Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Browser öffnen auf Klick hin adware Seiten

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 25.05.2016, 12:20   #1
Kieran
 
Browser öffnen auf Klick hin adware Seiten - Standard

Browser öffnen auf Klick hin adware Seiten



Hallo,
ich hab mir anscheinend gestern einen Installer mit Adware runtergeladen. Es öffnet sich manchmal wenn ich Klicke, URLs wie diese "https://go.oclasrv.com/afu.php?zoneid=471151" aber sie sind einfach Weiß im Browser und haben den titel "afu.php (1x1)" oder auch "hxxp://foryourweb.net/" das erscheint selten wenn ich etwas in der url leiste eingebe und enter drücke. Ich habe mehrmals mit ADWCleaner und Malwarebytes gescannt und die haben auch mehrmals etwas gefunden. Alles wurde entfernt ausser das Hauptproblem. Die neuen Tabs öffnen sich immer noch wenn ich entweder Tweeten (twitter programm) oder einen Browser öffne oder einfach im Internet Browse. Ich mache gerade einen Scan von C:\ mit Webroot (habe gestern einen Key von einem Freund bekommen) und der dauert jetzt schon 5 Stunden. Er hat auch 35 Schädlinge gefunden.
Ich habe Windows 7 Ultimate (dazu auch Legasthenie also sorry für Fehler)
FRST Scan folgt

Beide Logs sind zu lang zum posten (FRST ist 120088 lang). Ich habe die hier hochgeladen https://www.kieran.pw/FRST/

Edit: Wenn da drin etwas von "DLC Unlocker 1.1" oder "vanitykeys.exe" steht, dann ist es nichts Illegales. vanitykeys ist ein programm für Burnout Paradise um anzuzeigen wie, welche Taste im Spiel heißt um Hotkeys zu installieren und der DLC Unlocker ist nicht illegal weil es keinen Weg mehr gibt die DLC zu kaufen, da der Store nicht mehr erreichbar ist. (Spiel ist zu alt) Kann die Dateien gerne auch hochladen wenn Sie sich vergewissern möchten.

Geändert von Kieran (25.05.2016 um 12:40 Uhr)

Alt 25.05.2016, 12:37   #2
Deathkid535
/// Malwareteam
 
Browser öffnen auf Klick hin adware Seiten - Standard

Browser öffnen auf Klick hin adware Seiten





Mein Name ist Dennis und ich werde dir bei der Bereinigung helfen.

Bitte beachte, dass es ein paar Regeln gibt:
  • Bitte lies meine Posts komplett durch bevor du sie abarbeitest
  • Wenn ein Problem auftauchen sollte, unterbreche deine Arbeit, poste die entstandenen Logs und schildere dieses so genau wie möglich.
  • Bitte kein Crossposting
  • Installiere oder Deinstalliere keine Software ohne Aufforderung
  • Bitte verwende nur die Tools welche hier im Thread erwähnt werden
  • Antworte innerhalb von 24h um eine sinnvolle Bereinigung zu ermöglichen
  • Poste die Logs immer in CODE-Tags (#-Button), zur Not die Logs einfach aufteilen

Sollte ich nicht innerhalb von 48h antworten, schreibe mir eine PM!

Posten in CODE-Tags

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.


Los gehts!

Bitte das FRST-Log aufteilen und hier in CODE-Tags posten, ich bräuchte auch jeweils das neueste Log von MBAM und AdwCleaner bitte.
__________________

__________________

Alt 25.05.2016, 12:47   #3
Kieran
 
Browser öffnen auf Klick hin adware Seiten - Standard

Browser öffnen auf Klick hin adware Seiten



FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:24-05-2016 01
durchgeführt von Marlin (Administrator) auf BLACKMAGIC (25-05-2016 14:00:33)
Gestartet von C:\Users\Marlin\Desktop
Geladene Profile: Marlin (Verfügbare Profile: Marlin)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Sprache: German (Germany)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Webroot) C:\Program Files\Webroot\WRSA.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Cepstral, LLC) C:\Program Files (x86)\Cepstral\bin\CepstralLicSrv.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Olof Lagerkvist) C:\Windows\System32\imdsksvc.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Razer Inc.) D:\Programme\Razer Cortex\RzKLService.exe
(A-Volute) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Lynx Technology) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
(LogMeIn Inc.) K:\Programme\Hamachi\hamachi-2.exe
(Intel(R) Corporation) C:\Program Files\Intel\NCS2\WMIProv\ncs2prov.exe
(LogMeIn, Inc.) K:\Programme\Hamachi\LMIGuardianSvc.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Valve Corporation) D:\Games etc\Steam\Steam.exe
(Valve Corporation) D:\Games etc\Steam\bin\steamwebhelper.exe
(Webroot) C:\Program Files\Webroot\WRSA.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
() C:\Program Files\Core Temp\Core Temp.exe
(LogMeIn Inc.) K:\Programme\Hamachi\hamachi-2-ui.exe
(LogMeIn, Inc.) K:\Programme\Hamachi\LMIGuardianSvc.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(TeamSpeak Systems GmbH) D:\Teamspeak\ts3client_win64.exe
() D:\Programme\Puush\puush.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe
(Roccat GmbH) D:\Roccat Kova+\Kova[+]Monitor.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
(Spotify Ltd) C:\Users\Marlin\AppData\Roaming\Spotify\Spotify.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
(Spotify Ltd) C:\Users\Marlin\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\Marlin\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Marlin\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Marlin\AppData\Roaming\Spotify\Spotify.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Users\Marlin\Desktop\Anti Virus\adwcleaner_5.117.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_ep64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dxdiag.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-02-26] (Intel Corporation)
HKLM\...\Run: [SoftEther VPN Client UI Helper] => "D:\Programme\SoftEther VPN Client\vpnclient_x64.exe" /uihelp
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [5006536 2016-04-04] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16408320 2015-12-04] (Realtek Semiconductor)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [298776 2015-12-18] (Intel Corporation)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe [933888 2012-08-21] (AVM Berlin)
HKLM-x32\...\Run: [RoccatKova+] => D:\Roccat Kova+\Kova[+]Monitor.EXE [539688 2011-03-17] (Roccat GmbH)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [595616 2016-04-21] (Razer Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [23745808 2016-05-07] (Dropbox, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-04-27] (Raptr, Inc)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => K:\Programme\Hamachi\hamachi-2-ui.exe [5565960 2016-05-06] (LogMeIn Inc.)
HKLM-x32\...\Run: [WRSVC] => C:\Program Files\Webroot\WRSA.exe [876712 2016-05-24] (Webroot)
HKLM\...\Policies\Explorer: [NoViewOnDrive] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM\...\Policies\Explorer: [NoShellSearchButton] 0
HKLM\...\Policies\Explorer: [NoFind] 0
HKLM\...\Policies\Explorer: [NoFile] 0
HKLM\...\Policies\Explorer: [HideClock] 0
HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0
HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKLM\...\Policies\Explorer: [NoSetFolders] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoLogoff] 0
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKLM\...\Policies\Explorer: [NoDesktop] 0
HKU\S-1-5-19\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-20\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Run: [Steam] => D:\Games etc\Steam\steam.exe [2914896 2016-05-20] (Valve Corporation)
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Run: [Clownfish] => 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Run: [TeamSpeak 3 Client] => D:\Teamspeak\ts3client_win64.exe [11480344 2016-04-26] (TeamSpeak Systems GmbH)
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Run: [puush] => D:\Programme\Puush\puush.exe [568904 2015-03-30] ()
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Run: [Spotify Web Helper] => C:\Users\Marlin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1554032 2016-05-25] (Spotify Ltd)
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Run: [Spotify] => C:\Users\Marlin\AppData\Roaming\Spotify\Spotify.exe [6858864 2016-05-25] (Spotify Ltd)
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Run: [EasyHideIPVPN] => K:\Programme\Easy-Hide-IP VPN\vpn.client.exe
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\MountPoints2: G - G:\Setup.exe
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\MountPoints2: H - H:\Setup.exe
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\MountPoints2: {246a3911-507e-11e4-9626-d0509928e910} - E:\LGAutoRun.exe
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\MountPoints2: {9da0785c-3c05-11e4-8df1-d0509928e910} - E:\pushinst.exe
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\MountPoints2: {c581b910-3c1e-11e4-9aa5-806e6f6e6963} - F:\ASRSetup.exe
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> K:\Dropbox\sspipes.scr
HKU\S-1-5-18\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-18\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-18\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoStartMenuSubFolders] 0
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Marlin\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Marlin\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Marlin\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17195.214\QMGCShellExt64.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Marlin\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Marlin\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Marlin\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2016-03-18] ()
Startup: C:\Users\Marlin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2016-01-19] ()
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

AutoConfigURL: [S-1-5-21-3419645104-3717089636-2781738795-1000] => hxxp://unstops.biz/wpad.dat?7f2ae8b11d8b6bbc19fd1a28c3e30e6b10541591
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{1D0F9C4D-A3C9-4219-AAA5-578087290EDC}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{33A5DE98-AE1F-4277-A4DE-87238A8E3C7A}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{72C6C5EB-8AB4-4F8D-9200-FD4D6A355DED}: [NameServer] 192.168.1.9,192.168.1.1
ManualProxies: 

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130938236596445570&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-28] (Oracle Corporation)
BHO: 电脑管家网页防火墙 -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17195.214\TSWebMon64.dat => Keine Datei
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-11-18] (AO Kaspersky Lab)
BHO: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar64.dll [2016-05-24] (Webroot)
BHO: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Common Files\Webroot\WebFiltering\wrflt.dll [2016-05-24] (Webroot)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-28] (Oracle Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-11-18] (AO Kaspersky Lab)
BHO-x32: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar.dll [2016-05-24] (Webroot)
BHO-x32: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files (x86)\Common Files\Webroot\WebFiltering\wrflt.dll [2016-05-24] (Webroot)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-11-18] (AO Kaspersky Lab)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar64.dll [2016-05-24] (Webroot)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-11-18] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll [2016-05-24] (Webroot)
Toolbar: HKU\S-1-5-21-3419645104-3717089636-2781738795-1000 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
Toolbar: HKU\S-1-5-21-3419645104-3717089636-2781738795-1000 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Marlin\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: 
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-13] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-28] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3419645104-3717089636-2781738795-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Marlin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-09-05] (Unity Technologies ApS)
FF Extension: Amazon-Icon - C:\Users\Marlin\AppData\Roaming\Mozilla\Firefox\Profiles\bywxuxu9.default\Extensions\amazon-icon@giga.de [2015-06-21] [ist nicht signiert]
FF Extension: Furaffinity Download extension for Firefox - C:\Users\Marlin\AppData\Roaming\Mozilla\Firefox\Profiles\bywxuxu9.default\Extensions\fuerholz@gmx.net.xpi [2015-12-15]
FF Extension: InkBunny Downloader - C:\Users\Marlin\AppData\Roaming\Mozilla\Firefox\Profiles\bywxuxu9.default\Extensions\jid1-A9hxZPPMAhCzdQ@jetpack.xpi [2015-12-16] [ist nicht signiert]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Marlin\AppData\Roaming\Mozilla\Firefox\Profiles\bywxuxu9.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2015-12-12]
FF Extension: ChatZilla - C:\Users\Marlin\AppData\Roaming\Mozilla\Firefox\Profiles\bywxuxu9.default\Extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2015-12-20]
FF Extension: Webroot Password Manager - C:\Users\Marlin\AppData\Roaming\Mozilla\Firefox\Profiles\bywxuxu9.default\Extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda} [2016-05-24]
FF Extension: Tamper Data - C:\Users\Marlin\AppData\Roaming\Mozilla\Firefox\Profiles\bywxuxu9.default\Extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}.xpi [2015-11-20]
FF Extension: Web Developer - C:\Users\Marlin\AppData\Roaming\Mozilla\Firefox\Profiles\bywxuxu9.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2015-12-20]
FF Extension: InkBunny Downloader - C:\Users\Marlin\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\@ib_downloader.xpi [2016-04-27] [ist nicht signiert]
FF Extension: Amazon-Icon - C:\Users\Marlin\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\amazon-icon@giga.de [2016-01-25] [ist nicht signiert]
FF Extension: Furaffinity Download extension for Firefox - C:\Users\Marlin\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\fuerholz@gmx.net.xpi [2015-12-15]
FF Extension: InkBunny Downloader - C:\Users\Marlin\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\jid1-A9hxZPPMAhCzdQ@jetpack.xpi [2015-12-16] [ist nicht signiert]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Marlin\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2015-12-12]
FF Extension: ChatZilla - C:\Users\Marlin\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2016-01-25]
FF Extension: Webroot Password Manager - C:\Users\Marlin\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda} [2016-05-24]
FF Extension: Tamper Data - C:\Users\Marlin\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}.xpi [2015-11-20]
FF Extension: Web Developer - C:\Users\Marlin\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2015-12-20]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2016-03-01]
FF HKLM-x32\...\Firefox\Extensions: [webrootsecure@webroot.com] - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer
FF Extension: Webroot Filtering Extension - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer [2016-05-24]
StartMenuInternet: FIREFOX.EXE - D:\Programme\Firefox\firefox.exe

Chrome: 
=======
CHR StartupUrls: Default -> "hxxps://forum.temeraire.net/de/index.php","hxxp://draconic.twilightrealm.com/","hxxp://twokinds.keenspot.com/","hxxps://web.whatsapp.com/","hxxps://www.webshell.de/de/forum","hxxp://awsw.yuku.com/"
CHR Profile: C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2016-05-07]
CHR Extension: (Google Präsentationen) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-04]
CHR Extension: (Google Docs) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (MEGA) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2016-05-25]
CHR Extension: (YouTube) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-09]
CHR Extension: (uBlock Origin) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2016-05-25]
CHR Extension: (Google-Suche) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Dropbox für Gmail) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2015-12-04]
CHR Extension: (Kaspersky Protection) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2015-11-19]
CHR Extension: (Freefall Tournament) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\encjogopgacdjlkmpdknhlfnanoihodh [2015-03-19]
CHR Extension: (Aurelion Sol Build Guide) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fceobikcedidphjfgmjjjolgeoiakhnc [2016-05-04]
CHR Extension: (Google Tabellen) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-04]
CHR Extension: (Google Docs Offline) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Webroot Filtering Extension) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd [2016-05-25]
CHR Extension: (Webroot Password Manager) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc [2016-05-24]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Passwort-Warnung) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\noondiphcddnnabmjcihcjfbhfklnnep [2016-04-22]
CHR Extension: (ProxPrice) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nopgehbobniifpngnhmljfojnkkopbje [2016-03-04]
CHR Extension: (Google Code Archive - Long-term stora...) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmbhclbceeoiegfpidanbkkflbfpiig [2016-04-26]
CHR Extension: (Virtual Keyboard) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflmllfnnabikmfkkaddkoolinlfninn [2015-12-02]
CHR Extension: (Google Mail) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [kjeghcllfecehndceplomkocgfbklffd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngkhgikojglcgnckopipfdajaifmmnnc] - hxxp://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-11-18] (Kaspersky Lab ZAO)
R2 Cepstral License Server; C:\Program Files (x86)\Cepstral\bin\CepstralLicSrv.exe [57344 2007-03-15] (Cepstral, LLC) [Datei ist nicht signiert]
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [65128 2016-01-11] (CyberGhost S.R.L)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-19] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-19] (Dropbox, Inc.)
S4 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [238376 2015-12-26] (EasyAntiCheat Ltd)
R2 Hamachi2Svc; K:\Programme\Hamachi\hamachi-2.exe [2552840 2016-05-06] (LogMeIn Inc.)
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-02-26] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [253528 2015-07-09] ()
R2 ImDskSvc; C:\Windows\system32\imdsksvc.exe [19552 2015-08-14] (Olof Lagerkvist)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-03-20] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-04-03] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3191392 2014-05-15] (INCA Internet Co., Ltd.)
S4 Origin Client Service; D:\Games etc\Origin\OriginClientService.exe [2120712 2016-04-30] (Electronic Arts)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-03-04] (Plays.tv, LLC)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-08-24] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-08-24] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [188072 2015-11-05] ()
R2 RzKLService; D:\Programme\Razer Cortex\RzKLService.exe [129168 2015-08-21] (Razer Inc.)
R2 RzSurroundVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [4255232 2016-02-15] (A-Volute) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer GmbH)
R2 TwonkyServer; C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe [1923120 2015-10-08] (Lynx Technology)
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [876712 2016-05-24] (Webroot)
S2 EasyRedirect; K:\Programme\Easy-Hide-IP VPN\rdr\EasyRedirect.exe [X]
S3 MediaFire Desktop Updater Service; C:\Program Files (x86)\MediaFire Desktop\bin\UpdaterLocalCOM.exe [X]
S2 SEVPNCLIENT; "D:\Programme\SoftEther VPN Client\vpnclient_x64.exe" /service [X]
         
--- --- ---
__________________

Geändert von Kieran (25.05.2016 um 13:03 Uhr)

