Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
mail.ru eingefangen, deinstalliert und trotzdem popups

mail.ru eingefangen, deinstalliert und trotzdem popups


Plagegeister aller Art und deren Bekämpfung: mail.ru eingefangen, deinstalliert und trotzdem popups

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 01.03.2017, 11:47   #1
finnpower
 
mail.ru eingefangen, deinstalliert und trotzdem popups - Standard

mail.ru eingefangen, deinstalliert und trotzdem popups


Mahlzeit,

habe mir gestern irgendwie dieses mail.ru Addon eingefangen.
hätte es danach über addon`s bei den einstellungen bei internet explorer wieder entfernt, danach bei msconfig beim starten deaktiviert und letztendlich mit revo uninstaller deinstalliert.
Erst danach ist mir langsam gedämmert dass es kein gewöhnliches addon ist und habe mit malwarebytes, adwcleaner, jrt und sc-cleaner auch noch gewerkt.
Augenscheinlich ist zwar alles weg, jedoch kommen die unerwünschten werbe pop ups dennoch.
Hab jetzt versucht die log files von meinen aktionen hier mit zu posten - bin mir aber nicht sicher ob ich alles habe.

Code:
ATTFilter
xml version="1.0" encoding="UTF-16"?>

-<mbam-log>


-<header>

<date>2017/02/28 19:40:40 +0100</date>

<logfile>mbam-log-2017-02-28 (19-40-34).xml</logfile>

<isadmin>yes</isadmin>

</header>


-<engine>

<version>2.2.0.1024</version>

<malware-database>v2017.02.28.08</malware-database>

<rootkit-database>v2017.02.27.01</rootkit-database>

<license>free</license>

<file-protection>disabled</file-protection>

<web-protection>disabled</web-protection>

<self-protection>disabled</self-protection>

</engine>


-<system>

<hostname>IM-PC</hostname>

<ip>192.168.1.2</ip>

<osversion>Windows 7 Service Pack 1</osversion>

<arch>x64</arch>

<username>I.M</username>

<filesys>NTFS</filesys>

</system>


-<summary>

<type>threat</type>

<result>completed</result>

<objects>344189</objects>

<time>1690</time>

<processes>0</processes>

<modules>0</modules>

<keys>12</keys>

<values>0</values>

<datas>0</datas>

<folders>2</folders>

<files>7</files>

<sectors>0</sectors>

</summary>


-<options>

<memory>enabled</memory>

<startup>enabled</startup>

<filesystem>enabled</filesystem>

<archives>enabled</archives>

<rootkits>enabled</rootkits>

<deeprootkit>enabled</deeprootkit>

<heuristics>enabled</heuristics>

<pup>enabled</pup>

<pum>enabled</pum>

</options>


-<items>


-<key>

<path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\DrvAgent64</path>

<vendor>PUP.Optional.DriverAgent</vendor>

<action>success</action>

<hash>c395099f179168ce98c3a11a24dc9c64</hash>

</key>


-<key>

<path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{8E8F97CD-60B5-456F-A201-73065652D099}</path>

<vendor>PUP.Optional.RussAd</vendor>

<action>success</action>

<hash>9ebad3d56f3982b468cd4695fc0454ac</hash>

</key>


-<key>

<path>HKLM\SOFTWARE\CLASSES\IESearchPlugin.MailRuBHO.1</path>

<vendor>PUP.Optional.RussAd</vendor>

<action>success</action>

<hash>9ebad3d56f3982b468cd4695fc0454ac</hash>

</key>


-<key>

<path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{8E8F97CD-60B5-456F-A201-73065652D099}</path>

<vendor>PUP.Optional.RussAd</vendor>

<action>success</action>

<hash>9ebad3d56f3982b468cd4695fc0454ac</hash>

</key>


-<key>

<path>HKLM\SOFTWARE\CLASSES\IESearchPlugin.MailRuBHO</path>

<vendor>PUP.Optional.RussAd</vendor>

<action>success</action>

<hash>9ebad3d56f3982b468cd4695fc0454ac</hash>

</key>


-<key>

<path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\IESearchPlugin.MailRuBHO</path>

<vendor>PUP.Optional.RussAd</vendor>

<action>success</action>

<hash>9ebad3d56f3982b468cd4695fc0454ac</hash>

</key>


-<key>

<path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\IESearchPlugin.MailRuBHO.1</path>

<vendor>PUP.Optional.RussAd</vendor>

<action>success</action>

<hash>9ebad3d56f3982b468cd4695fc0454ac</hash>

</key>


-<key>

<path>HKLM\SOFTWARE\CLASSES\WOW6432NODE\IESearchPlugin.MailRuBHO</path>

<vendor>PUP.Optional.RussAd</vendor>

<action>success</action>

<hash>9ebad3d56f3982b468cd4695fc0454ac</hash>

</key>


-<key>

<path>HKLM\SOFTWARE\CLASSES\WOW6432NODE\IESearchPlugin.MailRuBHO.1</path>

<vendor>PUP.Optional.RussAd</vendor>

<action>success</action>

<hash>9ebad3d56f3982b468cd4695fc0454ac</hash>

</key>


-<key>

<path>HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{8E8F97CD-60B5-456F-A201-73065652D099}</path>

<vendor>PUP.Optional.RussAd</vendor>

<action>success</action>

<hash>9ebad3d56f3982b468cd4695fc0454ac</hash>

</key>


-<key>

<path>HKU\S-1-5-21-380536522-1895783427-2845753458-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{8E8F97CD-60B5-456F-A201-73065652D099}</path>

<vendor>PUP.Optional.RussAd</vendor>

<action>success</action>

<hash>9ebad3d56f3982b468cd4695fc0454ac</hash>

</key>


-<key>

<path>HKU\S-1-5-21-380536522-1895783427-2845753458-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{8E8F97CD-60B5-456F-A201-73065652D099}</path>

<vendor>PUP.Optional.RussAd</vendor>

<action>success</action>

<hash>9ebad3d56f3982b468cd4695fc0454ac</hash>

</key>


-<folder>

<path>C:\ProgramData\Thunder Network\DownloadLib</path>

<vendor>Adware.ChinAd</vendor>

<action>success</action>

<hash>f5631b8d119784b206af8e1339c8cb35</hash>

</folder>


-<folder>

<path>C:\ProgramData\Thunder Network</path>

<vendor>Adware.ChinAd</vendor>

<action>success</action>

<hash>f5631b8d119784b206af8e1339c8cb35</hash>

</folder>


-<file>

<path>C:\Program Files\WinRAR\WinRAR Crack.exe</path>

<vendor>RiskWare.Tool.HCK</vendor>

<action>none</action>

<hash>c2966741198f1b1b6c529d142bd603fd</hash>

</file>


-<file>

<path>C:\Program Files (x86)\Infested Planet Deluxe Edition\steam_api.dll</path>

<vendor>RiskWare.GameHack</vendor>

<action>none</action>

<hash>de7a891f9a0e270fcecbbb577e8221df</hash>

</file>


-<file>

<path>C:\Windows\SysWOW64\drivers\DrvAgent64.SYS</path>

<vendor>PUP.Optional.DriverAgent</vendor>

<action>success</action>

<hash>c395099f179168ce98c3a11a24dc9c64</hash>

</file>


-<file>

<path>C:\Users\I.M\AppData\Local\Temp\RarSFX0\keygen-step-2.exe</path>

<vendor>PUP.Optional.InstallCore</vendor>

<action>success</action>

<hash>b8a06048deca53e3b1b3ad1d99684cb4</hash>

</file>


-<file>

<path>C:\Users\I.M\AppData\Local\Temp\RarSFX0\keygen__7516_il31.exe</path>

<vendor>PUP.Optional.Amonetize</vendor>

<action>success</action>

<hash>bb9d198fc4e47bbb7d9ee043d62c06fa</hash>

</file>


-<file>

<path>C:\Windows\temp\DriverAgent\DrvAgent64.sys</path>

<vendor>PUP.Optional.DriverAgent</vendor>

<action>success</action>

<hash>8ace842476324aecadae6e4dc8389c64</hash>

</file>


-<file>

<path>C:\ProgramData\Thunder Network\DownloadLib\pub_store.dat</path>

<vendor>Adware.ChinAd</vendor>

<action>success</action>

<hash>f5631b8d119784b206af8e1339c8cb35</hash>

</file>

</items>

</mbam-log>
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 7 Professional x64 
Ran by I.M (Administrator) on 28.02.2017 at 23:49:16,91
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 17 

Successfully deleted: C:\Users\Public\thunder network (Folder) 
Successfully deleted: C:\Users\I.M\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0SD2PMMZ (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\I.M\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4WF4CQRO (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\I.M\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9J1LXKFK (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\I.M\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CGCQF84E (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\I.M\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H50LMPXW (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\I.M\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R4IKSVTD (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\I.M\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X9CQ6I3Q (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\I.M\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YYY0Q48N (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0SD2PMMZ (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4WF4CQRO (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9J1LXKFK (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CGCQF84E (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H50LMPXW (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R4IKSVTD (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X9CQ6I3Q (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YYY0Q48N (Temporary Internet Files Folder) 

Deleted the following from C:\Users\I.M\AppData\Roaming\Mozilla\Firefox\Profiles\b7q4indg.default\prefs.js
user_pref(keyword.URL, hxxp://go.mail.ru/distib/ep/?product_id=%7BFCCC7DCA-DB20-49C9-A112-468FF8F2E51A%7D&gp=811041);



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28.02.2017 at 23:53:22,09
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter
Shortcut Cleaner 1.4.9.1 by Lawrence Abrams (Grinler)
hxxp://www.bleepingcomputer.com/
Copyright 2008-2017 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
 hxxp://www.bleepingcomputer.com/download/shortcut-cleaner/

Windows Version: Windows 7 Professional Service Pack 1
Program started at: 02/28/2017 11:55:02 PM.

Scanning for registry hijacks:

 * No issues found in the Registry.

Searching for Hijacked Shortcuts:

Searching C:\Users\I.M\AppData\Roaming\Microsoft\Windows\Start Menu\

Searching C:\ProgramData\Microsoft\Windows\Start Menu\

Searching C:\Users\I.M\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\

Searching C:\Users\Public\Desktop\

Searching C:\Users\I.M\Desktop\

Searching C:\Users\Public\Desktop\


0 bad shortcuts found.

