Trojaner-Board - Windows 10: Virus als Avira getarnt. Webseiten werden auf Werbung umgeleitet.

das hier?

Code:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 06-12-2017

durchgeführt von PC (Administrator) auf BENUTZER1 (07-12-2017 11:54:23)

Gestartet von C:\Users\PC\Downloads

Geladene Profile: PC (Verfügbare Profile: PC)

Platform: Windows 10 Home Version 1703 15063.726 (X64) Sprache: Deutsch (Deutschland)

Internet Explorer Version 11 (Standard-Browser: Chrome)

Start-Modus: Normal

Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Prozesse (Nicht auf der Ausnahmeliste) =================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
 

(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe

(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe

(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkypeHost.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe

(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe

(f.lux Software LLC) C:\Users\PC\AppData\Local\FluxSoftware\Flux\flux.exe

(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
 

==================== Registry (Nicht auf der Ausnahmeliste) ===========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
 

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2012-08-09] (Hewlett-Packard )

HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)

HKU\S-1-5-21-1276647347-2840311046-1827254929-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3102496 2017-10-31] (Valve Corporation)

HKU\S-1-5-21-1276647347-2840311046-1827254929-1001\...\Run: [Discord] => C:\Users\PC\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)

HKU\S-1-5-21-1276647347-2840311046-1827254929-1001\...\Run: [f.lux] => C:\Users\PC\AppData\Local\FluxSoftware\Flux\flux.exe [1678840 2017-10-10] (f.lux Software LLC)

HKU\S-1-5-21-1276647347-2840311046-1827254929-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27545048 2017-03-14] (Skype Technologies S.A.)

Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-09-24]

ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe (McAfee, Inc.)
 

==================== Internet (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
 

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

Tcpip\..\Interfaces\{29a0f65b-174b-4e4c-b974-63c2fd8c3bbf}: [NameServer] 8.8.8.8,8.8.4.4

Tcpip\..\Interfaces\{29a0f65b-174b-4e4c-b974-63c2fd8c3bbf}: [DhcpNameServer] 192.168.2.1
 

Internet Explorer:

==================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_anvsft_16_50&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dde%26pa%3Dwinyahoo%26cd%3D2XzuyEtN2Y1L1Qzu0ByE0ByDtB0F0CyB0AyD0EyBtCtC0DyEtN0D0Tzu0StCzztCtAtN1L2XzutAtFtByEtFtByBtFyDtDtN1L1Czu1ByCtN1L1G1B1V1N2Y1L1Qzu2StD0ByB0FzztAyDzytGyCtC0AyDtGtA0FtBzytGyBzztDyEtGyDyDyC0AtC0ByB0DtCzytCzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyC0D0DyDyByB0BtGyEyD0DyCtGyEzy0FtDtGzz0DtBtCtG0C0EzztB0CtBtB0FzyyDtBzy2QtN0A0LzuyE%26cr%3D1440540082%26a%3Dwbf_anvsft_16_50%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome

HKU\S-1-5-21-1276647347-2840311046-1827254929-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_anvsft_16_50&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dde%26pa%3Dwinyahoo%26cd%3D2XzuyEtN2Y1L1Qzu0ByE0ByDtB0F0CyB0AyD0EyBtCtC0DyEtN0D0Tzu0StCzztCtAtN1L2XzutAtFtByEtFtByBtFyDtDtN1L1Czu1ByCtN1L1G1B1V1N2Y1L1Qzu2StD0ByB0FzztAyDzytGyCtC0AyDtGtA0FtBzytGyBzztDyEtGyDyDyC0AtC0ByB0DtCzytCzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyC0D0DyDyByB0BtGyEyD0DyCtGyEzy0FtDtGzz0DtBtCtG0C0EzztB0CtBtB0FzyyDtBzy2QtN0A0LzuyE%26cr%3D1440540082%26a%3Dwbf_anvsft_16_50%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM -> {0CE02FFA-A6B0-46F6-BA2F-BD32C3630126} URL = hxxps://de.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_anvsft_16_50&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dde%26pa%3Dwinyahoo%26cd%3D2XzuyEtN2Y1L1Qzu0ByE0ByDtB0F0CyB0AyD0EyBtCtC0DyEtN0D0Tzu0StCzztCtAtN1L2XzutAtFtByEtFtByBtFyDtDtN1L1Czu1ByCtN1L1G1B1V1N2Y1L1Qzu2StD0ByB0FzztAyDzytGyCtC0AyDtGtA0FtBzytGyBzztDyEtGyDyDyC0AtC0ByB0DtCzytCzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyC0D0DyDyByB0BtGyEyD0DyCtGyEzy0FtDtGzz0DtBtCtG0C0EzztB0CtBtB0FzyyDtBzy2QtN0A0LzuyE%26cr%3D1440540082%26a%3Dwbf_anvsft_16_50%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}

SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM-x32 -> {0CE02FFA-A6B0-46F6-BA2F-BD32C3630126} URL = hxxps://de.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_anvsft_16_50&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dde%26pa%3Dwinyahoo%26cd%3D2XzuyEtN2Y1L1Qzu0ByE0ByDtB0F0CyB0AyD0EyBtCtC0DyEtN0D0Tzu0StCzztCtAtN1L2XzutAtFtByEtFtByBtFyDtDtN1L1Czu1ByCtN1L1G1B1V1N2Y1L1Qzu2StD0ByB0FzztAyDzytGyCtC0AyDtGtA0FtBzytGyBzztDyEtGyDyDyC0AtC0ByB0DtCzytCzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyC0D0DyDyByB0BtGyEyD0DyCtGyEzy0FtDtGzz0DtBtCtG0C0EzztB0CtBtB0FzyyDtBzy2QtN0A0LzuyE%26cr%3D1440540082%26a%3Dwbf_anvsft_16_50%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}

BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26] (Intel Security)

BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26] (Intel Security)

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)

Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26] (Intel Security)

Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26] (Intel Security)
 

FireFox:

========

FF DefaultProfile: c2m3tmsi.default-1510681037067

FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\c2m3tmsi.default-1510681037067 [2017-12-06]

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-06] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-06] (Google Inc.)
 

Chrome: 

=======

CHR DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}

CHR DefaultSearchKeyword: Default -> duckduckgo.com

CHR DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list

CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default [2017-12-07]

CHR Extension: (DuckDuckGo Search) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2017-07-07]

CHR Extension: (Adblock Plus) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-09-26]

CHR Extension: (uBlock Origin) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2017-12-02]

CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2017-11-28]

CHR Extension: (TweetDeck by Twitter) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2016-10-21]

CHR Extension: (Refresh for Twitter) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdpiilkeoldobfomlhipnnfanmgfllmp [2017-09-29]

CHR Extension: (Proxy for Chrome) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\iilpibhiihokecnbdkaminemnmecjfed [2017-10-26]

CHR Extension: (Nehmen Sie Screenshot der Webseite - FireShot) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2017-09-12]

CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23]

CHR Extension: (Chrome Media Router) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-16]

CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx

CHR HKU\S-1-5-21-1276647347-2840311046-1827254929-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
 

==================== Dienste (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [323952 2017-09-27] (HP Inc.)

S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.599\McCHSvc.exe [404376 2017-09-05] (McAfee, Inc.)

R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-04-01] (NVIDIA Corporation)

R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [1001920 2017-06-26] (McAfee, Inc.)

R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16928 2017-06-26] (McAfee, Inc.)

S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [87760 2017-06-26] (McAfee, Inc.)

R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)

R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)

S2 AntiVirMailService; "C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe" [X]

S2 AntiVirSchedulerService; "C:\Program Files (x86)\Avira\Antivirus\sched.exe" [X]

S2 AntiVirService; "C:\Program Files (x86)\Avira\Antivirus\avguard.exe" [X]

S2 AntiVirWebService; "C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe" [X]
 

===================== Treiber (Nicht auf der Ausnahmeliste) ======================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [60920 2017-06-14] (Avira Operations GmbH & Co. KG)

R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [176224 2017-09-22] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [167464 2017-08-30] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-03-03] (Avira Operations GmbH & Co. KG)

R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-03-03] (Avira Operations GmbH & Co. KG)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)

R3 ksaud; C:\WINDOWS\system32\drivers\ksaud.sys [2116728 2017-07-05] (Creative Technology Ltd.)