Alt 25.05.2016, 13:04   #4
Kieran
 
Browser öffnen auf Klick hin adware Seiten - Standard

Browser öffnen auf Klick hin adware Seiten



Code:
ATTFilter

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AndnetBus; C:\Windows\System32\DRIVERS\lgandnetbus64.sys [20992 2015-01-21] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [30720 2015-01-26] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [37376 2015-01-26] (LG Electronics Inc.)
S4 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2015-04-17] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2012-04-25] (AVM Berlin)
R2 AWEAlloc; C:\Windows\System32\DRIVERS\awealloc.sys [21048 2015-08-06] (Olof Lagerkvist)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [488216 2014-02-03] (Intel Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation)
S3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [21656 2014-10-07] (Echobit, LLC)
R3 fwlanusb5; C:\Windows\System32\DRIVERS\fwlanusb5.sys [982784 2012-08-21] (AVM GmbH)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-12-08] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-02-26] (Intel Corporation)
R2 ImDisk; C:\Windows\System32\DRIVERS\imdisk.sys [49104 2015-08-14] (Olof Lagerkvist)
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-04-03] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [44744 2014-02-03] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70000 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [77728 2016-03-01] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [181640 2015-11-18] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [227000 2015-11-18] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [934808 2016-03-01] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39096 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [41144 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-11-18] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [103096 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 KovaPlusFltr; C:\Windows\System32\drivers\KovaPlusFltr.sys [15104 2010-01-25] (ROCCAT Development, Inc.)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [31744 2008-09-07] (hxxp://libusb-win32.sourceforge.net) [Datei ist nicht signiert]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2015-04-17] ()
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49304 2014-12-29] (Visicom Media Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-05-25] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35992 2014-12-29] (Visicom Media Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [180480 2015-10-08] (Intel Corporation)
R3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0118.sys [38432 2016-03-22] (SoftEther Corporation)
S3 Neo_VPN2; C:\Windows\System32\DRIVERS\Neo_0096.sys [38432 2016-03-22] (SoftEther Corporation)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-09-23] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [130880 2015-12-15] (Razer, Inc.)
R3 RZSURROUNDVADService; C:\Windows\System32\drivers\RzSurroundVAD.sys [40640 2016-02-15] (Windows (R) Win 7 DDK provider)
S3 SEE; C:\Windows\System32\drivers\see.sys [50208 2016-01-02] (SoftEther Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381608 2016-02-04] (Duplex Secure Ltd.)
R3 USBPcap; C:\Windows\System32\DRIVERS\USBPcap.sys [48344 2015-12-10] (USBPcap)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
R1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [119712 2016-04-28] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [192352 2016-04-28] (Oracle Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [125008 2016-01-19] (Oracle Corporation)
R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [117728 2016-05-24] (Webroot)
S3 wrUrlFlt; C:\Windows\system32\DRIVERS\wrUrlFlt.sys [54512 2016-05-24] (Webroot)
S3 WsAudioDevice_383S(1); C:\Windows\System32\drivers\WsAudioDevice_383S(1).sys [29288 2015-02-02] (Wondershare)
R3 ALSysIO; \??\C:\Users\Marlin\AppData\Local\Temp\ALSysIO64.sys [X]
S3 andnetndis; system32\DRIVERS\lgandnetndis64.sys [X]
S3 ATP; system32\DRIVERS\cmdatp.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
U4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X]
U0 SR; kein ImagePath
U2 srservice; kein ImagePath
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-25 13:17 - 2016-05-25 13:17 - 00098096 _____ C:\Users\Marlin\Desktop\Addition.txt
2016-05-25 13:16 - 2016-05-25 14:00 - 00049540 _____ C:\Users\Marlin\Desktop\FRST.txt
2016-05-25 12:33 - 2016-05-25 14:00 - 00000000 ____D C:\FRST
2016-05-25 12:33 - 2016-05-25 12:33 - 02382848 _____ (Farbar) C:\Users\Marlin\Desktop\FRST64.exe
2016-05-25 09:16 - 2016-05-25 09:42 - 00000000 ____D C:\Users\Marlin\Desktop\Anti Virus
2016-05-25 09:16 - 2016-05-25 09:16 - 00004419 _____ C:\Users\Marlin\Desktop\JRT.txt
2016-05-25 09:10 - 2016-05-25 09:10 - 00000000 ____D C:\Program Files (x86)\ESET
2016-05-25 08:06 - 2016-05-25 08:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweeten
2016-05-25 01:10 - 2016-05-25 01:10 - 00000000 ____H C:\Users\Marlin\AppData\Local\BITFA99.tmp
2016-05-25 01:09 - 2016-05-25 01:10 - 00000000 _____ C:\Users\Marlin\AppData\Local\{056C4BAF-A0FF-4DDD-ABE9-6611CE374B05}
2016-05-25 01:07 - 2016-05-25 01:07 - 00000011 _____ C:\ProgramData\.tv7
2016-05-25 00:48 - 2016-05-25 00:48 - 00000000 ____D C:\.Trash-999
2016-05-24 23:58 - 2016-05-24 23:58 - 00000000 ____D C:\Identity
2016-05-24 23:57 - 2016-05-25 13:50 - 00000000 ____D C:\ProgramData\WRData
2016-05-24 23:57 - 2016-05-24 23:57 - 00182200 _____ (Webroot) C:\Windows\SysWOW64\WRusr.dll
2016-05-24 23:57 - 2016-05-24 23:57 - 00117728 _____ (Webroot) C:\Windows\system32\Drivers\WRkrn.sys
2016-05-24 23:57 - 2016-05-24 23:57 - 00117304 _____ (Webroot) C:\Windows\system32\WRusr.dll
2016-05-24 23:57 - 2016-05-24 23:57 - 00054512 ____T (Webroot) C:\Windows\system32\Drivers\wrUrlFlt.sys
2016-05-24 23:57 - 2016-05-24 23:57 - 00000000 ____D C:\Users\Marlin\AppData\LocalLow\LastPass
2016-05-24 23:57 - 2016-05-24 23:57 - 00000000 ____D C:\Users\Marlin\AppData\Local\lptmp
2016-05-24 23:57 - 2016-05-24 23:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webroot SecureAnywhere
2016-05-24 23:57 - 2016-05-24 23:57 - 00000000 ____D C:\Program Files\Webroot
2016-05-24 23:57 - 2016-05-24 23:57 - 00000000 ____D C:\Program Files\Common Files\Webroot
2016-05-24 23:56 - 2016-05-25 14:00 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-05-24 23:56 - 2016-05-24 23:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-05-24 23:56 - 2016-05-24 23:56 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-05-24 23:56 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-05-24 23:56 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-05-24 23:56 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-05-24 23:10 - 2016-05-24 23:10 - 00023802 _____ C:\Users\Marlin\AppData\Local\recently-used.xbel
2016-05-24 22:29 - 2016-05-24 22:29 - 00000000 _____ C:\Users\Marlin\AppData\Local\{1A1B3749-31EB-494F-AA76-3DFC76586726}
2016-05-24 22:13 - 2016-05-24 22:13 - 00000184 _____ C:\Users\Marlin\Desktop\Aurelion.url
2016-05-22 22:30 - 2016-05-22 22:30 - 01693145 _____ C:\Users\Marlin\Desktop\wpdb.sql
2016-05-21 16:28 - 2016-05-21 16:28 - 00000000 _____ C:\Users\Marlin\AppData\Local\{AB9E70B5-71FF-4C0D-9E0C-EEBA9714DFC4}
2016-05-19 02:45 - 2016-04-12 16:52 - 00908717 _____ C:\Users\Marlin\Desktop\Para's InstaLock 0.49.exe
2016-05-18 20:55 - 2016-05-18 20:57 - 352321536 _____ C:\Users\Marlin\Downloads\pmagic_2013_08_01.iso
2016-05-14 00:44 - 2016-05-14 00:44 - 00001097 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2016-05-14 00:44 - 2016-05-14 00:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2016-05-14 00:43 - 2016-05-14 00:43 - 00000000 ____D C:\Program Files\Oracle
2016-05-14 00:09 - 2016-05-14 00:09 - 00002084 _____ C:\Users\Public\Desktop\FileZilla Client.lnk
2016-05-13 14:10 - 2016-05-13 15:10 - 05995712 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-05-13 13:25 - 2016-05-13 13:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-05-11 21:37 - 2016-05-11 21:37 - 00000688 _____ C:\Users\Public\Desktop\Euro Truck Simulator 2 Multiplayer.lnk
2016-05-11 21:25 - 2016-05-12 00:03 - 00000000 ____D C:\Users\Marlin\Desktop\Präs
2016-05-11 14:55 - 2016-05-25 14:00 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0bf53fb98686a.job
2016-05-11 14:55 - 2016-05-25 13:59 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0f163753f4a4f.job
2016-05-11 14:55 - 2016-05-11 14:55 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d0bf53fb98686a
2016-05-11 14:55 - 2016-05-11 14:55 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d0f163753f4a4f
2016-05-11 14:52 - 2016-05-11 14:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-05-10 22:26 - 2016-05-10 22:25 - 06513888 _____ (Tim Kosse) C:\Users\Marlin\Downloads\FileZilla_3.17.0.1_win64-setup.exe
2016-05-10 22:21 - 2016-04-14 15:49 - 00603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-05-10 22:21 - 2016-04-14 15:21 - 00647680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-05-10 22:21 - 2016-04-09 09:01 - 00986344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-05-10 22:21 - 2016-04-09 09:01 - 00264936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-05-10 22:21 - 2016-04-09 08:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-05-10 22:21 - 2016-04-09 08:57 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-05-10 22:21 - 2016-04-09 08:57 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-05-10 22:21 - 2016-04-09 08:54 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-05-10 22:21 - 2016-04-09 08:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-05-10 22:21 - 2016-04-09 07:49 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-05-10 22:21 - 2016-04-06 17:27 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-05-10 22:20 - 2016-04-23 19:08 - 00394960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-05-10 22:20 - 2016-04-23 18:24 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-05-10 22:20 - 2016-04-23 07:25 - 25816064 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-05-10 22:20 - 2016-04-23 07:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-05-10 22:20 - 2016-04-23 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-05-10 22:20 - 2016-04-23 07:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-05-10 22:20 - 2016-04-23 07:00 - 02893312 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-05-10 22:20 - 2016-04-23 07:00 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-05-10 22:20 - 2016-04-23 07:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-05-10 22:20 - 2016-04-23 07:00 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-05-10 22:20 - 2016-04-23 07:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-05-10 22:20 - 2016-04-23 06:52 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-05-10 22:20 - 2016-04-23 06:51 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-05-10 22:20 - 2016-04-23 06:48 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-05-10 22:20 - 2016-04-23 06:47 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-05-10 22:20 - 2016-04-23 06:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-05-10 22:20 - 2016-04-23 06:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-05-10 22:20 - 2016-04-23 06:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-05-10 22:20 - 2016-04-23 06:46 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-05-10 22:20 - 2016-04-23 06:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-05-10 22:20 - 2016-04-23 06:36 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-05-10 22:20 - 2016-04-23 06:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-05-10 22:20 - 2016-04-23 06:27 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-05-10 22:20 - 2016-04-23 06:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-05-10 22:20 - 2016-04-23 06:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-05-10 22:20 - 2016-04-23 06:21 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-05-10 22:20 - 2016-04-23 06:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-05-10 22:20 - 2016-04-23 06:20 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-05-10 22:20 - 2016-04-23 06:11 - 20350464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-05-10 22:20 - 2016-04-23 06:09 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-05-10 22:20 - 2016-04-23 06:08 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-05-10 22:20 - 2016-04-23 06:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-05-10 22:20 - 2016-04-23 06:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-05-10 22:20 - 2016-04-23 06:07 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-05-10 22:20 - 2016-04-23 06:07 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-05-10 22:20 - 2016-04-23 06:07 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-05-10 22:20 - 2016-04-23 06:06 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-05-10 22:20 - 2016-04-23 06:06 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-05-10 22:20 - 2016-04-23 06:05 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-05-10 22:20 - 2016-04-23 06:04 - 02285568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-05-10 22:20 - 2016-04-23 06:02 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-05-10 22:20 - 2016-04-23 06:01 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-05-10 22:20 - 2016-04-23 06:00 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-05-10 22:20 - 2016-04-23 05:59 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-05-10 22:20 - 2016-04-23 05:58 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-05-10 22:20 - 2016-04-23 05:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-05-10 22:20 - 2016-04-23 05:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-05-10 22:20 - 2016-04-23 05:51 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-05-10 22:20 - 2016-04-23 05:50 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-05-10 22:20 - 2016-04-23 05:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-05-10 22:20 - 2016-04-23 05:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-05-10 22:20 - 2016-04-23 05:43 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-05-10 22:20 - 2016-04-23 05:41 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-05-10 22:20 - 2016-04-23 05:40 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-05-10 22:20 - 2016-04-23 05:39 - 01547776 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-05-10 22:20 - 2016-04-23 05:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-05-10 22:20 - 2016-04-23 05:36 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-05-10 22:20 - 2016-04-23 05:33 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-05-10 22:20 - 2016-04-23 05:31 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-05-10 22:20 - 2016-04-23 05:30 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-05-10 22:20 - 2016-04-23 05:30 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-05-10 22:20 - 2016-04-23 05:28 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-05-10 22:20 - 2016-04-23 05:26 - 13811200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-05-10 22:20 - 2016-04-23 05:12 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-05-10 22:20 - 2016-04-23 05:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-05-10 22:20 - 2016-04-23 05:07 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-05-10 22:20 - 2016-04-09 09:02 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-05-10 22:20 - 2016-04-09 09:01 - 05546216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-05-10 22:20 - 2016-04-09 09:01 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-05-10 22:20 - 2016-04-09 09:01 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-05-10 22:20 - 2016-04-09 09:01 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-05-10 22:20 - 2016-04-09 08:59 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-05-10 22:20 - 2016-04-09 08:59 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-05-10 22:20 - 2016-04-09 08:59 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-05-10 22:20 - 2016-04-09 08:58 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-05-10 22:20 - 2016-04-09 08:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-05-10 22:20 - 2016-04-09 08:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-05-10 22:20 - 2016-04-09 08:58 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-05-10 22:20 - 2016-04-09 08:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-05-10 22:20 - 2016-04-09 08:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-05-10 22:20 - 2016-04-09 08:58 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-05-10 22:20 - 2016-04-09 08:58 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-05-10 22:20 - 2016-04-09 08:58 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-05-10 22:20 - 2016-04-09 08:58 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-05-10 22:20 - 2016-04-09 08:58 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-05-10 22:20 - 2016-04-09 08:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-05-10 22:20 - 2016-04-09 08:58 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-05-10 22:20 - 2016-04-09 08:58 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-05-10 22:20 - 2016-04-09 08:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 07:52 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-05-10 22:20 - 2016-04-09 07:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-05-10 22:20 - 2016-04-09 07:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-05-10 22:20 - 2016-04-09 07:51 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-05-10 22:20 - 2016-04-09 07:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-05-10 22:20 - 2016-04-09 07:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-05-10 22:20 - 2016-04-09 07:44 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-05-10 22:20 - 2016-04-09 07:44 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-05-10 22:20 - 2016-04-09 07:44 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-05-10 22:20 - 2016-04-09 07:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-05-10 22:20 - 2016-04-09 07:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-05-10 22:20 - 2016-04-09 07:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-05-10 22:20 - 2016-04-09 07:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-05-10 22:20 - 2016-04-09 07:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-05-10 22:20 - 2016-04-09 07:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-05-10 22:20 - 2016-04-09 07:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-05-10 22:20 - 2016-04-09 07:37 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-05-10 22:20 - 2016-04-09 07:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 07:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 07:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 07:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 06:20 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-05-10 22:20 - 2016-04-09 05:52 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-05-05 18:32 - 2016-05-05 18:32 - 00000000 ____D C:\Users\Marlin\AppData\Local\UWKProcess
2016-05-05 18:29 - 2016-05-05 18:29 - 00000000 ____D C:\Users\Marlin\AppData\LocalLow\DefaultCompany
2016-05-05 15:47 - 2014-10-19 15:54 - 00447752 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
2016-05-05 14:05 - 2016-05-05 14:05 - 00000000 ____D C:\Users\Marlin\Desktop\Electronic Arts
2016-05-04 14:24 - 2016-03-18 00:56 - 02084864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-05-04 14:24 - 2016-03-18 00:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-05-03 19:34 - 2016-04-04 20:14 - 00038120 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-05-03 19:34 - 2016-04-04 20:02 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-05-03 19:34 - 2016-04-02 15:08 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-05-03 19:34 - 2016-03-23 16:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-05-03 19:34 - 2016-03-17 20:04 - 00698368 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-05-03 19:34 - 2016-03-17 20:04 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-05-03 19:34 - 2016-03-17 20:04 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-05-03 19:34 - 2016-03-17 20:04 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-05-03 19:34 - 2016-03-16 20:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-05-03 19:34 - 2016-03-16 20:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-05-03 19:34 - 2016-03-16 20:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-05-03 19:34 - 2016-03-16 02:16 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-05-03 19:34 - 2016-03-16 02:16 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-05-03 19:34 - 2016-03-16 01:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-05-03 19:34 - 2016-03-09 21:00 - 00444416 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-05-03 19:34 - 2016-03-09 21:00 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-05-03 19:34 - 2016-03-09 20:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-05-03 19:34 - 2016-03-09 20:40 - 00351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-05-03 19:34 - 2016-03-09 20:40 - 00316416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-05-03 19:34 - 2016-03-09 20:34 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-05-03 19:34 - 2016-03-06 20:53 - 01885696 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-05-03 19:34 - 2016-03-06 20:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-05-03 19:34 - 2016-03-06 20:38 - 01240576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-05-03 19:34 - 2016-03-06 20:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2016-05-03 19:23 - 2016-01-22 08:18 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-05-03 19:23 - 2016-01-22 08:18 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-05-03 19:23 - 2016-01-22 08:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-05-03 19:23 - 2016-01-22 08:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-05-03 19:19 - 2013-04-10 18:07 - 00002435 _____ C:\Windows\CreateRP-Success_Message.vbs
2016-05-03 19:18 - 2016-02-12 20:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-05-03 19:18 - 2016-02-12 20:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-05-03 19:18 - 2016-02-12 20:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-05-03 19:18 - 2016-02-12 20:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-05-03 19:18 - 2016-02-12 20:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-05-03 19:18 - 2016-02-12 20:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-05-03 19:18 - 2016-02-12 20:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-05-03 19:18 - 2016-02-12 20:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-05-03 19:18 - 2016-02-12 20:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-05-03 19:18 - 2016-02-12 20:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-05-03 19:18 - 2016-02-12 20:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-05-03 19:18 - 2016-02-12 20:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-05-03 19:18 - 2016-02-12 20:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-05-03 19:18 - 2016-02-12 20:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-05-03 19:18 - 2016-02-12 20:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-05-03 19:18 - 2016-02-12 20:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-05-03 19:18 - 2016-02-05 20:56 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2016-05-03 19:18 - 2016-02-05 20:54 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-05-03 19:18 - 2016-02-05 20:54 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-05-03 19:18 - 2016-02-05 20:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-05-03 19:18 - 2016-02-05 20:53 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-05-03 19:18 - 2016-02-05 20:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-05-03 19:18 - 2016-02-05 20:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-05-03 19:18 - 2016-02-05 20:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-05-03 19:18 - 2016-02-05 20:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-05-03 19:18 - 2016-02-05 19:48 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-05-03 19:18 - 2016-02-05 19:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-05-03 19:18 - 2016-02-05 19:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-05-03 19:18 - 2016-02-05 19:33 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2016-05-03 19:18 - 2016-02-05 03:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-05-03 19:18 - 2016-02-04 20:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-05-03 19:18 - 2016-02-02 20:57 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-05-03 19:18 - 2016-02-01 21:08 - 00114624 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-05-03 19:18 - 2016-02-01 20:59 - 03243008 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-05-03 19:18 - 2016-02-01 20:59 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-05-03 19:18 - 2016-02-01 20:59 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-05-03 19:18 - 2016-02-01 20:56 - 01940992 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-05-03 19:18 - 2016-02-01 20:56 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-05-03 19:18 - 2016-02-01 20:49 - 02364928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-05-03 19:18 - 2016-02-01 20:49 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-05-03 19:18 - 2016-02-01 20:49 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-05-03 19:18 - 2016-02-01 20:45 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-05-03 19:18 - 2016-01-21 02:51 - 00073664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2016-05-03 19:18 - 2016-01-11 21:11 - 01684416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-05-03 19:18 - 2015-12-20 20:50 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-05-03 19:18 - 2015-12-20 20:50 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-05-03 19:18 - 2015-12-20 16:08 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-05-03 19:18 - 2015-06-03 22:21 - 00451080 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-05-03 18:56 - 2016-02-09 11:57 - 14634496 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-05-03 18:56 - 2016-02-09 11:57 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-05-03 18:56 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-05-03 18:56 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-05-03 18:56 - 2016-02-09 11:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-05-03 18:56 - 2016-02-09 11:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-05-03 18:56 - 2016-02-09 11:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-05-03 18:56 - 2016-02-09 11:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-05-03 18:56 - 2016-02-09 11:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-05-03 18:56 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-05-03 18:56 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-05-03 18:56 - 2016-02-03 20:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-05-03 18:56 - 2016-02-03 20:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-05-03 18:56 - 2016-02-03 20:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-05-03 18:56 - 2016-02-03 20:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-05-03 18:56 - 2016-02-03 20:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-05-03 18:56 - 2016-01-07 19:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-05-02 20:45 - 2016-05-02 21:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyFinder
2016-05-02 20:23 - 2016-05-02 21:10 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2016-05-01 18:52 - 2016-05-02 21:10 - 00000000 ____D C:\Users\Marlin\Desktop\HiTFaKeR-v0.4
2016-05-01 18:48 - 2016-05-25 12:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy-Hide-IP VPN
2016-05-01 18:48 - 2016-04-22 12:27 - 00547544 _____ (EasyTech) C:\Windows\system32\EasyRedirect64.dll
2016-05-01 18:48 - 2016-04-22 12:27 - 00388312 _____ (EasyTech) C:\Windows\SysWOW64\EasyRedirect.dll
2016-05-01 18:21 - 2016-05-02 21:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elite Proxy Switcher
2016-05-01 18:21 - 2016-05-01 18:21 - 00000000 ____D C:\ProgramData\EPS
2016-04-30 16:15 - 2016-04-30 16:15 - 00000832 _____ C:\Users\Marlin\Desktop\World of Tanks ProMod.lnk
2016-04-30 16:02 - 2016-04-30 16:15 - 00000000 ____D C:\Users\Marlin\AppData\Roaming\ProMod
2016-04-30 15:39 - 2016-05-02 21:10 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-04-30 15:39 - 2016-04-30 15:57 - 00000000 ____D C:\Users\Marlin\Desktop\Games
2016-04-30 15:39 - 2015-12-04 09:51 - 04694784 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2016-04-30 15:39 - 2015-12-04 09:51 - 04463263 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2016-04-30 15:39 - 2015-12-04 09:51 - 03271912 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2016-04-30 15:39 - 2015-12-04 09:51 - 03195648 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2016-04-30 15:39 - 2015-12-04 09:51 - 03053392 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2016-04-30 15:39 - 2015-12-04 09:51 - 02893568 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2016-04-30 15:39 - 2015-12-04 09:51 - 02130584 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2016-04-30 15:39 - 2015-12-04 09:51 - 02030200 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2016-04-30 15:39 - 2015-12-04 09:51 - 01382240 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2016-04-30 15:39 - 2015-12-04 09:51 - 01356512 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2016-04-30 15:39 - 2015-12-04 09:51 - 01328504 _____ (DTS, Inc.) C:\Windows\system32\slcnt64.dll
2016-04-30 15:39 - 2015-12-04 09:51 - 01020208 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2016-04-30 15:39 - 2015-12-04 09:51 - 00873472 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2016-04-30 15:39 - 2015-12-04 09:51 - 00689888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2016-04-30 15:39 - 2015-12-04 09:51 - 00387320 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2016-04-30 15:39 - 2015-12-04 09:51 - 00343712 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2016-04-30 15:39 - 2015-12-04 09:51 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2016-04-30 15:39 - 2015-12-04 09:51 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2016-04-30 15:39 - 2015-12-04 09:51 - 00214840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2016-04-30 15:39 - 2015-12-04 09:51 - 00192992 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2016-04-30 15:39 - 2015-12-04 09:51 - 00158704 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2016-04-30 15:39 - 2015-12-04 09:51 - 00110992 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2016-04-30 15:39 - 2015-12-04 09:51 - 00088352 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2016-04-30 15:39 - 2015-12-04 09:51 - 00075544 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2016-04-30 15:39 - 2015-12-04 09:51 - 00023704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2016-04-30 15:39 - 2015-12-04 09:50 - 03282032 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2016-04-30 15:39 - 2015-12-04 09:50 - 01601952 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll
2016-04-30 15:39 - 2015-12-04 09:50 - 00574760 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2016-04-30 15:39 - 2015-12-04 09:50 - 00122328 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2016-04-30 15:39 - 2015-12-04 09:50 - 00118600 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2016-04-30 15:30 - 2016-04-30 15:30 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-04-28 21:32 - 2016-04-28 21:32 - 00000000 ____D C:\LGMobileUpgrade
2016-04-28 15:05 - 2016-04-28 15:05 - 00192352 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetLwf.sys
2016-04-28 15:05 - 2016-04-28 15:05 - 00119712 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp6.sys
2016-04-26 00:53 - 2016-05-24 22:10 - 00000000 ____D C:\Users\Marlin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps
2016-04-25 21:53 - 2016-04-25 21:53 - 06522120 _____ (Tim Kosse) C:\Users\Marlin\Downloads\FileZilla_3.17.0_win64-setup.exe
2016-04-25 21:44 - 2016-04-25 21:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screaming Bee
2016-04-25 20:16 - 2016-05-25 14:00 - 00000000 ____D C:\Users\Marlin\AppData\Local\LogMeIn Hamachi