Program finished at: 02/28/2017 11:55:03 PM
Execution time: 0 hours(s), 0 minute(s), and 0 seconds(s)
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 27-02-2017 01
durchgeführt von I.M (Administrator) auf IM-PC (01-03-2017 09:26:33)
Gestartet von C:\Users\I.M\Desktop
Geladene Profile: I.M (Verfügbare Profile: I.M)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser nicht gefunden!)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\AvrcpService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\RtkBleServ.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\SkypePlugin.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_24_0_0_221_ActiveX.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13538376 2013-05-21] (Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [253440 2013-04-23] (Realtek Semiconductor Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation)
HKLM\...\Run: [LogMeIn GUI] => "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-05] (Apple Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-380536522-1895783427-2845753458-1000\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs: , C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\I.M\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\I.M\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\I.M\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\I.M\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll -> Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\I.M\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\I.M\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\I.M\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll [2017-02-21] (Dropbox, Inc.)
GroupPolicy: Beschränkung <======= ACHTUNG
GroupPolicy\User: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{12EE1F24-E0E8-49D7-A164-293A18D08AAB}: [DhcpNameServer] 212.33.36.155 212.33.55.5
Tcpip\..\Interfaces\{374AD197-17ED-4B18-A2A3-ABA11D2D89E2}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{88044347-8D36-4ED8-A0D7-988B8D0858F6}: [DhcpNameServer] 212.33.36.155 212.33.55.5

