Users\jubei\Downloads\[kat.cr]bigtitsatschool.brazzers.peta.jensen.one.wet.cheerleader.18.01.16.torrent
2016-01-18 18:12 - 2016-01-18 18:12 - 00714231 _____ C:\Users\jubei\Downloads\ot.pdf
2016-01-18 02:48 - 2016-01-18 02:48 - 00038837 _____ C:\Users\jubei\Downloads\[kat.cr]18onlygirls.gina.gerson.paula.shy.vinna.reed.share.the.love.720p.new.january.17.2016.torrent
2016-01-18 02:47 - 2016-01-18 02:47 - 00042588 _____ C:\Users\jubei\Downloads\[kat.cr]babes.jan.17.2016.anna.morna.flirts.first.day.720p.torrent
2016-01-18 02:46 - 2016-01-18 02:46 - 00148128 _____ C:\Users\jubei\Downloads\[kat.cr]teens.like.it.big.jan.17.2016.marsha.may.hand.in.the.cookie.jar.720p.torrent
2016-01-18 02:46 - 2016-01-18 02:46 - 00012106 _____ C:\Users\jubei\Downloads\[kat.cr]21naturals.21sextury.arwen.gold.all.natural.400164.17.01.16.torrent
2016-01-18 02:20 - 2016-01-18 02:20 - 00011024 _____ C:\Users\jubei\Downloads\[kat.cr]jessicajaymesxxx.spizoo.jessica.jaymes.jessica.jaymes.naughty.outdoor.01.15.2016.1080p.torrent
2016-01-17 00:23 - 2016-01-17 00:23 - 00046620 _____ C:\Users\jubei\Downloads\[kat.cr]jacquieetmicheltv.amateurs.baise.en.public.au.liouquet.mp4.torrent
2016-01-17 00:22 - 2016-01-17 00:22 - 00020482 _____ C:\Users\jubei\Downloads\[kat.cr]megan.rain.teen.dp.queen.caught.in.an.oil.slick.2016.hd.720p.torrent
2016-01-17 00:21 - 2016-01-17 00:21 - 00012675 _____ C:\Users\jubei\Downloads\[kat.cr]x.art.16.01.15.ria.sun.sweet.fucking.sensations.xxx.1080p.mp4.ktr.n1c.torrent
2016-01-17 00:19 - 2016-01-17 00:19 - 00012240 _____ C:\Users\jubei\Downloads\[kat.cr]blacked.layna.landry.trophy.wife.does.two.bbcs.for.her.husband.16.01.16.2016.threesome.mmf.deep.throat.teen.ir.big.dick.all.sex.720p.torrent
2016-01-17 00:18 - 2016-01-17 00:18 - 00019148 _____ C:\Users\jubei\Downloads\[kat.cr]girlsdoporn.20.years.old.e350.new.january.16.2016.torrent
2016-01-16 16:26 - 2016-01-22 00:36 - 00000000 ____D C:\Users\jubei\Documents\MicroBasic
2016-01-16 16:22 - 2016-01-16 16:22 - 00000000 ____D C:\Users\jubei\AppData\Local\Roboteq
2016-01-16 13:52 - 2016-01-16 13:52 - 00002619 _____ C:\Users\Public\Desktop\Roborun+.lnk
2016-01-16 13:52 - 2016-01-16 13:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roboteq
2016-01-16 13:52 - 2016-01-16 13:52 - 00000000 ____D C:\Program Files (x86)\Roboteq
2016-01-15 23:52 - 2016-01-15 23:52 - 00016307 _____ C:\Users\jubei\Downloads\[kat.cr]pretty.fly.for.a.white.guy.2.2015.web.dl.torrent
2016-01-15 23:50 - 2016-01-15 23:50 - 00018310 _____ C:\Users\jubei\Downloads\[kat.cr]beauty4k.teenmegaworld.kristyna.15.01.2016.torrent
2016-01-15 23:46 - 2016-01-15 23:46 - 00013287 _____ C:\Users\jubei\Downloads\[kat.cr]x.art.16.01.14.izzy.its.getting.hot.in.here.xxx.1080p.mp4.ktr.n1c.torrent
2016-01-15 23:43 - 2016-01-15 23:43 - 00072315 _____ C:\Users\jubei\Downloads\[kat.cr]darkx.allie.haze.11516.720p.torrent
2016-01-15 23:40 - 2016-01-15 23:40 - 00028821 _____ C:\Users\jubei\Downloads\[kat.cr]jjoymi.kiara.l.when.the.sun.goes.down.new.15.01.2016.torrent
2016-01-15 23:28 - 2016-01-15 23:28 - 00033265 _____ C:\Users\jubei\Downloads\[kat.cr]tsseduction.kayla.biggs.kayla.biggs.and.abel.archer.torrent
2016-01-15 23:27 - 2016-01-15 23:27 - 00046600 _____ C:\Users\jubei\Downloads\[kat.cr]trickyourgf.alaina.eskimo.brothers.torrent
2016-01-15 23:04 - 2016-01-15 23:04 - 00012359 _____ C:\Users\jubei\Downloads\[kat.cr]5starsex.com.masha.nick.torrent
2016-01-15 23:02 - 2016-01-15 23:02 - 00021498 _____ C:\Users\jubei\Downloads\[kat.cr]lara.montana.5.clips.deep.throat.fuck.deepthroat.gagging.throatfucking.torrent
2016-01-15 22:43 - 2016-01-15 22:43 - 00015286 _____ C:\Users\jubei\Downloads\t1269231.torrent
2016-01-15 22:36 - 2016-01-15 22:36 - 00015667 _____ C:\Users\jubei\Downloads\t1269226.torrent
2016-01-15 20:13 - 2016-01-15 20:13 - 00015367 _____ C:\Users\jubei\Downloads\[kat.cr]elegantanal.babes.timea.bella.never.too.much.15.01.16.torrent
2016-01-15 20:02 - 2016-01-15 20:02 - 00021160 _____ C:\Users\jubei\Downloads\t1269146.torrent
2016-01-15 19:48 - 2016-01-15 19:49 - 00000000 ____D C:\Users\jubei\Desktop\roborun
2016-01-15 01:44 - 2016-01-15 01:44 - 00032272 _____ C:\Users\jubei\Downloads\[kat.cr]house.call.nurses.2.xxx.720p.webrip.mp4.gush.n1c.torrent
2016-01-15 01:43 - 2016-01-15 01:43 - 00016288 _____ C:\Users\jubei\Downloads\[kat.cr]house.call.nurses.mike.quasar.zero.tolerance.2015.web.dl.720p.torrent
2016-01-15 01:03 - 2016-01-15 01:03 - 00020992 _____ C:\Users\jubei\Downloads\[kat.cr]house.call.nurses.2.zero.tolerance.split.scenes.2015.torrentnew.release.torrent
2016-01-15 00:58 - 2016-01-15 00:58 - 00013962 _____ C:\Users\jubei\Downloads\[kat.cr]anikka.albrite.mia.malkova.bring.the.heat.2016.hd.720p.torrent
2016-01-15 00:57 - 2016-01-15 00:57 - 00011239 _____ C:\Users\jubei\Downloads\[kat.cr]massagerooms.sexyhub.angel.george.on.angel.mr1490.14.01.16.torrent
2016-01-15 00:56 - 2016-01-15 00:56 - 00019470 _____ C:\Users\jubei\Downloads\[kat.cr]babygotboobs.brazzers.alix.lynx.wheel.of.fucking.14.01.16.torrent
2016-01-15 00:54 - 2016-01-15 00:54 - 00027535 _____ C:\Users\jubei\Downloads\[kat.cr]bigbuttslikeitbig.nyomi.banxxx.anal.coverage.xxx.x264.torrent
2016-01-15 00:41 - 2016-01-15 00:41 - 00016602 _____ C:\Users\jubei\Downloads\t1268399.torrent
2016-01-14 23:57 - 2016-01-14 23:57 - 00016947 _____ C:\Users\jubei\Downloads\t1268636.torrent
2016-01-14 23:56 - 2016-01-14 23:56 - 00014852 _____ C:\Users\jubei\Downloads\t1268476.torrent
2016-01-14 14:24 - 2016-01-14 14:24 - 00013719 _____ C:\Users\jubei\Downloads\t1268323.torrent
2016-01-14 00:46 - 2016-01-14 00:46 - 00045480 _____ C:\Users\jubei\Downloads\[kat.cr]private.antonia.sainz.nympho.nurse.antonia.sainz.rides.her.firm.ass.on.a.stiff.cock.720p.new.august.25.2015.torrent
2016-01-14 00:44 - 2016-01-14 00:44 - 00016399 _____ C:\Users\jubei\Downloads\[kat.cr]kleio.valentien.spizoo.kleio.anal.pov.torrent
2016-01-14 00:42 - 2016-01-14 00:42 - 00012355 _____ C:\Users\jubei\Downloads\[kat.cr]dillion.harper.manuel.ferrara.2.cute.4.porn.3.scene.2.2016.hd.720p.torrent
2016-01-14 00:41 - 2016-01-14 00:41 - 00014412 _____ C:\Users\jubei\Downloads\[kat.cr]neighboraffair.naughtyamerica.katalina.mills.20649.13.01.16.torrent
2016-01-14 00:40 - 2016-01-14 00:40 - 00011212 _____ C:\Users\jubei\Downloads\[kat.cr]teenslikeitbig.brazzers.cindy.loarn.don.t.go.through.that.door.13.01.16.torrent
2016-01-14 00:36 - 2016-01-14 00:36 - 00015354 _____ C:\Users\jubei\Downloads\[kat.cr]stepmomlessons.babes.kristy.black.nicole.vice.between.the.sheets.13.01.16.torrent
2016-01-14 00:35 - 2016-01-14 00:35 - 00019038 _____ C:\Users\jubei\Downloads\[kat.cr]wowgirls.nancy.a.two.becomes.one.2016.01.18.2016.all.sex.oral.sex.720p.pre.release.torrent
2016-01-13 20:17 - 2016-01-13 20:17 - 00013800 _____ C:\Users\jubei\Downloads\t1267809.torrent
2016-01-13 20:16 - 2016-01-13 20:16 - 00023794 _____ C:\Users\jubei\Downloads\t1268098.torrent
2016-01-13 20:09 - 2016-01-13 20:09 - 00007309 _____ C:\Users\jubei\Downloads\t1267724.torrent
2016-01-12 22:45 - 2016-01-12 22:45 - 00007973 _____ C:\Users\jubei\Downloads\[kat.cr]hegre.art.16.01.12.erotic.flexi.massage.xxx.1080p.mp4.ktr.n1c.torrent
2016-01-12 22:41 - 2016-01-12 22:41 - 00034774 _____ C:\Users\jubei\Downloads\[kat.cr]teenylovers.anouk.alexis.crystal.gymnastic.wall.for.sex.720p.05.03.2014.new.release.mp4.torrent
2016-01-12 21:30 - 2016-01-05 03:51 - 07477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-01-12 21:30 - 2016-01-05 03:51 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-01-12 21:30 - 2016-01-05 03:51 - 01141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-01-12 21:30 - 2016-01-05 03:50 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-12 21:30 - 2016-01-05 03:48 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-01-12 21:30 - 2016-01-05 03:45 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-01-12 21:30 - 2016-01-05 03:42 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-01-12 21:30 - 2016-01-05 03:37 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-12 21:30 - 2016-01-05 03:37 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-12 21:30 - 2016-01-05 03:37 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-01-12 21:30 - 2016-01-05 03:37 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-12 21:30 - 2016-01-05 03:37 - 00234504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-01-12 21:30 - 2016-01-05 03:36 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-01-12 21:30 - 2016-01-05 03:33 - 02180128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-12 21:30 - 2016-01-05 03:33 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-12 21:30 - 2016-01-05 03:33 - 00701384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-01-12 21:30 - 2016-01-05 03:33 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-01-12 21:30 - 2016-01-05 03:33 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-12 21:30 - 2016-01-05 03:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-01-12 21:30 - 2016-01-05 03:27 - 01594408 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-12 21:30 - 2016-01-05 03:24 - 00796352 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-01-12 21:30 - 2016-01-05 03:23 - 01804664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-12 21:30 - 2016-01-05 03:23 - 01309376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-01-12 21:30 - 2016-01-05 03:23 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-01-12 21:30 - 2016-01-05 03:23 - 00119320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-12 21:30 - 2016-01-05 03:21 - 01371792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-01-12 21:30 - 2016-01-05 03:17 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-01-12 21:30 - 2016-01-05 03:16 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-01-12 21:30 - 2016-01-05 02:57 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-01-12 21:30 - 2016-01-05 02:54 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-01-12 21:30 - 2016-01-05 02:50 - 00644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-01-12 21:30 - 2016-01-05 02:50 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-01-12 21:30 - 2016-01-05 02:49 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-12 21:30 - 2016-01-05 02:49 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-01-12 21:30 - 2016-01-05 02:49 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll
2016-01-12 21:30 - 2016-01-05 02:48 - 01009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-12 21:30 - 2016-01-05 02:48 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-12 21:30 - 2016-01-05 02:47 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-01-12 21:30 - 2016-01-05 02:47 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-01-12 21:30 - 2016-01-05 02:45 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-01-12 21:30 - 2016-01-05 02:45 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-01-12 21:30 - 2016-01-05 02:43 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-01-12 21:30 - 2016-01-05 02:43 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-01-12 21:30 - 2016-01-05 02:41 - 00558592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-01-12 21:30 - 2016-01-05 02:40 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-01-12 21:30 - 2016-01-05 02:39 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-01-12 21:30 - 2016-01-05 02:39 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-12 21:30 - 2016-01-05 02:39 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-01-12 21:30 - 2016-01-05 02:38 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-01-12 21:30 - 2016-01-05 02:36 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-01-12 21:30 - 2016-01-05 02:30 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-01-12 21:30 - 2016-01-05 02:30 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-01-12 21:30 - 2016-01-05 02:29 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-01-12 21:30 - 2016-01-05 02:28 - 07826432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-01-12 21:30 - 2016-01-05 02:28 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-01-12 21:30 - 2016-01-05 02:25 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-01-12 21:29 - 2016-01-05 02:57 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll
2016-01-12 21:29 - 2016-01-05 02:56 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-01-12 21:29 - 2016-01-05 02:53 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2016-01-12 21:29 - 2016-01-05 02:52 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-01-12 21:29 - 2016-01-05 02:51 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-01-12 21:29 - 2016-01-05 02:51 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-01-12 21:29 - 2016-01-05 02:49 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-01-12 21:29 - 2016-01-05 02:49 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-01-12 21:29 - 2016-01-05 02:48 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-01-12 21:29 - 2016-01-05 02:47 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-01-12 21:29 - 2016-01-05 02:44 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2016-01-12 21:29 - 2016-01-05 02:43 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-01-12 21:29 - 2016-01-05 02:42 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-01-12 21:29 - 2016-01-05 02:41 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-01-12 21:29 - 2016-01-05 02:40 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2016-01-12 21:29 - 2016-01-05 02:39 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-01-12 21:29 - 2016-01-05 02:36 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-01-12 20:11 - 2016-01-12 20:11 - 00017404 _____ C:\Users\jubei\Downloads\[kat.cr]kleio.valentine.tits.tats.and.deepthroat.2016.throated.myxxxpass.fullhd.torrent
2016-01-12 20:10 - 2016-01-12 20:10 - 00027749 _____ C:\Users\jubei\Downloads\[kat.cr]ring.360.cola.and.cigarettes.torrent
2016-01-12 14:57 - 2016-01-12 14:57 - 00012701 _____ C:\Users\jubei\Downloads\t1267374.torrent
2016-01-12 14:56 - 2016-01-12 14:56 - 00012033 _____ C:\Users\jubei\Downloads\t1267380.torrent
2016-01-12 02:29 - 2016-01-12 02:29 - 00000000 ____D C:\Users\jubei\Documents\WatchMyCam
2016-01-12 02:29 - 2016-01-12 02:29 - 00000000 ____D C:\ProgramData\WatchMyCam
2016-01-12 02:29 - 2016-01-12 02:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WatchMyCam
2016-01-12 02:29 - 2016-01-12 02:29 - 00000000 ____D C:\Program Files (x86)\WatchMyCam
2016-01-12 02:28 - 2016-01-12 02:28 - 03111455 _____ (hepasoft oHG, Germany ) C:\Users\jubei\Downloads\watchmycam_setup.exe
2016-01-12 01:20 - 2016-01-12 01:20 - 00016321 _____ C:\Users\jubei\Downloads\[kat.cr]monstercurves.remy.lacroix.serious.curves.1.9.16.576p.torrent
2016-01-12 01:14 - 2016-01-12 01:14 - 00015044 _____ C:\Users\jubei\Downloads\[kat.cr]ladyvoyeurs.15.09.23.emma.c.sisters.best.friend.xxx.1080p.mp4.ktr.torrent
2016-01-12 00:37 - 2016-01-12 00:37 - 00014899 _____ C:\Users\jubei\Downloads\[kat.cr]ladyvoyeurs.emma.c.sisters.best.friend.xxx.1080p.mp4.ktr.bty.mp4.torrent
2016-01-12 00:35 - 2016-01-12 00:35 - 00021104 _____ C:\Users\jubei\Downloads\t1267141.torrent
2016-01-12 00:21 - 2016-01-12 00:21 - 00014590 _____ C:\Users\jubei\Downloads\t1267305.torrent
2016-01-11 22:51 - 2016-01-11 22:51 - 00053849 _____ C:\Users\jubei\Downloads\[kat.cr]scoreland.mia.khalifa.graduating.summa.cum.loud.720p.mp4.torrent
2016-01-11 22:50 - 2016-01-11 22:50 - 00041198 _____ C:\Users\jubei\Downloads\[kat.cr]fassinating.nataly.von.teachers.pet.torrent
2016-01-11 22:44 - 2016-01-11 22:44 - 00018690 _____ C:\Users\jubei\Downloads\[kat.cr]bangbros.assparade.abby.lee.brazil.all.natural.brazilian.booty.jan.11.2016.torrent
2016-01-11 22:43 - 2016-01-11 22:43 - 00019274 _____ C:\Users\jubei\Downloads\[kat.cr]cassidy.klein.facade.scene.4.2016.hd.720p.torrent
2016-01-11 22:42 - 2016-01-11 22:42 - 00018294 _____ C:\Users\jubei\Downloads\[kat.cr]cassidy.klein.facade.scene.2.2016.hd.720p.torrent
2016-01-11 22:40 - 2016-01-11 22:40 - 00014169 _____ C:\Users\jubei\Downloads\[kat.cr]czechmassage.czechav.massage.211.11.01.2016.torrent
2016-01-11 22:35 - 2016-01-11 22:35 - 00027124 _____ C:\Users\jubei\Downloads\[kat.cr]exxxtrasmall.teamskeet.anya.olsen.extra.small.escort.new.11.01.16.mp4.torrent
2016-01-11 22:26 - 2016-01-11 22:26 - 00012611 _____ C:\Users\jubei\Downloads\[kat.cr]tsseduction.ts.37475.yasmin.lee.and.jimmy.bullet.hi.torrent
2016-01-11 22:25 - 2016-01-11 22:25 - 00018207 _____ C:\Users\jubei\Downloads\[kat.cr]blacked.anny.aurora.german.teen.gets.monster.black.cock.on.vacation.11.01.16.rq.720p.mp4.torrent
2016-01-11 22:22 - 2016-01-11 22:22 - 00020527 _____ C:\Users\jubei\Downloads\[kat.cr]tushy.amanda.lane.cheating.girlfriend.does.anal.with.roommate.11.01.16.rq.720p.mp4.torrent
2016-01-11 14:54 - 2016-01-11 14:54 - 00000000 ____D C:\Users\jubei\Downloads\microbasic_sample_scripts
2016-01-09 16:21 - 2016-01-09 16:21 - 00087740 _____ C:\Users\jubei\Downloads\ufonts.com_old-english-text-mt.ttf
2016-01-07 15:13 - 2016-01-07 18:08 - 00013342 _____ C:\Users\jubei\Documents\sichler_rentenversicherung.odt
2016-01-07 00:47 - 2016-01-07 00:47 - 00000067 _____ C:\Users\jubei\Desktop\Hykem - GBAtemp.net -- The Independent Video Game Community- 3DS, Gateway 3DS, NDS and R4, Wii, PSP, PS4, Xbox One and all the gaming universe.url

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-06 23:47 - 2013-11-12 16:39 - 00000000 ____D C:\Users\jubei\AppData\Roaming\uTorrent
2016-02-06 23:34 - 2011-09-13 16:30 - 00001142 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-514761637-1918450526-2249266115-1001UA.job
2016-02-06 23:00 - 2012-09-16 04:48 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-02-06 22:58 - 2015-06-18 18:48 - 00001224 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-514761637-1918450526-2249266115-1001UA.job
2016-02-06 18:40 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-06 15:34 - 2011-09-13 16:30 - 00001090 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-514761637-1918450526-2249266115-1001Core.job
2016-02-06 14:02 - 2015-10-11 22:58 - 00000000 ____D C:\Users\jubei\AppData\Local\JDownloader 2.0
2016-02-06 01:47 - 2011-09-26 12:48 - 00029604 _____ C:\WINDOWS\system32\BMXCtrlState-{00000005-00000000-00000000-00001102-00000008-10211102}.rfx
2016-02-06 01:47 - 2011-09-26 12:48 - 00029604 _____ C:\WINDOWS\system32\BMXBkpCtrlState-{00000005-00000000-00000000-00001102-00000008-10211102}.rfx
2016-02-06 01:47 - 2011-09-26 12:48 - 00011564 _____ C:\WINDOWS\system32\DVCState-{00000005-00000000-00000000-00001102-00000008-10211102}.rfx
2016-02-06 01:47 - 2011-09-13 17:01 - 00033688 _____ C:\WINDOWS\system32\BMXStateBkp-{00000005-00000000-00000000-00001102-00000008-10211102}.rfx
2016-02-06 01:47 - 2011-09-13 17:01 - 00033688 _____ C:\WINDOWS\system32\BMXState-{00000005-00000000-00000000-00001102-00000008-10211102}.rfx
2016-02-06 01:12 - 2015-08-09 23:22 - 00000000 ____D C:\Users\jubei\AppData\Roaming\vlc
2016-02-05 23:58 - 2015-06-18 18:48 - 00001172 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-514761637-1918450526-2249266115-1001Core.job
2016-02-05 22:56 - 2015-08-10 23:04 - 00000505 _____ C:\Users\jubei\Desktop\Cortana Suche.txt
2016-02-05 20:51 - 2015-08-09 05:04 - 00000000 ____D C:\ProgramData\Package Cache
2016-02-05 20:51 - 2014-02-24 00:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-02-05 15:02 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-05 00:35 - 2011-09-13 16:32 - 00002485 _____ C:\Users\jubei\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-04 21:31 - 2015-11-27 05:45 - 02218850 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-04 21:31 - 2015-10-30 19:35 - 00935198 _____ C:\WINDOWS\system32\perfh007.dat
2016-02-04 21:31 - 2015-10-30 19:35 - 00215216 _____ C:\WINDOWS\system32\perfc007.dat
2016-02-04 21:31 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-02-02 15:29 - 2011-09-13 16:30 - 00004258 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-514761637-1918450526-2249266115-1001UA
2016-02-02 15:29 - 2011-09-13 16:30 - 00003882 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-514761637-1918450526-2249266115-1001Core
2016-02-01 04:12 - 2015-10-26 02:33 - 00000000 ____D C:\Users\jubei\AppData\Local\ManyCam
2016-01-31 13:56 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2016-01-31 03:05 - 2015-11-27 05:48 - 00000000 ____D C:\Users\jubei
2016-01-29 22:04 - 2015-08-09 05:26 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-01-29 22:02 - 2015-11-27 06:02 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-29 22:02 - 2015-10-30 07:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-01-29 22:01 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-01-29 22:01 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-01-29 22:01 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-01-29 22:01 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-01-29 22:01 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-01-29 22:01 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-29 22:01 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-01-28 18:50 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-23 19:29 - 2011-09-13 21:47 - 00018760 _____ C:\Users\jubei\Documents\Rechnung.ods
2016-01-16 13:55 - 2007-12-31 23:13 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-16 13:49 - 2011-09-14 13:25 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-01-15 14:47 - 2015-10-31 16:20 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-15 14:47 - 2014-12-25 00:34 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-01-14 14:11 - 2013-05-26 12:27 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-14 14:11 - 2012-05-15 14:09 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-13 01:11 - 2012-05-15 14:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-10 19:54 - 2015-11-27 05:42 - 04775464 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-01-10 15:41 - 2011-10-13 17:35 - 00000132 _____ C:\Users\jubei\AppData\Roaming\Adobe PNG Format CS5 Prefs