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-25 14:01 - 2015-10-28 02:37 - 00000000 ____D C:\Users\Marlin\AppData\Local\Clipboarder
2016-05-25 14:00 - 2016-04-16 23:28 - 00000000 ____D C:\Users\Marlin\AppData\Roaming\Spotify
2016-05-25 14:00 - 2015-12-10 17:11 - 00000000 ____D C:\Users\Marlin\AppData\Local\Spotify
2016-05-25 14:00 - 2015-06-12 21:25 - 00000000 _____ C:\Windows\system32\RzSurroundVADAudioDeviceManager_log.txt
2016-05-25 14:00 - 2015-01-13 18:31 - 00000000 ____D C:\AdwCleaner
2016-05-25 14:00 - 2014-12-21 12:08 - 00000000 ____D C:\Users\Marlin\AppData\Roaming\Raptr
2016-05-25 13:59 - 2015-07-16 01:14 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bf53fb750165.job
2016-05-25 13:59 - 2014-09-14 17:19 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-25 13:59 - 2014-09-14 14:00 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-05-25 13:59 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-25 13:58 - 2009-07-14 06:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-25 13:58 - 2009-07-14 06:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-25 13:48 - 2016-01-02 21:02 - 00000000 ___RD C:\Users\Marlin\MediaFire
2016-05-25 13:39 - 2015-02-13 19:58 - 00000600 _____ C:\Users\Marlin\AppData\Local\PUTTY.RND
2016-05-25 13:39 - 2014-09-23 17:31 - 00000000 ____D C:\Users\Marlin\AppData\Roaming\FileZilla
2016-05-25 13:13 - 2014-09-14 17:19 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-25 13:10 - 2015-12-30 18:55 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-05-25 12:51 - 2015-08-28 17:02 - 00409410 _____ C:\Windows\system32\perfh011.dat
2016-05-25 12:51 - 2015-08-28 17:02 - 00122294 _____ C:\Windows\system32\perfc011.dat
2016-05-25 12:51 - 2015-08-28 16:54 - 00502046 _____ C:\Windows\system32\perfh006.dat
2016-05-25 12:51 - 2015-08-28 16:54 - 00098852 _____ C:\Windows\system32\perfc006.dat
2016-05-25 12:51 - 2015-08-28 16:37 - 00390974 _____ C:\Windows\system32\prfh0404.dat
2016-05-25 12:51 - 2015-08-28 16:37 - 00115284 _____ C:\Windows\system32\prfc0404.dat
2016-05-25 12:51 - 2015-08-28 16:30 - 00706512 _____ C:\Windows\system32\prfh0416.dat
2016-05-25 12:51 - 2015-08-28 16:30 - 00147850 _____ C:\Windows\system32\prfc0416.dat
2016-05-25 12:51 - 2015-08-28 16:23 - 00721650 _____ C:\Windows\system32\prfh0816.dat
2016-05-25 12:51 - 2015-08-28 16:23 - 00153100 _____ C:\Windows\system32\prfc0816.dat
2016-05-25 12:51 - 2015-08-28 16:17 - 00732990 _____ C:\Windows\system32\perfh015.dat
2016-05-25 12:51 - 2015-08-28 16:17 - 00156066 _____ C:\Windows\system32\perfc015.dat
2016-05-25 12:51 - 2015-08-28 16:11 - 00649314 _____ C:\Windows\system32\perfh01F.dat
2016-05-25 12:51 - 2015-08-28 16:11 - 00140194 _____ C:\Windows\system32\perfc01F.dat
2016-05-25 12:51 - 2015-08-28 16:00 - 00373802 _____ C:\Windows\system32\prfh0804.dat
2016-05-25 12:51 - 2015-08-28 16:00 - 00119786 _____ C:\Windows\system32\prfc0804.dat
2016-05-25 12:51 - 2015-08-28 15:44 - 00717232 _____ C:\Windows\system32\perfh019.dat
2016-05-25 12:51 - 2015-08-28 15:44 - 00151036 _____ C:\Windows\system32\perfc019.dat
2016-05-25 12:51 - 2015-08-28 15:39 - 00487146 _____ C:\Windows\system32\perfh014.dat
2016-05-25 12:51 - 2015-08-28 15:39 - 00095598 _____ C:\Windows\system32\perfc014.dat
2016-05-25 12:51 - 2015-08-28 15:35 - 00599620 _____ C:\Windows\system32\perfh008.dat
2016-05-25 12:51 - 2015-08-28 15:35 - 00111322 _____ C:\Windows\system32\perfc008.dat
2016-05-25 12:51 - 2015-08-28 15:30 - 00656352 _____ C:\Windows\system32\perfh01D.dat
2016-05-25 12:51 - 2015-08-28 15:30 - 00142668 _____ C:\Windows\system32\perfc01D.dat
2016-05-25 12:51 - 2015-08-28 15:26 - 00421056 _____ C:\Windows\system32\perfh012.dat
2016-05-25 12:51 - 2015-08-28 15:26 - 00120578 _____ C:\Windows\system32\perfc012.dat
2016-05-25 12:51 - 2015-08-28 15:22 - 00661472 _____ C:\Windows\system32\perfh005.dat
2016-05-25 12:51 - 2015-08-28 15:22 - 00141620 _____ C:\Windows\system32\perfc005.dat
2016-05-25 12:51 - 2015-08-28 15:11 - 00736130 _____ C:\Windows\system32\perfh013.dat
2016-05-25 12:51 - 2015-08-28 15:11 - 00153296 _____ C:\Windows\system32\perfc013.dat
2016-05-25 12:51 - 2015-08-28 15:04 - 00474134 _____ C:\Windows\system32\perfh00B.dat
2016-05-25 12:51 - 2015-08-28 15:04 - 00101714 _____ C:\Windows\system32\perfc00B.dat
2016-05-25 12:51 - 2015-08-28 15:00 - 00676386 _____ C:\Windows\system32\perfh00E.dat
2016-05-25 12:51 - 2015-08-28 15:00 - 00171468 _____ C:\Windows\system32\perfc00E.dat
2016-05-25 12:51 - 2015-08-28 14:52 - 00738088 _____ C:\Windows\system32\perfh00A.dat
2016-05-25 12:51 - 2015-08-28 14:52 - 00158668 _____ C:\Windows\system32\perfc00A.dat
2016-05-25 12:51 - 2015-08-28 14:47 - 00384976 _____ C:\Windows\system32\perfh00D.dat
2016-05-25 12:51 - 2015-08-28 14:47 - 00084952 _____ C:\Windows\system32\perfc00D.dat
2016-05-25 12:51 - 2015-08-28 14:38 - 00732678 _____ C:\Windows\system32\perfh010.dat
2016-05-25 12:51 - 2015-08-28 14:38 - 00147040 _____ C:\Windows\system32\perfc010.dat
2016-05-25 12:51 - 2015-08-28 14:34 - 00738348 _____ C:\Windows\system32\perfh00C.dat
2016-05-25 12:51 - 2015-08-28 14:34 - 00471646 _____ C:\Windows\system32\perfh001.dat
2016-05-25 12:51 - 2015-08-28 14:34 - 00149774 _____ C:\Windows\system32\perfc00C.dat
2016-05-25 12:51 - 2015-08-28 14:34 - 00094966 _____ C:\Windows\system32\perfc001.dat
2016-05-25 12:51 - 2014-09-14 16:58 - 17078958 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-05-25 12:51 - 2010-11-21 08:50 - 00700130 _____ C:\Windows\system32\perfh007.dat
2016-05-25 12:51 - 2010-11-21 08:50 - 00149768 _____ C:\Windows\system32\perfc007.dat
2016-05-25 12:51 - 2009-07-14 07:13 - 17078958 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-25 12:51 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-05-25 08:11 - 2014-10-10 14:15 - 04923392 ___SH C:\Users\Marlin\Desktop\Thumbs.db
2016-05-25 01:10 - 2015-06-17 17:42 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-05-25 01:06 - 2015-08-28 15:51 - 00000000 ____D C:\Windows\et-EE
2016-05-25 00:27 - 2015-03-22 19:59 - 00000000 ____D C:\ProgramData\TEMP
2016-05-25 00:09 - 2015-05-27 19:23 - 00000000 ____D C:\Users\Marlin\AppData\Roaming\Skype
2016-05-25 00:04 - 2014-10-24 00:22 - 00000000 ____D C:\Users\Marlin\Desktop\Programme
2016-05-24 23:56 - 2014-11-08 23:43 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-05-24 23:10 - 2014-10-15 14:34 - 00000000 ____D C:\Users\Marlin\AppData\Local\gtk-2.0
2016-05-24 23:10 - 2014-10-15 14:30 - 00000000 ____D C:\Users\Marlin\.gimp-2.8
2016-05-24 22:41 - 2015-03-11 21:11 - 00000000 ____D C:\Users\Marlin\AppData\Local\CrashDumps
2016-05-24 22:20 - 2016-03-29 21:44 - 00000000 ____D C:\Users\Marlin\AppData\Roaming\Tweeten
2016-05-24 22:10 - 2016-03-26 00:13 - 00000671 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-05-24 22:10 - 2015-07-06 15:48 - 00000723 _____ C:\Users\Marlin\Desktop\Amorous.lnk
2016-05-24 22:10 - 2015-05-11 22:55 - 00000000 __SHD C:\Users\Marlin\Desktop\Tools
2016-05-24 22:10 - 2014-10-23 22:49 - 00001281 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-24 22:10 - 2014-10-08 20:33 - 00000000 ____D C:\Users\Marlin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WorldofTanks
2016-05-24 22:10 - 2014-09-14 16:56 - 00001026 _____ C:\Users\Marlin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-05-24 20:00 - 2014-12-10 22:38 - 00000000 ____D C:\Users\Marlin\.VirtualBox
2016-05-24 19:56 - 2014-10-02 14:16 - 00177000 _____ C:\IFRToolLog.txt
2016-05-21 21:49 - 2015-08-28 03:26 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-20 00:29 - 2014-10-12 23:05 - 00000000 ____D C:\Users\Marlin\AppData\Roaming\vlc
2016-05-19 18:18 - 2016-02-11 16:29 - 00000633 _____ C:\Users\Marlin\Desktop\Phone.txt
2016-05-19 16:33 - 2016-04-16 23:52 - 00000000 ____D C:\Users\Marlin\Documents\Euro Truck Simulator 2
2016-05-19 03:38 - 2016-04-16 17:08 - 00000000 ____D C:\Users\Marlin\Downloads\Telegram Desktop
2016-05-19 01:37 - 2015-12-04 19:42 - 00000958 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-05-18 19:29 - 2016-01-04 15:59 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-05-18 19:29 - 2014-09-14 14:49 - 00000000 ____D C:\ProgramData\Skype
2016-05-18 19:08 - 2015-04-22 07:54 - 00000000 ____D C:\Users\Alexander
2016-05-18 18:52 - 2015-10-30 15:49 - 00000000 ____D C:\Users\Marlin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TweetDeck
2016-05-14 00:39 - 2014-12-02 17:16 - 00000501 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2016-05-14 00:09 - 2015-01-24 20:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2016-05-14 00:09 - 2015-01-24 20:19 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2016-05-13 19:55 - 2015-11-15 19:09 - 00000000 ____D C:\Users\Marlin\AppData\Roaming\Audacity
2016-05-13 15:33 - 2014-09-23 18:35 - 00000000 ____D C:\Users\Marlin\AppData\Roaming\.minecraft
2016-05-13 15:10 - 2015-12-30 18:55 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-13 15:10 - 2015-12-30 18:55 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-13 15:10 - 2015-12-30 18:55 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-05-13 13:25 - 2015-07-19 14:08 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-05-12 23:01 - 2015-06-14 22:46 - 00000000 ____D C:\Windows\system32\appraiser
2016-05-12 20:57 - 2015-08-28 03:26 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-12 20:30 - 2014-12-31 12:44 - 00000000 ____D C:\Users\Marlin\Documents\ETS2MP
2016-05-11 21:37 - 2016-04-18 17:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TruckersMP
2016-05-11 19:43 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-05-11 15:46 - 2016-01-26 14:52 - 00000000 ____D C:\ProgramData\TwonkyServer
2016-05-11 14:51 - 2009-07-14 06:45 - 00355016 _____ C:\Windows\system32\FNTCACHE.DAT
2016-05-10 23:20 - 2010-11-21 09:00 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-10 23:20 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\lv-LV
2016-05-10 23:20 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\lt-LT
2016-05-10 23:20 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\et-EE
2016-05-10 23:20 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\lv-LV
2016-05-10 23:20 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\lt-LT
2016-05-10 23:20 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\et-EE
2016-05-10 23:12 - 2015-11-25 23:26 - 00000600 _____ C:\Users\Marlin\AppData\Roaming\PUTTY.RND
2016-05-10 23:10 - 2015-09-12 15:08 - 00000000 ____D C:\Users\Marlin\AppData\Roaming\BitTorrent
2016-05-10 23:10 - 2014-09-14 11:47 - 00000000 ____D C:\Windows\system32\MRT
2016-05-10 23:01 - 2014-09-14 11:47 - 139319312 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-05-10 22:12 - 2016-01-02 21:00 - 00000000 ____D C:\Program Files (x86)\MediaFire Desktop
2016-05-10 22:12 - 2014-09-14 16:56 - 00000000 ____D C:\Users\Marlin
2016-05-09 23:36 - 2015-02-20 20:27 - 00000000 ____D C:\ProgramData\Origin
2016-05-06 16:29 - 2015-12-22 19:55 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2016-05-06 14:49 - 2015-06-12 21:23 - 00000000 ____D C:\ProgramData\Razer
2016-05-06 12:57 - 2015-06-14 22:46 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-05-06 12:57 - 2015-06-14 22:46 - 00000000 ___SD C:\Windows\system32\GWX
2016-05-05 18:29 - 2015-01-16 15:38 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-05-05 18:20 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-05-05 15:49 - 2016-03-08 03:10 - 00000000 ____D C:\Users\Marlin\Documents\Electronic Arts
2016-05-03 15:06 - 2014-09-23 16:06 - 00226168 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2016-05-03 15:06 - 2014-09-23 16:06 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2016-05-02 22:10 - 2015-10-15 18:08 - 00000000 ____D C:\Users\Marlin\AppData\Local\Battle.net
2016-05-02 21:11 - 2016-04-02 22:17 - 00000000 ____D C:\Program Files (x86)\RealWorld Cursor Editor
2016-05-02 21:10 - 2016-01-01 23:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftEther VPN Client
2016-05-02 21:10 - 2015-09-08 15:14 - 00000000 ____D C:\Program Files\Realtek
2016-05-02 21:10 - 2015-06-13 18:52 - 00000000 ____D C:\ProgramData\Apple
2016-05-02 21:10 - 2015-06-13 18:52 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-05-02 21:10 - 2015-01-20 19:20 - 00000000 ____D C:\Users\Marlin\AppData\Roaming\puush
2016-05-02 21:10 - 2014-09-14 17:14 - 00000000 ____D C:\Windows\system32\SRSLabs
2016-05-02 21:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\security
2016-05-02 21:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2016-05-02 21:03 - 2014-09-14 17:14 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-04-30 15:40 - 2014-09-14 17:14 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-04-30 13:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-04-28 20:54 - 2015-06-18 20:33 - 00000000 ____D C:\Program Files (x86)\LG Electronics
2016-04-28 15:05 - 2015-09-21 17:14 - 00916520 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2016-04-28 15:05 - 2015-09-21 17:14 - 00143568 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2016-04-26 19:00 - 2015-11-12 15:37 - 00000000 ____D C:\Users\Marlin\AppData\Roaming\Youtube to MP3 Converter
2016-04-26 18:02 - 2016-04-12 15:00 - 00000000 ____D C:\Program Files (x86)\ITbrain Agent
2016-04-25 21:44 - 2015-09-17 19:40 - 00000000 ____D C:\Users\Marlin\AppData\Roaming\Screaming Bee
2016-04-25 21:44 - 2015-09-17 19:28 - 00000000 ____D C:\Program Files (x86)\Screaming Bee
2016-04-25 21:42 - 2014-11-01 21:45 - 00000000 ____D C:\Users\Marlin\Desktop\Aufnahme und Bearbeitung
2016-04-25 19:57 - 2015-01-16 14:35 - 00000000 ____D C:\Users\Marlin\AppData\Local\ftblauncher
2016-04-25 19:55 - 2015-01-20 20:49 - 00000000 ____D C:\Users\Marlin\AppData\Roaming\ftblauncher