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-380536522-1895783427-2845753458-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-380536522-1895783427-2845753458-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-380536522-1895783427-2845753458-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKU\S-1-5-21-380536522-1895783427-2845753458-1000 -> DefaultScope {8B5D361D-2078-4DE5-911B-63E1BF2BB25E} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-380536522-1895783427-2845753458-1000 -> {8B5D361D-2078-4DE5-911B-63E1BF2BB25E} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: CmjBrowserHelperObject Object -> {6FE6A929-59D1-4763-91AD-29B61CFFB35B} -> C:\Program Files\Mindjet\MindManager 16\Mm8InternetExplorer.dll [2016-02-09] (Mindjet)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-02-05] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-05] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-05] (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Arc\plugins\ArcPluginIE.dll [2017-01-10] (Perfect World Entertainment Inc)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-05] (Oracle Corporation)
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {FD3BEB0C-AB43-4253-9146-C371D48FBE0D} hxxp://xmeye.net/cloud/video/web.cab
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-12-10] (Citrix Systems, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\I.M\AppData\Roaming\Mozilla\Firefox\Profiles\b7q4indg.default [2017-02-28]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-14] ()
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-05] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-05] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-14] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2016-09-20] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2015-12-10] (Citrix Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-02-15] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-02-15] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-05] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Arc\plugins\npArcPluginFF.dll [2017-01-10] (Perfect World Entertainment Inc)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2015-03-19] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-380536522-1895783427-2845753458-1000: @citrixonline.com/appdetectorplugin -> C:\Users\I.M\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-04-29] (Citrix Online)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.at/
CHR Profile: C:\Users\I.M\AppData\Local\Google\Chrome\User Data\Default [2017-03-01]
CHR Extension: (Google Docs) - C:\Users\I.M\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15]
CHR Extension: (Google Drive) - C:\Users\I.M\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\I.M\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-08]
CHR Extension: (Google-Suche) - C:\Users\I.M\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Google Docs Offline) - C:\Users\I.M\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-27]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\I.M\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-11]
CHR Extension: (Google*Hangouts) - C:\Users\I.M\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2017-01-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\I.M\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Google Mail) - C:\Users\I.M\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-06]
CHR Extension: (Chrome Media Router) - C:\Users\I.M\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-15]
CHR HKU\S-1-5-21-380536522-1895783427-2845753458-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
S3 ArcService; C:\Program Files (x86)\Arc\ArcService.exe [87064 2017-01-10] (Perfect World Entertainment Inc)
R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [35328 2013-04-02] (Realtek Semiconductor Corporation) [Datei ist nicht signiert]
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
S4 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [588024 2014-10-31] (BlackBerry Limited)
S4 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [47104 2013-04-25] () [Datei ist nicht signiert]
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2770312 2016-11-19] (ESET)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [Datei ist nicht signiert]
S4 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-02-15] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-02-25] (Electronic Arts)
S4 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [396024 2015-03-19] (Apple Inc.)
S4 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1354488 2015-03-19] (BlackBerry Limited)
R2 RtkBleServ; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe [42496 2013-04-25] (Realtek Semiconductor Corporation) [Datei ist nicht signiert]
S4 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
S4 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
S4 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [741640 2014-06-16] (DEVGURU Co., LTD.)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7757040 2017-02-02] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 sppsvc; %SystemRoot%\system32\sppsvc.exe [X]
S3 sppuinotify; %SystemRoot%\system32\sppuinotify.dll [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [211456 2015-10-18] () [Datei ist nicht signiert]
S3 blackberryncm; C:\Windows\System32\DRIVERS\blackberryncm6_AMD64.sys [25088 2014-09-08] (BlackBerry)
R3 BthAudioHF; C:\Windows\System32\drivers\RtkHfp.sys [91208 2013-02-26] (Realtek Semiconductor Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [262792 2016-11-19] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [251632 2015-07-13] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [197248 2016-11-19] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [181384 2016-11-19] (ESET)
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [30424 2014-08-06] (Sony Mobile Communications)
S2 hwpsgt; C:\Windows\SysWOW64\DRIVERS\hwpsgt.sys [137344 2015-02-28] () [Datei ist nicht signiert]
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [118504 2012-12-19] (Qualcomm Atheros Co., Ltd.)
S2 lemsgt; C:\Windows\SysWOW64\DRIVERS\lemsgt.sys [9472 2015-02-28] () [Datei ist nicht signiert]
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2015-10-18] () [Datei ist nicht signiert]
S4 LMIRfsClientNP; kein ImagePath
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2017-03-01] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
S3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [18432 2015-05-26] (BlackBerry Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R3 RtkA2dp; C:\Windows\System32\drivers\RtkA2dp.sys [177736 2013-04-18] (Realtek Semiconductor Corporation)
R3 RtkAvrcp; C:\Windows\System32\DRIVERS\RtkAvrcp.sys [61152 2012-12-27] (Realtek Semiconductor Corporation)
R3 RtkBtFilter; C:\Windows\System32\DRIVERS\RtkBtfilter.sys [535624 2013-03-28] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1514568 2013-05-02] (Realtek Semiconductor Corporation                           )
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-04-24] (Duplex Secure Ltd.)
S3 usbrndis6; C:\Windows\system32\drivers\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
U3 a1ckil3h; C:\Windows\System32\Drivers\a1ckil3h.sys [0 ] (Microsoft Corporation) <==== ACHTUNG (Null Byte Datei/Ordner)
S3 catchme; \??\C:\uninstall.exe\catchme.sys [X]
S2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [X]
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-01 09:26 - 2017-03-01 09:26 - 00026042 _____ C:\Users\I.M\Desktop\FRST.txt
2017-03-01 09:00 - 2017-03-01 09:26 - 00000000 ____D C:\FRST
2017-03-01 08:59 - 2017-03-01 09:00 - 02423296 _____ (Farbar) C:\Users\I.M\Desktop\FRST64.exe
2017-03-01 00:00 - 2017-03-01 00:00 - 00001102 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2017-02-28 23:59 - 2017-02-28 23:59 - 22851472 _____ (Malwarebytes ) C:\Users\I.M\Downloads\mbam-setup-2.2.1.1043.exe
2017-02-28 23:55 - 2017-02-28 23:55 - 00001866 _____ C:\Users\I.M\Desktop\sc-cleaner.txt
2017-02-28 23:54 - 2017-02-28 23:54 - 00465536 _____ (Bleeping Computer, LLC) C:\Users\I.M\Downloads\sc-cleaner.exe
2017-02-28 23:53 - 2017-02-28 23:53 - 00003455 _____ C:\Users\I.M\Desktop\JRT.txt
2017-02-28 23:49 - 2017-02-28 23:49 - 01663040 _____ (Malwarebytes) C:\Users\I.M\Downloads\JRT.exe
2017-02-28 23:38 - 2017-02-28 23:48 - 00000000 ____D C:\AdwCleaner
2017-02-28 23:38 - 2017-02-28 23:38 - 04015056 _____ C:\Users\I.M\Downloads\AdwCleaner_6.043.exe
2017-02-28 18:16 - 2017-02-28 18:16 - 00000000 ____D C:\Program Files (x86)\Cisco
2017-02-28 18:15 - 2017-02-28 18:16 - 00000000 ____D C:\Program Files (x86)\REALTEK PCIE Wireless LAN Driver
2017-02-28 18:15 - 2017-02-28 18:15 - 00000000 ____D C:\Users\I.M\Downloads\wireless_aw_nb114h_2007.12.419.2013_8700
2017-02-28 18:15 - 2013-01-30 11:41 - 00430080 _____ (Realtek) C:\Windows\SwUSB.exe
2017-02-28 18:15 - 2012-12-14 15:54 - 00036864 _____ () C:\Windows\runSW.exe
2017-02-28 18:15 - 2012-02-14 19:37 - 00594432 _____ (Realtek Semiconductor Corp. ) C:\Windows\system32\Rtlihvs.dll
2017-02-28 18:15 - 2010-12-01 09:31 - 00451072 _____ C:\Windows\SysWOW64\ISSRemoveSP.exe
2017-02-28 12:26 - 2017-02-28 19:39 - 00000000 ____D C:\Users\I.M\AppData\Local\Unity
2017-02-28 12:23 - 2017-02-28 12:23 - 00003588 _____ C:\Windows\System32\Tasks\news-onlyorgtopgrowsm
2017-02-28 11:50 - 2017-02-28 11:50 - 00000000 ____D C:\Windows\SysWOW64\NV
2017-02-28 11:50 - 2017-02-28 11:50 - 00000000 ____D C:\Windows\system32\NV
2017-02-28 07:12 - 2017-02-28 07:12 - 00000000 ____D C:\Users\I.M\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-02-27 22:52 - 2017-02-27 22:58 - 00000000 ____D C:\Users\I.M\Downloads\Underworld Blood Wars 2016 German WEBRip AC3 DUBBED XViD-CiNEDOME
2017-02-18 20:35 - 2017-02-18 20:35 - 00001931 _____ C:\Users\Public\Desktop\Theme Hospital.lnk
2017-02-18 18:48 - 2017-02-18 18:48 - 00000000 ____D C:\Users\I.M\AppData\LocalLow\MatrixGames
2017-02-18 16:53 - 2017-02-18 20:32 - 00000000 ____D C:\Users\I.M\Downloads\Hosp
2017-02-17 21:52 - 2017-02-18 00:50 - 00000000 ____D C:\Users\I.M\Downloads\Black S S04
2017-02-06 17:44 - 2017-02-06 17:44 - 00003140 _____ C:\Windows\System32\Tasks\{E5282C3E-FE32-48AA-9AB4-3BFFCB4580F6}
2017-02-06 17:40 - 2017-02-06 17:40 - 00001090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Network Stumbler.lnk
2017-02-05 18:21 - 2017-02-05 18:21 - 00001722 _____ C:\AiOLog.txt
2017-02-05 18:21 - 2016-01-28 19:44 - 01261568 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\system32\libeay32.dll
2017-02-05 18:21 - 2016-01-28 19:44 - 00297472 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\system32\ssleay32.dll
2017-02-05 18:21 - 2015-07-08 10:29 - 03477818 _____ (Red Hat) C:\Windows\system32\cygwin1.dll
2017-02-05 18:21 - 2014-01-31 03:14 - 01055676 _____ (Free Software Foundation) C:\Windows\system32\libiconv2.dll
2017-02-05 18:21 - 2012-06-14 15:36 - 00107520 _____ C:\Windows\system32\zlib1.dll
2017-02-05 18:21 - 2012-04-03 17:11 - 00138752 _____ C:\Windows\system32\libpng15.dll
2017-02-05 18:21 - 2011-10-12 04:09 - 04033440 _____ (Intel Corporation) C:\Windows\system32\libmmd.dll
2017-02-05 18:21 - 2011-01-12 14:36 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\mfc71u.dll
2017-02-05 18:21 - 2011-01-12 14:25 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\mfc71DEU.dll
2017-02-05 18:21 - 2011-01-12 14:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc71ITA.dll
2017-02-05 18:21 - 2011-01-12 14:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc71FRA.dll
2017-02-05 18:21 - 2011-01-12 14:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc71ESP.dll
2017-02-05 18:21 - 2011-01-12 14:25 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\mfc71ENU.dll
2017-02-05 18:21 - 2011-01-12 14:25 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\mfc71KOR.dll
2017-02-05 18:21 - 2011-01-12 14:25 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\mfc71JPN.dll
2017-02-05 18:21 - 2011-01-12 14:25 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\mfc71CHT.dll
2017-02-05 18:21 - 2011-01-12 14:25 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\mfc71CHS.dll
2017-02-05 18:21 - 2011-01-12 14:19 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\mfc71.dll
2017-02-05 18:21 - 2011-01-12 13:53 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\atl71.dll
2017-02-05 18:21 - 2010-03-18 21:21 - 00799568 _____ (Microsoft Corporation) C:\Windows\system32\msdia100.dll
2017-02-05 18:21 - 2008-08-26 07:40 - 00162304 _____ C:\Windows\system32\libpng13.dll
2017-02-05 18:21 - 2007-02-01 23:13 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\msvcp71.dll
2017-02-05 18:21 - 2007-02-01 20:11 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\msvcr71.dll
2017-02-05 18:21 - 2007-01-30 23:04 - 00339968 _____ (Microsoft Corporation) C:\Windows\system32\msvcr70.dll
2017-02-05 18:21 - 2006-08-26 01:28 - 01017344 _____ (Microsoft Corporation) C:\Windows\system32\mfc70u.dll
2017-02-05 18:21 - 2006-08-26 01:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc70ITA.dll
2017-02-05 18:21 - 2006-08-26 01:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc70FRA.dll
2017-02-05 18:21 - 2006-08-26 01:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc70ESP.dll
2017-02-05 18:21 - 2006-08-26 01:15 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc70DEU.dll
2017-02-05 18:21 - 2006-08-26 01:15 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\mfc70ENU.dll
2017-02-05 18:21 - 2006-08-26 01:15 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\mfc70KOR.dll
2017-02-05 18:21 - 2006-08-26 01:15 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\mfc70JPN.dll
2017-02-05 18:21 - 2006-08-26 01:15 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\mfc70CHT.dll
2017-02-05 18:21 - 2006-08-26 01:15 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\mfc70CHS.dll
2017-02-05 18:21 - 2006-08-26 01:07 - 01024000 _____ (Microsoft Corporation) C:\Windows\system32\mfc70.dll
2017-02-05 18:21 - 2006-08-26 00:17 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\atl70.dll
2017-02-05 18:21 - 2005-05-06 14:52 - 00103424 _____ (GNU <www.gnu.org>) C:\Windows\system32\libintl3.dll
2017-02-05 18:21 - 2005-01-20 20:25 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\msvci70.dll
2017-02-05 18:21 - 2002-01-05 06:40 - 00487424 _____ (Microsoft Corporation) C:\Windows\system32\msvcp70.dll
2017-02-05 18:21 - 1996-01-12 04:00 - 00722192 _____ (Microsoft Corporation) C:\Windows\system32\vb40032.dll
2017-02-05 18:20 - 2017-02-05 18:21 - 00010808 _____ C:\Windows\unins000.dat
2017-02-05 18:20 - 2017-02-05 18:20 - 01207319 _____ C:\Windows\unins000.exe
2017-02-05 18:20 - 2017-02-05 18:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-02-05 18:20 - 2016-01-28 19:44 - 00297472 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\system32\libssl32.dll
2017-02-05 18:20 - 2015-07-10 11:51 - 00456008 _____ (AutoIt Team) C:\Windows\system32\autoitx3.dll
2017-02-05 18:20 - 2014-01-25 14:30 - 00131072 _____ (Sereby Corporation) C:\Windows\system32\AiORuntimes.dll
2017-02-05 18:20 - 2013-12-23 15:44 - 00163480 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.ocx
2017-02-05 18:20 - 2013-12-20 01:48 - 01070232 _____ (Microsoft Corporation) C:\Windows\system32\mscomctl.ocx
2017-02-05 18:20 - 2013-12-20 01:48 - 00660120 _____ (Microsoft Corporation) C:\Windows\system32\mscomct2.ocx
2017-02-05 18:20 - 2013-12-20 01:48 - 00617896 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.ocx
2017-02-05 18:20 - 2013-12-20 01:48 - 00444328 _____ (Microsoft Corporation) C:\Windows\system32\mshflxgd.ocx
2017-02-05 18:20 - 2013-12-20 01:48 - 00416408 _____ (Microsoft Corporation ) C:\Windows\system32\comct332.ocx
2017-02-05 18:20 - 2013-12-20 01:48 - 00279192 _____ (Microsoft Corporation) C:\Windows\system32\msdatgrd.ocx
2017-02-05 18:20 - 2013-12-20 01:48 - 00259736 _____ (Microsoft Corporation) C:\Windows\system32\msflxgrd.ocx
2017-02-05 18:20 - 2013-12-20 01:48 - 00253080 _____ (Microsoft Corporation) C:\Windows\system32\msdatlst.ocx
2017-02-05 18:20 - 2013-12-20 01:48 - 00222360 _____ (Microsoft Corporation) C:\Windows\system32\tabctl32.ocx
2017-02-05 18:20 - 2013-12-20 01:48 - 00219288 _____ (Microsoft Corporation) C:\Windows\system32\richtx32.ocx
2017-02-05 18:20 - 2013-12-20 01:48 - 00218776 _____ (Microsoft Corporation) C:\Windows\system32\dblist32.ocx
2017-02-05 18:20 - 2013-12-20 01:48 - 00212112 _____ (Microsoft Corporation) C:\Windows\system32\mci32.ocx
2017-02-05 18:20 - 2013-12-20 01:48 - 00179352 _____ (Microsoft Corporation) C:\Windows\system32\msmask32.ocx
2017-02-05 18:20 - 2013-12-20 01:48 - 00170920 _____ (Microsoft Corporation) C:\Windows\system32\comct232.ocx
2017-02-05 18:20 - 2013-12-20 01:48 - 00131728 _____ (Microsoft Corporation) C:\Windows\system32\msinet.ocx
2017-02-05 18:20 - 2013-12-20 01:48 - 00130712 _____ (Microsoft Corporation) C:\Windows\system32\msstdfmt.dll
2017-02-05 18:20 - 2013-12-20 01:48 - 00127640 _____ (Microsoft Corporation) C:\Windows\system32\mswinsck.ocx
2017-02-05 18:20 - 2013-12-20 01:48 - 00119960 _____ (Microsoft Corporation) C:\Windows\system32\mscomm32.ocx
2017-02-05 18:20 - 2013-12-20 01:48 - 00108696 _____ (Microsoft Corporation) C:\Windows\system32\msstkprp.dll
2017-02-05 18:20 - 2013-12-20 01:48 - 00104088 _____ (Microsoft Corporation) C:\Windows\system32\picclp32.ocx
2017-02-05 18:20 - 2013-12-20 01:48 - 00084624 _____ (Microsoft Corporation) C:\Windows\system32\sysinfo.ocx
2017-02-05 18:20 - 2010-06-27 18:44 - 00053248 _____ (Adobe Systems, Incorporated) C:\Windows\system\plugin.dll
2017-02-05 18:20 - 1996-01-12 04:00 - 00935632 _____ (Microsoft Corporation) C:\Windows\system\vb40016.dll
2017-02-05 18:20 - 1994-11-17 14:00 - 00210944 _____ C:\Windows\system\msvcrt10.dll
2017-02-05 18:20 - 1993-05-11 20:00 - 00398416 _____ (Microsoft Corporation) C:\Windows\system\vbrun300.dll
2017-02-05 18:20 - 1992-10-21 01:00 - 00356992 _____ (Microsoft Corporation) C:\Windows\system\vbrun200.dll
2017-02-05 18:20 - 1991-05-10 02:00 - 00271264 _____ C:\Windows\system\vbrun100.dll
2017-02-05 18:19 - 2017-02-05 18:19 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2017-02-05 18:19 - 2017-02-05 18:19 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-02-05 18:19 - 2017-02-05 18:19 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-02-05 18:18 - 2017-03-01 09:11 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-02-05 18:18 - 2017-02-14 18:37 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-02-05 17:42 - 2017-02-05 17:41 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2017-02-05 17:41 - 2017-02-05 17:41 - 00000000 ____D C:\Program Files\Java
2017-02-05 17:40 - 2017-02-05 17:40 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2017-02-05 17:40 - 2017-02-05 17:40 - 00000000 ____D C:\Users\I.M\AppData\Roaming\Sun
2017-02-05 16:46 - 2017-02-05 16:50 - 00000000 ___SD C:\Windows\system32\GWX
2017-02-05 16:46 - 2017-02-05 16:46 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2017-02-05 16:46 - 2017-02-05 16:46 - 00000000 ____D C:\Windows\system32\appraiser
2017-02-05 16:30 - 2015-01-09 00:44 - 00419936 _____ C:\Windows\SysWOW64\locale.nls
2017-02-05 16:30 - 2015-01-09 00:43 - 00419936 _____ C:\Windows\system32\locale.nls
2017-02-05 16:06 - 2016-10-18 12:58 - 00627288 _____ (Microsoft Corporation) C:\Windows\system\msvcp140.dll
2017-02-05 15:26 - 2017-02-05 15:26 - 00002452 _____ C:\Users\I.M\Desktop\Civilization VI Digital Deluxe Edition DirectX 12.lnk
2017-02-05 15:26 - 2017-02-05 15:26 - 00002417 _____ C:\Users\I.M\Desktop\Civilization VI Digital Deluxe Edition.lnk
2017-02-05 15:19 - 2017-02-05 15:26 - 00000000 ____D C:\Program Files (x86)\Civilization VI
2017-02-05 14:39 - 2017-02-05 15:18 - 00000000 ____D C:\Users\I.M\Downloads\Civilization VI Digital Deluxe LTi2 - x X RIDDICK X x mygully
2017-02-05 14:12 - 2015-07-18 14:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-02-05 14:12 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-02-05 14:12 - 2015-07-09 18:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2017-02-05 14:12 - 2015-07-09 18:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2017-02-05 14:12 - 2015-07-09 18:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2017-02-05 14:12 - 2015-07-09 18:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2017-02-05 14:12 - 2015-05-25 19:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2017-02-05 14:12 - 2015-05-25 19:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2017-02-05 14:12 - 2015-05-25 19:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2017-02-05 14:12 - 2015-05-25 19:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2017-02-05 14:12 - 2015-05-25 19:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2017-02-05 14:12 - 2015-05-25 19:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2017-02-05 14:12 - 2015-05-25 19:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2017-02-05 14:12 - 2015-05-25 19:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2017-02-05 14:12 - 2015-05-25 19:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2017-02-05 14:12 - 2015-05-25 19:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2017-02-05 14:12 - 2015-05-25 19:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2017-02-05 14:12 - 2015-05-25 19:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2017-02-05 14:12 - 2015-01-29 04:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2017-02-05 14:12 - 2015-01-29 04:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2017-02-05 14:12 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2017-02-05 14:12 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2017-02-05 14:11 - 2015-11-17 02:11 - 00025024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-02-05 14:11 - 2015-11-17 02:08 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-02-05 14:11 - 2015-11-17 02:08 - 00792064 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-02-05 14:11 - 2015-11-17 02:08 - 00705536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-02-05 14:11 - 2015-11-17 02:08 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-02-05 14:11 - 2015-11-17 02:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-02-05 14:11 - 2015-11-17 01:58 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-02-05 14:11 - 2015-11-16 21:17 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-02-05 14:11 - 2015-11-05 20:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-02-05 14:11 - 2015-11-05 20:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-02-05 14:11 - 2015-06-03 21:16 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2017-02-05 14:11 - 2015-04-27 20:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2017-02-05 14:11 - 2015-04-27 20:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2017-02-05 14:11 - 2015-04-27 20:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2017-02-05 14:11 - 2015-04-27 20:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2017-02-05 14:11 - 2015-04-27 20:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2017-02-05 14:11 - 2015-04-27 20:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2017-02-05 14:11 - 2015-04-27 20:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2017-02-05 14:11 - 2015-04-27 20:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2017-02-05 14:11 - 2014-08-01 12:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2017-02-05 14:11 - 2014-08-01 12:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2017-02-05 14:11 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2017-02-05 14:11 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2017-02-05 14:11 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2017-02-05 14:11 - 2014-07-09 03:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2017-02-05 14:11 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2017-02-05 14:11 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2017-02-05 14:11 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2017-02-05 14:11 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2017-02-05 14:07 - 2015-07-23 01:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2017-02-05 14:07 - 2015-07-23 01:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2017-02-05 14:07 - 2015-07-22 18:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2017-02-05 14:07 - 2015-07-22 17:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2017-02-05 14:06 - 2015-10-29 18:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2017-02-05 14:06 - 2015-10-29 18:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2017-02-05 14:06 - 2015-10-29 18:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2017-02-05 14:06 - 2015-10-29 18:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2017-02-05 14:06 - 2015-10-29 18:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2017-02-05 14:06 - 2015-10-29 18:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2017-02-05 14:06 - 2015-10-29 18:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2017-02-05 14:06 - 2015-08-27 19:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2017-02-05 14:06 - 2015-08-27 19:18 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2017-02-05 14:06 - 2015-08-27 19:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2017-02-05 14:06 - 2015-08-27 19:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2017-02-05 14:06 - 2015-08-27 18:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2017-02-05 14:06 - 2015-08-27 18:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2017-02-05 14:06 - 2015-08-27 18:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2017-02-05 14:06 - 2015-08-27 18:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2017-02-05 14:06 - 2015-06-25 11:06 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2017-02-05 14:06 - 2015-06-25 11:01 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2017-02-05 14:06 - 2015-06-25 11:01 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2017-02-05 14:06 - 2015-06-25 10:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2017-02-05 14:06 - 2015-04-11 04:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2017-02-05 14:06 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-02-05 14:06 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2017-02-05 14:06 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2017-02-05 14:06 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2017-02-05 14:06 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2017-02-05 14:06 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2017-02-05 14:06 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2017-02-05 14:06 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2017-02-05 14:06 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2017-02-05 14:06 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2017-02-05 14:06 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2017-02-05 14:06 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2017-02-05 14:06 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2017-02-05 14:06 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2017-02-05 14:05 - 2012-02-11 07:36 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2017-02-05 14:05 - 2012-02-11 07:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2017-02-05 13:32 - 2017-02-05 13:33 - 00001823 _____ C:\Users\I.M\Desktop\ÎÄÃ÷6.lnk
2017-02-05 13:23 - 2017-02-05 13:23 - 00000000 ____D C:\Users\I.M\AppData\Local\ali213GameLauncher
2017-02-05 10:50 - 2017-02-05 10:58 - 00000000 ____D C:\Users\I.M\Downloads\Luci S02
2017-02-04 14:12 - 2017-02-04 14:16 - 00000000 ____D C:\Users\I.M\Downloads\Vikings S04 German DL AmazonHD x264-TVS
2017-02-02 20:27 - 2017-02-02 20:27 - 00000000 ____D C:\Users\I.M\AppData\LocalLow\Sony Online Entertainment
2017-01-30 23:13 - 2017-01-30 23:13 - 00000000 ____D C:\Users\I.M\AppData\Local\Sweet_Games