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2011-10-13 17:35 - 2016-01-10 15:41 - 0000132 _____ () C:\Users\jubei\AppData\Roaming\Adobe PNG Format CS5 Prefs
2012-02-28 16:58 - 2012-02-28 17:59 - 0000096 _____ () C:\Users\jubei\AppData\Roaming\Camdata.ini
2012-02-28 16:58 - 2012-02-28 17:59 - 0000408 _____ () C:\Users\jubei\AppData\Roaming\CamLayout.ini
2012-02-28 16:58 - 2012-02-28 17:59 - 0000408 _____ () C:\Users\jubei\AppData\Roaming\CamShapes.ini
2012-02-28 16:58 - 2012-02-28 17:59 - 0004417 _____ () C:\Users\jubei\AppData\Roaming\CamStudio.cfg
2012-03-29 16:32 - 2012-03-29 16:32 - 0000093 _____ () C:\Users\jubei\AppData\Roaming\FATSort.ini
2012-05-31 15:29 - 2012-05-31 15:29 - 0003584 _____ () C:\Users\jubei\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-09-13 18:07 - 2012-12-12 18:20 - 0007602 _____ () C:\Users\jubei\AppData\Local\Resmon.ResmonCfg

Einige Dateien in TEMP:
====================
C:\Users\jubei\AppData\Local\Temp\avgnt.exe
C:\Users\jubei\AppData\Local\Temp\proxy_vole704723696277961486.dll
C:\Users\jubei\AppData\Local\Temp\proxy_vole849859850426543614.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-01-31 13:55

==================== Ende von FRST.txt ============================

igordi 09.02.2016 15:53
Addition.txt
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:27-01-2016
durchgeführt von jubei (2016-02-06 23:48:10)
Gestartet von C:\Users\jubei\Downloads
Windows 10 Pro (X64) (2015-11-27 05:04:14)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-514761637-1918450526-2249266115-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-514761637-1918450526-2249266115-503 - Limited - Disabled)
Gast (S-1-5-21-514761637-1918450526-2249266115-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-514761637-1918450526-2249266115-1002 - Limited - Enabled)
jubei (S-1-5-21-514761637-1918450526-2249266115-1001 - Administrator - Enabled) => C:\Users\jubei

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKU\S-1-5-21-514761637-1918450526-2249266115-1001\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Photoshop CS5.1 (HKLM-x32\...\{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated)
Aegisub 3.0.4 (HKLM-x32\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.0.4 - Aegisub Team)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.8.1217.36096 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.8.1217.36096 - Alcor Micro Corp.) Hidden
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{F564317A-AB84-BEE8-A670-B6C09BC08AFB}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
ArcSoft PhotoStudio 5.5 (HKLM-x32\...\{85309D89-7BE9-4094-BB17-24999C6118FC}) (Version:  - ArcSoft)
AutoHotkey 1.1.07.03 (HKLM\...\AutoHotkey) (Version: 1.1.07.03 - AutoHotkey Community)
Avidemux 2.5 (HKLM-x32\...\Avidemux 2.5 (64-bit)) (Version: 2.5.4.7200 - )
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{ccdc9cfe-8ba7-4c6c-ac5f-b2d6cfa49efc}) (Version: 1.1.54.24924 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.54.24924 - Avira Operations GmbH & Co. KG) Hidden
Bamboo (HKLM\...\Pen Tablet Driver) (Version: 5.2.4-6 - Wacom Technology Corp.)
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.0.2.655 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Blend for Visual Studio Add-in for Adobe FXG Import (x32 Version: 1.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Boost C++ Libraries 1.51 (HKLM-x32\...\boost_1_51) (Version:  - )
CameraHelperMsi (x32 Version: 13.50.854.0 - Logitech) Hidden
Canon iP7200 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP7200_series) (Version:  - Canon Inc.)
CanoScan Toolbox Ver4.9 (HKLM-x32\...\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}) (Version:  - )
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5790 - CDBurnerXP)
Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.41 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative-Audiokonsole (HKLM-x32\...\AudioCS) (Version: 1.33 - Creative Technology Limited)
CrystalDiskInfo 6.0.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.0.0 - Crystal Dew World)
Devenv-Ressourcen für Microsoft Visual Studio 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
DF CrcSfv 1.3 (HKLM-x32\...\DF CrcSfv_is1) (Version:  - Frischalowski EDV-Beratung)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Dropbox (HKU\S-1-5-21-514761637-1918450526-2249266115-1001\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
Entity Framework Designer für Visual Studio 2012 - DEU (HKLM-x32\...\{B2BDC072-BE01-432D-B281-30891D597FBB}) (Version: 11.1.30729.00 - Microsoft Corporation)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Fallout 4 (HKLM\...\ZmFsbG91dDQ=_is1) (Version: 1 - )
Gigabyte Raid Configurer (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.59.0 - GIGABYTE Technologies, Inc.)
GnuWin32: File-5.03 (HKLM-x32\...\File-5.03_is1) (Version: 5.03 - GnuWin32)
Google Chrome (HKU\S-1-5-21-514761637-1918450526-2249266115-1001\...\Google Chrome) (Version: 48.0.2564.103 - Google Inc.)
Inhaltsmanager-Assistent für PlayStation(R) (HKLM-x32\...\{961D5D7E-3DEC-4E3B-9065-EA8074923B18}) (Version: 3.31.7643.1 - Sony Computer Entertainment Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
JavaScript Tooling (Version: 11.0.60315 - Microsoft Corporation) Hidden
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
LocalESPCui for de-de (x32 Version: 8.59.25584 - Microsoft) Hidden
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.30 - Logitech Inc.)
LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden
ManyCam 5.0.5 (HKLM-x32\...\ManyCam) (Version: 5.0.5 - Visicom Media Inc.)
Microsoft .NET Compact Framework 1.0 SP3 Developer (HKLM-x32\...\{6C531060-84FB-4F96-8F33-29DF020632EB}) (Version: 1.0.4292 - Microsoft Corporation)
Microsoft .NET Compact Framework 2.0 (HKLM-x32\...\{625386A4-B6B6-4911-A6E8-23189C3F2D15}) (Version: 2.0.5238 - Microsoft Corporation)
Microsoft .NET Framework 2.0 SDK (x64) - ENU (HKLM\...\Microsoft .NET Framework 2.0 SDK (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{98B45D1C-6EB1-460D-A87D-2B60678DC105}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Device Emulator version 1.0 - ENU (HKLM-x32\...\{78B75C6D-E53C-424C-BF83-4B63BD4A6682}) (Version: 1.0.50727.42 - Microsoft Corporation)
Microsoft Document Explorer 2005 (HKLM-x32\...\Microsoft Document Explorer 2005) (Version:  - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 Language Pack - DEU (HKLM-x32\...\Microsoft Help Viewer 2.0 Language Pack - DEU) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Mobile [ENU] Developer Tools (HKLM-x32\...\{1389C6A4-4965-4AEC-9175-08B54A10FA48}) (Version: 3.0.0.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{EF18EF0F-96D3-4A6B-9600-2197F1720A15}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{6B7B7E62-9F56-4C87-8664-0E20F2CAB03B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{D4DA7C91-A59F-4C72-BAC4-DF7C76AB1CB8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{13C9CD03-A5FE-4F50-AC8A-17B77C38CC52}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{28C7A4BB-3966-4373-8376-C11F38290630}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{D434E072-F482-4F52-AB97-7B19DD5DAEB5}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{485F4AC6-F79E-4482-A0D2-EDF0CCE1E124}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2005 64bit Prerequisites (x64) - ENU (HKLM\...\{75F299F3-8234-47CD-BB40-2994C1B1105E}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual Studio 2005 Professional Edition - ENU (HKLM-x32\...\Microsoft Visual Studio 2005 Professional Edition - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2005 Professional Edition - ENU Service Pack 1 (KB926601) (HKLM-x32\...\KB926601.T2_29ToU260_29) (Version: 1 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio Professional 2012 (HKLM-x32\...\{66efbe1c-fcf5-4623-93f6-1ae2445aff93}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - DEU (HKLM-x32\...\{86756584-C41A-4CA3-B42D-4768C7720F56}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{4C0B27C3-3E8F-4BD2-80FF-6E9E48EBD6D8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{64A5D39C-95CD-4B8B-B2FA-6C713133B57F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Mozilla Firefox 6.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 6.0.2 (x86 de)) (Version: 6.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.9.3 - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PreEmptive Analytics Client German Language Pack (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.40.126.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Roborun Plus (HKLM-x32\...\{8BA51F99-143A-4221-BCB1-EE7687BA4ECD}) (Version: 1.5.0003 - Roboteq)
SC Ver 2.71 (HKLM-x32\...\Super Card_is1) (Version:  - Super Card)
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version:  - Valve)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Subtitle Edit 3.3.8 (HKLM-x32\...\SubtitleEdit_is1) (Version: 3.3.8.2047 - Nikse)
Trials 2 Second Edition v1.08 (HKLM-x32\...\Trials 2 Second Edition_is1) (Version:  - )
Trials Evolution Gold Edition (HKLM-x32\...\Steam App 220160) (Version:  - Redlynx Ltd)
Trials Fusion (HKLM-x32\...\Steam App 245490) (Version:  - RedLynx, in collaboration with  Ubisoft Shanghai, Ubisoft Kiev)
Unity Web Player (HKU\S-1-5-21-514761637-1918450526-2249266115-1001\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 5.2 - Ubisoft)
Virtua Tennis 4™ (HKLM-x32\...\GFWL_{53450FA2-E900-456E-9715-501000008200}) (Version: 1.0.0000.130 - SEGA)
Virtua Tennis 4™ (x32 Version: 1.0.0000.130 - SEGA) Hidden
Visual Studio 2012 Update 4 (KB2707250) (HKLM-x32\...\{312d9252-c71c-4c84-b171-f4ad46e22098}) (Version: 11.0.61030 - Microsoft Corporation)
Visual Studio Extensions for Windows Library for JavaScript 1.0.9200.20789 (HKLM-x32\...\{49c53021-7c66-4b0b-b842-9b878d2f0e0f}) (Version: 1.0.9200.20789 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VMLoad (HKLM-x32\...\VMLoad) (Version:  - )
Wad2ISO (HKLM\...\Wad2ISO) (Version: 4.7.0.0 - Tristar aka Poida)
WatchMyCam - Live Video Streaming (HKLM-x32\...\WatchMyCam_is1) (Version: 1.17.35.370 - hepasoft oHG, Germany)
WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP)
WCF Data Services 5.0 (for OData v3) DEU Language Pack (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Visual Studio 11 DEU Language Pack (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.7 - Wacom Technology Corp.)
WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.5 - Wacom Technology Corp.)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinFF 1.3.2 (HKLM-x32\...\WinFF_is1) (Version:  - WinFF.org)
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
WinZip 15.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240C1}) (Version: 15.0.9411 - WinZip Computing, S.L. )
Zero Assumption Recovery Version 9 (HKLM-x32\...\Zero Assumption Recovery_is1) (Version:  - )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\jubei\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\jubei\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\jubei\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\jubei\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\jubei\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\jubei\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\jubei\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\jubei\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\jubei\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\jubei\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\jubei\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\jubei\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\jubei\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\jubei\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {032F8075-6FF4-428C-A111-C6B018878123} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-19] (Adobe Systems Incorporated)
Task: {062E35CA-0015-4264-870D-BB1F8358C733} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {0AE77D58-844B-4A04-8A20-B9866D139F76} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-514761637-1918450526-2249266115-1001UA => C:\Users\jubei\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {0CFE2E40-6A97-48C5-9F38-DE82315CF1B0} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {14156A92-3B9F-42A1-A798-C2007E3D2409} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {1D632D37-C021-4D8A-9124-D6DD9866AA78} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {1D76680D-68AE-4EE8-9400-0D04F393CC5F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {23AB4EE3-6FAF-453F-8667-672F27B50C7A} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {24597EEA-6149-4ABE-B5A6-7CC4A4D7693A} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {29E1446C-A83D-4166-BE91-AF1BA87F7678} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {2FDC23E9-6582-4E99-A286-E905DA206707} - System32\Tasks\{BD79A250-3F54-49B3-9091-6DCF53CAE99A} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-10-01] (Skype Technologies S.A.)
Task: {369CCAD2-3B08-4D3F-B7EB-8E35981EDDCA} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {439351F4-1C50-4203-BD4B-8DAE85BA2CB4} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {471E0CF9-CB49-426F-B047-394C0EEEA4AD} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {472F2735-28F5-4A76-9CD1-C00DD7A1F298} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {4A8D8C2E-A07D-4FE4-A78B-E2DAD2A88161} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-16] (Microsoft Corporation)
Task: {5DD47284-8621-42B5-8F7A-1CF840390099} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {64803E2E-AC8A-4C63-9C22-EC69B503E847} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-514761637-1918450526-2249266115-1001Core => C:\Users\jubei\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {64D2F430-8C62-4EFE-826C-3FF02FABB0EA} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {726ED448-F7E2-4A8A-91BF-629059989148} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-514761637-1918450526-2249266115-1001Core => C:\Users\jubei\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-04] (Google Inc.)
Task: {7DBF3BE0-AD3F-4AD7-BEE9-D55CCA814825} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {8162A7BE-521A-41B0-A66D-F329C8268B92} - System32\Tasks\{2B78BD22-98F0-4136-9EA5-CF36BF56FA43} => pcalua.exe -a "D:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/34350
Task: {8307988E-7574-4DC4-B1C4-7E761410ADDB} - System32\Tasks\{A388D272-5686-43F1-8E71-92B11D09A6CF} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}\setup.exe" -c -runfromtemp -l0x0407 -removeonly
Task: {9638560C-A48C-4250-B0A2-962CD8BE5EA9} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {974C0D2A-811C-4916-A324-9C03BEDFD49A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {9B8E5DDB-044B-4F6A-A7FB-D1B9195AAD70} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {9F656A42-EC31-4FDD-ADA3-16AD13050BC1} - System32\Tasks\{2CB36131-EF60-463D-833A-07D806B97A40} => pcalua.exe -a "C:\Users\jubei\AppData\Local\JDownloader v2.0\Uninstall JDownloader.exe"
Task: {A54B3928-EFAB-4B36-991A-B4C03ED70ED0} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {A6911D59-EAE6-4C94-9DE6-853859A777CB} - System32\Tasks\{E9288DA9-2C8A-45C7-AFF6-1F2D5E8CC5AB} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}\setup.exe" -c -runfromtemp -l0x0407 -removeonly
Task: {A6A87CBC-1EFF-4836-BA9E-4413602DA470} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
Task: {A9C67171-F6D0-4FB3-87B0-E0EDDCA555B7} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {C7FF05E2-048F-477E-9609-3864C40FD72C} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {CDC74A95-6C4A-42BC-92CC-FDF29011A09F} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {CE56D610-AE55-4C12-B2BD-C0C0252080DC} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {E30FED35-D4A7-4A4D-BC9B-E332F8AE7078} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {E7B8341C-646A-445E-B8E0-90547E15C2CD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-514761637-1918450526-2249266115-1001UA => C:\Users\jubei\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-04] (Google Inc.)
Task: {FE6F2A41-4A15-492A-8C19-FED0C5B02AE7} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-514761637-1918450526-2249266115-1001Core.job => C:\Users\jubei\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-514761637-1918450526-2249266115-1001UA.job => C:\Users\jubei\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-514761637-1918450526-2249266115-1001Core.job => C:\Users\jubei\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-514761637-1918450526-2249266115-1001UA.job => C:\Users\jubei\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2011-09-18 21:24 - 2010-09-07 10:46 - 00072280 _____ () C:\Windows\SysWOW64\XSrvSetup.exe
2011-09-13 19:20 - 2010-10-21 08:38 - 01182576 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-03 15:45 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-03 15:45 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-01-22 14:31 - 2016-01-22 14:31 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-18 16:09 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-18 16:09 - 2015-12-07 05:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-02-06 14:02 - 2016-02-06 14:02 - 00566439 _____ () C:\Users\jubei\AppData\Local\JDownloader 2.0\tmp\7zip\SevenZipJBinding-FKPz9\libgcc_s_sjlj-1.dll
2016-02-06 14:02 - 2016-02-06 14:02 - 04078962 _____ () C:\Users\jubei\AppData\Local\JDownloader 2.0\tmp\7zip\SevenZipJBinding-FKPz9\lib7-Zip-JBinding.dll
2016-01-12 21:30 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-12 21:30 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-28 18:19 - 2016-01-16 06:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-28 18:19 - 2016-01-16 06:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-01-22 14:31 - 2016-01-22 14:31 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-22 14:31 - 2016-01-22 14:31 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-02-05 00:35 - 2016-02-03 08:27 - 01632584 _____ () C:\Users\jubei\AppData\Local\Google\Chrome\Application\48.0.2564.103\libglesv2.dll
2016-02-05 00:35 - 2016-02-03 08:27 - 00087880 _____ () C:\Users\jubei\AppData\Local\Google\Chrome\Application\48.0.2564.103\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2011-09-13 20:46 - 00000852 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 activate.adobe.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-514761637-1918450526-2249266115-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Inhaltsmanager-Assistent für PlayStation(R).lnk => C:\Windows\pss\Inhaltsmanager-Assistent für PlayStation(R).lnk.CommonStartup
MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe
MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [TCP Query User{4312EC39-7448-435A-B337-7B914CB4EF6F}G:\utility\admin.exe] => (Allow) G:\utility\admin.exe
FirewallRules: [UDP Query User{6FA4EEB3-4EAF-4A47-A769-D1CB4B91AB56}G:\utility\admin.exe] => (Allow) G:\utility\admin.exe
FirewallRules: [TCP Query User{88C4AF3F-FA6A-4F28-8AFE-BAAEEB276E0F}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{246AD4B7-917C-4176-8679-1DA2C4D38C6A}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{2CE26192-1E13-4F84-ABA1-BCA1B556202E}] => (Allow) C:\Users\jubei\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{7C8EDA97-C3F7-485D-B2FA-97B4A475A460}] => (Allow) C:\Users\jubei\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{6508156F-299B-40EB-BFF4-621655AB8174}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4F9C5E46-36EC-4C96-B55E-240ACAC3384A}] => (Allow) D:\Programme\Steam\Steam.exe
FirewallRules: [{CE115290-AB82-46E5-90DF-176E6840DAA3}] => (Allow) D:\Programme\Steam\Steam.exe
FirewallRules: [{1DAFA886-8FF0-4582-95D6-C5F4278BD854}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{43F43487-CF04-4868-B6FA-2722F9CC3BEA}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{84B5F971-F277-4BA1-83F1-6A8FCE4D448F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\lara croft and the guardian of light\lcgol.exe
FirewallRules: [{E1ED6BB9-108C-4706-983B-44E2AED9C0FE}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\lara croft and the guardian of light\lcgol.exe
FirewallRules: [{A0D9DDAE-14E9-43A0-80AE-5200CBECEA90}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\nightsky\NightSky.exe
FirewallRules: [{BA8DF255-AC28-4C7E-912A-E5CA02C6EA37}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\nightsky\NightSky.exe
FirewallRules: [{EDCA66FA-6866-4754-83E8-F76B103DBBE6}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\saira\Saira.exe
FirewallRules: [{15910BC2-9256-4D91-BCA2-FE34B9BB6A65}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\saira\Saira.exe
FirewallRules: [{44F7BB54-52B6-4AD6-A0DF-EBE9D1DEA9A5}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\saira\Settings.exe
FirewallRules: [{6DD41C80-B722-4D4E-942C-C117712DE127}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\saira\Settings.exe
FirewallRules: [TCP Query User{63971EB9-8A37-463E-83EC-2B51796F9BE3}D:\program files (x86)\ea games\alice madness returns\game\alice2\binaries\win32\alicemadnessreturns.exe] => (Block) D:\program files (x86)\ea games\alice madness returns\game\alice2\binaries\win32\alicemadnessreturns.exe
FirewallRules: [UDP Query User{1335B042-D396-4EA2-89FF-EE17226A672D}D:\program files (x86)\ea games\alice madness returns\game\alice2\binaries\win32\alicemadnessreturns.exe] => (Block) D:\program files (x86)\ea games\alice madness returns\game\alice2\binaries\win32\alicemadnessreturns.exe
FirewallRules: [{28E7749A-2D8D-44BD-A2ED-13337D00EEF4}] => (Allow) D:\Program Files (x86)\Sega\Virtua Tennis 4\VT4.exe
FirewallRules: [{CE4AB352-084B-4D69-809D-9C5ACEECB509}] => (Allow) D:\Program Files (x86)\Sega\Virtua Tennis 4\VT4.exe
FirewallRules: [TCP Query User{4166D248-5040-436D-A3A2-DC86577D2C04}C:\program files (x86)\print server utilities\psadmin.exe] => (Allow) C:\program files (x86)\print server utilities\psadmin.exe
FirewallRules: [UDP Query User{1B0184C2-769C-4CCE-AE5F-4F025FF704DC}C:\program files (x86)\print server utilities\psadmin.exe] => (Allow) C:\program files (x86)\print server utilities\psadmin.exe
FirewallRules: [{D7EEC9F5-35EB-4144-BC8B-14E42DB66BEA}] => (Block) D:\Games\Battlefield 3™\bf3.exe
FirewallRules: [{914D1673-9A22-4460-9C86-DC3BB5D8720B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\amnesia the dark descent\Launcher.exe
FirewallRules: [{17B4409B-2C69-4940-8520-8251BF1B3AD7}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\amnesia the dark descent\Launcher.exe
FirewallRules: [{7D0AE576-C7AC-416A-93AD-5277841B5DBF}] => (Allow) C:\Users\jubei\AppData\Roaming\VMLoad\VMLoad.exe
FirewallRules: [{26887431-D734-4042-BB19-CCDB6B630449}] => (Allow) C:\Users\jubei\AppData\Roaming\VMLoad\VMLoad.exe
FirewallRules: [{C15CFCC4-5A20-46F2-BB3B-EDE01E585306}] => (Allow) C:\Users\jubei\AppData\Roaming\VMLoad\VMLoad.jar
FirewallRules: [{99A8A6EE-E0CD-4C65-A6D3-7F1FC423E186}] => (Allow) C:\Users\jubei\AppData\Roaming\VMLoad\VMLoad.jar
FirewallRules: [{63016B14-E24E-4120-B569-75E8CA281B4D}] => (Allow) C:\Users\jubei\AppData\Roaming\VMLoad\VMLoadUpdater.jar
FirewallRules: [{13FC6EA2-4767-4A64-82E2-A8F3868C1B09}] => (Allow) C:\Users\jubei\AppData\Roaming\VMLoad\VMLoadUpdater.jar
FirewallRules: [TCP Query User{B6ACD25B-5203-4B6B-B362-45F44797B862}C:\program files\java\jre7\launch4j-tmp\vmload.exe] => (Allow) C:\program files\java\jre7\launch4j-tmp\vmload.exe
FirewallRules: [UDP Query User{8F678B19-0A0F-451E-AB71-CA1F5E722EF8}C:\program files\java\jre7\launch4j-tmp\vmload.exe] => (Allow) C:\program files\java\jre7\launch4j-tmp\vmload.exe
FirewallRules: [TCP Query User{414B842A-5056-414C-A73C-0FAE568A6BC0}C:\program files\java\jre7\launch4j-tmp\vmload.exe] => (Allow) C:\program files\java\jre7\launch4j-tmp\vmload.exe
FirewallRules: [UDP Query User{8993FB25-AA49-4C77-A828-F76A0EF01850}C:\program files\java\jre7\launch4j-tmp\vmload.exe] => (Allow) C:\program files\java\jre7\launch4j-tmp\vmload.exe
FirewallRules: [{10964D59-18E6-4EBD-A6B0-5403E91CFA19}] => (Allow) C:\Users\jubei\AppData\Local\Temp\pft2F5C.tmp\fsetup.exe
FirewallRules: [{77D9C0A2-0A73-4A8B-A78A-B4EA7A4F4E74}] => (Allow) C:\Users\jubei\AppData\Local\Temp\pft2F5C.tmp\fsetup.exe
FirewallRules: [{4FD0488B-0615-4D0B-B781-640D5E280785}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\trine\trine_launcher.exe
FirewallRules: [{80E2CBA5-D551-4C0F-950A-0B242AE8E919}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\trine\trine_launcher.exe
FirewallRules: [{57B99343-C7DA-4B1F-9ED8-6AB565351E86}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\bastion\Bastion.exe
FirewallRules: [{CEC43314-88F9-49BD-8CDE-64A5B0650049}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\bastion\Bastion.exe
FirewallRules: [{085BFBE5-8313-4DE7-9A14-7C7683F21958}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\cogs\cogs.exe
FirewallRules: [{BF95727B-5211-4A55-B182-0AF38BA5EC13}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\cogs\cogs.exe
FirewallRules: [{EC5EDA7F-0BBF-48F1-A477-3951286CB227}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\insanely twisted shadow planet\FCEngine-GFWL.exe
FirewallRules: [{E9E9E687-17C2-4704-91B6-5D0A52049D30}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\insanely twisted shadow planet\FCEngine-GFWL.exe
FirewallRules: [{67FB8583-B9BE-4DDA-8CE1-6C95B53F9640}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\superbrothers sword & sworcery ep\swordandsworcery_pc.exe
FirewallRules: [{CE0CDAB4-7865-429A-9541-6D00B5D979FF}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\superbrothers sword & sworcery ep\swordandsworcery_pc.exe
FirewallRules: [{DA5C3B34-FBA0-4CB7-9032-FA3389280B36}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\vessel\Vessel.exe
FirewallRules: [{7286B8F6-06FF-4F99-84DD-CCDDBDA33B55}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\vessel\Vessel.exe
FirewallRules: [TCP Query User{CF037130-9923-4994-90FD-D0256A254B42}C:\program files (x86)\get_iplayer\vlc\vlc-1.1.11\vlc.exe] => (Block) C:\program files (x86)\get_iplayer\vlc\vlc-1.1.11\vlc.exe
FirewallRules: [UDP Query User{00315BD1-8A0C-4C18-BAF6-88599781A04E}C:\program files (x86)\get_iplayer\vlc\vlc-1.1.11\vlc.exe] => (Block) C:\program files (x86)\get_iplayer\vlc\vlc-1.1.11\vlc.exe
FirewallRules: [TCP Query User{628AB6A9-93AB-4EDC-BF9B-796330EBBA1C}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{11E278D5-8D99-41F2-A876-D5E3A8A1AE53}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{0900C63F-8DD7-4438-8CB7-74BC6E0C3F86}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\left 4 dead\left4dead.exe
FirewallRules: [{1F4B462E-0C46-4046-8FB4-6347CF66B0A1}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\left 4 dead\left4dead.exe
FirewallRules: [TCP Query User{4A31C776-C9E5-40D7-AB86-0ADDC8D08CF6}C:\program files\jdownloader 2\jdownloader 2.exe] => (Allow) C:\program files\jdownloader 2\jdownloader 2.exe
FirewallRules: [UDP Query User{CA32D687-8471-4451-BC8F-A69894D2A158}C:\program files\jdownloader 2\jdownloader 2.exe] => (Allow) C:\program files\jdownloader 2\jdownloader 2.exe
FirewallRules: [TCP Query User{0730A3B0-6481-4BA6-A33B-2D526ED24DF2}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{19C494B6-105E-4AE9-AE09-3801DBA29A5A}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [{9038F9EB-AB57-4523-93BF-CA5BE17FC62B}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [TCP Query User{4983BE25-C5A1-4BC1-B710-07FADA177581}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{884CDEFE-071D-4364-8F41-011AFFD297B6}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{128CC394-3600-440B-B2E2-0EDE95F62C47}C:\users\jubei\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\jubei\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{1A7858FC-995E-49C1-8638-A2F7A7D7FCBA}C:\users\jubei\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\jubei\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [{05A17FE9-AC83-48E6-A9F6-AC9A55E1E385}] => (Allow) C:\Users\jubei\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E398A085-C3A7-4A06-B25D-58E63F348D50}] => (Allow) C:\Users\jubei\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{FD0BFB59-9302-45B7-A3AC-6826B8DC01F7}C:\program files (x86)\pfportchecker\pfportchecker.exe] => (Allow) C:\program files (x86)\pfportchecker\pfportchecker.exe
FirewallRules: [UDP Query User{7900B31D-666E-4D57-89BE-20E7CD5F57EC}C:\program files (x86)\pfportchecker\pfportchecker.exe] => (Allow) C:\program files (x86)\pfportchecker\pfportchecker.exe
FirewallRules: [TCP Query User{01495FDB-08EF-408B-ACAC-32281BA42B29}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{DC10904C-39F9-40CB-9FAC-3A2CF97E8326}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [TCP Query User{CD8BAE3A-FFF7-4215-A1C7-0D26ABDA3675}C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe] => (Block) C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe
FirewallRules: [UDP Query User{17D5850A-D710-4329-9144-2778456D52D1}C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe] => (Block) C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe
FirewallRules: [{177FCE06-A20B-4B3F-9BBB-F0DF4B323547}] => (Allow) C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
FirewallRules: [{CC72A37B-4796-4096-B2BE-50FBC8C6C696}] => (Allow) C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
FirewallRules: [{0AADCDA6-4505-481A-9DFE-9D4863A718C0}] => (Allow) C:\Program Files (x86)\Giraffic\Veoh_Giraffic.exe
FirewallRules: [{E16E913C-8B06-41A6-B778-8EFE933239C7}] => (Allow) C:\Program Files (x86)\Giraffic\Veoh_Giraffic.exe
FirewallRules: [TCP Query User{A5FBFDD4-4F89-49F3-A699-9029D1400093}D:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe] => (Block) D:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe
FirewallRules: [UDP Query User{3D384C10-90CD-4BF8-A8B2-CAA84CC4FC96}D:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe] => (Block) D:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe
FirewallRules: [TCP Query User{3C70A8C9-28A5-481F-8FB9-0E1893769171}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Block) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [UDP Query User{1E3510E7-028E-4980-9749-AC566CC077EF}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Block) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [TCP Query User{819A6115-9B2B-42CC-9F31-0C90290B10D0}C:\users\jubei\desktop\candisoft_load_0.7.4\load.exe] => (Allow) C:\users\jubei\desktop\candisoft_load_0.7.4\load.exe
FirewallRules: [UDP Query User{8EB5B3F1-AE04-4B56-8A0E-3860F0E0C48F}C:\users\jubei\desktop\candisoft_load_0.7.4\load.exe] => (Allow) C:\users\jubei\desktop\candisoft_load_0.7.4\load.exe
FirewallRules: [{6E5D3F50-DF06-4905-8D31-D045007493A4}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{7B090682-EC9A-47CB-A0C5-3BC16C4877CB}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{00701ED4-D60D-425F-BAA4-76F26C77A1F3}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\TrialsPC\datapack\trialsFMX.exe
FirewallRules: [{05E6674D-2B6B-41F7-BA0E-013B5D7F5F88}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\TrialsPC\datapack\trialsFMX.exe
FirewallRules: [{FDB4D556-CEDC-410F-BE47-D9DB77227034}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Deadlight\Binaries\Win32\LOTDGame.exe
FirewallRules: [{0499977E-7FBB-4BB3-BFBA-07319C9EDCFA}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Deadlight\Binaries\Win32\LOTDGame.exe
FirewallRules: [{7B296937-8104-4845-BB45-6B1257BECA74}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{DFD38DE8-2456-4AB0-A68E-A19E6A08BB91}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{A5B372B0-C698-49AD-BBA2-0F570C4E556A}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{03BC073B-40F2-4175-957A-26F2851CCFFE}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{D8ACD46D-33B0-4EF7-B3A8-1DE2AA3CEA4C}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{B6AD68BD-4E52-4808-9AEC-3F0BE2B38BD5}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{0D157017-E0AE-41A4-8DF0-E09CD19FDDBB}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{2121756E-278B-4A1A-9F8D-0EFAFD52BAA5}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/06/2016 01:47:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: dwm.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d756
Name des fehlerhaften Moduls: Windows.Gaming.Input.dll, Version: 10.0.10586.0, Zeitstempel: 0x5632da39
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000ed2f
ID des fehlerhaften Prozesses: 0x1dc4
Startzeit der fehlerhaften Anwendung: 0xdwm.exe0
Pfad der fehlerhaften Anwendung: dwm.exe1
Pfad des fehlerhaften Moduls: dwm.exe2
Berichtskennung: dwm.exe3
Vollständiger Name des fehlerhaften Pakets: dwm.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: dwm.exe5