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-01-12 14:09 - 2016-01-12 14:09 - 0000011 _____ () C:\Users\Marlin\AppData\Roaming\.tv7
2016-04-16 14:24 - 2016-04-16 14:24 - 0005120 _____ () C:\Users\Marlin\AppData\Roaming\GiftBag.db
2014-09-24 19:48 - 2014-09-24 19:48 - 0000012 _____ () C:\Users\Marlin\AppData\Roaming\id.txt
2014-10-12 16:21 - 2014-10-12 16:21 - 0000098 _____ () C:\Users\Marlin\AppData\Roaming\LauncherSettings_live.cfg
2014-11-12 18:53 - 2014-11-13 15:37 - 0001216 _____ () C:\Users\Marlin\AppData\Roaming\Marlin.txt
2015-11-25 23:26 - 2016-05-10 23:12 - 0000600 _____ () C:\Users\Marlin\AppData\Roaming\PUTTY.RND
2015-08-29 11:50 - 2015-08-29 11:50 - 0001268 _____ () C:\Users\Marlin\AppData\Roaming\Roaming - Shortcut.lnk
2015-08-29 11:50 - 2015-08-29 11:51 - 0044032 ___SH () C:\Users\Marlin\AppData\Roaming\Thumbs.db
2016-01-02 21:48 - 2016-01-04 21:13 - 20806800 _____ () C:\Users\Marlin\AppData\Roaming\xulrunner.zip
2016-05-25 01:10 - 2016-05-25 01:10 - 0000000 ____H () C:\Users\Marlin\AppData\Local\BITFA99.tmp
2014-09-24 19:53 - 2015-10-22 02:25 - 0011776 _____ () C:\Users\Marlin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-13 19:58 - 2016-05-25 13:39 - 0000600 _____ () C:\Users\Marlin\AppData\Local\PUTTY.RND
2016-05-24 23:10 - 2016-05-24 23:10 - 0023802 _____ () C:\Users\Marlin\AppData\Local\recently-used.xbel
2015-06-12 15:18 - 2015-10-11 22:41 - 0007599 _____ () C:\Users\Marlin\AppData\Local\Resmon.ResmonCfg
2016-05-25 01:09 - 2016-05-25 01:10 - 0000000 _____ () C:\Users\Marlin\AppData\Local\{056C4BAF-A0FF-4DDD-ABE9-6611CE374B05}
2015-10-08 08:08 - 2015-10-08 08:08 - 0000000 _____ () C:\Users\Marlin\AppData\Local\{17367099-8997-4CFF-BF2C-F000DF000440}
2016-05-24 22:29 - 2016-05-24 22:29 - 0000000 _____ () C:\Users\Marlin\AppData\Local\{1A1B3749-31EB-494F-AA76-3DFC76586726}
2016-01-10 00:24 - 2016-01-10 00:24 - 0000000 _____ () C:\Users\Marlin\AppData\Local\{5BD514BE-42FC-46EB-A519-E8C388502CAC}
2015-12-08 15:23 - 2015-12-08 15:23 - 0000000 _____ () C:\Users\Marlin\AppData\Local\{5D944AE5-599D-45D9-9A19-38C0440454A8}
2015-12-16 14:27 - 2015-12-16 14:27 - 0000000 _____ () C:\Users\Marlin\AppData\Local\{73AA8701-6E85-4A4D-BF2B-5D5DA87280D5}
2016-05-21 16:28 - 2016-05-21 16:28 - 0000000 _____ () C:\Users\Marlin\AppData\Local\{AB9E70B5-71FF-4C0D-9E0C-EEBA9714DFC4}
2015-08-13 11:15 - 2015-08-13 11:15 - 0000000 _____ () C:\Users\Marlin\AppData\Local\{B8E48531-81EC-4123-9E5A-E18A4912D3F8}
2015-12-16 14:27 - 2015-12-16 14:27 - 0000000 _____ () C:\Users\Marlin\AppData\Local\{BD45C9D4-BE8E-457B-B07F-11E05B39E8ED}
2016-05-25 01:07 - 2016-05-25 01:07 - 0000011 _____ () C:\ProgramData\.tv7

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Marlin\multibit-hd-windows-x64-0.3.0.exe


Einige Dateien in TEMP:
====================
C:\Users\Marlin\AppData\Local\Temp\geek_x64.exe
C:\Users\Marlin\AppData\Local\Temp\libeay32.dll
C:\Users\Marlin\AppData\Local\Temp\msvcr120.dll
C:\Users\Marlin\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-05-11 19:11

==================== Ende von FRST.txt ============================
         
ADWCleaner

AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v5.117 - Bericht erstellt am 25/05/2016 um 14:00:35
# Aktualisiert am 15/05/2016 von Xplode
# Datenbank : 2016-05-23.3 [Server]
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (X64)
# Benutzername : Marlin - BLACKMAGIC
# Gestartet von : C:\Users\Marlin\Desktop\Anti Virus\adwcleaner_5.117.exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****

Datei gefunden : C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_api.ciuvo.com_0.localstorage
Datei gefunden : C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_api.ciuvo.com_0.localstorage-journal

***** [ DLL ] *****


***** [ WMI ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****


*************************

C:\AdwCleaner\AdwCleaner[S1].txt - [845 Bytes] - [25/05/2016 08:41:37]
C:\AdwCleaner\AdwCleaner[S2].txt - [1194 Bytes] - [25/05/2016 13:47:45]
C:\AdwCleaner\AdwCleaner[S3].txt - [1115 Bytes] - [25/05/2016 14:00:35]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1188 Bytes] ##########
         
--- --- ---


Malwarebytes scannt noch

Alt 25.05.2016, 13:11   #5
Deathkid535
/// Malwareteam
 
Browser öffnen auf Klick hin adware Seiten - Standard

Browser öffnen auf Klick hin adware Seiten



Hi,

bevor wir auch nur irgendwas machen: Du hast 2 AVs deinstalliert. Die können sich gegenseitig in die Quere kommen, das kann zu Performance- und Sicherheitsproblemen führen. Deinstallier mal eines von beiden. Sag mir bescheid, wenn du das gemacht hast.

Tritt das Problem übrigens in allen Browsern auf?


Alt 25.05.2016, 13:29   #6
Kieran
 
Browser öffnen auf Klick hin adware Seiten - Standard

Browser öffnen auf Klick hin adware Seiten



Reicht es nicht eins zu deaktivieren? Ich bin nämlich nicht derjenige der für die bezahlt hat. Webroot hab ich von einem Freund und Kaspersky von meinem Vater. Ich habe Kaspersky eigentlich immer beendet wenn Webroot offen ist

Hier Malwarebytes log
Code:
ATTFilter
<?xml version="1.0" encoding="UTF-16" ?>
<mbam-log>
<header>
<date>2016/05/25 14:00:53 +0200</date>
<logfile>mbam-log-2016-05-25 (14-00-51).xml</logfile>
<isadmin>yes</isadmin>
</header>
<engine>
<version>2.2.1.1043</version>
<malware-database>v2016.05.25.04</malware-database>
<rootkit-database>v2016.05.20.01</rootkit-database>
<license>trial</license>
<file-protection>enabled</file-protection>
<web-protection>enabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
<system>
<hostname>BLACKMAGIC</hostname>
<ip>169.254.123.127, 192.168.178.25, 192.168.56.1, 25.125.232.11</ip>
<osversion>Windows 7 Service Pack 1</osversion>
<arch>x64</arch>
<username>Marlin</username>
<filesys>NTFS</filesys>
</system>
<summary>
<type>threat</type>
<result>completed</result>
<objects>439392</objects>
<time>485</time>
<processes>0</processes>
<modules>0</modules>
<keys>0</keys>
<values>1</values>
<datas>0</datas>
<folders>0</folders>
<files>0</files>
<sectors>0</sectors>
</summary>
<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>disabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<heuristics>enabled</heuristics>
<pup>enabled</pup>
<pum>enabled</pum>
</options>
<items>
<value><path>HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS</path><valuename>AutoConfigUrl</valuename><vendor>Hijack.AutoConfigURL.PrxySvrRST</vendor><action>delete-on-reboot</action><valuedata>hxxp://unstops.biz/wpad.dat?7f2ae8b11d8b6bbc19fd1a28c3e30e6b10541591</valuedata><hash>d444c9113f5ad95d4b28bb24857eb34d</hash></value>
</items>
</mbam-log>
         
Den webroot log kann ich leider nicht posten weil die .txt Datei alleine schon 3 MB groß ist xD Hab sie trotzdem mal hochgeladen https://www.kieran.pw/FRST/webroot.log

Zitat:
Zitat von Deathkid535 Beitrag anzeigen
Tritt das Problem übrigens in allen Browsern auf?
Ja es passiert auch im IE. Dauert halt nur lange bis es weider passiert. Diesmal war es "https://www.liveadexchanger.com/a/display.php?r=1064042" und Malwarebytes hat es gesperrt.

Die gleiche Datei die Malwarebytes eben gefunden hat und gelöscht hat ist nach dem restart wieder da. Ich lass Malwarebytes das nochmal löschen, starte neu und sende den log

PC neugestartet
Malwarebytes Log
Code:
ATTFilter
<?xml version="1.0" encoding="UTF-16" ?>
<mbam-log>
<header>
<date>2016/05/25 14:20:03 +0200</date>
<logfile>mbam-log-2016-05-25 (14-20-01).xml</logfile>
<isadmin>yes</isadmin>
</header>
<engine>
<version>2.2.1.1043</version>
<malware-database>v2016.05.25.04</malware-database>
<rootkit-database>v2016.05.20.01</rootkit-database>
<license>trial</license>
<file-protection>enabled</file-protection>
<web-protection>enabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
<system>
<hostname>BLACKMAGIC</hostname>
<ip>169.254.123.201, 192.168.178.25, 192.168.56.1, 25.125.232.11</ip>
<osversion>Windows 7 Service Pack 1</osversion>
<arch>x64</arch>
<username>Marlin</username>
<filesys>NTFS</filesys>
</system>
<summary>
<type>threat</type>
<result>completed</result>
<objects>439268</objects>
<time>486</time>
<processes>0</processes>
<modules>0</modules>
<keys>0</keys>
<values>1</values>
<datas>0</datas>
<folders>0</folders>
<files>0</files>
<sectors>0</sectors>
</summary>
<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>disabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<heuristics>enabled</heuristics>
<pup>enabled</pup>
<pum>enabled</pum>
</options>
<items>
<value><path>HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS</path><valuename>AutoConfigUrl</valuename><vendor>Hijack.AutoConfigURL.PrxySvrRST</vendor><action>delete-on-reboot</action><valuedata>hxxp://unstops.biz/wpad.dat?7f2ae8b11d8b6bbc19fd1a28c3e30e6b10541591</valuedata><hash>af6993471d7c0630145f0ed1a45f9070</hash></value>
</items>
</mbam-log>
         
Wenn ich zu schnell poste dann sagt bescheid

Geändert von Kieran (25.05.2016 um 13:35 Uhr)

Alt 26.05.2016, 15:25   #7
Deathkid535
/// Malwareteam
 
Browser öffnen auf Klick hin adware Seiten - Standard

Browser öffnen auf Klick hin adware Seiten



Hi,

reichen tut es zwar an und für sich schon eins zu deaktivieren, empfehlen würd ich aber trotzdem das andere zu entfernen.