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-01 09:26 - 2015-05-16 22:29 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0901f6bfd6cec.job
2017-03-01 09:19 - 2015-06-18 19:14 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0a9f29b18ef4e.job
2017-03-01 09:19 - 2015-06-18 19:13 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0a9f280332a3b.job
2017-03-01 09:18 - 2014-04-15 19:36 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2017-03-01 09:05 - 2015-04-13 05:57 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-03-01 09:03 - 2015-07-15 21:22 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0bf3be767e0e8.job
2017-03-01 09:03 - 2014-04-21 00:52 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-03-01 09:02 - 2016-02-11 11:28 - 00001216 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-380536522-1895783427-2845753458-1000UA.job
2017-03-01 08:27 - 2015-09-18 04:58 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0f1c64fbab95c.job
2017-03-01 07:39 - 2014-07-21 16:33 - 00000000 ____D C:\Users\I.M\AppData\Local\ElevatedDiagnostics
2017-03-01 07:27 - 2015-09-18 04:58 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0f1c64e8234c8.job
2017-03-01 06:46 - 2015-07-15 21:21 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bf3be6ab6bf6.job
2017-03-01 06:44 - 2011-04-12 08:43 - 00717180 _____ C:\Windows\system32\perfh007.dat
2017-03-01 06:44 - 2011-04-12 08:43 - 00155758 _____ C:\Windows\system32\perfc007.dat
2017-03-01 06:44 - 2009-07-14 06:13 - 01657684 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-01 06:44 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-03-01 00:00 - 2014-04-21 00:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2017-03-01 00:00 - 2014-04-21 00:52 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2017-02-28 23:42 - 2015-06-18 19:14 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0a9f29a61f8b0.job
2017-02-28 23:42 - 2014-04-15 19:36 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2017-02-28 23:42 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-28 22:02 - 2016-02-11 11:28 - 00001164 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-380536522-1895783427-2845753458-1000Core.job
2017-02-28 20:15 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\TAPI
2017-02-28 18:21 - 2014-08-31 09:55 - 00000000 ____D C:\GOG Games
2017-02-28 18:15 - 2014-02-15 10:48 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-28 12:23 - 2009-07-14 04:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2017-02-28 12:23 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2017-02-28 11:50 - 2014-02-15 11:26 - 00000000 ____D C:\ProgramData\NVIDIA
2017-02-28 11:48 - 2014-02-15 11:25 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-02-28 07:11 - 2014-04-15 18:32 - 00000000 ____D C:\Users\I.M\AppData\Roaming\Dropbox
2017-02-28 00:03 - 2015-03-14 18:39 - 00000000 ____D C:\Users\I.M\AppData\Local\JDownloader 2.0
2017-02-27 23:23 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2017-02-19 19:39 - 2014-02-16 21:31 - 00000000 ____D C:\Users\I.M\AppData\Roaming\vlc
2017-02-18 22:47 - 2014-02-15 10:22 - 00000000 ____D C:\Users\I.M
2017-02-18 22:28 - 2014-08-31 09:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2017-02-18 22:28 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-02-18 20:34 - 2014-02-15 13:13 - 00002189 _____ C:\Users\I.M\Documents\ax_files.xml
2017-02-18 18:26 - 2014-08-03 12:03 - 00000000 ____D C:\Users\I.M\AppData\Local\SKIDROW
2017-02-15 21:39 - 2017-01-15 17:19 - 00000000 ____D C:\Users\I.M\Downloads\King, Stephen - Der Dunkle Turm 1-7 HS (DH)
2017-02-14 18:37 - 2014-02-15 13:15 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-02-14 18:37 - 2014-02-15 13:15 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-14 18:37 - 2014-02-15 13:15 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-02-14 18:37 - 2014-02-15 13:15 - 00000000 ____D C:\Windows\system32\Macromed
2017-02-08 17:31 - 2014-02-27 20:16 - 00000000 ____D C:\Users\I.M\AppData\Roaming\TeamViewer
2017-02-08 07:34 - 2016-02-22 20:16 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2017-02-08 07:34 - 2016-02-22 20:16 - 00000959 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2017-02-07 12:03 - 2014-07-01 22:04 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-07 12:03 - 2014-07-01 22:04 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-02-06 04:28 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppCompat
2017-02-06 01:30 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2017-02-05 18:22 - 2016-02-16 16:22 - 00000000 ____D C:\Users\I.M\AppData\Roaming\FiraxisLive
2017-02-05 18:21 - 2014-02-22 13:00 - 00000000 ____D C:\Users\I.M\Documents\My Games
2017-02-05 18:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system
2017-02-05 18:15 - 2014-02-15 11:51 - 01640242 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-02-05 18:06 - 2014-09-04 19:08 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-05 17:42 - 2014-09-29 18:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-02-05 17:40 - 2014-02-15 11:47 - 00000000 ____D C:\Program Files (x86)\Java
2017-02-05 17:04 - 2009-07-14 05:45 - 00534496 _____ C:\Windows\system32\FNTCACHE.DAT
2017-02-05 16:46 - 2014-04-25 17:37 - 00000000 ___SD C:\Windows\system32\CompatTel
2017-02-05 16:46 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2017-02-05 16:46 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Dism
2017-02-05 16:46 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2017-02-05 15:15 - 2016-08-10 19:20 - 00000000 ____D C:\Users\I.M\AppData\Roaming\Factorio
2017-02-05 14:14 - 2017-01-21 19:25 - 00000000 ____D C:\Program Files (x86)\Arc
2017-02-05 13:25 - 2014-02-15 15:29 - 00000000 ____D C:\Users\I.M\Downloads\Win 7  Loader v.2.1.4 by DAZ
2017-02-02 22:46 - 2016-05-17 12:56 - 00000000 ____D C:\Users\Public\Daybreak Game Company
2017-02-02 21:33 - 2016-03-14 18:50 - 00000000 ____D C:\Users\I.M\Documents\PaC-DK Games
2017-02-02 20:28 - 2016-01-08 07:33 - 00000000 ____D C:\Users\I.M\AppData\Local\CrashDumps
2017-02-02 20:27 - 2014-08-10 15:25 - 00000000 ____D C:\Games
2017-02-02 20:21 - 2015-02-21 17:49 - 00000000 ____D C:\Users\I.M\AppData\Local\Last_Man
2017-01-30 17:37 - 2014-04-22 21:37 - 00000000 ____D C:\Users\I.M\AppData\Roaming\RenPy

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-04-12 08:15 - 2016-04-12 08:15 - 0076245 _____ () C:\Program Files (x86)\VMS Setup Log.txt
2016-11-16 19:08 - 2016-11-16 19:08 - 0033955 _____ () C:\Program Files (x86)\VMS Uninstall Log.txt
2015-10-15 20:43 - 2015-10-15 20:47 - 0002655 _____ () C:\Users\I.M\AppData\Roaming\droid4xinstaller.log
2014-03-17 20:45 - 2016-12-03 16:41 - 0000847 _____ () C:\Users\I.M\AppData\Roaming\Rim.Desktop.Exception.log
2014-03-17 20:44 - 2016-12-03 16:36 - 0003174 _____ () C:\Users\I.M\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2014-03-17 20:45 - 2016-12-03 16:41 - 0000847 _____ () C:\Users\I.M\AppData\Roaming\Rim.DesktopHelper.Exception.log
2014-02-15 11:18 - 2017-02-28 23:43 - 0096634 _____ () C:\Users\I.M\AppData\Local\BTServer.log
2014-04-21 18:29 - 2014-04-21 18:29 - 0003584 _____ () C:\Users\I.M\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-10-23 10:18 - 2015-10-23 10:18 - 0000000 ___SH () C:\Users\I.M\AppData\Local\LumaEmu
2015-12-02 09:10 - 2016-12-24 23:54 - 0007597 _____ () C:\Users\I.M\AppData\Local\resmon.resmoncfg
2016-10-08 01:39 - 2016-10-08 01:39 - 0000000 _____ () C:\Users\I.M\AppData\Local\{193E20DA-34B1-40E7-96A8-A4F91027C65D}
2015-08-24 06:46 - 2015-08-24 06:46 - 0000000 _____ () C:\Users\I.M\AppData\Local\{2AF3A10D-EBC8-4B26-8D3F-22FFF6DB3CB3}
2015-10-18 15:06 - 2015-10-18 15:06 - 0000000 _____ () C:\Users\I.M\AppData\Local\{2D6EA84F-6573-431E-91E2-F59D4FF27039}
2016-09-10 22:36 - 2016-09-10 22:36 - 0000000 _____ () C:\Users\I.M\AppData\Local\{45B01953-05BB-4648-80B7-7AE4A9A5835B}
2015-10-18 15:06 - 2015-10-18 15:06 - 0000000 _____ () C:\Users\I.M\AppData\Local\{46966FFF-8F65-40C1-A4BA-4E3EC32178C3}
2016-10-28 23:25 - 2016-10-28 23:25 - 0000000 _____ () C:\Users\I.M\AppData\Local\{53A496C2-B682-4C9B-A2BB-5A3BBDEC6E1D}
2015-10-18 15:06 - 2015-10-18 15:06 - 0000000 _____ () C:\Users\I.M\AppData\Local\{5B67F7B9-496A-430A-8DBD-4471B422AFCF}
2015-08-24 06:46 - 2015-08-24 06:46 - 0000000 _____ () C:\Users\I.M\AppData\Local\{7CB24BA8-4D08-4869-9EE3-7568E711568A}
2015-10-18 15:06 - 2015-10-18 15:06 - 0000000 _____ () C:\Users\I.M\AppData\Local\{85F32FB7-363E-481A-BEE1-CB90BEACBC67}
2014-07-30 10:03 - 2014-07-30 10:03 - 0000000 _____ () C:\Users\I.M\AppData\Local\{94F8556C-1182-4D70-8118-4EF284A33EED}
2016-10-31 23:09 - 2016-10-31 23:09 - 0000000 _____ () C:\Users\I.M\AppData\Local\{CD01A178-E0C9-4E8F-A580-24E96465FFC9}
2016-10-13 23:25 - 2016-10-13 23:25 - 0000000 _____ () C:\Users\I.M\AppData\Local\{E1FCB19F-9B86-4D63-8B4A-F7FD465F4461}
2014-07-22 15:50 - 2014-07-22 15:50 - 0000000 _____ () C:\Users\I.M\AppData\Local\{F59E6BCF-E5B0-4852-8B30-E382F2C73B9B}
2015-08-24 06:46 - 2015-08-24 06:46 - 0000000 _____ () C:\Users\I.M\AppData\Local\{F7D5D34C-CA10-4482-864A-7512537BB980}
2014-11-29 23:34 - 2014-11-29 23:34 - 0000000 _____ () C:\Users\I.M\AppData\Local\{FD7FEF66-5A31-4FC3-9ADA-052E3DD62AEE}