Error: (02/06/2016 01:17:25 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: MSSQL$SQLEXPRESS8

Error: (02/05/2016 01:55:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: dwm.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d756
Name des fehlerhaften Moduls: Windows.Gaming.Input.dll, Version: 10.0.10586.0, Zeitstempel: 0x5632da39
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000ed2f
ID des fehlerhaften Prozesses: 0xa5c
Startzeit der fehlerhaften Anwendung: 0xdwm.exe0
Pfad der fehlerhaften Anwendung: dwm.exe1
Pfad des fehlerhaften Moduls: dwm.exe2
Berichtskennung: dwm.exe3
Vollständiger Name des fehlerhaften Pakets: dwm.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: dwm.exe5

Error: (02/05/2016 12:39:41 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: MSSQL$SQLEXPRESS8

Error: (02/04/2016 03:14:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: dwm.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d756
Name des fehlerhaften Moduls: combase.dll, Version: 10.0.10586.0, Zeitstempel: 0x5632d3ca
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000067e5c
ID des fehlerhaften Prozesses: 0x508
Startzeit der fehlerhaften Anwendung: 0xdwm.exe0
Pfad der fehlerhaften Anwendung: dwm.exe1
Pfad des fehlerhaften Moduls: dwm.exe2
Berichtskennung: dwm.exe3
Vollständiger Name des fehlerhaften Pakets: dwm.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: dwm.exe5

Error: (02/04/2016 12:21:32 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: MSSQL$SQLEXPRESS8

Error: (02/03/2016 03:05:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: dwm.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d756
Name des fehlerhaften Moduls: combase.dll, Version: 10.0.10586.0, Zeitstempel: 0x5632d3ca
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000067e5c
ID des fehlerhaften Prozesses: 0x1268
Startzeit der fehlerhaften Anwendung: 0xdwm.exe0
Pfad der fehlerhaften Anwendung: dwm.exe1
Pfad des fehlerhaften Moduls: dwm.exe2
Berichtskennung: dwm.exe3
Vollständiger Name des fehlerhaften Pakets: dwm.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: dwm.exe5

Error: (02/03/2016 12:14:02 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: MSSQL$SQLEXPRESS8

Error: (02/02/2016 11:35:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Avira.ServiceHost.exe, Version: 1.1.53.13962, Zeitstempel: 0x5666a2b8
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.10586.0, Zeitstempel: 0x5632da1c
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000bd8a8
ID des fehlerhaften Prozesses: 0x8f8
Startzeit der fehlerhaften Anwendung: 0xAvira.ServiceHost.exe0
Pfad der fehlerhaften Anwendung: Avira.ServiceHost.exe1
Pfad des fehlerhaften Moduls: Avira.ServiceHost.exe2
Berichtskennung: Avira.ServiceHost.exe3
Vollständiger Name des fehlerhaften Pakets: Avira.ServiceHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Avira.ServiceHost.exe5

Error: (02/02/2016 11:35:49 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.ServiceHost.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.OutOfMemoryException
  at System.Net.LazyAsyncResult.get_CurrentThreadContext()
  at System.Net.LazyAsyncResult.Complete(IntPtr)
  at System.Net.ContextAwareResult.CompleteCallback(System.Object)
  at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
  at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
  at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
  at System.Net.ContextAwareResult.Complete(IntPtr)
  at System.Net.LazyAsyncResult.ProtectedInvokeCallback(System.Object, IntPtr)
  at System.Net.Dns.ResolveCallback(System.Object)


Systemfehler:
=============
Error: (02/06/2016 01:47:20 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_467e64da" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/06/2016 01:47:20 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _467e64da" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/06/2016 01:47:20 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_467e64da" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/06/2016 01:47:20 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_467e64da" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/05/2016 01:55:54 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_3ff4970f" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/05/2016 01:55:54 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _3ff4970f" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/05/2016 01:55:54 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_3ff4970f" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/05/2016 01:55:54 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_3ff4970f" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/04/2016 03:14:31 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_3ad0c5ea" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/04/2016 03:14:31 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _3ad0c5ea" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2016-01-29 22:05:37.180
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-14 14:14:02.339
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-08 15:37:28.079
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-07 17:05:52.922
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-02 03:24:58.342
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-31 19:02:56.616
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-20 12:06:45.160
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-11 03:54:55.470
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-10 14:08:03.694
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-10 03:33:20.393
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM)2 Duo CPU E6750 @ 2.66GHz
Prozentuale Nutzung des RAM: 50%
Installierter physikalischer RAM: 6142.49 MB
Verfügbarer physikalischer RAM: 3044.14 MB
Summe virtueller Speicher: 12286.49 MB
Verfügbarer virtueller Speicher: 8475.54 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:118.7 GB) (Free:26.74 GB) NTFS
Drive d: () (Fixed) (Total:298.09 GB) (Free:1.64 GB) NTFS
Drive l: (TrekStor) (Fixed) (Total:1863.01 GB) (Free:17.25 GB) NTFS
Drive p: (TrekStor) (Fixed) (Total:1397.26 GB) (Free:1.29 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 94002FAC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=118.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 12F412F4)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)

========================================================
Disk: 6 (Size: 1397.3 GB) (Disk ID: 1155B60B)
Partition 1: (Not Active) - (Size=1397.3 GB) - (Type=07 NTFS)

========================================================
Disk: 7 (Size: 1863 GB) (Disk ID: 0E91F6E7)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
mbar-log-2016-02-07 (00-06-04).txt:
Code:
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.02.06.06
  rootkit: v2016.01.20.01

Windows 10 x64 NTFS
Internet Explorer 11.63.10586.0
jubei :: JUBEI-WIN7 [administrator]

07.02.2016 00:06:04
mbar-log-2016-02-07 (00-06-04).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 460372
Time elapsed: 31 minute(s), 12 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 2
HKCU\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B} (Adware.Hicosmea) -> Delete on reboot. [b2cc91cc0495f046b8ce9b52cc3634cc]
HKCU\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{33C53A50-F456-4884-B049-85FD643ECFED} (Adware.Hicosmea) -> Delete on reboot. [5e2065f830694de93651cf1ed230be42]

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

igordi 11.02.2016 14:58
Ich push jetzt nach 2 Tagen mal, da mein Thread wohl aufgrund des Doppelposts übersehen wird. Könnte mir bitte wer helfen?

cosinus 12.02.2016 10:27
Zitat:
127.0.0.1 activate.adobe.com
Lesestoff:
Illegale Software: Cracks, Keygens und Co

Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html

Es geht weiter wenn du alles Illegale entfernt hast.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.

igordi 12.02.2016 18:14
Sorry! Hier aktuelle FRST Logs:

FRST.txt:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:27-01-2016
durchgeführt von jubei (Administrator) auf JUBEI-WIN7 (12-02-2016 17:50:10)
Gestartet von C:\Users\jubei\Downloads
Geladene Profile: jubei (Verfügbare Profile: jubei & DefaultAppPool)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
() C:\Windows\SysWOW64\XSrvSetup.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Users\jubei\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jubei\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jubei\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jubei\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jubei\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jubei\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jubei\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jubei\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jubei\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jubei\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jubei\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Google Inc.) C:\Users\jubei\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jubei\AppData\Local\Google\Chrome\Application\chrome.exe
(BitTorrent Inc.) C:\Users\jubei\AppData\Roaming\uTorrent\uTorrent.exe
(BitTorrent Inc.) C:\Users\jubei\AppData\Roaming\uTorrent\updates\3.4.5_41712\utorrentie.exe
(BitTorrent Inc.) C:\Users\jubei\AppData\Roaming\uTorrent\updates\3.4.5_41712\utorrentie.exe
(Google Inc.) C:\Users\jubei\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jubei\AppData\Local\Google\Chrome\Application\chrome.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Google Inc.) C:\Users\jubei\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jubei\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jubei\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-15] (Adobe Systems Incorporated)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323584 2009-09-22] (Alcor Micro Corp.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM-x32\...\Run: [AsioThk32Reg] => REGSVR32.EXE /S CTASIO.DLL
HKLM-x32\...\Run: [CTHelper] => CTHELPER.EXE
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-01-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-18] (Advanced Micro Devices, Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-514761637-1918450526-2249266115-1001\...\Run: [Google Update] => C:\Users\jubei\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-04] (Google Inc.)
HKU\S-1-5-21-514761637-1918450526-2249266115-1001\...\Run: [Dropbox Update] => C:\Users\jubei\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\S-1-5-21-514761637-1918450526-2249266115-1001\...\Run: [WatchMyCam] => [X]
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-02-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-02-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-02-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-02-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-02-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-02-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-02-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-02-09] (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{53eb09f4-5615-47cf-9426-39c64db513cf}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{53eb09f4-5615-47cf-9426-39c64db513cf}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\S-1-5-21-514761637-1918450526-2249266115-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
SearchScopes: HKU\S-1-5-21-514761637-1918450526-2249266115-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll => Keine Datei
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-10-21] (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-10-21] (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15118/CTPID.cab

FireFox:
========
FF ProfilePath: C:\Users\jubei\AppData\Roaming\Mozilla\Firefox\Profiles\0kdtfrm7.default
FF SearchEngineOrder.1: Ask Search
FF SelectedSearchEngine: Ask Search
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-10-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-10-21] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.5 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll [2010-09-02] (Wacom, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-514761637-1918450526-2249266115-1001: @tools.google.com/Google Update;version=3 -> C:\Users\jubei\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-514761637-1918450526-2249266115-1001: @tools.google.com/Google Update;version=9 -> C:\Users\jubei\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-514761637-1918450526-2249266115-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\jubei\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-04-10] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-514761637-1918450526-2249266115-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-06-19] ()
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-04-11] [ist nicht signiert]
FF Extension: Flash and Video Download - C:\Users\jubei\AppData\Roaming\Mozilla\Firefox\Profiles\0kdtfrm7.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-06-25] [ist nicht signiert]
FF Extension: Avira Browser Safety - C:\Users\jubei\AppData\Roaming\Mozilla\Firefox\Profiles\0kdtfrm7.default\Extensions\abs@avira.com [2015-08-09] [ist nicht signiert]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011-09-13] [ist nicht signiert]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2011-09-13] [ist nicht signiert]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-06-30] [ist nicht signiert]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-09-01] [ist nicht signiert]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2012-10-19] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt

Chrome:
=======
CHR Session Restore: Default -> ist aktiviert.
CHR Plugin: (Shockwave Flash) - C:\Users\jubei\AppData\Local\Google\Chrome\Application\48.0.2564.109\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll => Keine Datei
CHR Plugin: (Native Client) - C:\Users\jubei\AppData\Local\Google\Chrome\Application\48.0.2564.109\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Users\jubei\AppData\Local\Google\Chrome\Application\48.0.2564.109\pdf.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => Keine Datei
CHR Plugin: (Java(TM) Platform SE 6 U37) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll => Keine Datei
CHR Plugin: (Java Deployment Toolkit 6.0.370.6) - C:\Windows\SysWOW64\npdeployJava1.dll => Keine Datei
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll => Keine Datei
CHR Plugin: ( Wacom Dynamic Link Library) - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
CHR Plugin: (Google Update) - C:\Users\jubei\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll => Keine Datei
CHR Profile: C:\Users\jubei\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\jubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Adblock Plus) - C:\Users\jubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-04]
CHR Extension: (uBlock Origin) - C:\Users\jubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2016-01-12]
CHR Extension: (Google-Suche) - C:\Users\jubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\jubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2016-02-05]
CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\jubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak [2013-06-17] [UpdateUrl: hxxp://www.interoperabilitybridges.com/ChromeWMP/wmpChromeupdates.xml] <==== ACHTUNG
CHR Extension: (Ghostery) - C:\Users\jubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2016-02-07]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\jubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24]
CHR Extension: (Google Mail) - C:\Users\jubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome - C:\Users\jubei\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249120 2016-01-05] (Avira Operations GmbH & Co. KG)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2011-09-13] (Creative Labs) [Datei ist nicht signiert]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2011-09-26] (Creative Labs) [Datei ist nicht signiert]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [Datei ist nicht signiert]
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [Datei ist nicht signiert]
R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72280 2010-09-07] ()
R2 MSSQL$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S4 msvsmon80; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4476096 2005-09-23] (Microsoft Corporation)
S4 nTuneService; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [276584 2010-03-22] (NVIDIA)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-07-22] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-01] (Avira Operations GmbH & Co. KG)
R3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (Visicom Media Inc.)
R3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-26] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-12 15:01 - 2016-02-12 15:01 - 00000000 ____D C:\Users\jubei\AppData\LocalLow\uTorrent
2016-02-12 03:07 - 2016-02-12 03:07 - 00000118 _____ C:\Users\jubei\Desktop\New Super Luigi U - 100% Co-op Walkthrough Part 15 - YouTube.url
2016-02-11 15:01 - 2016-02-11 15:01 - 00000000 ____D C:\Users\jubei\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-02-10 15:54 - 2016-01-29 07:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-02-10 15:54 - 2016-01-29 07:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-02-10 15:54 - 2016-01-27 07:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-02-10 15:54 - 2016-01-27 07:15 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-02-10 15:54 - 2016-01-27 07:01 - 07476064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-02-10 15:54 - 2016-01-27 07:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-02-10 15:54 - 2016-01-27 07:01 - 01819720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-02-10 15:54 - 2016-01-27 06:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-02-10 15:54 - 2016-01-27 06:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-02-10 15:54 - 2016-01-27 06:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-10 15:54 - 2016-01-27 06:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-10 15:54 - 2016-01-27 06:56 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-02-10 15:54 - 2016-01-27 06:55 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-02-10 15:54 - 2016-01-27 06:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-02-10 15:54 - 2016-01-27 06:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-02-10 15:54 - 2016-01-27 06:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-10 15:54 - 2016-01-27 06:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-10 15:54 - 2016-01-27 06:45 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-02-10 15:54 - 2016-01-27 06:45 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-02-10 15:54 - 2016-01-27 06:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-10 15:54 - 2016-01-27 06:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-02-10 15:54 - 2016-01-27 06:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-02-10 15:54 - 2016-01-27 06:37 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-02-10 15:54 - 2016-01-27 06:37 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-02-10 15:54 - 2016-01-27 06:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-10 15:54 - 2016-01-27 06:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-02-10 15:54 - 2016-01-27 06:13 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-02-10 15:54 - 2016-01-27 06:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-02-10 15:54 - 2016-01-27 06:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-10 15:54 - 2016-01-27 06:10 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-02-10 15:54 - 2016-01-27 06:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-10 15:54 - 2016-01-27 06:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-10 15:54 - 2016-01-27 06:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-02-10 15:54 - 2016-01-27 06:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-02-10 15:54 - 2016-01-27 06:05 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-02-10 15:54 - 2016-01-27 06:05 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-02-10 15:54 - 2016-01-27 06:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-02-10 15:54 - 2016-01-27 06:05 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-02-10 15:54 - 2016-01-27 06:04 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-02-10 15:54 - 2016-01-27 06:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-10 15:54 - 2016-01-27 06:03 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-02-10 15:54 - 2016-01-27 06:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-10 15:54 - 2016-01-27 06:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-10 15:54 - 2016-01-27 05:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-02-10 15:54 - 2016-01-27 05:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-02-10 15:54 - 2016-01-27 05:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-02-10 15:54 - 2016-01-27 05:55 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-02-10 15:54 - 2016-01-27 05:55 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-02-10 15:54 - 2016-01-27 05:54 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-02-10 15:54 - 2016-01-27 05:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-10 15:54 - 2016-01-27 05:50 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-02-10 15:54 - 2016-01-27 05:50 - 01504768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-02-10 15:54 - 2016-01-27 05:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-10 15:54 - 2016-01-27 05:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-02-10 15:54 - 2016-01-27 05:48 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-02-10 15:54 - 2016-01-27 05:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-10 15:54 - 2016-01-27 05:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-10 15:54 - 2016-01-27 05:41 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-02-10 15:54 - 2016-01-27 05:39 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-02-10 15:54 - 2016-01-27 05:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-02-10 15:54 - 2016-01-27 05:38 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-02-10 15:54 - 2016-01-27 05:37 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-02-10 15:54 - 2016-01-27 05:36 - 02757120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-02-10 15:54 - 2016-01-27 05:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-02-10 15:54 - 2016-01-27 05:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-02-09 15:43 - 2016-02-09 15:54 - 00000000 ____D C:\Users\jubei\Desktop\first
2016-02-07 00:06 - 2016-02-07 00:06 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-02-07 00:05 - 2016-02-07 15:04 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-02-07 00:05 - 2016-02-07 00:05 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-02-07 00:04 - 2016-02-07 00:53 - 00000000 ____D C:\Users\jubei\Desktop\mbar
2016-02-07 00:04 - 2016-02-07 00:04 - 16563352 _____ (Malwarebytes Corp.) C:\Users\jubei\Downloads\mbar-1.09.3.1001.exe
2016-02-07 00:04 - 2016-02-07 00:04 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-02-06 23:48 - 2016-02-06 23:49 - 00065186 _____ C:\Users\jubei\Downloads\Addition.txt
2016-02-06 23:48 - 2016-02-06 23:48 - 00077421 _____ C:\Users\jubei\Downloads\Shortcut.txt
2016-02-06 23:47 - 2016-02-12 17:50 - 00022715 _____ C:\Users\jubei\Downloads\FRST.txt
2016-02-06 23:46 - 2016-02-12 17:50 - 00000000 ____D C:\FRST
2016-02-06 23:45 - 2016-02-06 23:45 - 02370560 _____ (Farbar) C:\Users\jubei\Downloads\FRST64.exe
2016-01-29 13:26 - 2016-01-29 13:26 - 01715625 _____ C:\Users\jubei\Downloads\numerik3.pdf
2016-01-28 18:20 - 2016-01-16 07:23 - 08728920 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-01-28 18:20 - 2016-01-16 07:20 - 06971752 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-01-28 18:20 - 2016-01-16 06:35 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-01-28 18:19 - 2016-01-16 07:37 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-01-28 18:19 - 2016-01-16 07:36 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-28 18:19 - 2016-01-16 07:36 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-28 18:19 - 2016-01-16 07:34 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-28 18:19 - 2016-01-16 07:24 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-01-28 18:19 - 2016-01-16 07:23 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-28 18:19 - 2016-01-16 07:23 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-28 18:19 - 2016-01-16 07:23 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-01-28 18:19 - 2016-01-16 07:23 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-01-28 18:19 - 2016-01-16 07:23 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-01-28 18:19 - 2016-01-16 07:21 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-01-28 18:19 - 2016-01-16 07:20 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-28 18:19 - 2016-01-16 07:20 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-01-28 18:19 - 2016-01-16 07:20 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-01-28 18:19 - 2016-01-16 07:19 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-28 18:19 - 2016-01-16 07:19 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-01-28 18:19 - 2016-01-16 07:12 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-01-28 18:19 - 2016-01-16 07:09 - 01089880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-01-28 18:19 - 2016-01-16 07:08 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-01-28 18:19 - 2016-01-16 07:08 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-01-28 18:19 - 2016-01-16 06:46 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-01-28 18:19 - 2016-01-16 06:45 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-01-28 18:19 - 2016-01-16 06:44 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-01-28 18:19 - 2016-01-16 06:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll
2016-01-28 18:19 - 2016-01-16 06:44 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2016-01-28 18:19 - 2016-01-16 06:43 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2016-01-28 18:19 - 2016-01-16 06:42 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-01-28 18:19 - 2016-01-16 06:42 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll
2016-01-28 18:19 - 2016-01-16 06:41 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-01-28 18:19 - 2016-01-16 06:40 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2016-01-28 18:19 - 2016-01-16 06:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2016-01-28 18:19 - 2016-01-16 06:40 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe
2016-01-28 18:19 - 2016-01-16 06:39 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2016-01-28 18:19 - 2016-01-16 06:38 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-01-28 18:19 - 2016-01-16 06:38 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-01-28 18:19 - 2016-01-16 06:38 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-01-28 18:19 - 2016-01-16 06:38 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
2016-01-28 18:19 - 2016-01-16 06:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-01-28 18:19 - 2016-01-16 06:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-01-28 18:19 - 2016-01-16 06:37 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-01-28 18:19 - 2016-01-16 06:37 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-01-28 18:19 - 2016-01-16 06:36 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-01-28 18:19 - 2016-01-16 06:36 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2016-01-28 18:19 - 2016-01-16 06:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-01-28 18:19 - 2016-01-16 06:36 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-01-28 18:19 - 2016-01-16 06:36 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2016-01-28 18:19 - 2016-01-16 06:35 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-01-28 18:19 - 2016-01-16 06:35 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll
2016-01-28 18:19 - 2016-01-16 06:34 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-01-28 18:19 - 2016-01-16 06:34 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-01-28 18:19 - 2016-01-16 06:34 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2016-01-28 18:19 - 2016-01-16 06:34 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-01-28 18:19 - 2016-01-16 06:34 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2016-01-28 18:19 - 2016-01-16 06:33 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2016-01-28 18:19 - 2016-01-16 06:33 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-01-28 18:19 - 2016-01-16 06:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-01-28 18:19 - 2016-01-16 06:32 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-01-28 18:19 - 2016-01-16 06:32 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2016-01-28 18:19 - 2016-01-16 06:31 - 00851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-01-28 18:19 - 2016-01-16 06:31 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-01-28 18:19 - 2016-01-16 06:31 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-01-28 18:19 - 2016-01-16 06:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-01-28 18:19 - 2016-01-16 06:31 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe
2016-01-28 18:19 - 2016-01-16 06:30 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-01-28 18:19 - 2016-01-16 06:30 - 01053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-01-28 18:19 - 2016-01-16 06:30 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-01-28 18:19 - 2016-01-16 06:30 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-01-28 18:19 - 2016-01-16 06:30 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
2016-01-28 18:19 - 2016-01-16 06:29 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-01-28 18:19 - 2016-01-16 06:29 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-01-28 18:19 - 2016-01-16 06:28 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-01-28 18:19 - 2016-01-16 06:28 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-01-28 18:19 - 2016-01-16 06:28 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2016-01-28 18:19 - 2016-01-16 06:28 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-01-28 18:19 - 2016-01-16 06:27 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-01-28 18:19 - 2016-01-16 06:26 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-01-28 18:19 - 2016-01-16 06:26 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-01-28 18:19 - 2016-01-16 06:26 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll
2016-01-28 18:19 - 2016-01-16 06:26 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-01-28 18:19 - 2016-01-16 06:25 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2016-01-28 18:19 - 2016-01-16 06:25 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-01-28 18:19 - 2016-01-16 06:25 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-01-28 18:19 - 2016-01-16 06:24 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-01-28 18:19 - 2016-01-16 06:24 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-01-28 18:19 - 2016-01-16 06:24 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-01-28 18:19 - 2016-01-16 06:24 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-01-28 18:19 - 2016-01-16 06:23 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-01-28 18:19 - 2016-01-16 06:23 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-01-28 18:19 - 2016-01-16 06:21 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-01-28 18:19 - 2016-01-16 06:20 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-01-28 18:19 - 2016-01-16 06:20 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-01-28 18:19 - 2016-01-16 06:20 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-01-28 18:19 - 2016-01-16 06:20 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2016-01-28 18:19 - 2016-01-16 06:19 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-01-28 18:19 - 2016-01-16 06:19 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-01-28 18:19 - 2016-01-16 06:19 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-01-28 18:19 - 2016-01-16 06:19 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-01-28 18:19 - 2016-01-16 06:18 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-28 18:19 - 2016-01-16 06:17 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-01-28 18:19 - 2016-01-16 06:16 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-01-28 18:19 - 2016-01-16 06:16 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-28 18:19 - 2016-01-16 06:15 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-01-28 18:19 - 2016-01-16 06:14 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-01-28 18:19 - 2016-01-16 06:14 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-01-28 18:19 - 2016-01-16 06:11 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-01-21 18:00 - 2016-01-21 18:00 - 00036169 _____ C:\Users\jubei\Downloads\radikalideal.pdf
2016-01-21 14:17 - 2016-01-21 14:17 - 01034195 _____ C:\Users\jubei\Downloads\kommutative_algebra.pdf
2016-01-18 18:12 - 2016-01-18 18:12 - 00714231 _____ C:\Users\jubei\Downloads\ot.pdf
2016-01-16 16:26 - 2016-02-11 23:26 - 00000000 ____D C:\Users\jubei\Documents\MicroBasic
2016-01-16 16:22 - 2016-01-16 16:22 - 00000000 ____D C:\Users\jubei\AppData\Local\Roboteq
2016-01-16 13:52 - 2016-01-16 13:52 - 00002619 _____ C:\Users\Public\Desktop\Roborun+.lnk
2016-01-16 13:52 - 2016-01-16 13:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roboteq
2016-01-16 13:52 - 2016-01-16 13:52 - 00000000 ____D C:\Program Files (x86)\Roboteq
2016-01-15 19:48 - 2016-01-15 19:49 - 00000000 ____D C:\Users\jubei\Desktop\roborun

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-12 17:49 - 2013-11-12 16:39 - 00000000 ____D C:\Users\jubei\AppData\Roaming\uTorrent
2016-02-12 17:37 - 2015-08-10 23:04 - 00000811 _____ C:\Users\jubei\Desktop\Cortana Suche.txt
2016-02-12 17:34 - 2011-09-13 16:30 - 00001142 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-514761637-1918450526-2249266115-1001UA.job
2016-02-12 17:00 - 2012-09-16 04:48 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-02-12 16:58 - 2015-06-18 18:48 - 00001224 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-514761637-1918450526-2249266115-1001UA.job
2016-02-12 16:02 - 2015-11-27 05:45 - 02218850 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-12 16:02 - 2015-10-30 19:35 - 00935198 _____ C:\WINDOWS\system32\perfh007.dat
2016-02-12 16:02 - 2015-10-30 19:35 - 00215216 _____ C:\WINDOWS\system32\perfc007.dat
2016-02-12 16:02 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-02-12 15:34 - 2011-09-13 16:30 - 00001090 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-514761637-1918450526-2249266115-1001Core.job
2016-02-12 15:30 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2016-02-12 14:49 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-12 14:49 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-12 14:40 - 2015-08-09 05:26 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-02-12 14:39 - 2015-11-27 06:02 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-12 03:29 - 2015-10-30 19:47 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-12 03:29 - 2015-10-30 07:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-02-12 03:26 - 2011-09-13 21:47 - 00018768 _____ C:\Users\jubei\Documents\Rechnung.ods
2016-02-12 03:16 - 2015-10-11 22:58 - 00000000 ____D C:\Users\jubei\AppData\Local\JDownloader 2.0
2016-02-12 01:59 - 2015-08-09 23:22 - 00000000 ____D C:\Users\jubei\AppData\Roaming\vlc
2016-02-11 23:58 - 2015-06-18 18:48 - 00001172 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-514761637-1918450526-2249266115-1001Core.job
2016-02-11 15:02 - 2011-09-13 21:08 - 00000000 ____D C:\Users\jubei\AppData\Roaming\Dropbox
2016-02-11 03:34 - 2011-09-26 12:48 - 00029604 _____ C:\WINDOWS\system32\BMXCtrlState-{00000005-00000000-00000000-00001102-00000008-10211102}.rfx
2016-02-11 03:34 - 2011-09-26 12:48 - 00029604 _____ C:\WINDOWS\system32\BMXBkpCtrlState-{00000005-00000000-00000000-00001102-00000008-10211102}.rfx
2016-02-11 03:34 - 2011-09-26 12:48 - 00011564 _____ C:\WINDOWS\system32\DVCState-{00000005-00000000-00000000-00001102-00000008-10211102}.rfx
2016-02-11 03:34 - 2011-09-13 17:01 - 00033688 _____ C:\WINDOWS\system32\BMXStateBkp-{00000005-00000000-00000000-00001102-00000008-10211102}.rfx
2016-02-11 03:34 - 2011-09-13 17:01 - 00033688 _____ C:\WINDOWS\system32\BMXState-{00000005-00000000-00000000-00001102-00000008-10211102}.rfx
2016-02-11 02:42 - 2007-12-31 23:13 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-11 02:37 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-02-11 02:37 - 2011-09-14 13:25 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-10 19:38 - 2011-09-13 16:32 - 00002485 _____ C:\Users\jubei\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-05 20:51 - 2015-08-09 05:04 - 00000000 ____D C:\ProgramData\Package Cache
2016-02-05 20:51 - 2014-02-24 00:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-02-03 20:01 - 2015-10-30 08:26 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-02-03 20:01 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-02 15:29 - 2011-09-13 16:30 - 00004258 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-514761637-1918450526-2249266115-1001UA
2016-02-02 15:29 - 2011-09-13 16:30 - 00003882 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-514761637-1918450526-2249266115-1001Core
2016-02-01 04:12 - 2015-10-26 02:33 - 00000000 ____D C:\Users\jubei\AppData\Local\ManyCam
2016-01-31 03:05 - 2015-11-27 05:48 - 00000000 ____D C:\Users\jubei
2016-01-29 22:01 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-01-29 22:01 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-01-29 22:01 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-01-29 22:01 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-01-29 22:01 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-01-29 22:01 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-29 22:01 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-01-15 14:47 - 2015-10-31 16:20 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-15 14:47 - 2014-12-25 00:34 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-01-14 14:11 - 2013-05-26 12:27 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-14 14:11 - 2012-05-15 14:09 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-13 01:11 - 2012-05-15 14:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2012-02-28 16:58 - 2012-02-28 17:59 - 0000096 _____ () C:\Users\jubei\AppData\Roaming\Camdata.ini
2012-02-28 16:58 - 2012-02-28 17:59 - 0000408 _____ () C:\Users\jubei\AppData\Roaming\CamLayout.ini
2012-02-28 16:58 - 2012-02-28 17:59 - 0000408 _____ () C:\Users\jubei\AppData\Roaming\CamShapes.ini
2012-02-28 16:58 - 2012-02-28 17:59 - 0004417 _____ () C:\Users\jubei\AppData\Roaming\CamStudio.cfg
2012-03-29 16:32 - 2012-03-29 16:32 - 0000093 _____ () C:\Users\jubei\AppData\Roaming\FATSort.ini
2012-05-31 15:29 - 2012-05-31 15:29 - 0003584 _____ () C:\Users\jubei\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-09-13 18:07 - 2012-12-12 18:20 - 0007602 _____ () C:\Users\jubei\AppData\Local\Resmon.ResmonCfg

Einige Dateien in TEMP:
====================
C:\Users\jubei\AppData\Local\Temp\avgnt.exe
C:\Users\jubei\AppData\Local\Temp\proxy_vole7009513119220735417.dll
C:\Users\jubei\AppData\Local\Temp\proxy_vole7768348874426687597.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-02-11 02:36

==================== Ende von FRST.txt ============================
Addition.txt:
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:27-01-2016
durchgeführt von jubei (2016-02-12 17:51:04)
Gestartet von C:\Users\jubei\Downloads
Windows 10 Pro (X64) (2015-11-27 05:04:14)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-514761637-1918450526-2249266115-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-514761637-1918450526-2249266115-503 - Limited - Disabled)
Gast (S-1-5-21-514761637-1918450526-2249266115-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-514761637-1918450526-2249266115-1002 - Limited - Enabled)
jubei (S-1-5-21-514761637-1918450526-2249266115-1001 - Administrator - Enabled) => C:\Users\jubei

