Malwarebytes meldet 17 PUPs, darunter 2 Malwares

Terrenay · 04.01.2018, 15:01

FRST:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 02.01.2018
durchgeführt von Sven (Administrator) auf MirjamZanetti (04-01-2018 13:30:28)
Gestartet von C:\Users\Sven\Desktop
Geladene Profile: Sven (Verfügbare Profile: Mirjam Zanetti & Sven & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Highresolution Enterprises) C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Flux Software LLC) C:\Users\Sven\AppData\Local\FluxSoftware\Flux\flux.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Sharkoon Technologies) C:\Program Files (x86)\Skiller PRO\Monitor.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\makecab.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

"Path" (%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Skype\Phone;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\GtkSharp\2.12\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\ -> %SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Skype\Phone;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\GtkSharp\2.12\bin;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\) <==== Repaired successfully
HKLM\...\Run: [XMouseButtonControl] => C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe [1161240 2016-05-22] (Highresolution Enterprises)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-05-06] (LogMeIn Inc.)
HKLM-x32\...\Run: [Skiller PRO] => C:\Program Files (x86)\Skiller PRO\Monitor.exe [475136 2015-07-17] (Sharkoon Technologies)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKU\S-1-5-21-1536315646-4119356758-1407283469-1001\...\Run: [f.lux] => C:\Users\Sven\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-1536315646-4119356758-1407283469-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Acer.scr [456224 2010-07-29] ()
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
Startup: C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk [2014-01-14]
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{CAFC688E-6314-427C-8B2E-F1D3D855A2BF}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-12-31] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-12-31] (Oracle Corporation)
BHO-x32: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll [2011-04-11] (BitComet)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper -> {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} -> C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2013-10-30] (Microsoft Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)

FireFox:
========
FF ProfilePath: C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\dk8rovbg.default-1456592647169 [2018-01-04]
FF Homepage: Mozilla\Firefox\Profiles\dk8rovbg.default-1456592647169 -> hxxps://www.ecosia.org/
FF Extension: (AdBlocker Ultimate) - C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\dk8rovbg.default-1456592647169\Extensions\adblockultimate@adblockultimate.net.xpi [2017-12-13]
FF Extension: (TubeBuddy for YouTube) - C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\dk8rovbg.default-1456592647169\Extensions\e389d8c2-5554-4ba2-a36e-ac7a57093130@gmail.com.xpi [2017-12-05]
FF Extension: (FocusBlocker) - C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\dk8rovbg.default-1456592647169\Extensions\jid1-AI8toZ8WSx5oLA@jetpack.xpi [2016-08-03] [Legacy]
FF Extension: (Rikaichan Japanese-German Dictionary File) - C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\dk8rovbg.default-1456592647169\Extensions\rikaichan-jpde@polarcloud.com [2017-03-13] [Legacy]
FF Extension: (Rikaichan Japanese-English Dictionary File) - C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\dk8rovbg.default-1456592647169\Extensions\rikaichan-jpen@polarcloud.com [2017-03-13] [Legacy]
FF Extension: (Rikaichan Japanese Names Dictionary File) - C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\dk8rovbg.default-1456592647169\Extensions\rikaichan-jpnames@polarcloud.com [2017-03-13] [Legacy]
FF Extension: (Rikaisama) - C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\dk8rovbg.default-1456592647169\Extensions\{697F6AFE-5321-4DE1-BFE6-4471C3721BD4} [2016-06-01] [Legacy]
FF Extension: (NoScript) - C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\dk8rovbg.default-1456592647169\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2018-01-01]
FF Extension: (iMacros for Firefox) - C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\dk8rovbg.default-1456592647169\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}.xpi [2016-08-09] [Legacy]
FF Extension: (Ecosia – Die Suchmaschine, die Bäume pflanzt) - C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\dk8rovbg.default-1456592647169\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2018-01-03]
FF Extension: (Adblock Plus) - C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\dk8rovbg.default-1456592647169\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-12-12]
FF Extension: (DownThemAll!) - C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\dk8rovbg.default-1456592647169\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-09-29] [Legacy]
FF Extension: (Greasemonkey) - C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\dk8rovbg.default-1456592647169\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2017-12-12]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_126.dll [2017-12-12] ()
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-12-31] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-12-31] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_126.dll [2017-12-12] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1221171.dll [2015-10-19] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll [2012-03-29] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-19] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2013-10-08] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1536315646-4119356758-1407283469-1001: @eximion.com/KalydoPlayer -> C:\Users\Sven\AppData\Roaming\Kalydo\KalydoPlayer\bin2\npkalydo.dll [2013-01-17] (Eximion B.V.)

Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Guest Profile [2011-01-03]
CHR Profile: C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Profile 1 [2011-01-03]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Profile: C:\Users\Sven\AppData\Local\Google\Chrome\User Data\System Profile [2011-01-03]
CHR Extension: (Google Präsentationen) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-02]
CHR Extension: (Google Docs) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-02]
CHR Extension: (Google Drive) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-02]
CHR Extension: (YouTube) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-02]
CHR Extension: (Google-Suche) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-02]
CHR Extension: (Google Tabellen) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-02]
CHR Extension: (Avira Browserschutz) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-06-02]
CHR Extension: (Bookmark Manager) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-06-02]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-02]
CHR Extension: (Google Wallet) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-02]
CHR Extension: (Google Mail) - C:\Users\Sven\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-02]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
S4 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (www.BitComet.com)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-08-07] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-08-07] (BlueStack Systems, Inc.)
S4 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [138032 2012-04-13] (Portrait Displays, Inc.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2014-01-28] (Futuremark)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [240736 2013-10-07] (WildTangent)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21304 2017-09-28] (Microsoft Corporation)
S4 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [419248 2016-05-06] (LogMeIn, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
S4 NoIPDUCService4; C:\Program Files (x86)\No-IP\ducservice.exe [12288 2015-07-20] () [Datei ist nicht signiert]
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5206008 2013-08-25] (INCA Internet Co., Ltd.) [Datei ist nicht signiert]
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1451848 2017-12-26] (Overwolf LTD)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [188072 2015-09-23] ()
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [129168 2015-11-13] (Razer Inc.)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [187904 2017-09-28] (Microsoft Corporation) [Datei ist nicht signiert]
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [129144 2017-08-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) <==== ACHTUNG (kein ServiceDLL)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-08-07] (BlueStack Systems)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2018-01-04] (Malwarebytes)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
R3 PdiPorts; C:\Windows\System32\DRIVERS\PdiPorts.sys [20784 2012-04-13] (Portrait Displays, Inc.)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-09-23] (Razer, Inc.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-10-16] (Anchorfree Inc.)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation)
S3 VSPerfDrv150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\VSPerfCollectionTools\VSPerfDrv150.sys [79528 2016-03-02] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-01-04 13:30 - 2018-01-04 13:35 - 000021779 _____ C:\Users\Sven\Desktop\FRST.txt
2018-01-04 13:30 - 2018-01-04 13:30 - 000000000 ____D C:\FRST
2018-01-04 13:29 - 2018-01-04 13:29 - 002393088 _____ (Farbar) C:\Users\Sven\Desktop\FRST64.exe
2017-12-30 13:12 - 2017-12-30 13:12 - 003175488 _____ C:\Users\Sven\Desktop\habits Seite 48.pdf
2017-12-28 21:19 - 2017-12-28 21:19 - 000000965 _____ C:\Users\Public\Desktop\Minecraft.lnk
2017-12-28 21:19 - 2017-12-28 21:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2017-12-28 21:18 - 2017-12-28 21:18 - 002314240 _____ C:\Users\Sven\Downloads\MinecraftInstaller.msi
2017-12-20 21:34 - 2018-01-04 13:25 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2017-12-20 21:33 - 2017-12-20 21:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-12-20 21:33 - 2017-12-20 21:33 - 000000000 ____D C:\ProgramData\MB3CoreBackup
2017-12-17 20:49 - 2017-12-17 20:50 - 000001815 _____ C:\Users\Sven\Desktop\dfs.txt
2017-12-17 19:47 - 2017-12-17 20:39 - 000002134 _____ C:\Users\Sven\Desktop\dfs_mit_allem.txt
2017-12-13 20:11 - 2017-11-14 04:57 - 025731072 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-12-13 20:11 - 2017-11-14 03:48 - 015267328 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-12-13 20:11 - 2017-11-14 02:10 - 020269056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-12-13 20:10 - 2017-11-15 02:27 - 000395968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-12-13 20:10 - 2017-11-15 01:36 - 000347336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-12-13 20:10 - 2017-11-14 04:43 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-12-13 20:10 - 2017-11-14 04:43 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-12-13 20:10 - 2017-11-14 04:32 - 002903552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-12-13 20:10 - 2017-11-14 04:31 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-12-13 20:10 - 2017-11-14 04:31 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-12-13 20:10 - 2017-11-14 04:30 - 000577024 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-12-13 20:10 - 2017-11-14 04:30 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-12-13 20:10 - 2017-11-14 04:30 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-12-13 20:10 - 2017-11-14 04:25 - 005925888 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-12-13 20:10 - 2017-11-14 04:24 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-12-13 20:10 - 2017-11-14 04:24 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-12-13 20:10 - 2017-11-14 04:21 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-12-13 20:10 - 2017-11-14 04:20 - 000817152 