ZeroAccess:
C:\Users\I.M\AppData\Local\Temp
C:\Users\I.M\AppData\Local\Temp\1060A46E-840D-49FE-8FEF-00623AFC2A55.Repair.1.etl
C:\Users\I.M\AppData\Local\Temp\1060A46E-840D-49FE-8FEF-00623AFC2A55.Verify.2.etl
C:\Users\I.M\AppData\Local\Temp\accesstest.tmp
C:\Users\I.M\AppData\Local\Temp\AdobeARM.log
C:\Users\I.M\AppData\Local\Temp\ASPNETSetup_00000.log
C:\Users\I.M\AppData\Local\Temp\ASPNETSetup_00001.log
C:\Users\I.M\AppData\Local\Temp\CFG8D6F.tmp
C:\Users\I.M\AppData\Local\Temp\CFGBFE4.tmp
C:\Users\I.M\AppData\Local\Temp\CFGD641.tmp
C:\Users\I.M\AppData\Local\Temp\chrome_installer.log
C:\Users\I.M\AppData\Local\Temp\chromium_installer.log
C:\Users\I.M\AppData\Local\Temp\dd_vcredist_amd64_20170205174258.log
C:\Users\I.M\AppData\Local\Temp\dd_vcredist_amd64_20170205174258_0_vcRuntimeAdditional_x64.log
C:\Users\I.M\AppData\Local\Temp\dd_vcredist_amd64_20170205174258_1_vcRuntimeMinimum_x64.log
C:\Users\I.M\AppData\Local\Temp\dd_vcredist_amd64_20170205174608.log
C:\Users\I.M\AppData\Local\Temp\dd_vcredist_amd64_20170205175030.log
C:\Users\I.M\AppData\Local\Temp\dd_vcredist_amd64_20170205175030_0_vcRuntimeAdditional_x64.log
C:\Users\I.M\AppData\Local\Temp\dd_vcredist_amd64_20170205175030_1_vcRuntimeMinimum_x64.log
C:\Users\I.M\AppData\Local\Temp\dd_vcredist_amd64_20170205175349.log
C:\Users\I.M\AppData\Local\Temp\dd_vcredist_amd64_20170205175349_000_vcRuntimeMinimum_x64.log
C:\Users\I.M\AppData\Local\Temp\dd_vcredist_amd64_20170205175349_001_vcRuntimeAdditional_x64.log
C:\Users\I.M\AppData\Local\Temp\dd_vcredist_amd64_20170205175527.log
C:\Users\I.M\AppData\Local\Temp\dd_vcredist_amd64_20170205180507.log
C:\Users\I.M\AppData\Local\Temp\dd_vcredist_amd64_20170205180507_000_vcRuntimeMinimum_x64.log
C:\Users\I.M\AppData\Local\Temp\dd_vcredist_amd64_20170205180507_001_vcRuntimeAdditional_x64.log
C:\Users\I.M\AppData\Local\Temp\dd_vcredist_x86_20170205134631.log
C:\Users\I.M\AppData\Local\Temp\dd_vcredist_x86_20170205134631_000_vcRuntimeMinimum_x86.log
C:\Users\I.M\AppData\Local\Temp\dd_vcredist_x86_20170205134631_001_vcRuntimeAdditional_x86.log
C:\Users\I.M\AppData\Local\Temp\dd_vcredist_x86_20170205142209.log
C:\Users\I.M\AppData\Local\Temp\dd_vcredist_x86_20170205142209_000_vcRuntimeMinimum_x86.log
C:\Users\I.M\AppData\Local\Temp\dd_vcredist_x86_20170205142209_001_vcRuntimeAdditional_x86.log
C:\Users\I.M\AppData\Local\Temp\dd_vcredist_x86_20170205174239.log
C:\Users\I.M\AppData\Local\Temp\dd_vcredist_x86_20170205174239_0_vcRuntimeAdditional_x86.log
C:\Users\I.M\AppData\Local\Temp\dd_vcredist_x86_20170205174239_1_vcRuntimeMinimum_x86.log
C:\Users\I.M\AppData\Local\Temp\dd_vcredist_x86_20170205174653.log
C:\Users\I.M\AppData\Local\Temp\dd_vcredist_x86_20170205174839.log
C:\Users\I.M\AppData\Local\Temp\dd_vcredist_x86_20170205174839_0_vcRuntimeAdditional_x86.log
C:\Users\I.M\AppData\Local\Temp\dd_vcredist_x86_20170205174839_1_vcRuntimeMinimum_x86.log
C:\Users\I.M\AppData\Local\Temp\dd_vcredist_x86_20170205175204.log
C:\Users\I.M\AppData\Local\Temp\dd_vcredist_x86_20170205175204_000_vcRuntimeMinimum_x86.log
C:\Users\I.M\AppData\Local\Temp\dd_vcredist_x86_20170205175204_001_vcRuntimeAdditional_x86.log
C:\Users\I.M\AppData\Local\Temp\dd_vcredist_x86_20170205175716.log
C:\Users\I.M\AppData\Local\Temp\dd_vcredist_x86_20170205175859.log
C:\Users\I.M\AppData\Local\Temp\dd_vcredist_x86_20170205175859_000_vcRuntimeAdditional_x86.log
C:\Users\I.M\AppData\Local\Temp\dd_vcredist_x86_20170205175859_001_vcRuntimeMinimum_x86.log
C:\Users\I.M\AppData\Local\Temp\dd_vcredist_x86_20170205180219.log
C:\Users\I.M\AppData\Local\Temp\dd_vcredist_x86_20170205180219_000_vcRuntimeMinimum_x86.log
C:\Users\I.M\AppData\Local\Temp\dd_vcredist_x86_20170205180219_001_vcRuntimeAdditional_x86.log
C:\Users\I.M\AppData\Local\Temp\dd_vjredist20MSI4602.txt
C:\Users\I.M\AppData\Local\Temp\dd_vjredist20UI4602.txt
C:\Users\I.M\AppData\Local\Temp\dd_wcf_CA_smci_20170205_171448_332.txt
C:\Users\I.M\AppData\Local\Temp\dd_wcf_CA_smci_20170205_171451_299.txt
C:\Users\I.M\AppData\Local\Temp\DeleteOnReboot.bat
C:\Users\I.M\AppData\Local\Temp\DMI27CD.tmp
C:\Users\I.M\AppData\Local\Temp\DMI49CC.tmp
C:\Users\I.M\AppData\Local\Temp\etilqs_o2WmCglyPlqdSC2
C:\Users\I.M\AppData\Local\Temp\etilqs_Q6sNkX355lldAT0
C:\Users\I.M\AppData\Local\Temp\etilqs_wvENVycA8gB8kdv
C:\Users\I.M\AppData\Local\Temp\FXSAPIDebugLogFile.txt
C:\Users\I.M\AppData\Local\Temp\goopdate.dll19eb38
C:\Users\I.M\AppData\Local\Temp\goopdateres_de.dll19eb38
C:\Users\I.M\AppData\Local\Temp\GUR964E.exe
C:\Users\I.M\AppData\Local\Temp\GUR964E.tmp
C:\Users\I.M\AppData\Local\Temp\GURB7BA.tmp
C:\Users\I.M\AppData\Local\Temp\I.bmp
C:\Users\I.M\AppData\Local\Temp\ie.reg
C:\Users\I.M\AppData\Local\Temp\IEC2E6C.tmp
C:\Users\I.M\AppData\Local\Temp\IEC740E.tmp
C:\Users\I.M\AppData\Local\Temp\JavaDeployReg.log
C:\Users\I.M\AppData\Local\Temp\jawshtml.html
C:\Users\I.M\AppData\Local\Temp\jusched.log
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14595847460369136635316802772462.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14601898191781374843001057888468.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14603959776593551989871133633482.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14605790227037027549547663451462.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14607350709578116671792863740274.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14610928657964702068793649951521.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14611421824598796843299680164282.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14613086851447323804491879077278.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14614972570641507047950490203627.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14615973184097824048279490415833.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14617584571986123826229150252681.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14618299161865430295028982640.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14618750051563634024172145861687.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14622583086285814522239326944707.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14623840864947892766109312543551.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14628217932996063325321530377142.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14628785988304712977690112202448.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14631240061662565331709531617014.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14632361414941507205298010272828.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14632581059598520107176936021058.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14648806950445596699474268185892.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst1465226944346300826966186564124.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14657640996267067416953942518724.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14665370977494979982541361698797.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst1467142373590626856031320170806.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst1467474104229587085401803213655.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14681484991251903160672359754657.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14681486902694583711700251155047.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst1468479340408924820189011830343.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14687581252713290984917875264700.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14690476201682370768240824406431.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14705207739875568615972346854463.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14705213241424503384726720653149.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14705215084403634733053266734863.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14724552928958567088543525003503.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14727175232697622061414927758454.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14737040801981413539132094169533.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst1474227052162208714471026315667.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14766485874857272914658597369947.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst147784312218740038516683616782.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14791458090498811035416662515264.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14791458749146924036896211452428.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst1479835524491857729215312680380.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14798355954305155549603754083907.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14801094244583537955456490760948.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14801585771677296991781023047844.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14802539962922624394743094696380.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14804573376228009198130794620497.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14808081260431682862107738428126.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14808081976136266584678573499911.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst1481141379641272711898520819239.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14829529598674958573192014259451.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst1482952983695370526183936295215.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14829530547812625117891364622900.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14833943257878626089428117963432.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14837284202687579557460297997820.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14844128558507647573315733795095.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14844129267438548671345532692572.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14855027981507765963786804004817.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14856001310083507853408320033367.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14856276896376614075077658081999.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14862997595907570958553295247894.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14862999505437626802674288699752.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14863019724066436302293497007475.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14868183413901732071552239414030.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14878307876085302576794428568510.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14878510545741646993872006506691.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst14879465307055649559598068830445.jar