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKU\S-1-5-21-514761637-1918450526-2249266115-1001\...\uTorrent) (Version: 3.4.5.41712 - BitTorrent Inc.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Aegisub 3.0.4 (HKLM-x32\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.0.4 - Aegisub Team)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.8.1217.36096 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.8.1217.36096 - Alcor Micro Corp.) Hidden
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{F564317A-AB84-BEE8-A670-B6C09BC08AFB}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
ArcSoft PhotoStudio 5.5 (HKLM-x32\...\{85309D89-7BE9-4094-BB17-24999C6118FC}) (Version:  - ArcSoft)
AutoHotkey 1.1.07.03 (HKLM\...\AutoHotkey) (Version: 1.1.07.03 - AutoHotkey Community)
Avidemux 2.5 (HKLM-x32\...\Avidemux 2.5 (64-bit)) (Version: 2.5.4.7200 - )
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{ccdc9cfe-8ba7-4c6c-ac5f-b2d6cfa49efc}) (Version: 1.1.54.24924 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.54.24924 - Avira Operations GmbH & Co. KG) Hidden
Bamboo (HKLM\...\Pen Tablet Driver) (Version: 5.2.4-6 - Wacom Technology Corp.)
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.0.2.655 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Blend for Visual Studio Add-in for Adobe FXG Import (x32 Version: 1.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Boost C++ Libraries 1.51 (HKLM-x32\...\boost_1_51) (Version:  - )
CameraHelperMsi (x32 Version: 13.50.854.0 - Logitech) Hidden
Canon iP7200 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP7200_series) (Version:  - Canon Inc.)
CanoScan Toolbox Ver4.9 (HKLM-x32\...\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}) (Version:  - )
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5790 - CDBurnerXP)
Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.41 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative-Audiokonsole (HKLM-x32\...\AudioCS) (Version: 1.33 - Creative Technology Limited)
CrystalDiskInfo 6.0.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.0.0 - Crystal Dew World)
Devenv-Ressourcen für Microsoft Visual Studio 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
DF CrcSfv 1.3 (HKLM-x32\...\DF CrcSfv_is1) (Version:  - Frischalowski EDV-Beratung)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Dropbox (HKU\S-1-5-21-514761637-1918450526-2249266115-1001\...\Dropbox) (Version: 3.14.5 - Dropbox, Inc.)
Entity Framework Designer für Visual Studio 2012 - DEU (HKLM-x32\...\{B2BDC072-BE01-432D-B281-30891D597FBB}) (Version: 11.1.30729.00 - Microsoft Corporation)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Gigabyte Raid Configurer (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.59.0 - GIGABYTE Technologies, Inc.)
GnuWin32: File-5.03 (HKLM-x32\...\File-5.03_is1) (Version: 5.03 - GnuWin32)
Google Chrome (HKU\S-1-5-21-514761637-1918450526-2249266115-1001\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.)
Inhaltsmanager-Assistent für PlayStation(R) (HKLM-x32\...\{961D5D7E-3DEC-4E3B-9065-EA8074923B18}) (Version: 3.31.7643.1 - Sony Computer Entertainment Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
JavaScript Tooling (Version: 11.0.60315 - Microsoft Corporation) Hidden
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
LocalESPCui for de-de (x32 Version: 8.59.25584 - Microsoft) Hidden
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.30 - Logitech Inc.)
LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden
ManyCam 5.0.5 (HKLM-x32\...\ManyCam) (Version: 5.0.5 - Visicom Media Inc.)
Microsoft .NET Compact Framework 1.0 SP3 Developer (HKLM-x32\...\{6C531060-84FB-4F96-8F33-29DF020632EB}) (Version: 1.0.4292 - Microsoft Corporation)
Microsoft .NET Compact Framework 2.0 (HKLM-x32\...\{625386A4-B6B6-4911-A6E8-23189C3F2D15}) (Version: 2.0.5238 - Microsoft Corporation)
Microsoft .NET Framework 2.0 SDK (x64) - ENU (HKLM\...\Microsoft .NET Framework 2.0 SDK (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{98B45D1C-6EB1-460D-A87D-2B60678DC105}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Device Emulator version 1.0 - ENU (HKLM-x32\...\{78B75C6D-E53C-424C-BF83-4B63BD4A6682}) (Version: 1.0.50727.42 - Microsoft Corporation)
Microsoft Document Explorer 2005 (HKLM-x32\...\Microsoft Document Explorer 2005) (Version:  - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 Language Pack - DEU (HKLM-x32\...\Microsoft Help Viewer 2.0 Language Pack - DEU) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Mobile [ENU] Developer Tools (HKLM-x32\...\{1389C6A4-4965-4AEC-9175-08B54A10FA48}) (Version: 3.0.0.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{EF18EF0F-96D3-4A6B-9600-2197F1720A15}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{6B7B7E62-9F56-4C87-8664-0E20F2CAB03B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{D4DA7C91-A59F-4C72-BAC4-DF7C76AB1CB8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{13C9CD03-A5FE-4F50-AC8A-17B77C38CC52}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{28C7A4BB-3966-4373-8376-C11F38290630}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{D434E072-F482-4F52-AB97-7B19DD5DAEB5}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{485F4AC6-F79E-4482-A0D2-EDF0CCE1E124}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2005 64bit Prerequisites (x64) - ENU (HKLM\...\{75F299F3-8234-47CD-BB40-2994C1B1105E}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual Studio 2005 Professional Edition - ENU (HKLM-x32\...\Microsoft Visual Studio 2005 Professional Edition - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2005 Professional Edition - ENU Service Pack 1 (KB926601) (HKLM-x32\...\KB926601.T2_29ToU260_29) (Version: 1 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio Professional 2012 (HKLM-x32\...\{66efbe1c-fcf5-4623-93f6-1ae2445aff93}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - DEU (HKLM-x32\...\{86756584-C41A-4CA3-B42D-4768C7720F56}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{4C0B27C3-3E8F-4BD2-80FF-6E9E48EBD6D8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{64A5D39C-95CD-4B8B-B2FA-6C713133B57F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Mozilla Firefox 6.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 6.0.2 (x86 de)) (Version: 6.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.9.3 - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
PreEmptive Analytics Client German Language Pack (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.40.126.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Roborun Plus (HKLM-x32\...\{8BA51F99-143A-4221-BCB1-EE7687BA4ECD}) (Version: 1.5.0003 - Roboteq)
SC Ver 2.71 (HKLM-x32\...\Super Card_is1) (Version:  - Super Card)
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version:  - Valve)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Subtitle Edit 3.3.8 (HKLM-x32\...\SubtitleEdit_is1) (Version: 3.3.8.2047 - Nikse)
Trials 2 Second Edition v1.08 (HKLM-x32\...\Trials 2 Second Edition_is1) (Version:  - )
Trials Evolution Gold Edition (HKLM-x32\...\Steam App 220160) (Version:  - Redlynx Ltd)
Trials Fusion (HKLM-x32\...\Steam App 245490) (Version:  - RedLynx, in collaboration with  Ubisoft Shanghai, Ubisoft Kiev)
Unity Web Player (HKU\S-1-5-21-514761637-1918450526-2249266115-1001\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 5.2 - Ubisoft)
Virtua Tennis 4™ (HKLM-x32\...\GFWL_{53450FA2-E900-456E-9715-501000008200}) (Version: 1.0.0000.130 - SEGA)
Virtua Tennis 4™ (x32 Version: 1.0.0000.130 - SEGA) Hidden
Visual Studio 2012 Update 4 (KB2707250) (HKLM-x32\...\{312d9252-c71c-4c84-b171-f4ad46e22098}) (Version: 11.0.61030 - Microsoft Corporation)
Visual Studio Extensions for Windows Library for JavaScript 1.0.9200.20789 (HKLM-x32\...\{49c53021-7c66-4b0b-b842-9b878d2f0e0f}) (Version: 1.0.9200.20789 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VMLoad (HKLM-x32\...\VMLoad) (Version:  - )
Wad2ISO (HKLM\...\Wad2ISO) (Version: 4.7.0.0 - Tristar aka Poida)
WatchMyCam - Live Video Streaming (HKLM-x32\...\WatchMyCam_is1) (Version: 1.17.35.370 - hepasoft oHG, Germany)
WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP)
WCF Data Services 5.0 (for OData v3) DEU Language Pack (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Visual Studio 11 DEU Language Pack (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.7 - Wacom Technology Corp.)
WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.5 - Wacom Technology Corp.)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinFF 1.3.2 (HKLM-x32\...\WinFF_is1) (Version:  - WinFF.org)
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
WinZip 15.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240C1}) (Version: 15.0.9411 - WinZip Computing, S.L. )
Zero Assumption Recovery Version 9 (HKLM-x32\...\Zero Assumption Recovery_is1) (Version:  - )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\jubei\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\jubei\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\jubei\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\jubei\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\jubei\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\jubei\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\jubei\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\jubei\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\jubei\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\jubei\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\jubei\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\jubei\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\jubei\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\jubei\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {032F8075-6FF4-428C-A111-C6B018878123} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10] (Adobe Systems Incorporated)
Task: {062E35CA-0015-4264-870D-BB1F8358C733} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {0AE77D58-844B-4A04-8A20-B9866D139F76} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-514761637-1918450526-2249266115-1001UA => C:\Users\jubei\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {0CFE2E40-6A97-48C5-9F38-DE82315CF1B0} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {14156A92-3B9F-42A1-A798-C2007E3D2409} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {1D632D37-C021-4D8A-9124-D6DD9866AA78} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {1D76680D-68AE-4EE8-9400-0D04F393CC5F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {23AB4EE3-6FAF-453F-8667-672F27B50C7A} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {24597EEA-6149-4ABE-B5A6-7CC4A4D7693A} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {29E1446C-A83D-4166-BE91-AF1BA87F7678} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {2FDC23E9-6582-4E99-A286-E905DA206707} - System32\Tasks\{BD79A250-3F54-49B3-9091-6DCF53CAE99A} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-10-01] (Skype Technologies S.A.)
Task: {369CCAD2-3B08-4D3F-B7EB-8E35981EDDCA} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {439351F4-1C50-4203-BD4B-8DAE85BA2CB4} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {471E0CF9-CB49-426F-B047-394C0EEEA4AD} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {472F2735-28F5-4A76-9CD1-C00DD7A1F298} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {5DD47284-8621-42B5-8F7A-1CF840390099} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {64803E2E-AC8A-4C63-9C22-EC69B503E847} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-514761637-1918450526-2249266115-1001Core => C:\Users\jubei\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {64D2F430-8C62-4EFE-826C-3FF02FABB0EA} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {726ED448-F7E2-4A8A-91BF-629059989148} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-514761637-1918450526-2249266115-1001Core => C:\Users\jubei\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-04] (Google Inc.)
Task: {7DBF3BE0-AD3F-4AD7-BEE9-D55CCA814825} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {8162A7BE-521A-41B0-A66D-F329C8268B92} - System32\Tasks\{2B78BD22-98F0-4136-9EA5-CF36BF56FA43} => pcalua.exe -a "D:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/34350
Task: {8307988E-7574-4DC4-B1C4-7E761410ADDB} - System32\Tasks\{A388D272-5686-43F1-8E71-92B11D09A6CF} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}\setup.exe" -c -runfromtemp -l0x0407 -removeonly
Task: {9638560C-A48C-4250-B0A2-962CD8BE5EA9} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {974C0D2A-811C-4916-A324-9C03BEDFD49A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {9B8E5DDB-044B-4F6A-A7FB-D1B9195AAD70} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {9F656A42-EC31-4FDD-ADA3-16AD13050BC1} - System32\Tasks\{2CB36131-EF60-463D-833A-07D806B97A40} => pcalua.exe -a "C:\Users\jubei\AppData\Local\JDownloader v2.0\Uninstall JDownloader.exe"
Task: {A54B3928-EFAB-4B36-991A-B4C03ED70ED0} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {A6911D59-EAE6-4C94-9DE6-853859A777CB} - System32\Tasks\{E9288DA9-2C8A-45C7-AFF6-1F2D5E8CC5AB} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}\setup.exe" -c -runfromtemp -l0x0407 -removeonly
Task: {A6A87CBC-1EFF-4836-BA9E-4413602DA470} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
Task: {A9C67171-F6D0-4FB3-87B0-E0EDDCA555B7} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {AF293D73-A9D1-400C-85CA-C62F4E3F26A7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-11] (Microsoft Corporation)
Task: {C7FF05E2-048F-477E-9609-3864C40FD72C} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {CDC74A95-6C4A-42BC-92CC-FDF29011A09F} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {CE56D610-AE55-4C12-B2BD-C0C0252080DC} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {E30FED35-D4A7-4A4D-BC9B-E332F8AE7078} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {E7B8341C-646A-445E-B8E0-90547E15C2CD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-514761637-1918450526-2249266115-1001UA => C:\Users\jubei\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-04] (Google Inc.)
Task: {FE6F2A41-4A15-492A-8C19-FED0C5B02AE7} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-514761637-1918450526-2249266115-1001Core.job => C:\Users\jubei\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-514761637-1918450526-2249266115-1001UA.job => C:\Users\jubei\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-514761637-1918450526-2249266115-1001Core.job => C:\Users\jubei\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-514761637-1918450526-2249266115-1001UA.job => C:\Users\jubei\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2011-09-18 21:24 - 2010-09-07 10:46 - 00072280 _____ () C:\Windows\SysWOW64\XSrvSetup.exe
2011-09-13 19:20 - 2010-10-21 08:38 - 01182576 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2015-12-03 15:45 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-03 15:45 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-01-22 14:31 - 2016-01-22 14:31 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-18 16:09 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-18 16:09 - 2015-12-07 05:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-12 21:30 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-12 21:30 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-28 18:19 - 2016-01-16 06:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-28 18:19 - 2016-01-16 06:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-01-22 14:31 - 2016-01-22 14:31 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-22 14:31 - 2016-01-22 14:31 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-02-10 19:38 - 2016-02-09 12:58 - 01632584 _____ () C:\Users\jubei\AppData\Local\Google\Chrome\Application\48.0.2564.109\libglesv2.dll
2016-02-10 19:38 - 2016-02-09 12:58 - 00087880 _____ () C:\Users\jubei\AppData\Local\Google\Chrome\Application\48.0.2564.109\libegl.dll
2016-02-10 19:38 - 2016-02-09 12:58 - 16810824 _____ () C:\Users\jubei\AppData\Local\Google\Chrome\Application\48.0.2564.109\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2016-02-12 17:39 - 00000822 ____A C:\WINDOWS\system32\Drivers\etc\hosts

#        ::1            localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-514761637-1918450526-2249266115-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Inhaltsmanager-Assistent für PlayStation(R).lnk => C:\Windows\pss\Inhaltsmanager-Assistent für PlayStation(R).lnk.CommonStartup
MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe
MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [TCP Query User{4312EC39-7448-435A-B337-7B914CB4EF6F}G:\utility\admin.exe] => (Allow) G:\utility\admin.exe
FirewallRules: [UDP Query User{6FA4EEB3-4EAF-4A47-A769-D1CB4B91AB56}G:\utility\admin.exe] => (Allow) G:\utility\admin.exe
FirewallRules: [TCP Query User{88C4AF3F-FA6A-4F28-8AFE-BAAEEB276E0F}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{246AD4B7-917C-4176-8679-1DA2C4D38C6A}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{2CE26192-1E13-4F84-ABA1-BCA1B556202E}] => (Allow) C:\Users\jubei\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{7C8EDA97-C3F7-485D-B2FA-97B4A475A460}] => (Allow) C:\Users\jubei\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{6508156F-299B-40EB-BFF4-621655AB8174}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4F9C5E46-36EC-4C96-B55E-240ACAC3384A}] => (Allow) D:\Programme\Steam\Steam.exe
FirewallRules: [{CE115290-AB82-46E5-90DF-176E6840DAA3}] => (Allow) D:\Programme\Steam\Steam.exe
FirewallRules: [{1DAFA886-8FF0-4582-95D6-C5F4278BD854}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{43F43487-CF04-4868-B6FA-2722F9CC3BEA}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{84B5F971-F277-4BA1-83F1-6A8FCE4D448F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\lara croft and the guardian of light\lcgol.exe
FirewallRules: [{E1ED6BB9-108C-4706-983B-44E2AED9C0FE}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\lara croft and the guardian of light\lcgol.exe
FirewallRules: [{A0D9DDAE-14E9-43A0-80AE-5200CBECEA90}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\nightsky\NightSky.exe
FirewallRules: [{BA8DF255-AC28-4C7E-912A-E5CA02C6EA37}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\nightsky\NightSky.exe
FirewallRules: [{EDCA66FA-6866-4754-83E8-F76B103DBBE6}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\saira\Saira.exe
FirewallRules: [{15910BC2-9256-4D91-BCA2-FE34B9BB6A65}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\saira\Saira.exe
FirewallRules: [{44F7BB54-52B6-4AD6-A0DF-EBE9D1DEA9A5}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\saira\Settings.exe
FirewallRules: [{6DD41C80-B722-4D4E-942C-C117712DE127}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\saira\Settings.exe
FirewallRules: [TCP Query User{63971EB9-8A37-463E-83EC-2B51796F9BE3}D:\program files (x86)\ea games\alice madness returns\game\alice2\binaries\win32\alicemadnessreturns.exe] => (Block) D:\program files (x86)\ea games\alice madness returns\game\alice2\binaries\win32\alicemadnessreturns.exe
FirewallRules: [UDP Query User{1335B042-D396-4EA2-89FF-EE17226A672D}D:\program files (x86)\ea games\alice madness returns\game\alice2\binaries\win32\alicemadnessreturns.exe] => (Block) D:\program files (x86)\ea games\alice madness returns\game\alice2\binaries\win32\alicemadnessreturns.exe
FirewallRules: [{28E7749A-2D8D-44BD-A2ED-13337D00EEF4}] => (Allow) D:\Program Files (x86)\Sega\Virtua Tennis 4\VT4.exe
FirewallRules: [{CE4AB352-084B-4D69-809D-9C5ACEECB509}] => (Allow) D:\Program Files (x86)\Sega\Virtua Tennis 4\VT4.exe
FirewallRules: [TCP Query User{4166D248-5040-436D-A3A2-DC86577D2C04}C:\program files (x86)\print server utilities\psadmin.exe] => (Allow) C:\program files (x86)\print server utilities\psadmin.exe
FirewallRules: [UDP Query User{1B0184C2-769C-4CCE-AE5F-4F025FF704DC}C:\program files (x86)\print server utilities\psadmin.exe] => (Allow) C:\program files (x86)\print server utilities\psadmin.exe
FirewallRules: [{914D1673-9A22-4460-9C86-DC3BB5D8720B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\amnesia the dark descent\Launcher.exe
FirewallRules: [{17B4409B-2C69-4940-8520-8251BF1B3AD7}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\amnesia the dark descent\Launcher.exe
FirewallRules: [{7D0AE576-C7AC-416A-93AD-5277841B5DBF}] => (Allow) C:\Users\jubei\AppData\Roaming\VMLoad\VMLoad.exe
FirewallRules: [{26887431-D734-4042-BB19-CCDB6B630449}] => (Allow) C:\Users\jubei\AppData\Roaming\VMLoad\VMLoad.exe
FirewallRules: [{C15CFCC4-5A20-46F2-BB3B-EDE01E585306}] => (Allow) C:\Users\jubei\AppData\Roaming\VMLoad\VMLoad.jar
FirewallRules: [{99A8A6EE-E0CD-4C65-A6D3-7F1FC423E186}] => (Allow) C:\Users\jubei\AppData\Roaming\VMLoad\VMLoad.jar
FirewallRules: [{63016B14-E24E-4120-B569-75E8CA281B4D}] => (Allow) C:\Users\jubei\AppData\Roaming\VMLoad\VMLoadUpdater.jar
FirewallRules: [{13FC6EA2-4767-4A64-82E2-A8F3868C1B09}] => (Allow) C:\Users\jubei\AppData\Roaming\VMLoad\VMLoadUpdater.jar
FirewallRules: [TCP Query User{B6ACD25B-5203-4B6B-B362-45F44797B862}C:\program files\java\jre7\launch4j-tmp\vmload.exe] => (Allow) C:\program files\java\jre7\launch4j-tmp\vmload.exe
FirewallRules: [UDP Query User{8F678B19-0A0F-451E-AB71-CA1F5E722EF8}C:\program files\java\jre7\launch4j-tmp\vmload.exe] => (Allow) C:\program files\java\jre7\launch4j-tmp\vmload.exe
FirewallRules: [TCP Query User{414B842A-5056-414C-A73C-0FAE568A6BC0}C:\program files\java\jre7\launch4j-tmp\vmload.exe] => (Allow) C:\program files\java\jre7\launch4j-tmp\vmload.exe
FirewallRules: [UDP Query User{8993FB25-AA49-4C77-A828-F76A0EF01850}C:\program files\java\jre7\launch4j-tmp\vmload.exe] => (Allow) C:\program files\java\jre7\launch4j-tmp\vmload.exe
FirewallRules: [{10964D59-18E6-4EBD-A6B0-5403E91CFA19}] => (Allow) C:\Users\jubei\AppData\Local\Temp\pft2F5C.tmp\fsetup.exe
FirewallRules: [{77D9C0A2-0A73-4A8B-A78A-B4EA7A4F4E74}] => (Allow) C:\Users\jubei\AppData\Local\Temp\pft2F5C.tmp\fsetup.exe
FirewallRules: [{4FD0488B-0615-4D0B-B781-640D5E280785}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\trine\trine_launcher.exe
FirewallRules: [{80E2CBA5-D551-4C0F-950A-0B242AE8E919}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\trine\trine_launcher.exe
FirewallRules: [{57B99343-C7DA-4B1F-9ED8-6AB565351E86}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\bastion\Bastion.exe
FirewallRules: [{CEC43314-88F9-49BD-8CDE-64A5B0650049}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\bastion\Bastion.exe
FirewallRules: [{085BFBE5-8313-4DE7-9A14-7C7683F21958}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\cogs\cogs.exe
FirewallRules: [{BF95727B-5211-4A55-B182-0AF38BA5EC13}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\cogs\cogs.exe
FirewallRules: [{EC5EDA7F-0BBF-48F1-A477-3951286CB227}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\insanely twisted shadow planet\FCEngine-GFWL.exe
FirewallRules: [{E9E9E687-17C2-4704-91B6-5D0A52049D30}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\insanely twisted shadow planet\FCEngine-GFWL.exe
FirewallRules: [{67FB8583-B9BE-4DDA-8CE1-6C95B53F9640}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\superbrothers sword & sworcery ep\swordandsworcery_pc.exe
FirewallRules: [{CE0CDAB4-7865-429A-9541-6D00B5D979FF}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\superbrothers sword & sworcery ep\swordandsworcery_pc.exe
FirewallRules: [{DA5C3B34-FBA0-4CB7-9032-FA3389280B36}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\vessel\Vessel.exe
FirewallRules: [{7286B8F6-06FF-4F99-84DD-CCDDBDA33B55}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\vessel\Vessel.exe
FirewallRules: [TCP Query User{CF037130-9923-4994-90FD-D0256A254B42}C:\program files (x86)\get_iplayer\vlc\vlc-1.1.11\vlc.exe] => (Block) C:\program files (x86)\get_iplayer\vlc\vlc-1.1.11\vlc.exe
FirewallRules: [UDP Query User{00315BD1-8A0C-4C18-BAF6-88599781A04E}C:\program files (x86)\get_iplayer\vlc\vlc-1.1.11\vlc.exe] => (Block) C:\program files (x86)\get_iplayer\vlc\vlc-1.1.11\vlc.exe
FirewallRules: [TCP Query User{628AB6A9-93AB-4EDC-BF9B-796330EBBA1C}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{11E278D5-8D99-41F2-A876-D5E3A8A1AE53}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{0900C63F-8DD7-4438-8CB7-74BC6E0C3F86}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\left 4 dead\left4dead.exe
FirewallRules: [{1F4B462E-0C46-4046-8FB4-6347CF66B0A1}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\left 4 dead\left4dead.exe
FirewallRules: [TCP Query User{4A31C776-C9E5-40D7-AB86-0ADDC8D08CF6}C:\program files\jdownloader 2\jdownloader 2.exe] => (Allow) C:\program files\jdownloader 2\jdownloader 2.exe
FirewallRules: [UDP Query User{CA32D687-8471-4451-BC8F-A69894D2A158}C:\program files\jdownloader 2\jdownloader 2.exe] => (Allow) C:\program files\jdownloader 2\jdownloader 2.exe
FirewallRules: [TCP Query User{0730A3B0-6481-4BA6-A33B-2D526ED24DF2}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{19C494B6-105E-4AE9-AE09-3801DBA29A5A}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [{9038F9EB-AB57-4523-93BF-CA5BE17FC62B}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [TCP Query User{4983BE25-C5A1-4BC1-B710-07FADA177581}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{884CDEFE-071D-4364-8F41-011AFFD297B6}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{128CC394-3600-440B-B2E2-0EDE95F62C47}C:\users\jubei\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\jubei\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{1A7858FC-995E-49C1-8638-A2F7A7D7FCBA}C:\users\jubei\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\jubei\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [{05A17FE9-AC83-48E6-A9F6-AC9A55E1E385}] => (Allow) C:\Users\jubei\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E398A085-C3A7-4A06-B25D-58E63F348D50}] => (Allow) C:\Users\jubei\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{FD0BFB59-9302-45B7-A3AC-6826B8DC01F7}C:\program files (x86)\pfportchecker\pfportchecker.exe] => (Allow) C:\program files (x86)\pfportchecker\pfportchecker.exe
FirewallRules: [UDP Query User{7900B31D-666E-4D57-89BE-20E7CD5F57EC}C:\program files (x86)\pfportchecker\pfportchecker.exe] => (Allow) C:\program files (x86)\pfportchecker\pfportchecker.exe
FirewallRules: [TCP Query User{01495FDB-08EF-408B-ACAC-32281BA42B29}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{DC10904C-39F9-40CB-9FAC-3A2CF97E8326}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [TCP Query User{CD8BAE3A-FFF7-4215-A1C7-0D26ABDA3675}C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe] => (Block) C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe
FirewallRules: [UDP Query User{17D5850A-D710-4329-9144-2778456D52D1}C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe] => (Block) C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe
FirewallRules: [{177FCE06-A20B-4B3F-9BBB-F0DF4B323547}] => (Allow) C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
FirewallRules: [{CC72A37B-4796-4096-B2BE-50FBC8C6C696}] => (Allow) C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
FirewallRules: [{0AADCDA6-4505-481A-9DFE-9D4863A718C0}] => (Allow) C:\Program Files (x86)\Giraffic\Veoh_Giraffic.exe
FirewallRules: [{E16E913C-8B06-41A6-B778-8EFE933239C7}] => (Allow) C:\Program Files (x86)\Giraffic\Veoh_Giraffic.exe
FirewallRules: [TCP Query User{3C70A8C9-28A5-481F-8FB9-0E1893769171}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Block) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [UDP Query User{1E3510E7-028E-4980-9749-AC566CC077EF}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Block) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [TCP Query User{819A6115-9B2B-42CC-9F31-0C90290B10D0}C:\users\jubei\desktop\candisoft_load_0.7.4\load.exe] => (Allow) C:\users\jubei\desktop\candisoft_load_0.7.4\load.exe
FirewallRules: [UDP Query User{8EB5B3F1-AE04-4B56-8A0E-3860F0E0C48F}C:\users\jubei\desktop\candisoft_load_0.7.4\load.exe] => (Allow) C:\users\jubei\desktop\candisoft_load_0.7.4\load.exe
FirewallRules: [{6E5D3F50-DF06-4905-8D31-D045007493A4}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{7B090682-EC9A-47CB-A0C5-3BC16C4877CB}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{00701ED4-D60D-425F-BAA4-76F26C77A1F3}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\TrialsPC\datapack\trialsFMX.exe
FirewallRules: [{05E6674D-2B6B-41F7-BA0E-013B5D7F5F88}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\TrialsPC\datapack\trialsFMX.exe
FirewallRules: [{FDB4D556-CEDC-410F-BE47-D9DB77227034}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Deadlight\Binaries\Win32\LOTDGame.exe
FirewallRules: [{0499977E-7FBB-4BB3-BFBA-07319C9EDCFA}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Deadlight\Binaries\Win32\LOTDGame.exe
FirewallRules: [{7B296937-8104-4845-BB45-6B1257BECA74}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{DFD38DE8-2456-4AB0-A68E-A19E6A08BB91}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{A5B372B0-C698-49AD-BBA2-0F570C4E556A}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{03BC073B-40F2-4175-957A-26F2851CCFFE}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{D8ACD46D-33B0-4EF7-B3A8-1DE2AA3CEA4C}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{B6AD68BD-4E52-4808-9AEC-3F0BE2B38BD5}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{0D157017-E0AE-41A4-8DF0-E09CD19FDDBB}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{2121756E-278B-4A1A-9F8D-0EFAFD52BAA5}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/12/2016 03:14:24 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: MSSQL$SQLEXPRESS8