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-12-13 20:10 - 2017-11-14 04:20 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-12-13 20:10 - 2017-11-14 04:20 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-12-13 20:10 - 2017-11-14 04:20 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-12-13 20:10 - 2017-11-14 04:15 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-12-13 20:10 - 2017-11-14 04:12 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-12-13 20:10 - 2017-11-14 04:06 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-12-13 20:10 - 2017-11-14 04:06 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-12-13 20:10 - 2017-11-14 04:05 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-12-13 20:10 - 2017-11-14 04:03 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-12-13 20:10 - 2017-11-14 04:02 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-12-13 20:10 - 2017-11-14 04:00 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-12-13 20:10 - 2017-11-14 03:59 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-12-13 20:10 - 2017-11-14 03:51 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-12-13 20:10 - 2017-11-14 03:48 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-12-13 20:10 - 2017-11-14 03:48 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-12-13 20:10 - 2017-11-14 03:47 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-12-13 20:10 - 2017-11-14 03:46 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-12-13 20:10 - 2017-11-14 03:39 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-12-13 20:10 - 2017-11-14 03:27 - 001544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-12-13 20:10 - 2017-11-14 03:16 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-12-13 20:10 - 2017-11-14 02:37 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-12-13 20:10 - 2017-11-14 02:15 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-12-13 20:10 - 2017-11-14 02:15 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-12-13 20:10 - 2017-11-14 02:15 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-12-13 20:10 - 2017-11-14 01:32 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-12-13 20:10 - 2017-11-14 01:31 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-12-13 20:10 - 2017-11-07 21:56 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-12-13 20:10 - 2017-11-07 21:46 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-12-13 20:10 - 2017-11-07 21:46 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-12-13 20:10 - 2017-11-07 21:46 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-12-13 20:10 - 2017-11-07 21:44 - 002293760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-12-13 20:10 - 2017-11-07 21:41 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-12-13 20:10 - 2017-11-07 21:41 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-12-13 20:10 - 2017-11-07 21:40 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-12-13 20:10 - 2017-11-07 21:39 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-12-13 20:10 - 2017-11-07 21:38 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-12-13 20:10 - 2017-11-07 21:38 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-12-13 20:10 - 2017-11-07 21:29 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-12-13 20:10 - 2017-11-07 21:28 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-12-13 20:10 - 2017-11-07 21:28 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-12-13 20:10 - 2017-11-07 21:27 - 004509696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-12-13 20:10 - 2017-11-07 21:26 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-12-13 20:10 - 2017-11-07 21:24 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-12-13 20:10 - 2017-11-07 21:19 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-12-13 20:10 - 2017-11-07 21:18 - 000694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-12-13 20:10 - 2017-11-07 21:17 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-12-13 20:10 - 2017-11-07 21:17 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-12-13 20:10 - 2017-11-07 21:04 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-12-13 20:10 - 2017-11-07 21:01 - 001313280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-12-13 20:10 - 2017-11-07 20:58 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-12-13 20:10 - 2017-11-07 17:31 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-12-13 20:10 - 2017-11-07 17:13 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-12-13 20:10 - 2017-11-04 16:31 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2017-12-13 20:10 - 2017-11-04 16:31 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2017-12-13 20:10 - 2017-11-04 16:10 - 000158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2017-12-13 20:10 - 2017-11-04 16:10 - 000142336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2017-12-13 20:10 - 2017-11-02 17:55 - 000281600 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
2017-12-13 20:10 - 2017-11-02 17:55 - 000138240 _____ (Microsoft Corporation) C:\Windows\system32\rtm.dll
2017-12-13 20:10 - 2017-11-02 17:55 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\mprdim.dll
2017-12-13 20:10 - 2017-11-02 17:55 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\iprtprio.dll
2017-12-13 20:10 - 2017-11-02 16:11 - 000271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll
2017-12-13 20:10 - 2017-11-02 16:11 - 000115200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtm.dll
2017-12-13 20:10 - 2017-11-02 16:11 - 000075264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprdim.dll
2017-12-13 20:10 - 2017-11-02 15:56 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtprio.dll
2017-12-13 20:10 - 2017-10-17 00:04 - 001001984 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2017-12-13 20:10 - 2017-10-16 23:46 - 000953344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2017-12-13 20:10 - 2017-10-12 01:20 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2017-12-05 22:31 - 2017-12-05 22:31 - 000000000 ____D C:\Users\Sven\AppData\Local\pip
2017-12-05 22:27 - 2017-12-23 23:06 - 000000000 ____D C:\Users\Sven\Documents\Python Dateien