C:\Users\I.M\AppData\Local\Temp\lastChanceDst1488105756469458520236001021328.jar
C:\Users\I.M\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_20160517_135656511.html
C:\Users\I.M\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_20160517_140434227.html
C:\Users\I.M\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_20160517_144950138.html
C:\Users\I.M\AppData\Local\Temp\Microsoft Visual C++ 2010  x64 Redistributable Setup_20160606_181836297-Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219-MSP0.txt
C:\Users\I.M\AppData\Local\Temp\Microsoft Visual C++ 2010  x64 Redistributable Setup_20160606_181836297.html
C:\Users\I.M\AppData\Local\Temp\Microsoft Visual C++ 2010  x86 Redistributable Setup_20160406_123251249.html
C:\Users\I.M\AppData\Local\Temp\MSI2a053.LOG
C:\Users\I.M\AppData\Local\Temp\MSI356c7.LOG
C:\Users\I.M\AppData\Local\Temp\MSI357e0.LOG
C:\Users\I.M\AppData\Local\Temp\MSI3b6fe.LOG
C:\Users\I.M\AppData\Local\Temp\MSI5dae4.LOG
C:\Users\I.M\AppData\Local\Temp\MSI61c28.LOG
C:\Users\I.M\AppData\Local\Temp\MSI62eec.LOG
C:\Users\I.M\AppData\Local\Temp\MSI64431.LOG
C:\Users\I.M\AppData\Local\Temp\MSI65508.LOG
C:\Users\I.M\AppData\Local\Temp\MSI78d40.LOG
C:\Users\I.M\AppData\Local\Temp\MSI8bbef.LOG
C:\Users\I.M\AppData\Local\Temp\MSI8c071.LOG
C:\Users\I.M\AppData\Local\Temp\MSI8c293.LOG
C:\Users\I.M\AppData\Local\Temp\MSI9b01b.LOG
C:\Users\I.M\AppData\Local\Temp\MSIa9dd3.LOG
C:\Users\I.M\AppData\Local\Temp\others
C:\Users\I.M\AppData\Local\Temp\PCW494A.tmp
C:\Users\I.M\AppData\Local\Temp\PCW494A.xml
C:\Users\I.M\AppData\Local\Temp\PCW6793.tmp
C:\Users\I.M\AppData\Local\Temp\PCW6793.xml
C:\Users\I.M\AppData\Local\Temp\PidGenX.dll
C:\Users\I.M\AppData\Local\Temp\pool.bin
C:\Users\I.M\AppData\Local\Temp\proxy_vole2693477123910374607.dll
C:\Users\I.M\AppData\Local\Temp\proxy_vole3890187304628025940.dll
C:\Users\I.M\AppData\Local\Temp\proxy_vole5486331815397081489.dll
C:\Users\I.M\AppData\Local\Temp\psuser.dll19eb58
C:\Users\I.M\AppData\Local\Temp\qtsingleapp-AFDAEE-a617-1-lockfile
C:\Users\I.M\AppData\Local\Temp\qtsingleapp-FAAADB-29a1-1-lockfile
C:\Users\I.M\AppData\Local\Temp\rasD613.tmp
C:\Users\I.M\AppData\Local\Temp\RemoveTemp.exe
C:\Users\I.M\AppData\Local\Temp\RGI196B.tmp
C:\Users\I.M\AppData\Local\Temp\RGI196B.tmp-tmp
C:\Users\I.M\AppData\Local\Temp\RGI77EA.tmp
C:\Users\I.M\AppData\Local\Temp\rim_usb_install_log-(2016-05-14)-1233.log
C:\Users\I.M\AppData\Local\Temp\rim_usb_install_log-(2016-05-14)-1236.log
C:\Users\I.M\AppData\Local\Temp\rim_usb_install_log-(2016-05-14)-1238.log
C:\Users\I.M\AppData\Local\Temp\rim_usb_install_log-(2016-05-14)-1239.log
C:\Users\I.M\AppData\Local\Temp\rim_usb_install_log-(2016-05-14)-1240.log
C:\Users\I.M\AppData\Local\Temp\rim_usb_install_log-(2016-12-02)-1631.log
C:\Users\I.M\AppData\Local\Temp\rim_usb_install_log-(2016-12-02)-1638.log
C:\Users\I.M\AppData\Local\Temp\rim_usb_install_log-(2016-12-03)-1635.log
C:\Users\I.M\AppData\Local\Temp\rim_usb_install_log-(2016-12-03)-1636.log
C:\Users\I.M\AppData\Local\Temp\rim_vsp_install_log-(2016-05-14)-1233.log
C:\Users\I.M\AppData\Local\Temp\rim_vsp_install_log-(2016-05-14)-1236.log
C:\Users\I.M\AppData\Local\Temp\rim_vsp_install_log-(2016-05-14)-1237.log
C:\Users\I.M\AppData\Local\Temp\rim_vsp_install_log-(2016-05-14)-1240.log
C:\Users\I.M\AppData\Local\Temp\rim_vsp_install_log-(2016-05-14)-1241.log
C:\Users\I.M\AppData\Local\Temp\rim_vsp_install_log-(2016-12-02)-1631.log
C:\Users\I.M\AppData\Local\Temp\rim_vsp_install_log-(2016-12-02)-1638.log
C:\Users\I.M\AppData\Local\Temp\rim_vsp_install_log-(2016-12-03)-1636.log
C:\Users\I.M\AppData\Local\Temp\rim_vsp_install_log-(2016-12-03)-1637.log
C:\Users\I.M\AppData\Local\Temp\savegame.txt
C:\Users\I.M\AppData\Local\Temp\SDCrash.log
C:\Users\I.M\AppData\Local\Temp\set27FD.tmp
C:\Users\I.M\AppData\Local\Temp\Setup Log 2016-04-28 #001.txt
C:\Users\I.M\AppData\Local\Temp\Setup Log 2016-08-10 #001.txt
C:\Users\I.M\AppData\Local\Temp\Setup Log 2016-08-24 #001.txt
C:\Users\I.M\AppData\Local\Temp\Setup Log 2017-01-03 #001.txt
C:\Users\I.M\AppData\Local\Temp\Setup Log 2017-01-04 #001.txt
C:\Users\I.M\AppData\Local\Temp\Setup Log 2017-01-21 #001.txt
C:\Users\I.M\AppData\Local\Temp\Setup Log 2017-01-21 #002.txt
C:\Users\I.M\AppData\Local\Temp\Setup Log 2017-02-18 #001.txt
C:\Users\I.M\AppData\Local\Temp\SetupAdmin1450.log
C:\Users\I.M\AppData\Local\Temp\Silverlight0.log
C:\Users\I.M\AppData\Local\Temp\SilverlightMSI.log
C:\Users\I.M\AppData\Local\Temp\SIntf16.dll
C:\Users\I.M\AppData\Local\Temp\SIntf32.dll
C:\Users\I.M\AppData\Local\Temp\SIntfNT.dll
C:\Users\I.M\AppData\Local\Temp\site.txt
C:\Users\I.M\AppData\Local\Temp\SkypeSetup.exe
C:\Users\I.M\AppData\Local\Temp\tasklisten.exe
C:\Users\I.M\AppData\Local\Temp\The Battle for Middle-earth_uninst.exe
C:\Users\I.M\AppData\Local\Temp\tmp28f8d10e.tmp
C:\Users\I.M\AppData\Local\Temp\tmp2cfd3549.tmp
C:\Users\I.M\AppData\Local\Temp\tmp3fd2bbba.tmp
C:\Users\I.M\AppData\Local\Temp\tmp453812ff.tmp
C:\Users\I.M\AppData\Local\Temp\tmp490623ce.tmp
C:\Users\I.M\AppData\Local\Temp\tmp4d9c59c6.tmp
C:\Users\I.M\AppData\Local\Temp\tmp557ca041.tmp
C:\Users\I.M\AppData\Local\Temp\tmp5cd49be2.tmp
C:\Users\I.M\AppData\Local\Temp\tmp6c283f2d.tmp
C:\Users\I.M\AppData\Local\Temp\tmp799f4ccf.tmp
C:\Users\I.M\AppData\Local\Temp\Uninstall.exe
C:\Users\I.M\AppData\Local\Temp\Uninstaller-9200.exe
C:\Users\I.M\AppData\Local\Temp\VmwareCheckStatus.ini
C:\Users\I.M\AppData\Local\Temp\VmwareCheckStatus.txt
C:\Users\I.M\AppData\Local\Temp\VmwareCheckStatusFail.txt
C:\Users\I.M\AppData\Local\Temp\VmwareCheckStatusPass.txt
C:\Users\I.M\AppData\Local\Temp\wctAC79.tmp
C:\Users\I.M\AppData\Local\Temp\wlsC499.tmp
C:\Users\I.M\AppData\Local\Temp\wlsC8AF.tmp
C:\Users\I.M\AppData\Local\Temp\wmsetup.log
C:\Users\I.M\AppData\Local\Temp\XPC6BFC.tmp
C:\Users\I.M\AppData\Local\Temp\XPC6BFC.tmp.bmp
C:\Users\I.M\AppData\Local\Temp\XPCC88A.tmp
C:\Users\I.M\AppData\Local\Temp\XPCC88A.tmp.bmp
C:\Users\I.M\AppData\Local\Temp\XPCC88B.tmp
C:\Users\I.M\AppData\Local\Temp\XPCC88B.tmp.bmp
C:\Users\I.M\AppData\Local\Temp\_is5304.tmp
C:\Users\I.M\AppData\Local\Temp\_isE022.tmp
C:\Users\I.M\AppData\Local\Temp\_isE042.tmp
C:\Users\I.M\AppData\Local\Temp\_isE795.tmp
C:\Users\I.M\AppData\Local\Temp\{D5068583-D569-468B-9755-5FBF5848F46F}.log
C:\Users\I.M\AppData\Local\Temp\~DF021296E89E410E40.TMP
C:\Users\I.M\AppData\Local\Temp\~DF0246985AF710AF37.TMP
C:\Users\I.M\AppData\Local\Temp\~DF02485F5ECCCF516D.TMP
C:\Users\I.M\AppData\Local\Temp\~DF0288505661559C32.TMP
C:\Users\I.M\AppData\Local\Temp\~DF033BEC81C196A07E.TMP
C:\Users\I.M\AppData\Local\Temp\~DF037573305D6104CE.TMP
C:\Users\I.M\AppData\Local\Temp\~DF03B481613F9EE868.TMP
C:\Users\I.M\AppData\Local\Temp\~DF04DFAFB1CAFFBF04.TMP
C:\Users\I.M\AppData\Local\Temp\~DF04F5C9DCABB5BFCA.TMP
C:\Users\I.M\AppData\Local\Temp\~DF05015520F3C0EA6E.TMP
C:\Users\I.M\AppData\Local\Temp\~DF050A1598ED3D5B3B.TMP
C:\Users\I.M\AppData\Local\Temp\~DF0530A54DDF5BF53E.TMP
C:\Users\I.M\AppData\Local\Temp\~DF0550BF3126CF9646.TMP
C:\Users\I.M\AppData\Local\Temp\~DF06653357928A74BC.TMP
C:\Users\I.M\AppData\Local\Temp\~DF075DA84BFBF92A52.TMP
C:\Users\I.M\AppData\Local\Temp\~DF08156DE1C1ECE8A4.TMP
C:\Users\I.M\AppData\Local\Temp\~DF08655CBBBF5A3A33.TMP
C:\Users\I.M\AppData\Local\Temp\~DF0979ACEF641E17A7.TMP
C:\Users\I.M\AppData\Local\Temp\~DF0A0E01B251474A6B.TMP
C:\Users\I.M\AppData\Local\Temp\~DF0AB01C67860E41B5.TMP
C:\Users\I.M\AppData\Local\Temp\~DF0B660B2AC5A83A7E.TMP
C:\Users\I.M\AppData\Local\Temp\~DF0BCB087378C945DB.TMP
C:\Users\I.M\AppData\Local\Temp\~DF0C1AD6539C2C4F4D.TMP
C:\Users\I.M\AppData\Local\Temp\~DF0C6C8AD9B0B9251A.TMP
C:\Users\I.M\AppData\Local\Temp\~DF0C8870DE5428E471.TMP
C:\Users\I.M\AppData\Local\Temp\~DF0DBF80DFCB8D7E5E.TMP
C:\Users\I.M\AppData\Local\Temp\~DF0DC624E48AF114F6.TMP
C:\Users\I.M\AppData\Local\Temp\~DF0E0A5878320A880C.TMP
C:\Users\I.M\AppData\Local\Temp\~DF0E18BF49C1BBCE12.TMP
C:\Users\I.M\AppData\Local\Temp\~DF0E67A7189553A410.TMP
C:\Users\I.M\AppData\Local\Temp\~DF0E6BDEB07A10D23E.TMP
C:\Users\I.M\AppData\Local\Temp\~DF0F9F9793BE32FA13.TMP
C:\Users\I.M\AppData\Local\Temp\~DF101AC13BFA1EA138.TMP
C:\Users\I.M\AppData\Local\Temp\~DF10229819EF03BC10.TMP
C:\Users\I.M\AppData\Local\Temp\~DF12C13627B7F75272.TMP
C:\Users\I.M\AppData\Local\Temp\~DF13C51413B10F2B7A.TMP
C:\Users\I.M\AppData\Local\Temp\~DF13C7E5EDB8BE3E1C.TMP
C:\Users\I.M\AppData\Local\Temp\~DF14F989352825B3F2.TMP
C:\Users\I.M\AppData\Local\Temp\~DF152916CE492B5BF9.TMP
C:\Users\I.M\AppData\Local\Temp\~DF1570DF2AA792ADD0.TMP
C:\Users\I.M\AppData\Local\Temp\~DF15898BEF862E4C91.TMP
C:\Users\I.M\AppData\Local\Temp\~DF15B6F870F2A080BB.TMP
C:\Users\I.M\AppData\Local\Temp\~DF15FFE152B52F2091.TMP
C:\Users\I.M\AppData\Local\Temp\~DF165C8DF224D7AA5C.TMP
C:\Users\I.M\AppData\Local\Temp\~DF167A9A620E52237A.TMP
C:\Users\I.M\AppData\Local\Temp\~DF16F907115B93F3BC.TMP
C:\Users\I.M\AppData\Local\Temp\~DF17635710E4CE9D66.TMP
C:\Users\I.M\AppData\Local\Temp\~DF18AF556627804A75.TMP
C:\Users\I.M\AppData\Local\Temp\~DF18DB557A32C8670C.TMP