Das ist aber leider das falsche MBAM-Log, ich brauch das hier Malwarebytes Anti-Malware Logfile finden - Anleitungen

Alt 26.05.2016, 17:41   #8
Kieran
 
Browser öffnen auf Klick hin adware Seiten - Standard

Browser öffnen auf Klick hin adware Seiten



Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Scan Date: 26-May-16
Scan Time: 06:02 PM
Logfile: log.txt
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.05.26.05
Rootkit Database: v2016.05.20.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Marlin

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 424726
Time Elapsed: 26 min, 50 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 1
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|AutoConfigUrl, hxxp://unstops.biz/wpad.dat?7f2ae8b11d8b6bbc19fd1a28c3e30e6b10541591, Delete-on-Reboot, [bebf44968d0cab8b59cc41a00ef5cb35]

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)
         

Er findet immer den gleichen "übeltäter"

Alt 26.05.2016, 19:22   #9
Deathkid535
/// Malwareteam
 
Browser öffnen auf Klick hin adware Seiten - Standard

Browser öffnen auf Klick hin adware Seiten



Hi,

Schritt # 1: FRST-Fix

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
HKLM-x32\...\Run: [] => [X]
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
AutoConfigURL: [S-1-5-21-3419645104-3717089636-2781738795-1000] => hxxp://unstops.biz/wpad.dat?7f2ae8b11d8b6bbc19fd1a28c3e30e6b10541591
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
BHO: 电脑管家网页防火墙 -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17195.214\TSWebMon64.dat => Keine Datei
EmptyTemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Schritt # 2: FRST

Und noch ein frisches FRST-Log bitte.



Schritt # 3: Bitte Posten
  • Das Fixlog von FRST
  • Das frische FRST-Log

Alt 26.05.2016, 23:06   #10
Kieran
 
Browser öffnen auf Klick hin adware Seiten - Standard

Browser öffnen auf Klick hin adware Seiten



Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:25-05-2016 01
durchgeführt von Marlin (2016-05-27 00:01:40) Run:1
Gestartet von C:\Users\Marlin\Desktop
Geladene Profile: Marlin (Verfügbare Profile: Marlin)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
HKLM-x32\...\Run: [] => [X]
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
AutoConfigURL: [S-1-5-21-3419645104-3717089636-2781738795-1000] => hxxp://unstops.biz/wpad.dat?7f2ae8b11d8b6bbc19fd1a28c3e30e6b10541591
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
BHO: ????????? -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17195.214\TSWebMon64.dat => Keine Datei
EmptyTemp:
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Wert erfolgreich entfernt
"HKLM\SOFTWARE\Policies\Google" => Schlüssel erfolgreich entfernt
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\AutoConfigURL => Wert erfolgreich entfernt
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Schlüssel erfolgreich entfernt
"HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}" => Schlüssel erfolgreich entfernt
"HKCR\CLSID\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}" => Schlüssel erfolgreich entfernt
EmptyTemp: => 2.2 GB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 00:01:51 ====
         
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:25-05-2016 01
durchgeführt von Marlin (Administrator) auf BLACKMAGIC (27-05-2016 00:05:30)
Gestartet von C:\Users\Marlin\Desktop
Geladene Profile: Marlin (Verfügbare Profile: Marlin)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Sprache: German (Germany)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Webroot) C:\Program Files\Webroot\WRSA.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Cepstral, LLC) C:\Program Files (x86)\Cepstral\bin\CepstralLicSrv.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Olof Lagerkvist) C:\Windows\System32\imdsksvc.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Razer Inc.) D:\Programme\Razer Cortex\RzKLService.exe
(A-Volute) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Lynx Technology) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
(LogMeIn Inc.) K:\Programme\Hamachi\hamachi-2.exe
(Intel(R) Corporation) C:\Program Files\Intel\NCS2\WMIProv\ncs2prov.exe
(LogMeIn, Inc.) K:\Programme\Hamachi\LMIGuardianSvc.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(Webroot) C:\Program Files\Webroot\WRSA.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
() C:\Program Files\Core Temp\Core Temp.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(LogMeIn Inc.) K:\Programme\Hamachi\hamachi-2-ui.exe
(LogMeIn, Inc.) K:\Programme\Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Windows\System32\runonce.exe
(Microsoft Corporation) C:\Windows\SysWOW64\runonce.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Malwarebytes) C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Mozilla Corporation) K:\Programme\ThunderBird\thunderbird.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\wmi64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Don HO don.h@free.fr) D:\Programme\Notepad++\notepad++.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Webroot) C:\ProgramData\WRData\PKG\npwebroot.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-02-26] (Intel Corporation)
HKLM\...\Run: [SoftEther VPN Client UI Helper] => "D:\Programme\SoftEther VPN Client\vpnclient_x64.exe" /uihelp
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [5006536 2016-04-04] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16408320 2015-12-04] (Realtek Semiconductor)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [298776 2015-12-18] (Intel Corporation)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe [933888 2012-08-21] (AVM Berlin)
HKLM-x32\...\Run: [RoccatKova+] => D:\Roccat Kova+\Kova[+]Monitor.EXE [539688 2011-03-17] (Roccat GmbH)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2016-05-24] (Razer Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [23745808 2016-05-07] (Dropbox, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-04-27] (Raptr, Inc)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => K:\Programme\Hamachi\hamachi-2-ui.exe [5565960 2016-05-06] (LogMeIn Inc.)
HKLM-x32\...\Run: [WRSVC] => C:\Program Files\Webroot\WRSA.exe [876712 2016-05-24] (Webroot)
HKLM\...\Policies\Explorer: [NoViewOnDrive] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM\...\Policies\Explorer: [NoShellSearchButton] 0
HKLM\...\Policies\Explorer: [NoFind] 0
HKLM\...\Policies\Explorer: [NoFile] 0
HKLM\...\Policies\Explorer: [HideClock] 0
HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0
HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKLM\...\Policies\Explorer: [NoSetFolders] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoLogoff] 0
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKLM\...\Policies\Explorer: [NoDesktop] 0
HKU\S-1-5-19\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-20\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Run: [Steam] => D:\Games etc\Steam\steam.exe [2914896 2016-05-20] (Valve Corporation)
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Run: [Clownfish] => 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Run: [TeamSpeak 3 Client] => D:\Teamspeak\ts3client_win64.exe [11480344 2016-04-26] (TeamSpeak Systems GmbH)
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Run: [puush] => D:\Programme\Puush\puush.exe [568904 2015-03-30] ()
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Run: [Spotify Web Helper] => C:\Users\Marlin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1554032 2016-05-25] (Spotify Ltd)
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Run: [Spotify] => C:\Users\Marlin\AppData\Roaming\Spotify\Spotify.exe [6858864 2016-05-25] (Spotify Ltd)
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Run: [EasyHideIPVPN] => K:\Programme\Easy-Hide-IP VPN\vpn.client.exe
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\MountPoints2: G - G:\Setup.exe
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\MountPoints2: H - H:\Setup.exe
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\MountPoints2: {246a3911-507e-11e4-9626-d0509928e910} - E:\LGAutoRun.exe
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\MountPoints2: {9da0785c-3c05-11e4-8df1-d0509928e910} - E:\pushinst.exe
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\...\MountPoints2: {c581b910-3c1e-11e4-9aa5-806e6f6e6963} - F:\ASRSetup.exe
HKU\S-1-5-21-3419645104-3717089636-2781738795-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> K:\Dropbox\sspipes.scr
HKU\S-1-5-18\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-18\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-18\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoStartMenuSubFolders] 0
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Marlin\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Marlin\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Marlin\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17195.214\QMGCShellExt64.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Marlin\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Marlin\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Marlin\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2016-03-18] ()
Startup: C:\Users\Marlin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2016-01-19] ()
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

AutoConfigURL: [S-1-5-21-3419645104-3717089636-2781738795-1000] => hxxp://unstops.biz/wpad.dat?7f2ae8b11d8b6bbc19fd1a28c3e30e6b10541591
Tcpip\..\Interfaces\{1D0F9C4D-A3C9-4219-AAA5-578087290EDC}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{33A5DE98-AE1F-4277-A4DE-87238A8E3C7A}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{72C6C5EB-8AB4-4F8D-9200-FD4D6A355DED}: [NameServer] 192.168.1.9,192.168.1.1
ManualProxies: 

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130938236596445570&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-28] (Oracle Corporation)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-11-18] (AO Kaspersky Lab)
BHO: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar64.dll [2016-05-24] (Webroot)
BHO: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Common Files\Webroot\WebFiltering\wrflt.dll [2016-05-24] (Webroot)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-28] (Oracle Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-11-18] (AO Kaspersky Lab)
BHO-x32: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar.dll [2016-05-24] (Webroot)
BHO-x32: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files (x86)\Common Files\Webroot\WebFiltering\wrflt.dll [2016-05-24] (Webroot)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-11-18] (AO Kaspersky Lab)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar64.dll [2016-05-24] (Webroot)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-11-18] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll [2016-05-24] (Webroot)
Toolbar: HKU\S-1-5-21-3419645104-3717089636-2781738795-1000 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
Toolbar: HKU\S-1-5-21-3419645104-3717089636-2781738795-1000 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
         

Alt 26.05.2016, 23:07   #11
Kieran
 
Browser öffnen auf Klick hin adware Seiten - Standard

Browser öffnen auf Klick hin adware Seiten



Code:
ATTFilter
FireFox:
========
FF ProfilePath: C:\Users\Marlin\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: 
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-13] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-28] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3419645104-3717089636-2781738795-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Marlin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-09-05] (Unity Technologies ApS)
FF Extension: Amazon-Icon - C:\Users\Marlin\AppData\Roaming\Mozilla\Firefox\Profiles\bywxuxu9.default\Extensions\amazon-icon@giga.de [2015-06-21] [ist nicht signiert]
FF Extension: Furaffinity Download extension for Firefox - C:\Users\Marlin\AppData\Roaming\Mozilla\Firefox\Profiles\bywxuxu9.default\Extensions\fuerholz@gmx.net.xpi [2015-12-15]
FF Extension: InkBunny Downloader - C:\Users\Marlin\AppData\Roaming\Mozilla\Firefox\Profiles\bywxuxu9.default\Extensions\jid1-A9hxZPPMAhCzdQ@jetpack.xpi [2015-12-16] [ist nicht signiert]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Marlin\AppData\Roaming\Mozilla\Firefox\Profiles\bywxuxu9.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2015-12-12]
FF Extension: ChatZilla - C:\Users\Marlin\AppData\Roaming\Mozilla\Firefox\Profiles\bywxuxu9.default\Extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2015-12-20]
FF Extension: Webroot Password Manager - C:\Users\Marlin\AppData\Roaming\Mozilla\Firefox\Profiles\bywxuxu9.default\Extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda} [2016-05-24]
FF Extension: Tamper Data - C:\Users\Marlin\AppData\Roaming\Mozilla\Firefox\Profiles\bywxuxu9.default\Extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}.xpi [2015-11-20]
FF Extension: Web Developer - C:\Users\Marlin\AppData\Roaming\Mozilla\Firefox\Profiles\bywxuxu9.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2015-12-20]
FF Extension: InkBunny Downloader - C:\Users\Marlin\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\@ib_downloader.xpi [2016-04-27] [ist nicht signiert]
FF Extension: Amazon-Icon - C:\Users\Marlin\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\amazon-icon@giga.de [2016-01-25] [ist nicht signiert]
FF Extension: Furaffinity Download extension for Firefox - C:\Users\Marlin\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\fuerholz@gmx.net.xpi [2015-12-15]
FF Extension: InkBunny Downloader - C:\Users\Marlin\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\jid1-A9hxZPPMAhCzdQ@jetpack.xpi [2015-12-16] [ist nicht signiert]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Marlin\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2015-12-12]
FF Extension: ChatZilla - C:\Users\Marlin\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2016-01-25]
FF Extension: Webroot Password Manager - C:\Users\Marlin\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda} [2016-05-24]
FF Extension: Tamper Data - C:\Users\Marlin\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}.xpi [2015-11-20]
FF Extension: Web Developer - C:\Users\Marlin\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2015-12-20]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2016-05-25]
FF HKLM-x32\...\Firefox\Extensions: [webrootsecure@webroot.com] - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer
FF Extension: Webroot Filtering Extension - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer [2016-05-24]
StartMenuInternet: FIREFOX.EXE - D:\Programme\Firefox\firefox.exe