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-01-04 13:30 - 2016-11-22 20:51 - 000000000 ____D C:\Users\Sven\AppData\LocalLow\Mozilla
2018-01-04 13:28 - 2013-03-03 19:30 - 000000000 ____D C:\Users\Sven\AppData\Local\LogMeIn Hamachi
2018-01-04 13:24 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-01-03 23:09 - 2014-01-23 12:44 - 000000320 _____ C:\Windows\Tasks\HP Photo Creations Communicator.job
2018-01-03 13:39 - 2009-07-14 05:45 - 000024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-01-03 13:39 - 2009-07-14 05:45 - 000024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-01-02 12:30 - 2014-01-26 17:18 - 000001060 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1536315646-4119356758-1407283469-1002Core.job
2018-01-02 03:29 - 2014-01-01 15:21 - 000000000 ____D C:\Program Files (x86)\Overwolf
2017-12-31 21:00 - 2016-04-03 10:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-12-31 21:00 - 2015-10-03 11:29 - 000000000 ____D C:\Program Files\Java
2017-12-31 20:59 - 2016-04-03 10:13 - 000110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2017-12-31 20:50 - 2012-06-24 19:13 - 000742794 _____ C:\Windows\system32\perfh010.dat
2017-12-31 20:50 - 2012-06-24 19:13 - 000152352 _____ C:\Windows\system32\perfc010.dat
2017-12-31 20:50 - 2012-06-24 19:06 - 000748104 _____ C:\Windows\system32\perfh00C.dat
2017-12-31 20:50 - 2012-06-24 19:06 - 000154994 _____ C:\Windows\system32\perfc00C.dat
2017-12-31 20:50 - 2012-06-24 18:58 - 000710502 _____ C:\Windows\system32\perfh007.dat
2017-12-31 20:50 - 2012-06-24 18:58 - 000154832 _____ C:\Windows\system32\perfc007.dat
2017-12-31 20:50 - 2009-07-14 06:13 - 003450454 _____ C:\Windows\system32\PerfStringBackup.INI
2017-12-31 20:50 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2017-12-30 13:05 - 2017-03-29 19:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-12-30 13:05 - 2016-02-27 18:03 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-12-29 18:29 - 2014-07-29 13:22 - 000003059 _____ C:\Windows\wininit.ini
2017-12-28 21:56 - 2013-08-21 19:06 - 000000000 ____D C:\Users\Sven\AppData\Roaming\.minecraft
2017-12-28 21:21 - 2015-08-28 18:22 - 000000000 ____D C:\Program Files (x86)\Minecraft
2017-12-28 20:18 - 2017-10-16 19:27 - 000000000 ____D C:\Users\Sven\Documents\Visual Studio 2017
2017-12-24 00:12 - 2017-10-24 17:45 - 000000000 ____D C:\Users\Sven\.thonny
2017-12-23 22:35 - 2014-01-26 19:12 - 000002272 _____ C:\Users\Tim\Desktop\Google Chrome.lnk
2017-12-23 22:35 - 2013-06-11 20:56 - 000002259 _____ C:\Users\Gast\Desktop\Google Chrome.lnk
2017-12-23 22:34 - 2016-02-16 22:06 - 000002431 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-12-20 21:34 - 2017-10-17 19:39 - 000001871 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-12-16 10:55 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\Setup
2017-12-16 10:55 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\Setup