C:\Users\I.M\AppData\Local\Temp\~DF194E3557439B2910.TMP
C:\Users\I.M\AppData\Local\Temp\~DF19AA5F4C854DD883.TMP
C:\Users\I.M\AppData\Local\Temp\~DF1A4001F139E513C3.TMP
C:\Users\I.M\AppData\Local\Temp\~DF1ACE14544F1EE4DF.TMP
C:\Users\I.M\AppData\Local\Temp\~DF1AE2D9B00A4F4F6F.TMP
C:\Users\I.M\AppData\Local\Temp\~DF1B5CFCB7A7C924E0.TMP
C:\Users\I.M\AppData\Local\Temp\~DF1B7A4E71CA01EB95.TMP
C:\Users\I.M\AppData\Local\Temp\~DF1C8D4F00B1AA4D46.TMP
C:\Users\I.M\AppData\Local\Temp\~DF1D0B229CCEAB7D21.TMP
C:\Users\I.M\AppData\Local\Temp\~DF1D40D7AF8B36B6F5.TMP
C:\Users\I.M\AppData\Local\Temp\~DF1E548848B1B0DEDA.TMP
C:\Users\I.M\AppData\Local\Temp\~DF1EECD0DC0C892B01.TMP
C:\Users\I.M\AppData\Local\Temp\~DF1EEF35AC9E6E8A28.TMP
C:\Users\I.M\AppData\Local\Temp\~DF1F0AB84FAFE32342.TMP
C:\Users\I.M\AppData\Local\Temp\~DF1F184EFFDBDD02E9.TMP
C:\Users\I.M\AppData\Local\Temp\~DF2068FA77AF24D547.TMP
C:\Users\I.M\AppData\Local\Temp\~DF20E5817E0467678C.TMP
C:\Users\I.M\AppData\Local\Temp\~DF20F01F5D10404CB3.TMP
C:\Users\I.M\AppData\Local\Temp\~DF213721050FC548FF.TMP
C:\Users\I.M\AppData\Local\Temp\~DF21418EB4CE9668FA.TMP
C:\Users\I.M\AppData\Local\Temp\~DF21747FC8390FC398.TMP
C:\Users\I.M\AppData\Local\Temp\~DF21B6BB7291E54820.TMP
C:\Users\I.M\AppData\Local\Temp\~DF22DA4AAF88D22923.TMP
C:\Users\I.M\AppData\Local\Temp\~DF22F830CDE8C53F99.TMP
C:\Users\I.M\AppData\Local\Temp\~DF2302FF805F49ED9C.TMP
C:\Users\I.M\AppData\Local\Temp\~DF234DC55247721AFE.TMP
C:\Users\I.M\AppData\Local\Temp\~DF23C3F23694AF597E.TMP
C:\Users\I.M\AppData\Local\Temp\~DF242D315D3EEFC9FF.TMP
C:\Users\I.M\AppData\Local\Temp\~DF243E8508358B655F.TMP
C:\Users\I.M\AppData\Local\Temp\~DF245DA3F8159789F0.TMP
C:\Users\I.M\AppData\Local\Temp\~DF25015C4165A86B01.TMP
C:\Users\I.M\AppData\Local\Temp\~DF262CC2962F94A673.TMP
C:\Users\I.M\AppData\Local\Temp\~DF2753A4CFBE5BB0F9.TMP
C:\Users\I.M\AppData\Local\Temp\~DF2765347503AB5D0B.TMP
C:\Users\I.M\AppData\Local\Temp\~DF276E15FE66C49B5A.TMP
C:\Users\I.M\AppData\Local\Temp\~DF2964CA7C9B23034D.TMP
C:\Users\I.M\AppData\Local\Temp\~DF2B2BC3157AB43A20.TMP
C:\Users\I.M\AppData\Local\Temp\~DF2B5C2E92F84FE911.TMP
C:\Users\I.M\AppData\Local\Temp\~DF2C10996AE5A7705F.TMP
C:\Users\I.M\AppData\Local\Temp\~DF2C9EB3FFFCF6563D.TMP
C:\Users\I.M\AppData\Local\Temp\~DF2D222FC4DA7EFDC9.TMP
C:\Users\I.M\AppData\Local\Temp\~DF2E0358770D7B2719.TMP
C:\Users\I.M\AppData\Local\Temp\~DF2E8EA6D715BAFFE7.TMP
C:\Users\I.M\AppData\Local\Temp\~DF2EFD681210C02AB4.TMP
C:\Users\I.M\AppData\Local\Temp\~DF2F00DC1E975DBF12.TMP
C:\Users\I.M\AppData\Local\Temp\~DF2F5B9DD0A75FF706.TMP
C:\Users\I.M\AppData\Local\Temp\~DF2FA47241CC7289AD.TMP
C:\Users\I.M\AppData\Local\Temp\~DF3237D1F05C3C507F.TMP
C:\Users\I.M\AppData\Local\Temp\~DF33A0E82C18FC0A71.TMP
C:\Users\I.M\AppData\Local\Temp\~DF33D31A3A289A030A.TMP
C:\Users\I.M\AppData\Local\Temp\~DF341044C66FDCD535.TMP
C:\Users\I.M\AppData\Local\Temp\~DF3465A98D85FE5151.TMP
C:\Users\I.M\AppData\Local\Temp\~DF3468E2EE3BA66406.TMP
C:\Users\I.M\AppData\Local\Temp\~DF348A0DEAF72EC697.TMP
C:\Users\I.M\AppData\Local\Temp\~DF349635842CE9AAD3.TMP
C:\Users\I.M\AppData\Local\Temp\~DF3498248CF6AFA523.TMP
C:\Users\I.M\AppData\Local\Temp\~DF34BFC423CE46676A.TMP
C:\Users\I.M\AppData\Local\Temp\~DF34CC5331784A4C0A.TMP
C:\Users\I.M\AppData\Local\Temp\~DF35249D5DD8E22C20.TMP
C:\Users\I.M\AppData\Local\Temp\~DF35A4ABAE49DB1BB7.TMP
C:\Users\I.M\AppData\Local\Temp\~DF3605287439DD1944.TMP
C:\Users\I.M\AppData\Local\Temp\~DF368E28E5A02A0C00.TMP
C:\Users\I.M\AppData\Local\Temp\~DF37850601B823C783.TMP
C:\Users\I.M\AppData\Local\Temp\~DF37B1EC4536D4C190.TMP
C:\Users\I.M\AppData\Local\Temp\~DF37C26700A4F81407.TMP
C:\Users\I.M\AppData\Local\Temp\~DF38184F7F4A5F388C.TMP
C:\Users\I.M\AppData\Local\Temp\~DF38DBEACCD087C426.TMP
C:\Users\I.M\AppData\Local\Temp\~DF394B974630F6818A.TMP
C:\Users\I.M\AppData\Local\Temp\~DF3A765462991C82C5.TMP
C:\Users\I.M\AppData\Local\Temp\~DF3AAC9571FB02B2BC.TMP
C:\Users\I.M\AppData\Local\Temp\~DF3B021EF9D609ABFB.TMP
C:\Users\I.M\AppData\Local\Temp\~DF3B1C6455F1DDBC06.TMP
C:\Users\I.M\AppData\Local\Temp\~DF3B6B320646BEEE0C.TMP
C:\Users\I.M\AppData\Local\Temp\~DF3C5B376D45EEBA1F.TMP
C:\Users\I.M\AppData\Local\Temp\~DF3CA6E63F9F5D92F0.TMP
C:\Users\I.M\AppData\Local\Temp\~DF3CB1956E314C00C2.TMP
C:\Users\I.M\AppData\Local\Temp\~DF3CE4E87CD7C30283.TMP
C:\Users\I.M\AppData\Local\Temp\~DF3DA1254B445D8312.TMP
C:\Users\I.M\AppData\Local\Temp\~DF3DAA35EDE1227C81.TMP
C:\Users\I.M\AppData\Local\Temp\~DF3DC397C83BD546AC.TMP
C:\Users\I.M\AppData\Local\Temp\~DF3E44445DD10FE0FD.TMP
C:\Users\I.M\AppData\Local\Temp\~DF3FB5FEBFA79296E0.TMP
C:\Users\I.M\AppData\Local\Temp\~DF40A24C7ED844A354.TMP
C:\Users\I.M\AppData\Local\Temp\~DF410B6560B224E9DD.TMP
C:\Users\I.M\AppData\Local\Temp\~DF41220EB100EF2F2E.TMP
C:\Users\I.M\AppData\Local\Temp\~DF41EB8E29351C446D.TMP
C:\Users\I.M\AppData\Local\Temp\~DF41F00F4AC2522EF5.TMP
C:\Users\I.M\AppData\Local\Temp\~DF4332CDEC2CA5A9F6.TMP
C:\Users\I.M\AppData\Local\Temp\~DF43E239EB91E8F759.TMP
C:\Users\I.M\AppData\Local\Temp\~DF456320F95E673B43.TMP
C:\Users\I.M\AppData\Local\Temp\~DF45C16E12EE2FC87A.TMP
C:\Users\I.M\AppData\Local\Temp\~DF466157A0EBA4D7DF.TMP
C:\Users\I.M\AppData\Local\Temp\~DF46E542E73A2438DA.TMP
C:\Users\I.M\AppData\Local\Temp\~DF46F442AFCC598528.TMP
C:\Users\I.M\AppData\Local\Temp\~DF4900BE15B709AF7E.TMP
C:\Users\I.M\AppData\Local\Temp\~DF49F1E8BBEACB9CEC.TMP
C:\Users\I.M\AppData\Local\Temp\~DF4A2CDC042276ED55.TMP
C:\Users\I.M\AppData\Local\Temp\~DF4AC77095C30EFD15.TMP
C:\Users\I.M\AppData\Local\Temp\~DF4AC8B341F0813AED.TMP
C:\Users\I.M\AppData\Local\Temp\~DF4AF84A1A961DCB04.TMP
C:\Users\I.M\AppData\Local\Temp\~DF4B04464F5225CC04.TMP
C:\Users\I.M\AppData\Local\Temp\~DF4C779357E3CFAF9B.TMP
C:\Users\I.M\AppData\Local\Temp\~DF4C850DC69F6EFB38.TMP
C:\Users\I.M\AppData\Local\Temp\~DF4CD01B935665DF68.TMP
C:\Users\I.M\AppData\Local\Temp\~DF4D44317D767E7AFB.TMP
C:\Users\I.M\AppData\Local\Temp\~DF4D53CE5575D34FE8.TMP
C:\Users\I.M\AppData\Local\Temp\~DF4D7226036C89D0DA.TMP
C:\Users\I.M\AppData\Local\Temp\~DF4E30FC4A82676BA3.TMP
C:\Users\I.M\AppData\Local\Temp\~DF4E59FA87737D88C4.TMP
C:\Users\I.M\AppData\Local\Temp\~DF4F0301FCEE854968.TMP
C:\Users\I.M\AppData\Local\Temp\~DF50A898DF053650D4.TMP
C:\Users\I.M\AppData\Local\Temp\~DF5130241DCFDB9144.TMP
C:\Users\I.M\AppData\Local\Temp\~DF525ED36B2559BDCD.TMP
C:\Users\I.M\AppData\Local\Temp\~DF527EB62B8A1A967F.TMP
C:\Users\I.M\AppData\Local\Temp\~DF52BE57A6997D039C.TMP
C:\Users\I.M\AppData\Local\Temp\~DF52D1030513D88C41.TMP
C:\Users\I.M\AppData\Local\Temp\~DF52D7E2EA0A2D28F2.TMP
C:\Users\I.M\AppData\Local\Temp\~DF53208EAAEA61955F.TMP
C:\Users\I.M\AppData\Local\Temp\~DF5394B8AB18E55596.TMP
C:\Users\I.M\AppData\Local\Temp\~DF53D6CD5B93E30F55.TMP
C:\Users\I.M\AppData\Local\Temp\~DF541887327EED5731.TMP
C:\Users\I.M\AppData\Local\Temp\~DF546055196932D362.TMP
C:\Users\I.M\AppData\Local\Temp\~DF5477D45B28A92480.TMP
C:\Users\I.M\AppData\Local\Temp\~DF54983F7E85D09DAF.TMP
C:\Users\I.M\AppData\Local\Temp\~DF5502D6F975A86F37.TMP
C:\Users\I.M\AppData\Local\Temp\~DF555BDBEB8DFAC4B1.TMP
C:\Users\I.M\AppData\Local\Temp\~DF55DB4D9DDFD0E706.TMP
C:\Users\I.M\AppData\Local\Temp\~DF562C40D15F36DFCA.TMP
C:\Users\I.M\AppData\Local\Temp\~DF563D79A30755D709.TMP
C:\Users\I.M\AppData\Local\Temp\~DF56566BE09F7E36EB.TMP
C:\Users\I.M\AppData\Local\Temp\~DF56B26BA4D88A1EA0.TMP
C:\Users\I.M\AppData\Local\Temp\~DF57464AC52090D4F5.TMP
C:\Users\I.M\AppData\Local\Temp\~DF57DBBFB157313DFE.TMP
C:\Users\I.M\AppData\Local\Temp\~DF5802BC9AF0E3D616.TMP
C:\Users\I.M\AppData\Local\Temp\~DF586856E578AD0A62.TMP
C:\Users\I.M\AppData\Local\Temp\~DF587A9373F81CC5D2.TMP
C:\Users\I.M\AppData\Local\Temp\~DF59C72E7216348CE1.TMP
C:\Users\I.M\AppData\Local\Temp\~DF5A4A172512E5F1CD.TMP
C:\Users\I.M\AppData\Local\Temp\~DF5A7A6E217F70A5A1.TMP
C:\Users\I.M\AppData\Local\Temp\~DF5BCBFAED9346B2F9.TMP
C:\Users\I.M\AppData\Local\Temp\~DF5BF49E56A3F15309.TMP
C:\Users\I.M\AppData\Local\Temp\~DF5C39296E6EDE1DF1.TMP
C:\Users\I.M\AppData\Local\Temp\~DF5CFE6BC3DE1A1EFB.TMP
C:\Users\I.M\AppData\Local\Temp\~DF5D03D5E671C378B3.TMP
C:\Users\I.M\AppData\Local\Temp\~DF5D37386DC1047A51.TMP
C:\Users\I.M\AppData\Local\Temp\~DF5D87104A0E7B7D0C.TMP
C:\Users\I.M\AppData\Local\Temp\~DF5DB27F4BCC9B8418.TMP
C:\Users\I.M\AppData\Local\Temp\~DF5DE16D9687A55B45.TMP
C:\Users\I.M\AppData\Local\Temp\~DF5E4BE635CFC5E6F4.TMP
C:\Users\I.M\AppData\Local\Temp\~DF5EFE133F81755AF8.TMP
C:\Users\I.M\AppData\Local\Temp\~DF60BDCD1D3E205904.TMP
C:\Users\I.M\AppData\Local\Temp\~DF611E03EC289E4832.TMP
C:\Users\I.M\AppData\Local\Temp\~DF6192C93FDAF18AA7.TMP
C:\Users\I.M\AppData\Local\Temp\~DF61DC2F41DFEEB3BA.TMP
C:\Users\I.M\AppData\Local\Temp\~DF61F27D81F5C031C1.TMP
C:\Users\I.M\AppData\Local\Temp\~DF64263D528B8AA66A.TMP
C:\Users\I.M\AppData\Local\Temp\~DF644981E62BC8B9ED.TMP
C:\Users\I.M\AppData\Local\Temp\~DF64B349AFBB9A3647.TMP
C:\Users\I.M\AppData\Local\Temp\~DF64F30096D331CB29.TMP
C:\Users\I.M\AppData\Local\Temp\~DF657180DE2BC8A2E6.TMP
C:\Users\I.M\AppData\Local\Temp\~DF66A8B50454FFBE70.TMP
C:\Users\I.M\AppData\Local\Temp\~DF66CBAC3B2223ADEE.TMP
C:\Users\I.M\AppData\Local\Temp\~DF671426B8D62873B5.TMP
C:\Users\I.M\AppData\Local\Temp\~DF671B5C608A95C94F.TMP
C:\Users\I.M\AppData\Local\Temp\~DF680BE56F10E0B105.TMP
C:\Users\I.M\AppData\Local\Temp\~DF689D13FFB08E15FB.TMP
C:\Users\I.M\AppData\Local\Temp\~DF68AC5C387AA75C91.TMP
C:\Users\I.M\AppData\Local\Temp\~DF68BC9709EFD5C897.TMP
C:\Users\I.M\AppData\Local\Temp\~DF690296E88A13AC92.TMP
C:\Users\I.M\AppData\Local\Temp\~DF69E3D469F23B7554.TMP
C:\Users\I.M\AppData\Local\Temp\~DF6BBEDFA3BFD51254.TMP
C:\Users\I.M\AppData\Local\Temp\~DF6CF57670F9222749.TMP
C:\Users\I.M\AppData\Local\Temp\~DF6D8D0F1EDF667682.TMP
C:\Users\I.M\AppData\Local\Temp\~DF6E6C7F8C67DED749.TMP
C:\Users\I.M\AppData\Local\Temp\~DF6EB85C15F8D6A2CC.TMP
C:\Users\I.M\AppData\Local\Temp\~DF6F300E63ED49609C.TMP