Chrome: 
=======
CHR StartupUrls: Default -> "hxxps://forum.temeraire.net/de/index.php","hxxp://draconic.twilightrealm.com/","hxxp://twokinds.keenspot.com/","hxxps://web.whatsapp.com/","hxxps://www.webshell.de/de/forum","hxxp://awsw.yuku.com/"
CHR Profile: C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2016-05-07]
CHR Extension: (Google Präsentationen) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-04]
CHR Extension: (Google Docs) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (MEGA) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2016-05-25]
CHR Extension: (YouTube) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-09]
CHR Extension: (uBlock Origin) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2016-05-25]
CHR Extension: (Google-Suche) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Dropbox für Gmail) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2015-12-04]
CHR Extension: (Kaspersky Protection) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2015-11-19]
CHR Extension: (Freefall Tournament) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\encjogopgacdjlkmpdknhlfnanoihodh [2015-03-19]
CHR Extension: (Aurelion Sol Build Guide) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fceobikcedidphjfgmjjjolgeoiakhnc [2016-05-04]
CHR Extension: (Google Tabellen) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-04]
CHR Extension: (Google Docs Offline) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Webroot Filtering Extension) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd [2016-05-25]
CHR Extension: (Webroot Password Manager) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc [2016-05-24]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Passwort-Warnung) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\noondiphcddnnabmjcihcjfbhfklnnep [2016-04-22]
CHR Extension: (ProxPrice) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nopgehbobniifpngnhmljfojnkkopbje [2016-03-04]
CHR Extension: (Google Code Archive - Long-term stora...) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmbhclbceeoiegfpidanbkkflbfpiig [2016-04-26]
CHR Extension: (Virtual Keyboard) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflmllfnnabikmfkkaddkoolinlfninn [2015-12-02]
CHR Extension: (Google Mail) - C:\Users\Marlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [kjeghcllfecehndceplomkocgfbklffd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngkhgikojglcgnckopipfdajaifmmnnc] - hxxp://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
S2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-11-18] (Kaspersky Lab ZAO)
R2 Cepstral License Server; C:\Program Files (x86)\Cepstral\bin\CepstralLicSrv.exe [57344 2007-03-15] (Cepstral, LLC) [Datei ist nicht signiert]
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [65128 2016-01-11] (CyberGhost S.R.L)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-19] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-19] (Dropbox, Inc.)
S4 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [238376 2015-12-26] (EasyAntiCheat Ltd)
R2 Hamachi2Svc; K:\Programme\Hamachi\hamachi-2.exe [2552840 2016-05-06] (LogMeIn Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-02-26] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [253528 2015-07-09] ()
R2 ImDskSvc; C:\Windows\system32\imdsksvc.exe [19552 2015-08-14] (Olof Lagerkvist)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-03-20] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-04-03] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)
S4 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3191392 2014-05-15] (INCA Internet Co., Ltd.)
S4 Origin Client Service; D:\Games etc\Origin\OriginClientService.exe [2120712 2016-04-30] (Electronic Arts)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-03-04] (Plays.tv, LLC)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-08-24] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-08-24] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [188072 2015-11-05] ()
R2 RzKLService; D:\Programme\Razer Cortex\RzKLService.exe [129168 2015-08-21] (Razer Inc.)
R2 RzSurroundVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [4255232 2016-02-15] (A-Volute) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer GmbH)
R2 TwonkyServer; C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe [1923120 2015-10-08] (Lynx Technology)
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [876712 2016-05-24] (Webroot)
S2 EasyRedirect; K:\Programme\Easy-Hide-IP VPN\rdr\EasyRedirect.exe [X]
S3 MediaFire Desktop Updater Service; C:\Program Files (x86)\MediaFire Desktop\bin\UpdaterLocalCOM.exe [X]
S2 SEVPNCLIENT; "D:\Programme\SoftEther VPN Client\vpnclient_x64.exe" /service [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AndnetBus; C:\Windows\System32\DRIVERS\lgandnetbus64.sys [20992 2015-01-21] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [30720 2015-01-26] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [37376 2015-01-26] (LG Electronics Inc.)
S4 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2015-04-17] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2012-04-25] (AVM Berlin)
R2 AWEAlloc; C:\Windows\System32\DRIVERS\awealloc.sys [21048 2015-08-06] (Olof Lagerkvist)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [488216 2014-02-03] (Intel Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation)
S3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [21656 2014-10-07] (Echobit, LLC)
R3 fwlanusb5; C:\Windows\System32\DRIVERS\fwlanusb5.sys [982784 2012-08-21] (AVM GmbH)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-12-08] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-02-26] (Intel Corporation)
R2 ImDisk; C:\Windows\System32\DRIVERS\imdisk.sys [49104 2015-08-14] (Olof Lagerkvist)
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-04-03] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [44744 2014-02-03] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70000 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [77728 2016-03-01] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [181640 2015-11-18] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [237480 2016-05-25] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [943536 2016-05-25] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [49240 2016-05-25] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [41144 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-11-18] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [103096 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 KovaPlusFltr; C:\Windows\System32\drivers\KovaPlusFltr.sys [15104 2010-01-25] (ROCCAT Development, Inc.)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [31744 2008-09-07] (hxxp://libusb-win32.sourceforge.net) [Datei ist nicht signiert]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2015-04-17] ()
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49304 2014-12-29] (Visicom Media Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35992 2014-12-29] (Visicom Media Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [180480 2015-10-08] (Intel Corporation)
R3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0118.sys [38432 2016-03-22] (SoftEther Corporation)
S3 Neo_VPN2; C:\Windows\System32\DRIVERS\Neo_0096.sys [38432 2016-03-22] (SoftEther Corporation)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-09-23] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [130880 2015-12-15] (Razer, Inc.)
R3 RZSURROUNDVADService; C:\Windows\System32\drivers\RzSurroundVAD.sys [40640 2016-02-15] (Windows (R) Win 7 DDK provider)
S3 SEE; C:\Windows\System32\drivers\see.sys [50208 2016-01-02] (SoftEther Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381608 2016-02-04] (Duplex Secure Ltd.)
R3 USBPcap; C:\Windows\System32\DRIVERS\USBPcap.sys [48344 2015-12-10] (USBPcap)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
R1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [119712 2016-04-28] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [192352 2016-04-28] (Oracle Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [125008 2016-01-19] (Oracle Corporation)
R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [117728 2016-05-24] (Webroot)
S3 wrUrlFlt; C:\Windows\system32\DRIVERS\wrUrlFlt.sys [54512 2016-05-24] (Webroot)
S3 WsAudioDevice_383S(1); C:\Windows\System32\drivers\WsAudioDevice_383S(1).sys [29288 2015-02-02] (Wondershare)
R3 ALSysIO; \??\C:\Users\Marlin\AppData\Local\Temp\ALSysIO64.sys [X]
S3 andnetndis; system32\DRIVERS\lgandnetndis64.sys [X]
S3 ATP; system32\DRIVERS\cmdatp.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
U4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X]
U0 SR; kein ImagePath
U2 srservice; kein ImagePath
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-27 00:05 - 2016-05-27 00:05 - 00048239 _____ C:\Users\Marlin\Desktop\FRST.txt
2016-05-27 00:04 - 2016-05-27 00:04 - 00000000 ____D C:\Users\Marlin\AppData\Local\GWX
2016-05-27 00:01 - 2016-05-27 00:01 - 00001881 _____ C:\Users\Marlin\Desktop\Fixlog.txt
2016-05-26 00:55 - 2016-05-26 00:58 - 00000000 ____D C:\Users\Marlin\Desktop\droid
2016-05-25 16:42 - 2016-04-12 03:23 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-05-25 16:42 - 2016-04-12 03:23 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-05-25 16:42 - 2016-04-12 03:20 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-05-25 16:42 - 2016-04-12 03:20 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-05-25 16:42 - 2016-04-12 03:20 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-05-25 16:42 - 2016-04-12 03:20 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-05-25 16:42 - 2016-04-12 03:20 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-05-25 16:42 - 2016-04-12 03:20 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-05-25 16:42 - 2016-04-12 03:20 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-05-25 16:42 - 2016-04-12 03:20 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-05-25 16:42 - 2016-04-12 03:20 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-05-25 16:42 - 2016-04-12 03:20 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-05-25 16:42 - 2016-04-12 03:20 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-05-25 16:42 - 2016-04-12 03:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-05-25 16:42 - 2016-04-12 03:20 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-05-25 16:42 - 2016-04-12 03:20 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-05-25 16:42 - 2016-04-12 03:20 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-05-25 16:42 - 2016-04-12 03:20 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-05-25 16:42 - 2016-04-12 03:20 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-05-25 16:42 - 2016-04-12 03:20 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-05-25 16:42 - 2016-04-12 03:02 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-05-25 16:42 - 2016-04-12 03:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-05-25 16:42 - 2016-04-12 03:02 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-05-25 16:42 - 2016-04-12 03:02 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-05-25 16:42 - 2016-04-12 03:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-05-25 16:42 - 2016-04-12 03:02 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-05-25 16:42 - 2016-04-12 03:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-05-25 16:42 - 2016-04-12 03:02 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-05-25 16:42 - 2016-04-12 03:02 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-05-25 16:42 - 2016-04-12 03:02 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-05-25 16:42 - 2016-04-12 03:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-05-25 16:42 - 2016-04-12 03:02 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-05-25 16:42 - 2016-04-12 03:01 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-05-25 16:42 - 2016-04-12 03:01 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-05-25 16:42 - 2016-04-12 03:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-05-25 16:42 - 2016-04-12 02:50 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-05-25 16:42 - 2016-04-12 02:43 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-05-25 16:42 - 2016-04-12 02:43 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-05-25 16:42 - 2016-04-12 02:43 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-05-25 16:42 - 2016-04-12 02:42 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-05-25 16:42 - 2016-04-12 02:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-05-25 16:42 - 2016-04-12 02:36 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-05-25 16:42 - 2016-04-09 08:58 - 14186496 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-05-25 16:42 - 2016-04-09 08:57 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-05-25 16:42 - 2016-04-09 08:54 - 12881408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-05-25 16:42 - 2016-04-09 08:54 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-05-25 16:42 - 2016-04-09 07:53 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-05-25 16:42 - 2016-04-09 07:44 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-05-25 16:38 - 2016-04-14 18:46 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-05-25 16:38 - 2016-04-14 18:42 - 03243520 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-05-25 16:38 - 2016-04-14 18:42 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-05-25 16:38 - 2016-04-14 18:42 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-05-25 16:38 - 2016-04-14 18:42 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-05-25 16:38 - 2016-04-14 18:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-05-25 16:38 - 2016-04-14 17:33 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-05-25 16:38 - 2016-04-14 17:33 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-05-25 16:38 - 2016-04-14 17:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-05-25 16:38 - 2016-04-14 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-05-25 16:38 - 2016-04-14 17:19 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-05-25 16:38 - 2016-04-14 17:11 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-05-25 12:33 - 2016-05-27 00:05 - 00000000 ____D C:\FRST
2016-05-25 12:33 - 2016-05-27 00:01 - 02383360 _____ (Farbar) C:\Users\Marlin\Desktop\FRST64.exe
2016-05-25 09:16 - 2016-05-25 09:42 - 00000000 ____D C:\Users\Marlin\Desktop\Anti Virus
2016-05-25 09:16 - 2016-05-25 09:16 - 00004419 _____ C:\Users\Marlin\Desktop\JRT.txt
2016-05-25 09:10 - 2016-05-25 09:10 - 00000000 ____D C:\Program Files (x86)\ESET
2016-05-25 08:06 - 2016-05-25 08:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweeten
2016-05-25 01:10 - 2016-05-25 01:10 - 00000000 ____H C:\Users\Marlin\AppData\Local\BITFA99.tmp
2016-05-25 01:09 - 2016-05-25 01:10 - 00000000 _____ C:\Users\Marlin\AppData\Local\{056C4BAF-A0FF-4DDD-ABE9-6611CE374B05}
2016-05-25 01:07 - 2016-05-25 01:07 - 00000011 _____ C:\ProgramData\.tv7
2016-05-25 00:48 - 2016-05-25 00:48 - 00000000 ____D C:\.Trash-999
2016-05-24 23:58 - 2016-05-24 23:58 - 00000000 ____D C:\Identity
2016-05-24 23:57 - 2016-05-26 22:05 - 00000000 ____D C:\ProgramData\WRData
2016-05-24 23:57 - 2016-05-24 23:57 - 00182200 _____ (Webroot) C:\Windows\SysWOW64\WRusr.dll
2016-05-24 23:57 - 2016-05-24 23:57 - 00117728 _____ (Webroot) C:\Windows\system32\Drivers\WRkrn.sys
2016-05-24 23:57 - 2016-05-24 23:57 - 00117304 _____ (Webroot) C:\Windows\system32\WRusr.dll
2016-05-24 23:57 - 2016-05-24 23:57 - 00054512 ____T (Webroot) C:\Windows\system32\Drivers\wrUrlFlt.sys
2016-05-24 23:57 - 2016-05-24 23:57 - 00000000 ____D C:\Users\Marlin\AppData\LocalLow\LastPass
2016-05-24 23:57 - 2016-05-24 23:57 - 00000000 ____D C:\Users\Marlin\AppData\Local\lptmp
2016-05-24 23:57 - 2016-05-24 23:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webroot SecureAnywhere
2016-05-24 23:57 - 2016-05-24 23:57 - 00000000 ____D C:\Program Files\Webroot
2016-05-24 23:57 - 2016-05-24 23:57 - 00000000 ____D C:\Program Files\Common Files\Webroot
2016-05-24 23:56 - 2016-05-26 23:36 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-05-24 23:56 - 2016-05-24 23:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-05-24 23:56 - 2016-05-24 23:56 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-05-24 23:56 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-05-24 23:56 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-05-24 23:56 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-05-24 23:10 - 2016-05-24 23:10 - 00023802 _____ C:\Users\Marlin\AppData\Local\recently-used.xbel
2016-05-24 22:29 - 2016-05-24 22:29 - 00000000 _____ C:\Users\Marlin\AppData\Local\{1A1B3749-31EB-494F-AA76-3DFC76586726}
2016-05-24 22:13 - 2016-05-24 22:13 - 00000184 _____ C:\Users\Marlin\Desktop\Aurelion.url
2016-05-22 22:30 - 2016-05-22 22:30 - 01693145 _____ C:\Users\Marlin\Desktop\wpdb.sql
2016-05-21 16:28 - 2016-05-21 16:28 - 00000000 _____ C:\Users\Marlin\AppData\Local\{AB9E70B5-71FF-4C0D-9E0C-EEBA9714DFC4}
2016-05-19 02:45 - 2016-04-12 16:52 - 00908717 _____ C:\Users\Marlin\Desktop\Para's InstaLock 0.49.exe
2016-05-18 20:55 - 2016-05-18 20:57 - 352321536 _____ C:\Users\Marlin\Downloads\pmagic_2013_08_01.iso
2016-05-14 00:44 - 2016-05-14 00:44 - 00001097 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2016-05-14 00:44 - 2016-05-14 00:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2016-05-14 00:43 - 2016-05-14 00:43 - 00000000 ____D C:\Program Files\Oracle
2016-05-14 00:09 - 2016-05-14 00:09 - 00002084 _____ C:\Users\Public\Desktop\FileZilla Client.lnk
2016-05-13 14:10 - 2016-05-13 15:10 - 05995712 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-05-13 13:25 - 2016-05-13 13:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-05-13 09:56 - 2016-05-13 09:56 - 00015816 _____ (Razer Inc.) C:\Windows\SysWOW64\RzStats.IPC.dll
2016-05-11 21:37 - 2016-05-11 21:37 - 00000688 _____ C:\Users\Public\Desktop\Euro Truck Simulator 2 Multiplayer.lnk
2016-05-11 21:25 - 2016-05-12 00:03 - 00000000 ____D C:\Users\Marlin\Desktop\Präs
2016-05-11 14:55 - 2016-05-27 00:03 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0f163753f4a4f.job
2016-05-11 14:55 - 2016-05-27 00:00 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0bf53fb98686a.job
2016-05-11 14:55 - 2016-05-11 14:55 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d0bf53fb98686a
2016-05-11 14:55 - 2016-05-11 14:55 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d0f163753f4a4f
2016-05-11 14:52 - 2016-05-11 14:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-05-10 22:26 - 2016-05-10 22:25 - 06513888 _____ (Tim Kosse) C:\Users\Marlin\Downloads\FileZilla_3.17.0.1_win64-setup.exe
2016-05-10 22:21 - 2016-04-14 15:49 - 00603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-05-10 22:21 - 2016-04-14 15:21 - 00647680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-05-10 22:21 - 2016-04-09 09:01 - 00986344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-05-10 22:21 - 2016-04-09 09:01 - 00264936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-05-10 22:21 - 2016-04-09 08:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-05-10 22:21 - 2016-04-09 08:57 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-05-10 22:21 - 2016-04-09 08:57 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-05-10 22:21 - 2016-04-09 08:54 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-05-10 22:21 - 2016-04-09 08:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-05-10 22:21 - 2016-04-09 07:49 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-05-10 22:21 - 2016-04-06 17:27 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-05-10 22:20 - 2016-04-23 19:08 - 00394960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-05-10 22:20 - 2016-04-23 18:24 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-05-10 22:20 - 2016-04-23 07:25 - 25816064 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-05-10 22:20 - 2016-04-23 07:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-05-10 22:20 - 2016-04-23 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-05-10 22:20 - 2016-04-23 07:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-05-10 22:20 - 2016-04-23 07:00 - 02893312 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-05-10 22:20 - 2016-04-23 07:00 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-05-10 22:20 - 2016-04-23 07:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-05-10 22:20 - 2016-04-23 07:00 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-05-10 22:20 - 2016-04-23 07:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-05-10 22:20 - 2016-04-23 06:52 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-05-10 22:20 - 2016-04-23 06:51 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-05-10 22:20 - 2016-04-23 06:48 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-05-10 22:20 - 2016-04-23 06:47 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-05-10 22:20 - 2016-04-23 06:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-05-10 22:20 - 2016-04-23 06:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-05-10 22:20 - 2016-04-23 06:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-05-10 22:20 - 2016-04-23 06:46 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-05-10 22:20 - 2016-04-23 06:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-05-10 22:20 - 2016-04-23 06:36 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-05-10 22:20 - 2016-04-23 06:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-05-10 22:20 - 2016-04-23 06:27 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-05-10 22:20 - 2016-04-23 06:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-05-10 22:20 - 2016-04-23 06:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-05-10 22:20 - 2016-04-23 06:21 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-05-10 22:20 - 2016-04-23 06:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-05-10 22:20 - 2016-04-23 06:20 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-05-10 22:20 - 2016-04-23 06:11 - 20350464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-05-10 22:20 - 2016-04-23 06:09 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-05-10 22:20 - 2016-04-23 06:08 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-05-10 22:20 - 2016-04-23 06:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-05-10 22:20 - 2016-04-23 06:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-05-10 22:20 - 2016-04-23 06:07 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-05-10 22:20 - 2016-04-23 06:07 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-05-10 22:20 - 2016-04-23 06:07 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-05-10 22:20 - 2016-04-23 06:06 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-05-10 22:20 - 2016-04-23 06:06 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-05-10 22:20 - 2016-04-23 06:05 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-05-10 22:20 - 2016-04-23 06:04 - 02285568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-05-10 22:20 - 2016-04-23 06:02 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-05-10 22:20 - 2016-04-23 06:01 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-05-10 22:20 - 2016-04-23 06:00 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-05-10 22:20 - 2016-04-23 05:59 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-05-10 22:20 - 2016-04-23 05:58 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-05-10 22:20 - 2016-04-23 05:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-05-10 22:20 - 2016-04-23 05:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-05-10 22:20 - 2016-04-23 05:51 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-05-10 22:20 - 2016-04-23 05:50 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-05-10 22:20 - 2016-04-23 05:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-05-10 22:20 - 2016-04-23 05:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-05-10 22:20 - 2016-04-23 05:43 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-05-10 22:20 - 2016-04-23 05:41 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-05-10 22:20 - 2016-04-23 05:40 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-05-10 22:20 - 2016-04-23 05:39 - 01547776 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-05-10 22:20 - 2016-04-23 05:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-05-10 22:20 - 2016-04-23 05:36 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-05-10 22:20 - 2016-04-23 05:33 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-05-10 22:20 - 2016-04-23 05:31 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-05-10 22:20 - 2016-04-23 05:30 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-05-10 22:20 - 2016-04-23 05:30 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-05-10 22:20 - 2016-04-23 05:28 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-05-10 22:20 - 2016-04-23 05:26 - 13811200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-05-10 22:20 - 2016-04-23 05:12 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-05-10 22:20 - 2016-04-23 05:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-05-10 22:20 - 2016-04-23 05:07 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-05-10 22:20 - 2016-04-09 09:02 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-05-10 22:20 - 2016-04-09 09:01 - 05546216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-05-10 22:20 - 2016-04-09 09:01 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-05-10 22:20 - 2016-04-09 08:59 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-05-10 22:20 - 2016-04-09 08:59 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-05-10 22:20 - 2016-04-09 08:59 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-05-10 22:20 - 2016-04-09 08:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-05-10 22:20 - 2016-04-09 08:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-05-10 22:20 - 2016-04-09 08:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-05-10 22:20 - 2016-04-09 08:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-05-10 22:20 - 2016-04-09 08:58 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-05-10 22:20 - 2016-04-09 08:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-05-10 22:20 - 2016-04-09 08:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 07:52 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-05-10 22:20 - 2016-04-09 07:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-05-10 22:20 - 2016-04-09 07:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-05-10 22:20 - 2016-04-09 07:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-05-10 22:20 - 2016-04-09 07:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-05-10 22:20 - 2016-04-09 07:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-05-10 22:20 - 2016-04-09 07:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-05-10 22:20 - 2016-04-09 07:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-05-10 22:20 - 2016-04-09 07:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-05-10 22:20 - 2016-04-09 07:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-05-10 22:20 - 2016-04-09 07:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 07:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 07:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 07:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-05-10 22:20 - 2016-04-09 06:20 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-05-10 22:20 - 2016-04-09 05:52 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-05-05 18:32 - 2016-05-05 18:32 - 00000000 ____D C:\Users\Marlin\AppData\Local\UWKProcess
2016-05-05 18:29 - 2016-05-05 18:29 - 00000000 ____D C:\Users\Marlin\AppData\LocalLow\DefaultCompany
2016-05-05 15:47 - 2014-10-19 15:54 - 00447752 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
2016-05-05 14:05 - 2016-05-05 14:05 - 00000000 ____D C:\Users\Marlin\Desktop\Electronic Arts
2016-05-04 14:24 - 2016-03-18 00:56 - 02084864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-05-04 14:24 - 2016-03-18 00:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-05-03 19:34 - 2016-04-04 20:14 - 00038120 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-05-03 19:34 - 2016-04-04 20:02 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-05-03 19:34 - 2016-04-02 15:08 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-05-03 19:34 - 2016-03-23 16:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-05-03 19:34 - 2016-03-17 20:04 - 00698368 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-05-03 19:34 - 2016-03-17 20:04 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-05-03 19:34 - 2016-03-17 20:04 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-05-03 19:34 - 2016-03-17 20:04 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-05-03 19:34 - 2016-03-16 20:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-05-03 19:34 - 2016-03-16 20:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-05-03 19:34 - 2016-03-16 20:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-05-03 19:34 - 2016-03-16 02:16 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-05-03 19:34 - 2016-03-16 02:16 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-05-03 19:34 - 2016-03-16 01:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-05-03 19:34 - 2016-03-09 21:00 - 00444416 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-05-03 19:34 - 2016-03-09 21:00 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-05-03 19:34 - 2016-03-09 20:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-05-03 19:34 - 2016-03-09 20:40 - 00351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-05-03 19:34 - 2016-03-09 20:40 - 00316416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-05-03 19:34 - 2016-03-09 20:34 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-05-03 19:34 - 2016-03-06 20:53 - 01885696 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-05-03 19:34 - 2016-03-06 20:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-05-03 19:34 - 2016-03-06 20:38 - 01240576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-05-03 19:34 - 2016-03-06 20:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2016-05-03 19:23 - 2016-01-22 08:18 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-05-03 19:23 - 2016-01-22 08:18 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-05-03 19:23 - 2016-01-22 08:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-05-03 19:23 - 2016-01-22 08:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-05-03 19:19 - 2013-04-10 18:07 - 00002435 _____ C:\Windows\CreateRP-Success_Message.vbs
2016-05-03 19:18 - 2016-02-12 20:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-05-03 19:18 - 2016-02-12 20:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-05-03 19:18 - 2016-02-12 20:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-05-03 19:18 - 2016-02-12 20:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-05-03 19:18 - 2016-02-12 20:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-05-03 19:18 - 2016-02-12 20:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-05-03 19:18 - 2016-02-12 20:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-05-03 19:18 - 2016-02-12 20:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-05-03 19:18 - 2016-02-12 20:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-05-03 19:18 - 2016-02-12 20:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-05-03 19:18 - 2016-02-12 20:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-05-03 19:18 - 2016-02-12 20:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-05-03 19:18 - 2016-02-12 20:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-05-03 19:18 - 2016-02-12 20:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-05-03 19:18 - 2016-02-12 20:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-05-03 19:18 - 2016-02-12 20:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-05-03 19:18 - 2016-02-05 20:56 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2016-05-03 19:18 - 2016-02-05 20:54 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-05-03 19:18 - 2016-02-05 20:54 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-05-03 19:18 - 2016-02-05 20:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-05-03 19:18 - 2016-02-05 20:53 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-05-03 19:18 - 2016-02-05 20:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-05-03 19:18 - 2016-02-05 20:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-05-03 19:18 - 2016-02-05 20:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-05-03 19:18 - 2016-02-05 20:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-05-03 19:18 - 2016-02-05 19:48 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-05-03 19:18 - 2016-02-05 19:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-05-03 19:18 - 2016-02-05 19:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-05-03 19:18 - 2016-02-05 19:33 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2016-05-03 19:18 - 2016-02-05 03:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-05-03 19:18 - 2016-02-04 20:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-05-03 19:18 - 2016-02-02 20:57 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-05-03 19:18 - 2016-01-21 02:51 - 00073664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2016-05-03 19:18 - 2016-01-11 21:11 - 01684416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-05-03 19:18 - 2015-12-20 20:50 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-05-03 19:18 - 2015-12-20 20:50 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-05-03 19:18 - 2015-12-20 16:08 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-05-03 19:18 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-05-03 19:18 - 2015-06-03 22:21 - 00451080 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-05-03 18:56 - 2016-02-09 11:57 - 14634496 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-05-03 18:56 - 2016-02-09 11:57 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-05-03 18:56 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-05-03 18:56 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-05-03 18:56 - 2016-02-09 11:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-05-03 18:56 - 2016-02-09 11:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-05-03 18:56 - 2016-02-09 11:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-05-03 18:56 - 2016-02-09 11:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-05-03 18:56 - 2016-02-09 11:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-05-03 18:56 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-05-03 18:56 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-05-03 18:56 - 2016-02-03 20:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-05-03 18:56 - 2016-02-03 20:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-05-03 18:56 - 2016-02-03 20:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-05-03 18:56 - 2016-02-03 20:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-05-03 18:56 - 2016-02-03 20:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-05-03 18:56 - 2016-01-07 19:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-05-02 20:45 - 2016-05-02 21:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyFinder
2016-05-02 20:23 - 2016-05-02 21:10 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2016-05-01 18:52 - 2016-05-02 21:10 - 00000000 ____D C:\Users\Marlin\Desktop\HiTFaKeR-v0.4
2016-05-01 18:48 - 2016-05-25 12:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy-Hide-IP VPN
2016-05-01 18:48 - 2016-04-22 12:27 - 00547544 _____ (EasyTech) C:\Windows\system32\EasyRedirect64.dll
2016-05-01 18:48 - 2016-04-22 12:27 - 00388312 _____ (EasyTech) C:\Windows\SysWOW64\EasyRedirect.dll
2016-05-01 18:21 - 2016-05-02 21:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elite Proxy Switcher
2016-05-01 18:21 - 2016-05-01 18:21 - 00000000 ____D C:\ProgramData\EPS
2016-04-30 16:15 - 2016-04-30 16:15 - 00000832 _____ C:\Users\Marlin\Desktop\World of Tanks ProMod.lnk
2016-04-30 16:02 - 2016-04-30 16:15 - 00000000 ____D C:\Users\Marlin\AppData\Roaming\ProMod
2016-04-30 15:39 - 2016-05-02 21:10 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-04-30 15:39 - 2016-04-30 15:57 - 00000000 ____D C:\Users\Marlin\Desktop\Games
2016-04-30 15:39 - 2015-12-04 09:51 - 04694784 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2016-04-30 15:39 - 2015-12-04 09:51 - 04463263 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2016-04-30 15:39 - 2015-12-04 09:51 - 03271912 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2016-04-30 15:39 - 2015-12-04 09:51 - 03195648 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2016-04-30 15:39 - 2015-12-04 09:51 - 03053392 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2016-04-30 15:39 - 2015-12-04 09:51 - 02893568 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2016-04-30 15:39 - 2015-12-04 09:51 - 02130584 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2016-04-30 15:39 - 2015-12-04 09:51 - 02030200 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2016-04-30 15:39 - 2015-12-04 09:51 - 01382240 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2016-04-30 15:39 - 2015-12-04 09:51 - 01356512 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2016-04-30 15:39 - 2015-12-04 09:51 - 01328504 _____ (DTS, Inc.) C:\Windows\system32\slcnt64.dll
2016-04-30 15:39 - 2015-12-04 09:51 - 01020208 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2016-04-30 15:39 - 2015-12-04 09:51 - 00873472 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2016-04-30 15:39 - 2015-12-04 09:51 - 00689888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2016-04-30 15:39 - 2015-12-04 09:51 - 00387320 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2016-04-30 15:39 - 2015-12-04 09:51 - 00343712 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2016-04-30 15:39 - 2015-12-04 09:51 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2016-04-30 15:39 - 2015-12-04 09:51 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2016-04-30 15:39 - 2015-12-04 09:51 - 00214840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2016-04-30 15:39 - 2015-12-04 09:51 - 00192992 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2016-04-30 15:39 - 2015-12-04 09:51 - 00158704 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2016-04-30 15:39 - 2015-12-04 09:51 - 00110992 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2016-04-30 15:39 - 2015-12-04 09:51 - 00088352 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2016-04-30 15:39 - 2015-12-04 09:51 - 00075544 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2016-04-30 15:39 - 2015-12-04 09:51 - 00023704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2016-04-30 15:39 - 2015-12-04 09:50 - 03282032 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2016-04-30 15:39 - 2015-12-04 09:50 - 01601952 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll
2016-04-30 15:39 - 2015-12-04 09:50 - 00574760 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2016-04-30 15:39 - 2015-12-04 09:50 - 00122328 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2016-04-30 15:39 - 2015-12-04 09:50 - 00118600 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2016-04-30 15:30 - 2016-04-30 15:30 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-04-28 21:32 - 2016-04-28 21:32 - 00000000 ____D C:\LGMobileUpgrade
2016-04-28 15:05 - 2016-04-28 15:05 - 00192352 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetLwf.sys
2016-04-28 15:05 - 2016-04-28 15:05 - 00119712 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp6.sys