2017-12-13 22:49 - 2017-10-16 17:40 - 133326408 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2017-12-13 22:49 - 2013-12-19 20:04 - 000000000 ____D C:\Windows\system32\MRT
2017-12-13 22:48 - 2012-11-07 13:34 - 133326408 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-12-12 21:14 - 2014-01-16 18:58 - 000000000 ____D C:\Users\Sven\AppData\Roaming\NuGet
2017-12-12 21:14 - 2013-01-13 20:28 - 000000000 ____D C:\Users\Sven\AppData\LocalLow\Temp
2017-12-12 21:12 - 2017-10-16 21:08 - 000000000 ____D C:\Users\Sven\AppData\Local\.IdentityService
2017-12-12 18:33 - 2014-07-23 08:45 - 000004366 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-12-12 18:33 - 2012-03-23 01:24 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-12-12 18:33 - 2012-03-23 01:24 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-12-12 18:33 - 2012-03-23 01:24 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-12-12 18:33 - 2012-03-23 01:24 - 000000000 ____D C:\Windows\system32\Macromed
2017-12-10 16:22 - 2009-07-14 06:08 - 000032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-12-05 22:29 - 2014-12-07 19:17 - 000000000 ____D C:\Users\Sven\Documents\My Cheat Tables
2017-12-05 17:38 - 2016-07-03 20:00 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-02-16 09:13 - 2014-04-16 18:50 - 000000015 _____ () C:\Users\Sven\AppData\Roaming\Box1.txt
2014-02-16 09:13 - 2014-02-16 09:13 - 000000000 _____ () C:\Users\Sven\AppData\Roaming\Box2.txt
2014-02-16 09:13 - 2014-02-16 09:13 - 000000000 _____ () C:\Users\Sven\AppData\Roaming\Box3.txt
2014-02-16 09:13 - 2014-02-16 09:13 - 000000000 _____ () C:\Users\Sven\AppData\Roaming\Box4.txt
2014-02-16 09:13 - 2014-02-16 09:13 - 000000000 _____ () C:\Users\Sven\AppData\Roaming\Box5.txt
2014-02-16 09:13 - 2014-02-16 09:13 - 000000000 _____ () C:\Users\Sven\AppData\Roaming\Box6.txt
2015-01-18 13:51 - 2015-09-27 16:40 - 000000137 _____ () C:\Users\Sven\AppData\Roaming\Charaktere.xml
2014-02-17 21:11 - 2014-04-16 18:48 - 000000656 _____ () C:\Users\Sven\AppData\Roaming\Karteikarten v2.xml
2014-02-14 18:23 - 2015-03-26 19:51 - 000000309 _____ () C:\Users\Sven\AppData\Roaming\Karteikarten.xml
2014-02-16 20:15 - 2015-12-19 16:12 - 000000001 _____ () C:\Users\Sven\AppData\Roaming\NexusHighscore.txt
2015-10-01 15:52 - 2016-03-06 19:37 - 000004052 _____ () C:\Users\Sven\AppData\Roaming\RubiksTimes.xml
2015-03-26 19:51 - 2015-03-26 19:51 - 000000007 _____ () C:\Users\Sven\AppData\Roaming\WKcmb.txt
2013-03-06 15:03 - 2017-06-05 16:08 - 000005120 _____ () C:\Users\Sven\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-31 22:09 - 2014-01-31 22:09 - 000000092 _____ () C:\Users\Sven\AppData\Local\fusioncache.dat
2015-11-14 12:29 - 2015-11-14 12:29 - 000000845 _____ () C:\Users\Sven\AppData\Local\recently-used.xbel
2013-12-14 16:35 - 2017-04-27 21:02 - 000007598 _____ () C:\Users\Sven\AppData\Local\Resmon.ResmonCfg