Error: (02/12/2016 03:14:24 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (02/12/2016 02:40:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_stisvc, Version: 10.0.10586.0, Zeitstempel: 0x5632d7ba
Name des fehlerhaften Moduls: CNQU111.DLL, Version: 0.0.1.0, Zeitstempel: 0x4406453f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000845d
ID des fehlerhaften Prozesses: 0x8c0
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_stisvc0
Pfad der fehlerhaften Anwendung: svchost.exe_stisvc1
Pfad des fehlerhaften Moduls: svchost.exe_stisvc2
Berichtskennung: svchost.exe_stisvc3
Vollständiger Name des fehlerhaften Pakets: svchost.exe_stisvc4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_stisvc5

Error: (02/11/2016 03:07:06 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (02/11/2016 03:34:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: dwm.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d756
Name des fehlerhaften Moduls: combase.dll, Version: 10.0.10586.0, Zeitstempel: 0x5632d3ca
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000067e5c
ID des fehlerhaften Prozesses: 0x1e7c
Startzeit der fehlerhaften Anwendung: 0xdwm.exe0
Pfad der fehlerhaften Anwendung: dwm.exe1
Pfad des fehlerhaften Moduls: dwm.exe2
Berichtskennung: dwm.exe3
Vollständiger Name des fehlerhaften Pakets: dwm.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: dwm.exe5

Error: (02/11/2016 02:42:21 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: MSSQL$SQLEXPRESS8

Error: (02/10/2016 03:01:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: dwm.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d756
Name des fehlerhaften Moduls: combase.dll, Version: 10.0.10586.0, Zeitstempel: 0x5632d3ca
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000067e5c
ID des fehlerhaften Prozesses: 0x1824
Startzeit der fehlerhaften Anwendung: 0xdwm.exe0
Pfad der fehlerhaften Anwendung: dwm.exe1
Pfad des fehlerhaften Moduls: dwm.exe2
Berichtskennung: dwm.exe3
Vollständiger Name des fehlerhaften Pakets: dwm.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: dwm.exe5

Error: (02/09/2016 04:09:47 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: MSSQL$SQLEXPRESS8

Error: (02/08/2016 02:53:45 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: MSSQL$SQLEXPRESS8

Error: (02/08/2016 03:39:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: dwm.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d756
Name des fehlerhaften Moduls: combase.dll, Version: 10.0.10586.0, Zeitstempel: 0x5632d3ca
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000067e5c
ID des fehlerhaften Prozesses: 0x36c
Startzeit der fehlerhaften Anwendung: 0xdwm.exe0
Pfad der fehlerhaften Anwendung: dwm.exe1
Pfad des fehlerhaften Moduls: dwm.exe2
Berichtskennung: dwm.exe3
Vollständiger Name des fehlerhaften Pakets: dwm.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: dwm.exe5


Systemfehler:
=============
Error: (02/12/2016 02:40:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows-Bilderfassung (WIA)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (02/12/2016 02:39:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (02/12/2016 03:28:46 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_1e266800" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/12/2016 03:28:46 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _1e266800" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/12/2016 03:28:46 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_1e266800" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/12/2016 03:28:46 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_1e266800" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/11/2016 03:50:44 PM) (Source: disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk6\DR27.

Error: (02/11/2016 03:30:58 PM) (Source: disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk6\DR27.

Error: (02/11/2016 03:18:47 PM) (Source: disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk6\DR27.

Error: (02/11/2016 03:07:54 PM) (Source: disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk6\DR27.


CodeIntegrity:
===================================
  Date: 2016-02-12 14:40:22.457
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-11 14:50:14.556
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-29 22:05:37.180
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-14 14:14:02.339
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-08 15:37:28.079
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-07 17:05:52.922
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-02 03:24:58.342
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-31 19:02:56.616
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-20 12:06:45.160
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-11 03:54:55.470
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM)2 Duo CPU E6750 @ 2.66GHz
Prozentuale Nutzung des RAM: 54%
Installierter physikalischer RAM: 6142.49 MB
Verfügbarer physikalischer RAM: 2804.29 MB
Summe virtueller Speicher: 12286.49 MB
Verfügbarer virtueller Speicher: 8578.59 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:118.7 GB) (Free:51.88 GB) NTFS
Drive d: () (Fixed) (Total:298.09 GB) (Free:1.25 GB) NTFS
Drive e: (TrekStor) (Fixed) (Total:1863.01 GB) (Free:0.07 GB) NTFS
Drive f: () (Fixed) (Total:2794.52 GB) (Free:0.54 GB) NTFS
Drive p: (TrekStor) (Fixed) (Total:1397.26 GB) (Free:19.05 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 94002FAC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=118.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 12F412F4)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)

========================================================
Disk: 6 (Size: 1397.3 GB) (Disk ID: 1155B60B)
Partition 1: (Not Active) - (Size=1397.3 GB) - (Type=07 NTFS)

========================================================
Disk: 7 (Size: 1863 GB) (Disk ID: 12B246ED)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 8.

==================== Ende von Addition.txt ============================

cosinus 12.02.2016 19:14
Bitte Avira deinstallieren. Das Teil empfehlen wir schon seit Jahren aus mehreren Gründen nicht mehr. Ein Grund ist ne rel. hohe Fehlalarmquote, der zweite Hauptgrund ist, dass die immer noch mit ASK zusammenarbeiten (Avira Suchfunktion geht über ASK). Auch andere Freewareanbieter wie AVG, Avast oder Panda sprangen auf diesen Zug auf - so etwas ist bei Sicherheitssoftware einfach inakzeptabel. Vgl. Antivirensoftware: Schutz für Ihre Dateien, aber auf Kosten Ihrer Privatsphäre? | Emsisoft Blog

Wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen.

Gib Bescheid wenn Avira weg ist.

igordi 12.02.2016 20:48
OK, Avira ist deinstalliert.

cosinus 12.02.2016 22:37
gut :)

Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

igordi 13.02.2016 02:10
Es wurde diesmal nichts mehr gefunden (aber wie im Startpost erwähnt, wurde mbar vor ein paar Tagen bei mir fündig - siehe Log im zweiten Post).

mbar:
Code:
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.02.12.06
  rootkit: v2016.02.08.01

Windows 10 x64 NTFS
Internet Explorer 11.103.10586.0
jubei :: JUBEI-WIN7 [administrator]

13.02.2016 01:38:27
mbar-log-2016-02-13 (01-38-27).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 459507
Time elapsed: 16 minute(s), 35 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

cosinus 13.02.2016 12:14
Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!

1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


igordi 13.02.2016 14:45
AdwCleaner[C1].txt:
Code:
# AdwCleaner v5.033 - Bericht erstellt am 13/02/2016 um 14:23:40
# Aktualisiert am 07/02/2016 von Xplode
# Datenbank : 2016-02-07.2 [Server]
# Betriebssystem : Windows 10 Pro  (x64)
# Benutzername : jubei - JUBEI-WIN7
# Gestartet von : C:\Users\jubei\Desktop\AdwCleaner_5.033.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\Program Files\Search
[-] Ordner Gelöscht : C:\ProgramData\apn
[-] Ordner Gelöscht : C:\Users\jubei\AppData\Roaming\ProgSense

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\Users\jubei\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] Datei Gelöscht : C:\Users\jubei\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
[-] Schlüssel Gelöscht : HKCU\Software\ProgSense
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Joosoft.com
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\AskPartnerNetwork

***** [ Internetbrowser ] *****


*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1543 Bytes] ##########
JRT.txt:
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.2 (01.06.2016)
Operating System: Windows 10 Pro x64
Ran by jubei (Administrator) on 13.02.2016 at 14:28:33,30
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 4

Successfully deleted: C:\Users\jubei\AppData\Local\crashrpt (Folder)
Successfully deleted: C:\Users\jubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio (Folder)
Successfully deleted: C:\Users\jubei\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gkojfkhlekighikafcpjkiklfbnlmeio_0.localstorage-journal (File)
Successfully deleted: C:\Users\jubei\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gkojfkhlekighikafcpjkiklfbnlmeio_0.localstorage (File)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13.02.2016 at 14:30:01,81
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST.txt:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016
durchgeführt von jubei (Administrator) auf JUBEI-WIN7 (13-02-2016 14:35:40)
Gestartet von C:\Users\jubei\Desktop
Geladene Profile: jubei (Verfügbare Profile: jubei & DefaultAppPool)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchService.exe
() C:\Windows\SysWOW64\XSrvSetup.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHelper.exe
(Google Inc.) C:\Users\jubei\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jubei\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jubei\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jubei\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jubei\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jubei\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jubei\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jubei\AppData\Local\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\jubei\Desktop\FRST64 (1).exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-15] (Adobe Systems Incorporated)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323584 2009-09-22] (Alcor Micro Corp.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM-x32\...\Run: [AsioThk32Reg] => REGSVR32.EXE /S CTASIO.DLL
HKLM-x32\...\Run: [CTHelper] => CTHELPER.EXE
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-18] (Advanced Micro Devices, Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-514761637-1918450526-2249266115-1001\...\Run: [Google Update] => C:\Users\jubei\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-04] (Google Inc.)
HKU\S-1-5-21-514761637-1918450526-2249266115-1001\...\Run: [Dropbox Update] => C:\Users\jubei\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\S-1-5-21-514761637-1918450526-2249266115-1001\...\Run: [WatchMyCam] => [X]
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-02-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-02-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-02-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-02-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-02-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-02-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-02-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-02-09] (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{53eb09f4-5615-47cf-9426-39c64db513cf}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{53eb09f4-5615-47cf-9426-39c64db513cf}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\S-1-5-21-514761637-1918450526-2249266115-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
SearchScopes: HKU\S-1-5-21-514761637-1918450526-2249266115-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll => Keine Datei
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-10-21] (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-10-21] (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15118/CTPID.cab

FireFox:
========
FF ProfilePath: C:\Users\jubei\AppData\Roaming\Mozilla\Firefox\Profiles\0kdtfrm7.default
FF SearchEngineOrder.1: Ask Search
FF SelectedSearchEngine: Ask Search
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-10-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-10-21] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.5 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll [2010-09-02] (Wacom, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-514761637-1918450526-2249266115-1001: @tools.google.com/Google Update;version=3 -> C:\Users\jubei\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-514761637-1918450526-2249266115-1001: @tools.google.com/Google Update;version=9 -> C:\Users\jubei\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-514761637-1918450526-2249266115-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\jubei\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-04-10] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-514761637-1918450526-2249266115-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-06-19] ()
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-04-11] [ist nicht signiert]
FF Extension: Flash and Video Download - C:\Users\jubei\AppData\Roaming\Mozilla\Firefox\Profiles\0kdtfrm7.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-06-25] [ist nicht signiert]
FF Extension: Avira Browser Safety - C:\Users\jubei\AppData\Roaming\Mozilla\Firefox\Profiles\0kdtfrm7.default\Extensions\abs@avira.com [2015-08-09] [ist nicht signiert]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011-09-13] [ist nicht signiert]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2011-09-13] [ist nicht signiert]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-06-30] [ist nicht signiert]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-09-01] [ist nicht signiert]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2012-10-19] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt

Chrome:
=======
CHR Session Restore: Default -> ist aktiviert.
CHR Plugin: (Shockwave Flash) - C:\Users\jubei\AppData\Local\Google\Chrome\Application\48.0.2564.109\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll => Keine Datei
CHR Plugin: (Native Client) - C:\Users\jubei\AppData\Local\Google\Chrome\Application\48.0.2564.109\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Users\jubei\AppData\Local\Google\Chrome\Application\48.0.2564.109\pdf.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => Keine Datei
CHR Plugin: (Java(TM) Platform SE 6 U37) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll => Keine Datei
CHR Plugin: (Java Deployment Toolkit 6.0.370.6) - C:\Windows\SysWOW64\npdeployJava1.dll => Keine Datei
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll => Keine Datei
CHR Plugin: ( Wacom Dynamic Link Library) - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
CHR Plugin: (Google Update) - C:\Users\jubei\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll => Keine Datei
CHR Profile: C:\Users\jubei\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\jubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Adblock Plus) - C:\Users\jubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-04]
CHR Extension: (uBlock Origin) - C:\Users\jubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2016-01-12]
CHR Extension: (Google-Suche) - C:\Users\jubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\jubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak [2013-06-17] [UpdateUrl: hxxp://www.interoperabilitybridges.com/ChromeWMP/wmpChromeupdates.xml] <==== ACHTUNG
CHR Extension: (Ghostery) - C:\Users\jubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2016-02-07]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\jubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24]
CHR Extension: (Google Mail) - C:\Users\jubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome - C:\Users\jubei\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2011-09-13] (Creative Labs) [Datei ist nicht signiert]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2011-09-26] (Creative Labs) [Datei ist nicht signiert]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [Datei ist nicht signiert]
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [Datei ist nicht signiert]
R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72280 2010-09-07] ()
R2 MSSQL$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S4 msvsmon80; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4476096 2005-09-23] (Microsoft Corporation)
S4 nTuneService; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [276584 2010-03-22] (NVIDIA)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-07-22] (Advanced Micro Devices)
R3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (Visicom Media Inc.)
R3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-26] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-13 14:35 - 2016-02-13 14:35 - 00018599 _____ C:\Users\jubei\Desktop\FRST.txt
2016-02-13 14:34 - 2016-02-13 14:34 - 02370560 _____ (Farbar) C:\Users\jubei\Desktop\FRST64 (1).exe
2016-02-13 14:30 - 2016-02-13 14:30 - 00001105 _____ C:\Users\jubei\Desktop\JRT.txt
2016-02-13 14:27 - 2016-02-13 14:27 - 01609032 _____ (Malwarebytes) C:\Users\jubei\Desktop\JRT.exe
2016-02-13 14:27 - 2016-02-13 14:27 - 00001629 _____ C:\Users\jubei\Desktop\AdwCleaner[C1].txt
2016-02-13 14:23 - 2016-02-13 14:23 - 00000000 ____D C:\Program Files\Search
2016-02-13 13:43 - 2016-02-13 13:43 - 01508352 _____ C:\Users\jubei\Desktop\AdwCleaner_5.033.exe
2016-02-13 03:56 - 2016-02-13 03:56 - 00000118 _____ C:\Users\jubei\Desktop\New Super Luigi U - 100% Co-op Walkthrough Part 19 - YouTube.url
2016-02-13 01:37 - 2016-02-13 02:07 - 00000000 ____D C:\Users\jubei\Desktop\mbar
2016-02-12 23:11 - 2016-02-12 23:11 - 16563352 _____ (Malwarebytes Corp.) C:\Users\jubei\Desktop\mbar-1.09.3.1001 (1).exe
2016-02-12 20:47 - 2016-02-12 20:47 - 00000143 _____ C:\Users\jubei\Desktop\XDC22xx Brushed DC Motor Controller. 2x120A-1x240A, 30V - Roboteq.url
2016-02-11 15:01 - 2016-02-11 15:01 - 00000000 ____D C:\Users\jubei\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-02-10 15:54 - 2016-01-29 07:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-02-10 15:54 - 2016-01-29 07:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-02-10 15:54 - 2016-01-27 07:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-02-10 15:54 - 2016-01-27 07:15 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-02-10 15:54 - 2016-01-27 07:01 - 07476064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-02-10 15:54 - 2016-01-27 07:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-02-10 15:54 - 2016-01-27 07:01 - 01819720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-02-10 15:54 - 2016-01-27 06:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-02-10 15:54 - 2016-01-27 06:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-02-10 15:54 - 2016-01-27 06:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-10 15:54 - 2016-01-27 06:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-10 15:54 - 2016-01-27 06:56 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-02-10 15:54 - 2016-01-27 06:55 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-02-10 15:54 - 2016-01-27 06:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-02-10 15:54 - 2016-01-27 06:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-02-10 15:54 - 2016-01-27 06:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-10 15:54 - 2016-01-27 06:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-10 15:54 - 2016-01-27 06:45 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-02-10 15:54 - 2016-01-27 06:45 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-02-10 15:54 - 2016-01-27 06:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-10 15:54 - 2016-01-27 06:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-02-10 15:54 - 2016-01-27 06:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-02-10 15:54 - 2016-01-27 06:37 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-02-10 15:54 - 2016-01-27 06:37 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-02-10 15:54 - 2016-01-27 06:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-10 15:54 - 2016-01-27 06:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-02-10 15:54 - 2016-01-27 06:13 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-02-10 15:54 - 2016-01-27 06:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-02-10 15:54 - 2016-01-27 06:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-10 15:54 - 2016-01-27 06:10 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-02-10 15:54 - 2016-01-27 06:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-10 15:54 - 2016-01-27 06:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-10 15:54 - 2016-01-27 06:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-02-10 15:54 - 2016-01-27 06:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-02-10 15:54 - 2016-01-27 06:05 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-02-10 15:54 - 2016-01-27 06:05 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-02-10 15:54 - 2016-01-27 06:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-02-10 15:54 - 2016-01-27 06:05 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-02-10 15:54 - 2016-01-27 06:04 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-02-10 15:54 - 2016-01-27 06:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-10 15:54 - 2016-01-27 06:03 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-02-10 15:54 - 2016-01-27 06:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-10 15:54 - 2016-01-27 06:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-10 15:54 - 2016-01-27 05:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-02-10 15:54 - 2016-01-27 05:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-02-10 15:54 - 2016-01-27 05:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-02-10 15:54 - 2016-01-27 05:55 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-02-10 15:54 - 2016-01-27 05:55 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-02-10 15:54 - 2016-01-27 05:54 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-02-10 15:54 - 2016-01-27 05:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-10 15:54 - 2016-01-27 05:50 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-02-10 15:54 - 2016-01-27 05:50 - 01504768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-02-10 15:54 - 2016-01-27 05:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-10 15:54 - 2016-01-27 05:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-02-10 15:54 - 2016-01-27 05:48 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-02-10 15:54 - 2016-01-27 05:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-10 15:54 - 2016-01-27 05:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-10 15:54 - 2016-01-27 05:41 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-02-10 15:54 - 2016-01-27 05:39 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-02-10 15:54 - 2016-01-27 05:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-02-10 15:54 - 2016-01-27 05:38 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-02-10 15:54 - 2016-01-27 05:37 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-02-10 15:54 - 2016-01-27 05:36 - 02757120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-02-10 15:54 - 2016-01-27 05:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-02-10 15:54 - 2016-01-27 05:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-02-09 15:43 - 2016-02-12 17:52 - 00000000 ____D C:\Users\jubei\Desktop\first-old
2016-02-07 00:06 - 2016-02-07 00:06 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-02-07 00:05 - 2016-02-13 02:07 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-02-07 00:05 - 2016-02-13 01:38 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-02-07 00:04 - 2016-02-13 01:37 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-02-07 00:04 - 2016-02-07 00:53 - 00000000 ____D C:\Users\jubei\Desktop\mbar-old
2016-02-07 00:04 - 2016-02-07 00:04 - 16563352 _____ (Malwarebytes Corp.) C:\Users\jubei\Downloads\mbar-1.09.3.1001.exe
2016-02-06 23:48 - 2016-02-12 17:52 - 00062772 _____ C:\Users\jubei\Downloads\Addition.txt
2016-02-06 23:48 - 2016-02-06 23:48 - 00077421 _____ C:\Users\jubei\Downloads\Shortcut.txt
2016-02-06 23:47 - 2016-02-12 17:52 - 00052490 _____ C:\Users\jubei\Downloads\FRST.txt
2016-02-06 23:46 - 2016-02-13 14:35 - 00000000 ____D C:\FRST
2016-02-06 23:45 - 2016-02-06 23:45 - 02370560 _____ (Farbar) C:\Users\jubei\Downloads\FRST64.exe
2016-01-29 13:26 - 2016-01-29 13:26 - 01715625 _____ C:\Users\jubei\Downloads\numerik3.pdf
2016-01-28 18:20 - 2016-01-16 07:23 - 08728920 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-01-28 18:20 - 2016-01-16 07:20 - 06971752 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-01-28 18:20 - 2016-01-16 06:35 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-01-28 18:19 - 2016-01-16 07:37 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-01-28 18:19 - 2016-01-16 07:36 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-28 18:19 - 2016-01-16 07:36 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-28 18:19 - 2016-01-16 07:34 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-28 18:19 - 2016-01-16 07:24 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-01-28 18:19 - 2016-01-16 07:23 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-28 18:19 - 2016-01-16 07:23 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-28 18:19 - 2016-01-16 07:23 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-01-28 18:19 - 2016-01-16 07:23 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-01-28 18:19 - 2016-01-16 07:23 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-01-28 18:19 - 2016-01-16 07:21 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-01-28 18:19 - 2016-01-16 07:20 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-28 18:19 - 2016-01-16 07:20 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-01-28 18:19 - 2016-01-16 07:20 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-01-28 18:19 - 2016-01-16 07:19 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-28 18:19 - 2016-01-16 07:19 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-01-28 18:19 - 2016-01-16 07:12 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-01-28 18:19 - 2016-01-16 07:09 - 01089880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-01-28 18:19 - 2016-01-16 07:08 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-01-28 18:19 - 2016-01-16 07:08 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-01-28 18:19 - 2016-01-16 06:46 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-01-28 18:19 - 2016-01-16 06:45 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-01-28 18:19 - 2016-01-16 06:44 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-01-28 18:19 - 2016-01-16 06:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll
2016-01-28 18:19 - 2016-01-16 06:44 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2016-01-28 18:19 - 2016-01-16 06:43 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2016-01-28 18:19 - 2016-01-16 06:42 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-01-28 18:19 - 2016-01-16 06:42 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll
2016-01-28 18:19 - 2016-01-16 06:41 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-01-28 18:19 - 2016-01-16 06:40 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2016-01-28 18:19 - 2016-01-16 06:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2016-01-28 18:19 - 2016-01-16 06:40 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe
2016-01-28 18:19 - 2016-01-16 06:39 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2016-01-28 18:19 - 2016-01-16 06:38 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-01-28 18:19 - 2016-01-16 06:38 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-01-28 18:19 - 2016-01-16 06:38 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-01-28 18:19 - 2016-01-16 06:38 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
2016-01-28 18:19 - 2016-01-16 06:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-01-28 18:19 - 2016-01-16 06:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-01-28 18:19 - 2016-01-16 06:37 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-01-28 18:19 - 2016-01-16 06:37 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-01-28 18:19 - 2016-01-16 06:36 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-01-28 18:19 - 2016-01-16 06:36 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2016-01-28 18:19 - 2016-01-16 06:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-01-28 18:19 - 2016-01-16 06:36 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-01-28 18:19 - 2016-01-16 06:36 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2016-01-28 18:19 - 2016-01-16 06:35 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-01-28 18:19 - 2016-01-16 06:35 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll
2016-01-28 18:19 - 2016-01-16 06:34 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-01-28 18:19 - 2016-01-16 06:34 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-01-28 18:19 - 2016-01-16 06:34 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2016-01-28 18:19 - 2016-01-16 06:34 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-01-28 18:19 - 2016-01-16 06:34 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2016-01-28 18:19 - 2016-01-16 06:33 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2016-01-28 18:19 - 2016-01-16 06:33 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-01-28 18:19 - 2016-01-16 06:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-01-28 18:19 - 2016-01-16 06:32 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-01-28 18:19 - 2016-01-16 06:32 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2016-01-28 18:19 - 2016-01-16 06:31 - 00851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-01-28 18:19 - 2016-01-16 06:31 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-01-28 18:19 - 2016-01-16 06:31 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-01-28 18:19 - 2016-01-16 06:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-01-28 18:19 - 2016-01-16 06:31 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe
2016-01-28 18:19 - 2016-01-16 06:30 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-01-28 18:19 - 2016-01-16 06:30 - 01053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-01-28 18:19 - 2016-01-16 06:30 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-01-28 18:19 - 2016-01-16 06:30 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-01-28 18:19 - 2016-01-16 06:30 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
2016-01-28 18:19 - 2016-01-16 06:29 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-01-28 18:19 - 2016-01-16 06:29 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-01-28 18:19 - 2016-01-16 06:28 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-01-28 18:19 - 2016-01-16 06:28 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-01-28 18:19 - 2016-01-16 06:28 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2016-01-28 18:19 - 2016-01-16 06:28 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-01-28 18:19 - 2016-01-16 06:27 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-01-28 18:19 - 2016-01-16 06:26 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-01-28 18:19 - 2016-01-16 06:26 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-01-28 18:19 - 2016-01-16 06:26 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll
2016-01-28 18:19 - 2016-01-16 06:26 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-01-28 18:19 - 2016-01-16 06:25 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2016-01-28 18:19 - 2016-01-16 06:25 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-01-28 18:19 - 2016-01-16 06:25 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-01-28 18:19 - 2016-01-16 06:24 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-01-28 18:19 - 2016-01-16 06:24 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-01-28 18:19 - 2016-01-16 06:24 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-01-28 18:19 - 2016-01-16 06:24 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-01-28 18:19 - 2016-01-16 06:23 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-01-28 18:19 - 2016-01-16 06:23 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-01-28 18:19 - 2016-01-16 06:21 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-01-28 18:19 - 2016-01-16 06:20 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-01-28 18:19 - 2016-01-16 06:20 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-01-28 18:19 - 2016-01-16 06:20 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-01-28 18:19 - 2016-01-16 06:20 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2016-01-28 18:19 - 2016-01-16 06:19 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-01-28 18:19 - 2016-01-16 06:19 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-01-28 18:19 - 2016-01-16 06:19 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-01-28 18:19 - 2016-01-16 06:19 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-01-28 18:19 - 2016-01-16 06:18 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-28 18:19 - 2016-01-16 06:17 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-01-28 18:19 - 2016-01-16 06:16 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-01-28 18:19 - 2016-01-16 06:16 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-28 18:19 - 2016-01-16 06:15 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-01-28 18:19 - 2016-01-16 06:14 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-01-28 18:19 - 2016-01-16 06:14 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-01-28 18:19 - 2016-01-16 06:11 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-01-21 18:00 - 2016-01-21 18:00 - 00036169 _____ C:\Users\jubei\Downloads\radikalideal.pdf
2016-01-21 14:17 - 2016-01-21 14:17 - 01034195 _____ C:\Users\jubei\Downloads\kommutative_algebra.pdf
2016-01-18 18:12 - 2016-01-18 18:12 - 00714231 _____ C:\Users\jubei\Downloads\ot.pdf
2016-01-16 16:26 - 2016-02-11 23:26 - 00000000 ____D C:\Users\jubei\Documents\MicroBasic
2016-01-16 16:22 - 2016-01-16 16:22 - 00000000 ____D C:\Users\jubei\AppData\Local\Roboteq
2016-01-16 13:52 - 2016-01-16 13:52 - 00002619 _____ C:\Users\Public\Desktop\Roborun+.lnk
2016-01-16 13:52 - 2016-01-16 13:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roboteq
2016-01-16 13:52 - 2016-01-16 13:52 - 00000000 ____D C:\Program Files (x86)\Roboteq
2016-01-15 19:48 - 2016-01-15 19:49 - 00000000 ____D C:\Users\jubei\Desktop\roborun