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-27 00:05 - 2015-06-12 21:25 - 00000000 _____ C:\Windows\system32\RzSurroundVADAudioDeviceManager_log.txt
2016-05-27 00:04 - 2014-10-10 14:15 - 04923392 ___SH C:\Users\Marlin\Desktop\Thumbs.db
2016-05-27 00:03 - 2016-04-25 20:16 - 00000000 ____D C:\Users\Marlin\AppData\Local\LogMeIn Hamachi
2016-05-27 00:03 - 2015-07-16 01:14 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bf53fb750165.job
2016-05-27 00:03 - 2014-09-14 17:19 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-27 00:03 - 2014-09-14 14:00 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-05-27 00:03 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-27 00:01 - 2015-05-27 19:23 - 00000000 ____D C:\Users\Marlin\AppData\Roaming\Skype
2016-05-27 00:00 - 2015-10-28 02:37 - 00000000 ____D C:\Users\Marlin\AppData\Local\Clipboarder
2016-05-26 23:13 - 2014-09-14 17:19 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-26 23:10 - 2015-12-30 18:55 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-05-26 23:06 - 2009-07-14 06:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-26 23:06 - 2009-07-14 06:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-26 23:00 - 2015-06-14 22:46 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-05-26 23:00 - 2015-06-14 22:46 - 00000000 ___SD C:\Windows\system32\GWX
2016-05-26 22:34 - 2015-06-17 17:42 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-05-26 21:07 - 2016-04-16 17:08 - 00000000 ____D C:\Users\Marlin\Downloads\Telegram Desktop
2016-05-26 19:31 - 2015-06-21 11:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2016-05-26 16:31 - 2015-03-11 21:11 - 00000000 ____D C:\Users\Marlin\AppData\Local\CrashDumps
2016-05-26 16:11 - 2015-12-10 17:11 - 00000000 ____D C:\Users\Marlin\AppData\Local\Spotify
2016-05-26 16:11 - 2014-12-21 12:08 - 00000000 ____D C:\Users\Marlin\AppData\Roaming\Raptr
2016-05-26 16:09 - 2016-04-16 23:28 - 00000000 ____D C:\Users\Marlin\AppData\Roaming\Spotify
2016-05-26 01:20 - 2014-10-12 23:05 - 00000000 ____D C:\Users\Marlin\AppData\Roaming\vlc
2016-05-26 00:58 - 2015-08-28 17:02 - 00409410 _____ C:\Windows\system32\perfh011.dat
2016-05-26 00:58 - 2015-08-28 17:02 - 00122294 _____ C:\Windows\system32\perfc011.dat
2016-05-26 00:58 - 2015-08-28 16:54 - 00502046 _____ C:\Windows\system32\perfh006.dat
2016-05-26 00:58 - 2015-08-28 16:54 - 00098852 _____ C:\Windows\system32\perfc006.dat
2016-05-26 00:58 - 2015-08-28 16:37 - 00390974 _____ C:\Windows\system32\prfh0404.dat
2016-05-26 00:58 - 2015-08-28 16:37 - 00115284 _____ C:\Windows\system32\prfc0404.dat
2016-05-26 00:58 - 2015-08-28 16:30 - 00706512 _____ C:\Windows\system32\prfh0416.dat
2016-05-26 00:58 - 2015-08-28 16:30 - 00147850 _____ C:\Windows\system32\prfc0416.dat
2016-05-26 00:58 - 2015-08-28 16:23 - 00721650 _____ C:\Windows\system32\prfh0816.dat
2016-05-26 00:58 - 2015-08-28 16:23 - 00153100 _____ C:\Windows\system32\prfc0816.dat
2016-05-26 00:58 - 2015-08-28 16:17 - 00732990 _____ C:\Windows\system32\perfh015.dat
2016-05-26 00:58 - 2015-08-28 16:17 - 00156066 _____ C:\Windows\system32\perfc015.dat
2016-05-26 00:58 - 2015-08-28 16:11 - 00649314 _____ C:\Windows\system32\perfh01F.dat
2016-05-26 00:58 - 2015-08-28 16:11 - 00140194 _____ C:\Windows\system32\perfc01F.dat
2016-05-26 00:58 - 2015-08-28 16:00 - 00373802 _____ C:\Windows\system32\prfh0804.dat
2016-05-26 00:58 - 2015-08-28 16:00 - 00119786 _____ C:\Windows\system32\prfc0804.dat
2016-05-26 00:58 - 2015-08-28 15:44 - 00717232 _____ C:\Windows\system32\perfh019.dat
2016-05-26 00:58 - 2015-08-28 15:44 - 00151036 _____ C:\Windows\system32\perfc019.dat
2016-05-26 00:58 - 2015-08-28 15:39 - 00487146 _____ C:\Windows\system32\perfh014.dat
2016-05-26 00:58 - 2015-08-28 15:39 - 00095598 _____ C:\Windows\system32\perfc014.dat
2016-05-26 00:58 - 2015-08-28 15:35 - 00599620 _____ C:\Windows\system32\perfh008.dat
2016-05-26 00:58 - 2015-08-28 15:35 - 00111322 _____ C:\Windows\system32\perfc008.dat
2016-05-26 00:58 - 2015-08-28 15:30 - 00656352 _____ C:\Windows\system32\perfh01D.dat
2016-05-26 00:58 - 2015-08-28 15:30 - 00142668 _____ C:\Windows\system32\perfc01D.dat
2016-05-26 00:58 - 2015-08-28 15:26 - 00421056 _____ C:\Windows\system32\perfh012.dat
2016-05-26 00:58 - 2015-08-28 15:26 - 00120578 _____ C:\Windows\system32\perfc012.dat
2016-05-26 00:58 - 2015-08-28 15:22 - 00661472 _____ C:\Windows\system32\perfh005.dat
2016-05-26 00:58 - 2015-08-28 15:22 - 00141620 _____ C:\Windows\system32\perfc005.dat
2016-05-26 00:58 - 2015-08-28 15:11 - 00736130 _____ C:\Windows\system32\perfh013.dat
2016-05-26 00:58 - 2015-08-28 15:11 - 00153296 _____ C:\Windows\system32\perfc013.dat
2016-05-26 00:58 - 2015-08-28 15:04 - 00474134 _____ C:\Windows\system32\perfh00B.dat
2016-05-26 00:58 - 2015-08-28 15:04 - 00101714 _____ C:\Windows\system32\perfc00B.dat
2016-05-26 00:58 - 2015-08-28 15:00 - 00676386 _____ C:\Windows\system32\perfh00E.dat
2016-05-26 00:58 - 2015-08-28 15:00 - 00171468 _____ C:\Windows\system32\perfc00E.dat
2016-05-26 00:58 - 2015-08-28 14:52 - 00738088 _____ C:\Windows\system32\perfh00A.dat
2016-05-26 00:58 - 2015-08-28 14:52 - 00158668 _____ C:\Windows\system32\perfc00A.dat
2016-05-26 00:58 - 2015-08-28 14:47 - 00384976 _____ C:\Windows\system32\perfh00D.dat
2016-05-26 00:58 - 2015-08-28 14:47 - 00084952 _____ C:\Windows\system32\perfc00D.dat
2016-05-26 00:58 - 2015-08-28 14:38 - 00732678 _____ C:\Windows\system32\perfh010.dat
2016-05-26 00:58 - 2015-08-28 14:38 - 00147040 _____ C:\Windows\system32\perfc010.dat
2016-05-26 00:58 - 2015-08-28 14:34 - 00738348 _____ C:\Windows\system32\perfh00C.dat
2016-05-26 00:58 - 2015-08-28 14:34 - 00471646 _____ C:\Windows\system32\perfh001.dat
2016-05-26 00:58 - 2015-08-28 14:34 - 00149774 _____ C:\Windows\system32\perfc00C.dat
2016-05-26 00:58 - 2015-08-28 14:34 - 00094966 _____ C:\Windows\system32\perfc001.dat
2016-05-26 00:58 - 2010-11-21 08:50 - 00700130 _____ C:\Windows\system32\perfh007.dat
2016-05-26 00:58 - 2010-11-21 08:50 - 00149768 _____ C:\Windows\system32\perfc007.dat
2016-05-26 00:58 - 2009-07-14 07:13 - 17467958 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-26 00:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-05-25 16:55 - 2015-08-28 15:51 - 00000000 ____D C:\Windows\et-EE
2016-05-25 16:55 - 2015-08-28 15:47 - 00000000 ____D C:\Windows\lt-LT
2016-05-25 16:55 - 2015-08-28 15:07 - 00000000 ____D C:\Windows\lv-LV
2016-05-25 16:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\lv-LV
2016-05-25 16:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\lt-LT
2016-05-25 16:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\et-EE
2016-05-25 16:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\lv-LV
2016-05-25 16:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\lt-LT
2016-05-25 16:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\et-EE
2016-05-25 16:40 - 2014-09-14 16:58 - 17078958 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-05-25 16:21 - 2015-11-18 23:43 - 00943536 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2016-05-25 16:21 - 2015-06-11 20:32 - 00049240 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klim6.sys
2016-05-25 16:20 - 2015-07-04 03:18 - 00237480 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2016-05-25 14:47 - 2016-01-22 14:43 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-05-25 14:30 - 2014-09-23 17:31 - 00000000 ____D C:\Users\Marlin\AppData\Roaming\FileZilla
2016-05-25 14:26 - 2015-02-13 19:58 - 00000600 _____ C:\Users\Marlin\AppData\Local\PUTTY.RND
2016-05-25 14:09 - 2015-01-13 18:31 - 00000000 ____D C:\AdwCleaner
2016-05-25 13:48 - 2016-01-02 21:02 - 00000000 ___RD C:\Users\Marlin\MediaFire
2016-05-25 00:27 - 2015-03-22 19:59 - 00000000 ____D C:\ProgramData\TEMP
2016-05-25 00:04 - 2014-10-24 00:22 - 00000000 ____D C:\Users\Marlin\Desktop\Programme
2016-05-24 23:56 - 2014-11-08 23:43 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-05-24 23:10 - 2014-10-15 14:34 - 00000000 ____D C:\Users\Marlin\AppData\Local\gtk-2.0
2016-05-24 23:10 - 2014-10-15 14:30 - 00000000 ____D C:\Users\Marlin\.gimp-2.8
2016-05-24 22:20 - 2016-03-29 21:44 - 00000000 ____D C:\Users\Marlin\AppData\Roaming\Tweeten
2016-05-24 22:10 - 2016-04-26 00:53 - 00000000 ____D C:\Users\Marlin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps
2016-05-24 22:10 - 2016-03-26 00:13 - 00000671 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-05-24 22:10 - 2015-07-06 15:48 - 00000723 _____ C:\Users\Marlin\Desktop\Amorous.lnk
2016-05-24 22:10 - 2015-05-11 22:55 - 00000000 __SHD C:\Users\Marlin\Desktop\Tools
2016-05-24 22:10 - 2014-10-23 22:49 - 00001281 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-24 22:10 - 2014-10-08 20:33 - 00000000 ____D C:\Users\Marlin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WorldofTanks
2016-05-24 22:10 - 2014-09-14 16:56 - 00001026 _____ C:\Users\Marlin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-05-24 20:00 - 2014-12-10 22:38 - 00000000 ____D C:\Users\Marlin\.VirtualBox
2016-05-24 19:56 - 2014-10-02 14:16 - 00177000 _____ C:\IFRToolLog.txt
2016-05-21 21:49 - 2015-08-28 03:26 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-19 18:18 - 2016-02-11 16:29 - 00000633 _____ C:\Users\Marlin\Desktop\Phone.txt
2016-05-19 16:33 - 2016-04-16 23:52 - 00000000 ____D C:\Users\Marlin\Documents\Euro Truck Simulator 2
2016-05-19 01:37 - 2015-12-04 19:42 - 00000958 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-05-18 19:29 - 2016-01-04 15:59 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-05-18 19:29 - 2014-09-14 14:49 - 00000000 ____D C:\ProgramData\Skype
2016-05-18 19:08 - 2015-04-22 07:54 - 00000000 ____D C:\Users\Alexander
2016-05-18 18:52 - 2015-10-30 15:49 - 00000000 ____D C:\Users\Marlin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TweetDeck
2016-05-14 00:39 - 2014-12-02 17:16 - 00000501 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2016-05-14 00:09 - 2015-01-24 20:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2016-05-14 00:09 - 2015-01-24 20:19 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2016-05-13 19:55 - 2015-11-15 19:09 - 00000000 ____D C:\Users\Marlin\AppData\Roaming\Audacity
2016-05-13 15:33 - 2014-09-23 18:35 - 00000000 ____D C:\Users\Marlin\AppData\Roaming\.minecraft
2016-05-13 15:10 - 2015-12-30 18:55 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-13 15:10 - 2015-12-30 18:55 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-13 15:10 - 2015-12-30 18:55 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-05-13 13:25 - 2015-07-19 14:08 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-05-12 23:01 - 2015-06-14 22:46 - 00000000 ____D C:\Windows\system32\appraiser
2016-05-12 20:57 - 2015-08-28 03:26 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-12 20:30 - 2014-12-31 12:44 - 00000000 ____D C:\Users\Marlin\Documents\ETS2MP
2016-05-11 21:37 - 2016-04-18 17:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TruckersMP
2016-05-11 19:43 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-05-11 15:46 - 2016-01-26 14:52 - 00000000 ____D C:\ProgramData\TwonkyServer
2016-05-11 14:51 - 2009-07-14 06:45 - 00355016 _____ C:\Windows\system32\FNTCACHE.DAT
2016-05-10 23:20 - 2010-11-21 09:00 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-10 23:12 - 2015-11-25 23:26 - 00000600 _____ C:\Users\Marlin\AppData\Roaming\PUTTY.RND
2016-05-10 23:10 - 2015-09-12 15:08 - 00000000 ____D C:\Users\Marlin\AppData\Roaming\BitTorrent
2016-05-10 23:10 - 2014-09-14 11:47 - 00000000 ____D C:\Windows\system32\MRT
2016-05-10 23:01 - 2014-09-14 11:47 - 139319312 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-05-10 22:12 - 2016-01-02 21:00 - 00000000 ____D C:\Program Files (x86)\MediaFire Desktop
2016-05-10 22:12 - 2014-09-14 16:56 - 00000000 ____D C:\Users\Marlin
2016-05-09 23:36 - 2015-02-20 20:27 - 00000000 ____D C:\ProgramData\Origin
2016-05-06 16:29 - 2015-12-22 19:55 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2016-05-06 14:49 - 2015-06-12 21:23 - 00000000 ____D C:\ProgramData\Razer
2016-05-05 18:29 - 2015-01-16 15:38 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-05-05 18:20 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-05-05 15:49 - 2016-03-08 03:10 - 00000000 ____D C:\Users\Marlin\Documents\Electronic Arts
2016-05-03 15:06 - 2014-09-23 16:06 - 00226168 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2016-05-03 15:06 - 2014-09-23 16:06 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2016-05-02 22:10 - 2015-10-15 18:08 - 00000000 ____D C:\Users\Marlin\AppData\Local\Battle.net
2016-05-02 21:11 - 2016-04-02 22:17 - 00000000 ____D C:\Program Files (x86)\RealWorld Cursor Editor
2016-05-02 21:10 - 2016-01-01 23:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftEther VPN Client
2016-05-02 21:10 - 2015-09-08 15:14 - 00000000 ____D C:\Program Files\Realtek
2016-05-02 21:10 - 2015-06-13 18:52 - 00000000 ____D C:\ProgramData\Apple
2016-05-02 21:10 - 2015-06-13 18:52 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-05-02 21:10 - 2015-01-20 19:20 - 00000000 ____D C:\Users\Marlin\AppData\Roaming\puush
2016-05-02 21:10 - 2014-09-14 17:14 - 00000000 ____D C:\Windows\system32\SRSLabs
2016-05-02 21:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\security
2016-05-02 21:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2016-05-02 21:03 - 2014-09-14 17:14 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-04-30 15:40 - 2014-09-14 17:14 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-04-30 13:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-04-28 20:54 - 2015-06-18 20:33 - 00000000 ____D C:\Program Files (x86)\LG Electronics
2016-04-28 15:05 - 2015-09-21 17:14 - 00916520 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2016-04-28 15:05 - 2015-09-21 17:14 - 00143568 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-01-12 14:09 - 2016-01-12 14:09 - 0000011 _____ () C:\Users\Marlin\AppData\Roaming\.tv7
2016-04-16 14:24 - 2016-04-16 14:24 - 0005120 _____ () C:\Users\Marlin\AppData\Roaming\GiftBag.db
2014-09-24 19:48 - 2014-09-24 19:48 - 0000012 _____ () C:\Users\Marlin\AppData\Roaming\id.txt
2014-10-12 16:21 - 2014-10-12 16:21 - 0000098 _____ () C:\Users\Marlin\AppData\Roaming\LauncherSettings_live.cfg
2014-11-12 18:53 - 2014-11-13 15:37 - 0001216 _____ () C:\Users\Marlin\AppData\Roaming\Marlin.txt
2015-11-25 23:26 - 2016-05-10 23:12 - 0000600 _____ () C:\Users\Marlin\AppData\Roaming\PUTTY.RND
2015-08-29 11:50 - 2015-08-29 11:50 - 0001268 _____ () C:\Users\Marlin\AppData\Roaming\Roaming - Shortcut.lnk
2015-08-29 11:50 - 2015-08-29 11:51 - 0044032 ___SH () C:\Users\Marlin\AppData\Roaming\Thumbs.db
2016-01-02 21:48 - 2016-01-04 21:13 - 20806800 _____ () C:\Users\Marlin\AppData\Roaming\xulrunner.zip
2016-05-25 01:10 - 2016-05-25 01:10 - 0000000 ____H () C:\Users\Marlin\AppData\Local\BITFA99.tmp
2014-09-24 19:53 - 2015-10-22 02:25 - 0011776 _____ () C:\Users\Marlin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-13 19:58 - 2016-05-25 14:26 - 0000600 _____ () C:\Users\Marlin\AppData\Local\PUTTY.RND
2016-05-24 23:10 - 2016-05-24 23:10 - 0023802 _____ () C:\Users\Marlin\AppData\Local\recently-used.xbel
2015-06-12 15:18 - 2015-10-11 22:41 - 0007599 _____ () C:\Users\Marlin\AppData\Local\Resmon.ResmonCfg
2016-05-25 01:09 - 2016-05-25 01:10 - 0000000 _____ () C:\Users\Marlin\AppData\Local\{056C4BAF-A0FF-4DDD-ABE9-6611CE374B05}
2015-10-08 08:08 - 2015-10-08 08:08 - 0000000 _____ () C:\Users\Marlin\AppData\Local\{17367099-8997-4CFF-BF2C-F000DF000440}
2016-05-24 22:29 - 2016-05-24 22:29 - 0000000 _____ () C:\Users\Marlin\AppData\Local\{1A1B3749-31EB-494F-AA76-3DFC76586726}
2016-01-10 00:24 - 2016-01-10 00:24 - 0000000 _____ () C:\Users\Marlin\AppData\Local\{5BD514BE-42FC-46EB-A519-E8C388502CAC}
2015-12-08 15:23 - 2015-12-08 15:23 - 0000000 _____ () C:\Users\Marlin\AppData\Local\{5D944AE5-599D-45D9-9A19-38C0440454A8}
2015-12-16 14:27 - 2015-12-16 14:27 - 0000000 _____ () C:\Users\Marlin\AppData\Local\{73AA8701-6E85-4A4D-BF2B-5D5DA87280D5}
2016-05-21 16:28 - 2016-05-21 16:28 - 0000000 _____ () C:\Users\Marlin\AppData\Local\{AB9E70B5-71FF-4C0D-9E0C-EEBA9714DFC4}
2015-08-13 11:15 - 2015-08-13 11:15 - 0000000 _____ () C:\Users\Marlin\AppData\Local\{B8E48531-81EC-4123-9E5A-E18A4912D3F8}
2015-12-16 14:27 - 2015-12-16 14:27 - 0000000 _____ () C:\Users\Marlin\AppData\Local\{BD45C9D4-BE8E-457B-B07F-11E05B39E8ED}
2016-05-25 01:07 - 2016-05-25 01:07 - 0000011 _____ () C:\ProgramData\.tv7