 

Themen zu mail.ru eingefangen, deinstalliert und trotzdem popups
appdata, beim starten, browser, chromium, einstellungen, explorer, free, helper, ics, install.exe, internet, internet explorer, langsam, launch, log, logfile, malwarebytes, microsoft, pop ups, popup, popups, revo uninstaller, rootkits, software, starten, system, temp, tunnel, ups, windows


« Ausgehende Verbindungen bei Chrome (Adware.ChinAd) | Chrome App Malware lässt sich nicht deinstallieren »


Ähnliche Themen: mail.ru eingefangen, deinstalliert und trotzdem popups


  1. Virus via E-Mail (Outlook) eingefangen
    Log-Analyse und Auswertung - 26.04.2015 (11)
  2. Trojaner eingefangen mit Telekom Mail
    Plagegeister aller Art und deren Bekämpfung - 04.06.2014 (3)
  3. Snap Do, Winzip Registry Optimizer und so Zeug eingefangen, deinstalliert, doch PC weiterhin langsam
    Plagegeister aller Art und deren Bekämpfung - 23.05.2014 (27)
  4. Win7 64 bit Anhang aus e-mail geöffnet; seitdem ungewollte popups und weitere Unregelmässigkeiten
    Log-Analyse und Auswertung - 08.04.2014 (13)
  5. delta search deinstalliert - trotzdem noch infiziert?
    Plagegeister aller Art und deren Bekämpfung - 24.04.2013 (5)
  6. Yontoo gefunden und deinstalliert. Trotzdem Netzwerktraffic.
    Log-Analyse und Auswertung - 20.04.2013 (2)
  7. mydirtyhobby.de mail nicht geöffnet -> trotzdem Trojaner mgl.?
    Plagegeister aller Art und deren Bekämpfung - 16.04.2013 (2)
  8. Google, FB startet nicht, Delta Search vor einer Woche bereits deinstalliert, ungewollte Werbeeinblendungen ebenfalls bereits deinstalliert
    Plagegeister aller Art und deren Bekämpfung - 27.02.2013 (7)
  9. GVU Virus eingefangen - Avira hat ihn "gekillt", trotzdem RUNDLL Fehler und Firefox tot
    Plagegeister aller Art und deren Bekämpfung - 11.08.2012 (28)
  10. Verschlüsselungstrojaner eingefangen! E-Mail Anhang geöffnet!
    Log-Analyse und Auswertung - 01.07.2012 (29)
  11. Trojaner eingefangen - mit Avira AntiVir bereits "gelöscht", trotzdem noch unsicher
    Log-Analyse und Auswertung - 30.10.2009 (1)
  12. Rootkit eingefangen / Nero kaputt / Popups
    Plagegeister aller Art und deren Bekämpfung - 22.07.2009 (1)
  13. Rootkit eingefangen / Popups
    Mülltonne - 22.07.2009 (0)
  14. E-mail trojanerprogramm eingefangen?
    Log-Analyse und Auswertung - 28.07.2008 (11)
  15. ZoneAlarm deinstalliert aber trotzdem noch Aktiv!!!???
    Log-Analyse und Auswertung - 23.09.2006 (10)
  16. Spyfalcon 2.0 Deinstalliert trotzdem F.meldung
    Plagegeister aller Art und deren Bekämpfung - 29.04.2006 (66)
  17. Hi hab mir was eingefangen und Hijack scheint trotzdem sauber zu sein!
    Log-Analyse und Auswertung - 22.12.2004 (20)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema mail.ru eingefangen, deinstalliert und trotzdem popups - Mahlzeit, habe mir gestern irgendwie dieses mail.ru Addon eingefangen. hätte es danach über addon`s bei den einstellungen bei internet explorer wieder entfernt, danach bei msconfig beim starten deaktiviert und letztendlich - mail.ru eingefangen, deinstalliert und trotzdem popups...
Archiv
Du betrachtest: mail.ru eingefangen, deinstalliert und trotzdem popups auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19