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-13 14:34 - 2011-09-13 16:30 - 00001142 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-514761637-1918450526-2249266115-1001UA.job
2016-02-13 14:31 - 2015-11-27 05:45 - 02218850 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-13 14:31 - 2015-10-30 19:35 - 00935198 _____ C:\WINDOWS\system32\perfh007.dat
2016-02-13 14:31 - 2015-10-30 19:35 - 00215216 _____ C:\WINDOWS\system32\perfc007.dat
2016-02-13 14:31 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-02-13 14:24 - 2015-11-27 06:02 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-13 14:24 - 2015-10-30 07:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-02-13 14:23 - 2014-09-08 12:17 - 00000000 ____D C:\AdwCleaner
2016-02-13 14:23 - 2014-02-13 18:39 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-02-13 14:00 - 2012-09-16 04:48 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-02-13 13:58 - 2015-06-18 18:48 - 00001224 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-514761637-1918450526-2249266115-1001UA.job
2016-02-13 04:16 - 2011-09-26 12:48 - 00029604 _____ C:\WINDOWS\system32\BMXCtrlState-{00000005-00000000-00000000-00001102-00000008-10211102}.rfx
2016-02-13 04:16 - 2011-09-26 12:48 - 00029604 _____ C:\WINDOWS\system32\BMXBkpCtrlState-{00000005-00000000-00000000-00001102-00000008-10211102}.rfx
2016-02-13 04:16 - 2011-09-26 12:48 - 00011564 _____ C:\WINDOWS\system32\DVCState-{00000005-00000000-00000000-00001102-00000008-10211102}.rfx
2016-02-13 04:16 - 2011-09-13 17:01 - 00033688 _____ C:\WINDOWS\system32\BMXStateBkp-{00000005-00000000-00000000-00001102-00000008-10211102}.rfx
2016-02-13 04:16 - 2011-09-13 17:01 - 00033688 _____ C:\WINDOWS\system32\BMXState-{00000005-00000000-00000000-00001102-00000008-10211102}.rfx
2016-02-13 03:24 - 2015-08-09 23:22 - 00000000 ____D C:\Users\jubei\AppData\Roaming\vlc
2016-02-13 01:29 - 2015-10-11 22:58 - 00000000 ____D C:\Users\jubei\AppData\Local\JDownloader 2.0
2016-02-13 01:29 - 2013-11-12 16:39 - 00000000 ____D C:\Users\jubei\AppData\Roaming\uTorrent
2016-02-13 00:34 - 2015-08-10 23:04 - 00000811 _____ C:\Users\jubei\Desktop\Cortana Suche.txt
2016-02-12 23:58 - 2015-06-18 18:48 - 00001172 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-514761637-1918450526-2249266115-1001Core.job
2016-02-12 20:59 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-02-12 20:43 - 2015-08-09 05:04 - 00000000 ____D C:\ProgramData\Package Cache
2016-02-12 20:43 - 2014-02-24 00:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-02-12 20:43 - 2014-02-24 00:20 - 00000000 ____D C:\ProgramData\Avira
2016-02-12 15:34 - 2011-09-13 16:30 - 00001090 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-514761637-1918450526-2249266115-1001Core.job
2016-02-12 15:30 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2016-02-12 14:49 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-12 14:49 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-12 14:40 - 2015-08-09 05:26 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-02-12 03:29 - 2015-10-30 19:47 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-12 03:26 - 2011-09-13 21:47 - 00018768 _____ C:\Users\jubei\Documents\Rechnung.ods
2016-02-11 15:02 - 2011-09-13 21:08 - 00000000 ____D C:\Users\jubei\AppData\Roaming\Dropbox
2016-02-11 02:42 - 2007-12-31 23:13 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-11 02:37 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-02-11 02:37 - 2011-09-14 13:25 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-10 19:38 - 2011-09-13 16:32 - 00002485 _____ C:\Users\jubei\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-03 20:01 - 2015-10-30 08:26 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-02-03 20:01 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-02 15:29 - 2011-09-13 16:30 - 00004258 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-514761637-1918450526-2249266115-1001UA
2016-02-02 15:29 - 2011-09-13 16:30 - 00003882 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-514761637-1918450526-2249266115-1001Core
2016-02-01 04:12 - 2015-10-26 02:33 - 00000000 ____D C:\Users\jubei\AppData\Local\ManyCam
2016-01-31 03:05 - 2015-11-27 05:48 - 00000000 ____D C:\Users\jubei
2016-01-29 22:01 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-01-29 22:01 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-01-29 22:01 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-01-29 22:01 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-01-29 22:01 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-01-29 22:01 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-29 22:01 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-01-15 14:47 - 2015-10-31 16:20 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-15 14:47 - 2014-12-25 00:34 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-01-14 14:11 - 2013-05-26 12:27 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-14 14:11 - 2012-05-15 14:09 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2012-02-28 16:58 - 2012-02-28 17:59 - 0000096 _____ () C:\Users\jubei\AppData\Roaming\Camdata.ini
2012-02-28 16:58 - 2012-02-28 17:59 - 0000408 _____ () C:\Users\jubei\AppData\Roaming\CamLayout.ini
2012-02-28 16:58 - 2012-02-28 17:59 - 0000408 _____ () C:\Users\jubei\AppData\Roaming\CamShapes.ini
2012-02-28 16:58 - 2012-02-28 17:59 - 0004417 _____ () C:\Users\jubei\AppData\Roaming\CamStudio.cfg
2012-03-29 16:32 - 2012-03-29 16:32 - 0000093 _____ () C:\Users\jubei\AppData\Roaming\FATSort.ini
2012-05-31 15:29 - 2012-05-31 15:29 - 0003584 _____ () C:\Users\jubei\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-09-13 18:07 - 2012-12-12 18:20 - 0007602 _____ () C:\Users\jubei\AppData\Local\Resmon.ResmonCfg

Einige Dateien in TEMP:
====================
C:\Users\jubei\AppData\Local\Temp\avgnt.exe
C:\Users\jubei\AppData\Local\Temp\proxy_vole6008403104791815244.dll
C:\Users\jubei\AppData\Local\Temp\proxy_vole6425123900964243589.dll
C:\Users\jubei\AppData\Local\Temp\proxy_vole7009513119220735417.dll
C:\Users\jubei\AppData\Local\Temp\proxy_vole7768348874426687597.dll
C:\Users\jubei\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-02-11 02:36

==================== Ende von FRST.txt ============================

cosinus 14.02.2016 10:10
Bitte auch ne neue Addition.txt erstellen, dazu FRST starten und einen Haken setzen bei Addition.txt, dann auf Untersuchen klicken.

http://www.trojaner-board.de/picture...&pictureid=611

igordi 14.02.2016 14:29
OK, sorry, ich dachte mit
Zitat:
... und nach dem ersten Scan auch die Addition.txt ...
ist gemeint, dass ich diesen Log nicht nochmal posten muss.

Addition.txt:
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-02-2016
durchgeführt von jubei (2016-02-13 14:36:16)
Gestartet von C:\Users\jubei\Desktop
Windows 10 Pro (X64) (2015-11-27 05:04:14)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-514761637-1918450526-2249266115-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-514761637-1918450526-2249266115-503 - Limited - Disabled)
Gast (S-1-5-21-514761637-1918450526-2249266115-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-514761637-1918450526-2249266115-1002 - Limited - Enabled)
jubei (S-1-5-21-514761637-1918450526-2249266115-1001 - Administrator - Enabled) => C:\Users\jubei

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKU\S-1-5-21-514761637-1918450526-2249266115-1001\...\uTorrent) (Version: 3.4.5.41712 - BitTorrent Inc.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Aegisub 3.0.4 (HKLM-x32\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.0.4 - Aegisub Team)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.8.1217.36096 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.8.1217.36096 - Alcor Micro Corp.) Hidden
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{F564317A-AB84-BEE8-A670-B6C09BC08AFB}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
ArcSoft PhotoStudio 5.5 (HKLM-x32\...\{85309D89-7BE9-4094-BB17-24999C6118FC}) (Version:  - ArcSoft)
AutoHotkey 1.1.07.03 (HKLM\...\AutoHotkey) (Version: 1.1.07.03 - AutoHotkey Community)
Avidemux 2.5 (HKLM-x32\...\Avidemux 2.5 (64-bit)) (Version: 2.5.4.7200 - )
Bamboo (HKLM\...\Pen Tablet Driver) (Version: 5.2.4-6 - Wacom Technology Corp.)
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.0.2.655 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Blend for Visual Studio Add-in for Adobe FXG Import (x32 Version: 1.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Boost C++ Libraries 1.51 (HKLM-x32\...\boost_1_51) (Version:  - )
CameraHelperMsi (x32 Version: 13.50.854.0 - Logitech) Hidden
Canon iP7200 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP7200_series) (Version:  - Canon Inc.)
CanoScan Toolbox Ver4.9 (HKLM-x32\...\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}) (Version:  - )
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5790 - CDBurnerXP)
Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.41 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative-Audiokonsole (HKLM-x32\...\AudioCS) (Version: 1.33 - Creative Technology Limited)
CrystalDiskInfo 6.0.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.0.0 - Crystal Dew World)
Devenv-Ressourcen für Microsoft Visual Studio 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
DF CrcSfv 1.3 (HKLM-x32\...\DF CrcSfv_is1) (Version:  - Frischalowski EDV-Beratung)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Dropbox (HKU\S-1-5-21-514761637-1918450526-2249266115-1001\...\Dropbox) (Version: 3.14.5 - Dropbox, Inc.)
Entity Framework Designer für Visual Studio 2012 - DEU (HKLM-x32\...\{B2BDC072-BE01-432D-B281-30891D597FBB}) (Version: 11.1.30729.00 - Microsoft Corporation)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Gigabyte Raid Configurer (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.59.0 - GIGABYTE Technologies, Inc.)
GnuWin32: File-5.03 (HKLM-x32\...\File-5.03_is1) (Version: 5.03 - GnuWin32)
Google Chrome (HKU\S-1-5-21-514761637-1918450526-2249266115-1001\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.)
Inhaltsmanager-Assistent für PlayStation(R) (HKLM-x32\...\{961D5D7E-3DEC-4E3B-9065-EA8074923B18}) (Version: 3.31.7643.1 - Sony Computer Entertainment Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
JavaScript Tooling (Version: 11.0.60315 - Microsoft Corporation) Hidden
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
LocalESPCui for de-de (x32 Version: 8.59.25584 - Microsoft) Hidden
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.30 - Logitech Inc.)
LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden
ManyCam 5.0.5 (HKLM-x32\...\ManyCam) (Version: 5.0.5 - Visicom Media Inc.)
Microsoft .NET Compact Framework 1.0 SP3 Developer (HKLM-x32\...\{6C531060-84FB-4F96-8F33-29DF020632EB}) (Version: 1.0.4292 - Microsoft Corporation)
Microsoft .NET Compact Framework 2.0 (HKLM-x32\...\{625386A4-B6B6-4911-A6E8-23189C3F2D15}) (Version: 2.0.5238 - Microsoft Corporation)
Microsoft .NET Framework 2.0 SDK (x64) - ENU (HKLM\...\Microsoft .NET Framework 2.0 SDK (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{98B45D1C-6EB1-460D-A87D-2B60678DC105}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Device Emulator version 1.0 - ENU (HKLM-x32\...\{78B75C6D-E53C-424C-BF83-4B63BD4A6682}) (Version: 1.0.50727.42 - Microsoft Corporation)
Microsoft Document Explorer 2005 (HKLM-x32\...\Microsoft Document Explorer 2005) (Version:  - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 Language Pack - DEU (HKLM-x32\...\Microsoft Help Viewer 2.0 Language Pack - DEU) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Mobile [ENU] Developer Tools (HKLM-x32\...\{1389C6A4-4965-4AEC-9175-08B54A10FA48}) (Version: 3.0.0.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{EF18EF0F-96D3-4A6B-9600-2197F1720A15}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{6B7B7E62-9F56-4C87-8664-0E20F2CAB03B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{D4DA7C91-A59F-4C72-BAC4-DF7C76AB1CB8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{13C9CD03-A5FE-4F50-AC8A-17B77C38CC52}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{28C7A4BB-3966-4373-8376-C11F38290630}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{D434E072-F482-4F52-AB97-7B19DD5DAEB5}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{485F4AC6-F79E-4482-A0D2-EDF0CCE1E124}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2005 64bit Prerequisites (x64) - ENU (HKLM\...\{75F299F3-8234-47CD-BB40-2994C1B1105E}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual Studio 2005 Professional Edition - ENU (HKLM-x32\...\Microsoft Visual Studio 2005 Professional Edition - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2005 Professional Edition - ENU Service Pack 1 (KB926601) (HKLM-x32\...\KB926601.T2_29ToU260_29) (Version: 1 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio Professional 2012 (HKLM-x32\...\{66efbe1c-fcf5-4623-93f6-1ae2445aff93}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - DEU (HKLM-x32\...\{86756584-C41A-4CA3-B42D-4768C7720F56}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{4C0B27C3-3E8F-4BD2-80FF-6E9E48EBD6D8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{64A5D39C-95CD-4B8B-B2FA-6C713133B57F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Mozilla Firefox 6.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 6.0.2 (x86 de)) (Version: 6.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.9.3 - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
PreEmptive Analytics Client German Language Pack (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.40.126.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Roborun Plus (HKLM-x32\...\{8BA51F99-143A-4221-BCB1-EE7687BA4ECD}) (Version: 1.5.0003 - Roboteq)
SC Ver 2.71 (HKLM-x32\...\Super Card_is1) (Version:  - Super Card)
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version:  - Valve)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Subtitle Edit 3.3.8 (HKLM-x32\...\SubtitleEdit_is1) (Version: 3.3.8.2047 - Nikse)
Trials Evolution Gold Edition (HKLM-x32\...\Steam App 220160) (Version:  - Redlynx Ltd)
Trials Fusion (HKLM-x32\...\Steam App 245490) (Version:  - RedLynx, in collaboration with  Ubisoft Shanghai, Ubisoft Kiev)
Unity Web Player (HKU\S-1-5-21-514761637-1918450526-2249266115-1001\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 5.2 - Ubisoft)
Visual Studio 2012 Update 4 (KB2707250) (HKLM-x32\...\{312d9252-c71c-4c84-b171-f4ad46e22098}) (Version: 11.0.61030 - Microsoft Corporation)
Visual Studio Extensions for Windows Library for JavaScript 1.0.9200.20789 (HKLM-x32\...\{49c53021-7c66-4b0b-b842-9b878d2f0e0f}) (Version: 1.0.9200.20789 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VMLoad (HKLM-x32\...\VMLoad) (Version:  - )
Wad2ISO (HKLM\...\Wad2ISO) (Version: 4.7.0.0 - Tristar aka Poida)
WatchMyCam - Live Video Streaming (HKLM-x32\...\WatchMyCam_is1) (Version: 1.17.35.370 - hepasoft oHG, Germany)
WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP)
WCF Data Services 5.0 (for OData v3) DEU Language Pack (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Visual Studio 11 DEU Language Pack (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.7 - Wacom Technology Corp.)
WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.5 - Wacom Technology Corp.)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinFF 1.3.2 (HKLM-x32\...\WinFF_is1) (Version:  - WinFF.org)
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
WinZip 15.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240C1}) (Version: 15.0.9411 - WinZip Computing, S.L. )
Zero Assumption Recovery Version 9 (HKLM-x32\...\Zero Assumption Recovery_is1) (Version:  - )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\jubei\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\jubei\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\jubei\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\jubei\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\jubei\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\jubei\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\jubei\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\jubei\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\jubei\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\jubei\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\jubei\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\jubei\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\jubei\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\jubei\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-514761637-1918450526-2249266115-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\jubei\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {032F8075-6FF4-428C-A111-C6B018878123} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10] (Adobe Systems Incorporated)
Task: {062E35CA-0015-4264-870D-BB1F8358C733} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {0AE77D58-844B-4A04-8A20-B9866D139F76} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-514761637-1918450526-2249266115-1001UA => C:\Users\jubei\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {14156A92-3B9F-42A1-A798-C2007E3D2409} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {1D632D37-C021-4D8A-9124-D6DD9866AA78} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {1D76680D-68AE-4EE8-9400-0D04F393CC5F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {23AB4EE3-6FAF-453F-8667-672F27B50C7A} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {24597EEA-6149-4ABE-B5A6-7CC4A4D7693A} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {29E1446C-A83D-4166-BE91-AF1BA87F7678} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {2FDC23E9-6582-4E99-A286-E905DA206707} - System32\Tasks\{BD79A250-3F54-49B3-9091-6DCF53CAE99A} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-10-01] (Skype Technologies S.A.)
Task: {369CCAD2-3B08-4D3F-B7EB-8E35981EDDCA} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {439351F4-1C50-4203-BD4B-8DAE85BA2CB4} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {471E0CF9-CB49-426F-B047-394C0EEEA4AD} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {472F2735-28F5-4A76-9CD1-C00DD7A1F298} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {5DD47284-8621-42B5-8F7A-1CF840390099} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {64803E2E-AC8A-4C63-9C22-EC69B503E847} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-514761637-1918450526-2249266115-1001Core => C:\Users\jubei\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {64D2F430-8C62-4EFE-826C-3FF02FABB0EA} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {726ED448-F7E2-4A8A-91BF-629059989148} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-514761637-1918450526-2249266115-1001Core => C:\Users\jubei\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-04] (Google Inc.)
Task: {7DBF3BE0-AD3F-4AD7-BEE9-D55CCA814825} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {8162A7BE-521A-41B0-A66D-F329C8268B92} - System32\Tasks\{2B78BD22-98F0-4136-9EA5-CF36BF56FA43} => pcalua.exe -a "D:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/34350
Task: {8307988E-7574-4DC4-B1C4-7E761410ADDB} - System32\Tasks\{A388D272-5686-43F1-8E71-92B11D09A6CF} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}\setup.exe" -c -runfromtemp -l0x0407 -removeonly
Task: {9638560C-A48C-4250-B0A2-962CD8BE5EA9} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {974C0D2A-811C-4916-A324-9C03BEDFD49A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {9B8E5DDB-044B-4F6A-A7FB-D1B9195AAD70} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {9F656A42-EC31-4FDD-ADA3-16AD13050BC1} - System32\Tasks\{2CB36131-EF60-463D-833A-07D806B97A40} => pcalua.exe -a "C:\Users\jubei\AppData\Local\JDownloader v2.0\Uninstall JDownloader.exe"
Task: {A54B3928-EFAB-4B36-991A-B4C03ED70ED0} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {A6911D59-EAE6-4C94-9DE6-853859A777CB} - System32\Tasks\{E9288DA9-2C8A-45C7-AFF6-1F2D5E8CC5AB} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}\setup.exe" -c -runfromtemp -l0x0407 -removeonly
Task: {A6A87CBC-1EFF-4836-BA9E-4413602DA470} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
Task: {A9C67171-F6D0-4FB3-87B0-E0EDDCA555B7} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {C7FF05E2-048F-477E-9609-3864C40FD72C} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {CDC74A95-6C4A-42BC-92CC-FDF29011A09F} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {CE56D610-AE55-4C12-B2BD-C0C0252080DC} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {D9D40686-FA7C-478B-AEAD-D234B555FBA5} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-11] (Microsoft Corporation)
Task: {E30FED35-D4A7-4A4D-BC9B-E332F8AE7078} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {E7B8341C-646A-445E-B8E0-90547E15C2CD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-514761637-1918450526-2249266115-1001UA => C:\Users\jubei\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-04] (Google Inc.)
Task: {FE6F2A41-4A15-492A-8C19-FED0C5B02AE7} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-514761637-1918450526-2249266115-1001Core.job => C:\Users\jubei\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-514761637-1918450526-2249266115-1001UA.job => C:\Users\jubei\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-514761637-1918450526-2249266115-1001Core.job => C:\Users\jubei\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-514761637-1918450526-2249266115-1001UA.job => C:\Users\jubei\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2011-09-18 21:24 - 2010-09-07 10:46 - 00072280 _____ () C:\Windows\SysWOW64\XSrvSetup.exe
2015-12-03 15:45 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-03 15:45 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-01-22 14:31 - 2016-01-22 14:31 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-18 16:09 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-18 16:09 - 2015-12-07 05:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-12 21:30 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-12 21:30 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-28 18:19 - 2016-01-16 06:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-28 18:19 - 2016-01-16 06:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-01-22 14:31 - 2016-01-22 14:31 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-22 14:31 - 2016-01-22 14:31 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-02-10 19:38 - 2016-02-09 12:58 - 01632584 _____ () C:\Users\jubei\AppData\Local\Google\Chrome\Application\48.0.2564.109\libglesv2.dll
2016-02-10 19:38 - 2016-02-09 12:58 - 00087880 _____ () C:\Users\jubei\AppData\Local\Google\Chrome\Application\48.0.2564.109\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2016-02-12 17:39 - 00000822 ____A C:\WINDOWS\system32\Drivers\etc\hosts