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Marlin\multibit-hd-windows-x64-0.3.0.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-05-11 19:11

==================== Ende von FRST.txt ============================
         

Alt 26.05.2016, 23:49   #12
Deathkid535
/// Malwareteam
 
Browser öffnen auf Klick hin adware Seiten - Standard

Browser öffnen auf Klick hin adware Seiten



Hi,

hast du das Problem noch?

Alt 27.05.2016, 00:13   #13
Kieran
 
Browser öffnen auf Klick hin adware Seiten - Standard

Browser öffnen auf Klick hin adware Seiten



Bin grade am beobachten. Ich geb dann ein Update.

EDIT: In Chrome öffnet sich manchmal eine Seite mit dem namen foryourweb.net wenn ich in der URL zeile etwas eingeben möchte. Auch Tweeten hat jetzt schon 2 mal nach dem Öffnen eine Seite die nicht twitter ist, angezeigt.

Geändert von Kieran (27.05.2016 um 00:18 Uhr)

Alt 27.05.2016, 00:16   #14
Deathkid535
/// Malwareteam
 
Browser öffnen auf Klick hin adware Seiten - Standard

Browser öffnen auf Klick hin adware Seiten



OK.

Alt 27.05.2016, 15:07   #15
Kieran
 
Browser öffnen auf Klick hin adware Seiten - Standard

Browser öffnen auf Klick hin adware Seiten



Ich habe grade mit einem Experten von dem Webroot Team telefoniert und er hat meinen PC ferngesteuert. Er hat es nicht gefunden und ist der Meinung, dass Tweeten dadurch Geld macht. (Ich weiß dass Tweeten keine Werbung schaltet und hab auch andere User gefragt) Wollte nur mal darüber berichten.

Ich hab ein Video bei dem ich gezielt den Popup erzwungen habe: https://youtu.be/U9OlPzYKrAs

Antwort

Themen zu Browser öffnen auf Klick hin adware Seiten
adware, ausser, browser, dauert, einfach, entfernt, fehler, freund, gescannt, gestern, installer, klick, klicke, malwarebytes, neue, neuen, neuer tab, programm, schei, schädlinge, seite, seiten, versteckt, windows, windows 7, öffnen, öffnet



Ähnliche Themen: Browser öffnen auf Klick hin adware Seiten


  1. Seiten öffnen sich im Browser selbstständig
    Log-Analyse und Auswertung - 23.01.2015 (15)
  2. windows 8 - Seiten im Browser öffnen sich selbständig
    Plagegeister aller Art und deren Bekämpfung - 30.09.2014 (4)
  3. Windows 7: Alle Browser öffnen komische Seiten(online-casinos)
    Log-Analyse und Auswertung - 28.06.2014 (9)
  4. Browser öffnen einige Seiten nicht mehr!
    Alles rund um Windows - 26.04.2014 (33)
  5. Adware? ständig öffnen sich (Werbe)fenster akamaihd.net und Seiten werden nicht korrekt angezeigt PLUSHD6
    Plagegeister aller Art und deren Bekämpfung - 04.12.2013 (9)
  6. Browser Seiten öffnen sich nicht mehr ( einige jedenfalls)
    Mülltonne - 22.10.2013 (1)
  7. Browser öffnen nur about:blank Seiten statt Link
    Log-Analyse und Auswertung - 15.04.2013 (1)
  8. Browser öffnen bei Klick auf Google Suchergebnis Werbung
    Plagegeister aller Art und deren Bekämpfung - 19.03.2013 (13)
  9. Ihavenet.com Browser Hijacker- bei Googlesuche öffnen sich andere Seiten (Weiterleitung über Ihavenet.com)
    Log-Analyse und Auswertung - 21.11.2012 (13)
  10. Browser von heute auf morgen extrem langsam und einige Seiten öffnen sich gar nicht !
    Plagegeister aller Art und deren Bekämpfung - 24.10.2012 (3)
  11. Explorer stürzt ständig ab / Jegliche Browser öffnen ungewollt Seiten
    Plagegeister aller Art und deren Bekämpfung - 10.11.2010 (8)
  12. Lautstärke auf Null, IE öffnet Seiten, Klick-Geräusche=> ClickCycler?
    Plagegeister aller Art und deren Bekämpfung - 20.07.2010 (3)
  13. google umleitung? (klick bringt mich zu dubiösen Seiten alle Browser)
    Plagegeister aller Art und deren Bekämpfung - 20.07.2010 (1)
  14. Browser - Google Links funktionieren nicht, andere Seiten öffnen sich
    Log-Analyse und Auswertung - 04.03.2010 (27)
  15. Browser Hijack - Explorer und Firefox öffnen bei Google-Links falsche Seiten
    Log-Analyse und Auswertung - 27.03.2009 (4)
  16. Internet hat Verbindung aber Browser öffnen keine Seiten
    Plagegeister aller Art und deren Bekämpfung - 17.11.2008 (0)
  17. Browser öffnen kaum noch seiten
    Log-Analyse und Auswertung - 23.09.2008 (0)

Zum Thema Browser öffnen auf Klick hin adware Seiten - Hallo, ich hab mir anscheinend gestern einen Installer mit Adware runtergeladen. Es öffnet sich manchmal wenn ich Klicke, URLs wie diese "https://go.oclasrv.com/afu.php?zoneid=471151" aber sie sind einfach Weiß im Browser und - Browser öffnen auf Klick hin adware Seiten...
Archiv
Du betrachtest: Browser öffnen auf Klick hin adware Seiten auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.