Einige Dateien in TEMP:
====================
2018-01-03 16:46 - 2018-01-03 16:46 - 016239104 ____N () C:\Users\Sven\AppData\Local\Temp\javagiac0.20171174767374245.dll
2016-12-05 22:45 - 2016-12-05 22:45 - 016955392 ____N () C:\Users\Sven\AppData\Local\Temp\javagiac0.4179899613539483.dll
2017-12-05 19:15 - 2017-12-05 19:15 - 016366080 ____N () C:\Users\Sven\AppData\Local\Temp\javagiac0.561102359898303.dll
2017-12-07 21:18 - 2017-12-07 21:18 - 016239104 ____N () C:\Users\Sven\AppData\Local\Temp\javagiac0.7366158624575628.dll
2017-10-29 18:21 - 2017-10-29 18:21 - 000380928 ____N (hxxp://hunspell.sourceforge.net/) C:\Users\Sven\AppData\Local\Temp\jna2125477094089574943.hunspell-win-x86-32.dll
2017-10-23 22:33 - 2017-10-23 22:33 - 000380928 ____N (hxxp://hunspell.sourceforge.net/) C:\Users\Sven\AppData\Local\Temp\jna6983415745830619539.hunspell-win-x86-32.dll
2017-12-31 20:57 - 2017-12-31 20:57 - 001856576 _____ (Oracle Corporation) C:\Users\Sven\AppData\Local\Temp\jre-8u151-windows-au.exe
2013-10-05 09:38 - 2013-10-05 09:38 - 000455328 _____ (Microsoft Corporation) C:\Users\Sven\AppData\Local\Temp\msvcp120.dll
2013-10-05 09:38 - 2013-10-05 09:38 - 000970912 _____ (Microsoft Corporation) C:\Users\Sven\AppData\Local\Temp\msvcr120.dll
2016-07-31 01:08 - 2016-07-31 01:08 - 003112960 _____ (Jason York) C:\Users\Sven\AppData\Local\Temp\pc-decrapifier.exe
2016-06-13 19:13 - 2016-06-13 19:13 - 000893888 _____ () C:\Users\Sven\AppData\Local\Temp\XMBCUpdate.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2013-03-25 08:03

==================== Ende von FRST.txt ============================

Malwarebytes meldet 17 PUPs, darunter 2 Malwares

Plagegeister aller Art und deren Bekämpfung: Malwarebytes meldet 17 PUPs, darunter 2 Malwares

Malwarebytes meldet 17 PUPs, darunter 2 Malwares

Ähnliche Themen: Malwarebytes meldet 17 PUPs, darunter 2 Malwares