#        ::1            localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-514761637-1918450526-2249266115-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Inhaltsmanager-Assistent für PlayStation(R).lnk => C:\Windows\pss\Inhaltsmanager-Assistent für PlayStation(R).lnk.CommonStartup
MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe
MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [TCP Query User{4312EC39-7448-435A-B337-7B914CB4EF6F}G:\utility\admin.exe] => (Allow) G:\utility\admin.exe
FirewallRules: [UDP Query User{6FA4EEB3-4EAF-4A47-A769-D1CB4B91AB56}G:\utility\admin.exe] => (Allow) G:\utility\admin.exe
FirewallRules: [TCP Query User{88C4AF3F-FA6A-4F28-8AFE-BAAEEB276E0F}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{246AD4B7-917C-4176-8679-1DA2C4D38C6A}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{2CE26192-1E13-4F84-ABA1-BCA1B556202E}] => (Allow) C:\Users\jubei\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{7C8EDA97-C3F7-485D-B2FA-97B4A475A460}] => (Allow) C:\Users\jubei\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{6508156F-299B-40EB-BFF4-621655AB8174}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4F9C5E46-36EC-4C96-B55E-240ACAC3384A}] => (Allow) D:\Programme\Steam\Steam.exe
FirewallRules: [{CE115290-AB82-46E5-90DF-176E6840DAA3}] => (Allow) D:\Programme\Steam\Steam.exe
FirewallRules: [{1DAFA886-8FF0-4582-95D6-C5F4278BD854}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{43F43487-CF04-4868-B6FA-2722F9CC3BEA}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{84B5F971-F277-4BA1-83F1-6A8FCE4D448F}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\lara croft and the guardian of light\lcgol.exe
FirewallRules: [{E1ED6BB9-108C-4706-983B-44E2AED9C0FE}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\lara croft and the guardian of light\lcgol.exe
FirewallRules: [{A0D9DDAE-14E9-43A0-80AE-5200CBECEA90}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\nightsky\NightSky.exe
FirewallRules: [{BA8DF255-AC28-4C7E-912A-E5CA02C6EA37}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\nightsky\NightSky.exe
FirewallRules: [{EDCA66FA-6866-4754-83E8-F76B103DBBE6}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\saira\Saira.exe
FirewallRules: [{15910BC2-9256-4D91-BCA2-FE34B9BB6A65}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\saira\Saira.exe
FirewallRules: [{44F7BB54-52B6-4AD6-A0DF-EBE9D1DEA9A5}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\saira\Settings.exe
FirewallRules: [{6DD41C80-B722-4D4E-942C-C117712DE127}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\saira\Settings.exe
FirewallRules: [TCP Query User{4166D248-5040-436D-A3A2-DC86577D2C04}C:\program files (x86)\print server utilities\psadmin.exe] => (Allow) C:\program files (x86)\print server utilities\psadmin.exe
FirewallRules: [UDP Query User{1B0184C2-769C-4CCE-AE5F-4F025FF704DC}C:\program files (x86)\print server utilities\psadmin.exe] => (Allow) C:\program files (x86)\print server utilities\psadmin.exe
FirewallRules: [{914D1673-9A22-4460-9C86-DC3BB5D8720B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\amnesia the dark descent\Launcher.exe
FirewallRules: [{17B4409B-2C69-4940-8520-8251BF1B3AD7}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\amnesia the dark descent\Launcher.exe
FirewallRules: [{7D0AE576-C7AC-416A-93AD-5277841B5DBF}] => (Allow) C:\Users\jubei\AppData\Roaming\VMLoad\VMLoad.exe
FirewallRules: [{26887431-D734-4042-BB19-CCDB6B630449}] => (Allow) C:\Users\jubei\AppData\Roaming\VMLoad\VMLoad.exe
FirewallRules: [{C15CFCC4-5A20-46F2-BB3B-EDE01E585306}] => (Allow) C:\Users\jubei\AppData\Roaming\VMLoad\VMLoad.jar
FirewallRules: [{99A8A6EE-E0CD-4C65-A6D3-7F1FC423E186}] => (Allow) C:\Users\jubei\AppData\Roaming\VMLoad\VMLoad.jar
FirewallRules: [{63016B14-E24E-4120-B569-75E8CA281B4D}] => (Allow) C:\Users\jubei\AppData\Roaming\VMLoad\VMLoadUpdater.jar
FirewallRules: [{13FC6EA2-4767-4A64-82E2-A8F3868C1B09}] => (Allow) C:\Users\jubei\AppData\Roaming\VMLoad\VMLoadUpdater.jar
FirewallRules: [TCP Query User{B6ACD25B-5203-4B6B-B362-45F44797B862}C:\program files\java\jre7\launch4j-tmp\vmload.exe] => (Allow) C:\program files\java\jre7\launch4j-tmp\vmload.exe
FirewallRules: [UDP Query User{8F678B19-0A0F-451E-AB71-CA1F5E722EF8}C:\program files\java\jre7\launch4j-tmp\vmload.exe] => (Allow) C:\program files\java\jre7\launch4j-tmp\vmload.exe
FirewallRules: [TCP Query User{414B842A-5056-414C-A73C-0FAE568A6BC0}C:\program files\java\jre7\launch4j-tmp\vmload.exe] => (Allow) C:\program files\java\jre7\launch4j-tmp\vmload.exe
FirewallRules: [UDP Query User{8993FB25-AA49-4C77-A828-F76A0EF01850}C:\program files\java\jre7\launch4j-tmp\vmload.exe] => (Allow) C:\program files\java\jre7\launch4j-tmp\vmload.exe
FirewallRules: [{10964D59-18E6-4EBD-A6B0-5403E91CFA19}] => (Allow) C:\Users\jubei\AppData\Local\Temp\pft2F5C.tmp\fsetup.exe
FirewallRules: [{77D9C0A2-0A73-4A8B-A78A-B4EA7A4F4E74}] => (Allow) C:\Users\jubei\AppData\Local\Temp\pft2F5C.tmp\fsetup.exe
FirewallRules: [{4FD0488B-0615-4D0B-B781-640D5E280785}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\trine\trine_launcher.exe
FirewallRules: [{80E2CBA5-D551-4C0F-950A-0B242AE8E919}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\trine\trine_launcher.exe
FirewallRules: [{57B99343-C7DA-4B1F-9ED8-6AB565351E86}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\bastion\Bastion.exe
FirewallRules: [{CEC43314-88F9-49BD-8CDE-64A5B0650049}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\bastion\Bastion.exe
FirewallRules: [{085BFBE5-8313-4DE7-9A14-7C7683F21958}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\cogs\cogs.exe
FirewallRules: [{BF95727B-5211-4A55-B182-0AF38BA5EC13}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\cogs\cogs.exe
FirewallRules: [{EC5EDA7F-0BBF-48F1-A477-3951286CB227}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\insanely twisted shadow planet\FCEngine-GFWL.exe
FirewallRules: [{E9E9E687-17C2-4704-91B6-5D0A52049D30}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\insanely twisted shadow planet\FCEngine-GFWL.exe
FirewallRules: [{67FB8583-B9BE-4DDA-8CE1-6C95B53F9640}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\superbrothers sword & sworcery ep\swordandsworcery_pc.exe
FirewallRules: [{CE0CDAB4-7865-429A-9541-6D00B5D979FF}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\superbrothers sword & sworcery ep\swordandsworcery_pc.exe
FirewallRules: [{DA5C3B34-FBA0-4CB7-9032-FA3389280B36}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\vessel\Vessel.exe
FirewallRules: [{7286B8F6-06FF-4F99-84DD-CCDDBDA33B55}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\vessel\Vessel.exe
FirewallRules: [TCP Query User{CF037130-9923-4994-90FD-D0256A254B42}C:\program files (x86)\get_iplayer\vlc\vlc-1.1.11\vlc.exe] => (Block) C:\program files (x86)\get_iplayer\vlc\vlc-1.1.11\vlc.exe
FirewallRules: [UDP Query User{00315BD1-8A0C-4C18-BAF6-88599781A04E}C:\program files (x86)\get_iplayer\vlc\vlc-1.1.11\vlc.exe] => (Block) C:\program files (x86)\get_iplayer\vlc\vlc-1.1.11\vlc.exe
FirewallRules: [TCP Query User{628AB6A9-93AB-4EDC-BF9B-796330EBBA1C}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{11E278D5-8D99-41F2-A876-D5E3A8A1AE53}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{0900C63F-8DD7-4438-8CB7-74BC6E0C3F86}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\left 4 dead\left4dead.exe
FirewallRules: [{1F4B462E-0C46-4046-8FB4-6347CF66B0A1}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\left 4 dead\left4dead.exe
FirewallRules: [TCP Query User{4A31C776-C9E5-40D7-AB86-0ADDC8D08CF6}C:\program files\jdownloader 2\jdownloader 2.exe] => (Allow) C:\program files\jdownloader 2\jdownloader 2.exe
FirewallRules: [UDP Query User{CA32D687-8471-4451-BC8F-A69894D2A158}C:\program files\jdownloader 2\jdownloader 2.exe] => (Allow) C:\program files\jdownloader 2\jdownloader 2.exe
FirewallRules: [TCP Query User{0730A3B0-6481-4BA6-A33B-2D526ED24DF2}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{19C494B6-105E-4AE9-AE09-3801DBA29A5A}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [{9038F9EB-AB57-4523-93BF-CA5BE17FC62B}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [TCP Query User{4983BE25-C5A1-4BC1-B710-07FADA177581}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{884CDEFE-071D-4364-8F41-011AFFD297B6}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{128CC394-3600-440B-B2E2-0EDE95F62C47}C:\users\jubei\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\jubei\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{1A7858FC-995E-49C1-8638-A2F7A7D7FCBA}C:\users\jubei\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\jubei\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [{05A17FE9-AC83-48E6-A9F6-AC9A55E1E385}] => (Allow) C:\Users\jubei\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E398A085-C3A7-4A06-B25D-58E63F348D50}] => (Allow) C:\Users\jubei\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{FD0BFB59-9302-45B7-A3AC-6826B8DC01F7}C:\program files (x86)\pfportchecker\pfportchecker.exe] => (Allow) C:\program files (x86)\pfportchecker\pfportchecker.exe
FirewallRules: [UDP Query User{7900B31D-666E-4D57-89BE-20E7CD5F57EC}C:\program files (x86)\pfportchecker\pfportchecker.exe] => (Allow) C:\program files (x86)\pfportchecker\pfportchecker.exe
FirewallRules: [TCP Query User{01495FDB-08EF-408B-ACAC-32281BA42B29}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{DC10904C-39F9-40CB-9FAC-3A2CF97E8326}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [TCP Query User{CD8BAE3A-FFF7-4215-A1C7-0D26ABDA3675}C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe] => (Block) C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe
FirewallRules: [UDP Query User{17D5850A-D710-4329-9144-2778456D52D1}C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe] => (Block) C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe
FirewallRules: [{177FCE06-A20B-4B3F-9BBB-F0DF4B323547}] => (Allow) C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
FirewallRules: [{CC72A37B-4796-4096-B2BE-50FBC8C6C696}] => (Allow) C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
FirewallRules: [{0AADCDA6-4505-481A-9DFE-9D4863A718C0}] => (Allow) C:\Program Files (x86)\Giraffic\Veoh_Giraffic.exe
FirewallRules: [{E16E913C-8B06-41A6-B778-8EFE933239C7}] => (Allow) C:\Program Files (x86)\Giraffic\Veoh_Giraffic.exe
FirewallRules: [TCP Query User{3C70A8C9-28A5-481F-8FB9-0E1893769171}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Block) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [UDP Query User{1E3510E7-028E-4980-9749-AC566CC077EF}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Block) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [TCP Query User{819A6115-9B2B-42CC-9F31-0C90290B10D0}C:\users\jubei\desktop\candisoft_load_0.7.4\load.exe] => (Allow) C:\users\jubei\desktop\candisoft_load_0.7.4\load.exe
FirewallRules: [UDP Query User{8EB5B3F1-AE04-4B56-8A0E-3860F0E0C48F}C:\users\jubei\desktop\candisoft_load_0.7.4\load.exe] => (Allow) C:\users\jubei\desktop\candisoft_load_0.7.4\load.exe
FirewallRules: [{6E5D3F50-DF06-4905-8D31-D045007493A4}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{7B090682-EC9A-47CB-A0C5-3BC16C4877CB}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{00701ED4-D60D-425F-BAA4-76F26C77A1F3}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\TrialsPC\datapack\trialsFMX.exe
FirewallRules: [{05E6674D-2B6B-41F7-BA0E-013B5D7F5F88}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\TrialsPC\datapack\trialsFMX.exe
FirewallRules: [{FDB4D556-CEDC-410F-BE47-D9DB77227034}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Deadlight\Binaries\Win32\LOTDGame.exe
FirewallRules: [{0499977E-7FBB-4BB3-BFBA-07319C9EDCFA}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Deadlight\Binaries\Win32\LOTDGame.exe
FirewallRules: [{7B296937-8104-4845-BB45-6B1257BECA74}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{DFD38DE8-2456-4AB0-A68E-A19E6A08BB91}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{A5B372B0-C698-49AD-BBA2-0F570C4E556A}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{03BC073B-40F2-4175-957A-26F2851CCFFE}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{D8ACD46D-33B0-4EF7-B3A8-1DE2AA3CEA4C}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{B6AD68BD-4E52-4808-9AEC-3F0BE2B38BD5}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{0D157017-E0AE-41A4-8DF0-E09CD19FDDBB}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{2121756E-278B-4A1A-9F8D-0EFAFD52BAA5}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/13/2016 04:16:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: dwm.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d756
Name des fehlerhaften Moduls: combase.dll, Version: 10.0.10586.103, Zeitstempel: 0x56a849ab
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000067e3c
ID des fehlerhaften Prozesses: 0x398
Startzeit der fehlerhaften Anwendung: 0xdwm.exe0
Pfad der fehlerhaften Anwendung: dwm.exe1
Pfad des fehlerhaften Moduls: dwm.exe2
Berichtskennung: dwm.exe3
Vollständiger Name des fehlerhaften Pakets: dwm.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: dwm.exe5

Error: (02/13/2016 12:26:16 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: jubei-Win7)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (02/12/2016 08:38:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_stisvc, Version: 10.0.10586.0, Zeitstempel: 0x5632d7ba
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.103, Zeitstempel: 0x56a8483f
Ausnahmecode: 0xc0000008
Fehleroffset: 0x00000000000a8c1a
ID des fehlerhaften Prozesses: 0x8b8
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_stisvc0
Pfad der fehlerhaften Anwendung: svchost.exe_stisvc1
Pfad des fehlerhaften Moduls: svchost.exe_stisvc2
Berichtskennung: svchost.exe_stisvc3
Vollständiger Name des fehlerhaften Pakets: svchost.exe_stisvc4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_stisvc5

Error: (02/12/2016 03:14:24 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: MSSQL$SQLEXPRESS8

Error: (02/12/2016 03:14:24 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (02/12/2016 02:40:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_stisvc, Version: 10.0.10586.0, Zeitstempel: 0x5632d7ba
Name des fehlerhaften Moduls: CNQU111.DLL, Version: 0.0.1.0, Zeitstempel: 0x4406453f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000845d
ID des fehlerhaften Prozesses: 0x8c0
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_stisvc0
Pfad der fehlerhaften Anwendung: svchost.exe_stisvc1
Pfad des fehlerhaften Moduls: svchost.exe_stisvc2
Berichtskennung: svchost.exe_stisvc3
Vollständiger Name des fehlerhaften Pakets: svchost.exe_stisvc4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_stisvc5

Error: (02/11/2016 03:07:06 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (02/11/2016 03:34:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: dwm.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d756
Name des fehlerhaften Moduls: combase.dll, Version: 10.0.10586.0, Zeitstempel: 0x5632d3ca
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000067e5c
ID des fehlerhaften Prozesses: 0x1e7c
Startzeit der fehlerhaften Anwendung: 0xdwm.exe0
Pfad der fehlerhaften Anwendung: dwm.exe1
Pfad des fehlerhaften Moduls: dwm.exe2
Berichtskennung: dwm.exe3
Vollständiger Name des fehlerhaften Pakets: dwm.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: dwm.exe5

Error: (02/11/2016 02:42:21 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: MSSQL$SQLEXPRESS8

Error: (02/10/2016 03:01:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: dwm.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d756
Name des fehlerhaften Moduls: combase.dll, Version: 10.0.10586.0, Zeitstempel: 0x5632d3ca
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000067e5c
ID des fehlerhaften Prozesses: 0x1824
Startzeit der fehlerhaften Anwendung: 0xdwm.exe0
Pfad der fehlerhaften Anwendung: dwm.exe1
Pfad des fehlerhaften Moduls: dwm.exe2
Berichtskennung: dwm.exe3
Vollständiger Name des fehlerhaften Pakets: dwm.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: dwm.exe5


Systemfehler:
=============
Error: (02/13/2016 02:28:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "TabletServicePen" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (02/13/2016 02:24:57 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (02/13/2016 02:24:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_b47040" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/13/2016 02:24:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _b47040" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/13/2016 02:24:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_b47040" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/13/2016 02:24:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_b47040" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/13/2016 02:24:09 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056

Error: (02/13/2016 02:23:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/13/2016 02:23:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "TabletServicePen" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (02/13/2016 02:23:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "SQL Server Browser" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2016-02-12 20:41:38.126
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-12 14:40:22.457
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-11 14:50:14.556
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-29 22:05:37.180
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-14 14:14:02.339
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-08 15:37:28.079
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-07 17:05:52.922
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-02 03:24:58.342
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-31 19:02:56.616
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-20 12:06:45.160
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM)2 Duo CPU E6750 @ 2.66GHz
Prozentuale Nutzung des RAM: 26%
Installierter physikalischer RAM: 6142.49 MB
Verfügbarer physikalischer RAM: 4513.37 MB
Summe virtueller Speicher: 12286.49 MB
Verfügbarer virtueller Speicher: 10535.67 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:118.7 GB) (Free:52.57 GB) NTFS
Drive d: () (Fixed) (Total:298.09 GB) (Free:4.35 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 94002FAC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=118.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 12F412F4)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

cosinus 15.02.2016 09:19
Das ist auch grundsätzlich so richtig, nur wollte ich diesmal auch eine neue addition sehen


FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
Task: {A6A87CBC-1EFF-4836-BA9E-4413602DA470} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\jubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak [2013-06-17] [UpdateUrl: http://www.interoperabilitybridges.com/ChromeWMP/wmpChromeupdates.xml] <==== ACHTUNG
FF SearchEngineOrder.1: Ask Search
FF SelectedSearchEngine: Ask Search
emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


igordi 15.02.2016 15:18
Fixlog.txt
Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-02-2016
durchgeführt von jubei (2016-02-15 15:12:08) Run:1
Gestartet von C:\Users\jubei\Desktop
Geladene Profile: jubei (Verfügbare Profile: jubei & DefaultAppPool)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
Task: {A6A87CBC-1EFF-4836-BA9E-4413602DA470} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\jubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak [2013-06-17] [UpdateUrl: hxxp://www.interoperabilitybridges.com/ChromeWMP/wmpChromeupdates.xml] <==== ACHTUNG
FF SearchEngineOrder.1: Ask Search
FF SelectedSearchEngine: Ask Search
emptytemp:
       
*****************

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A6A87CBC-1EFF-4836-BA9E-4413602DA470}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A6A87CBC-1EFF-4836-BA9E-4413602DA470}" => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC => Schlüssel nicht gefunden.
C:\Users\jubei\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak <==== ACHTUNG => nicht gefunden
Firefox SearchEngineOrder.1 erfolgreich entfernt
Firefox SelectedSearchEngine erfolgreich entfernt
EmptyTemp: => 2.2 GB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 15:12:49 ====


Alle Zeitangaben in WEZ +1. Es ist jetzt 04:25 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131