R1 MpKsla9fb5174; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BA2B5D79-84B0-4697-94A5-0A6CB26887C6}\MpKsla9fb5174.sys [58120 2017-12-06] (Microsoft Corporation)

R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvhdc.inf_amd64_261118f104023aa1\nvlddmkm.sys [15605360 2017-09-21] (NVIDIA Corporation)

R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [888064 2015-08-19] (Realtek )

S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()

R3 tilfilter; C:\WINDOWS\System32\drivers\TIxHCIlfilter.sys [34424 2016-08-19] (Texas Instruments, Inc.)

R3 tiufilter; C:\WINDOWS\System32\drivers\TIxHCIufilter.sys [39032 2016-08-19] (Texas Instruments, Inc.)

S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)

R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)

R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
 

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 

==================== Ein Monat: Erstellte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2017-12-07 11:54 - 2017-12-07 11:54 - 000000000 ____D C:\Users\PC\Downloads\FRST-OlderVersion

2017-12-06 17:04 - 2017-12-06 17:06 - 008187336 _____ (Malwarebytes) C:\Users\PC\Downloads\adwcleaner_7.0.5.0.exe

2017-12-06 16:50 - 2017-12-06 16:56 - 002992476 _____ C:\Users\PC\Downloads\Nicht bestätigt 189117.crdownload

2017-12-06 16:37 - 2017-12-06 16:49 - 004898056 _____ C:\Users\PC\Downloads\Nicht bestätigt 367581.crdownload

2017-12-06 16:09 - 2017-12-06 16:09 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\716B159F.sys

2017-12-06 15:51 - 2017-12-06 15:51 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\51726545.sys

2017-12-06 15:51 - 2017-12-06 15:51 - 000000000 ____D C:\ProgramData\Malwarebytes

2017-12-06 15:48 - 2017-12-06 16:28 - 000192952 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys

2017-12-06 15:48 - 2017-12-06 16:25 - 000000000 ____D C:\Users\PC\Desktop\mbar

2017-12-06 15:48 - 2017-12-06 16:25 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2017-12-06 15:43 - 2017-12-06 15:48 - 014178840 _____ (Malwarebytes Corp.) C:\Users\PC\Downloads\mbar-1.10.3.1001.exe

2017-12-06 15:40 - 2017-12-06 15:43 - 000026616 _____ C:\Users\PC\Downloads\Nicht bestätigt 66916.crdownload

2017-12-06 15:27 - 2017-12-06 15:40 - 001582216 _____ (Malwarebytes Corp.) C:\Users\PC\Downloads\Nicht bestätigt 694973.crdownload

2017-12-06 13:49 - 2017-12-06 13:49 - 007189760 _____ (VS Revo Group ) C:\Users\PC\Downloads\revo204setup.exe

2017-12-06 13:49 - 2017-12-06 13:49 - 000001081 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk

2017-12-06 13:49 - 2017-12-06 13:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller

2017-12-06 13:49 - 2017-12-06 13:49 - 000000000 ____D C:\Program Files\VS Revo Group

2017-12-06 13:24 - 2017-12-06 13:25 - 000000000 ___HD C:\$WINDOWS.~BT

2017-12-06 13:19 - 2017-12-06 13:19 - 000000000 ____D C:\Users\PC\AppData\Local\Notepad++

2017-12-06 13:18 - 2017-12-06 13:19 - 000000000 ____D C:\Users\PC\AppData\Roaming\Notepad++

2017-12-06 13:18 - 2017-12-06 13:18 - 003996560 _____ (Don HO don.h@free.fr) C:\Users\PC\Downloads\npp.7.5.3.Installer.exe

2017-12-06 13:18 - 2017-12-06 13:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++

2017-12-06 13:18 - 2017-12-06 13:18 - 000000000 ____D C:\Program Files (x86)\Notepad++

2017-12-06 12:08 - 2017-12-06 13:22 - 000036683 _____ C:\Users\PC\Downloads\Addition.txt

2017-12-06 12:07 - 2017-12-07 11:55 - 000015882 _____ C:\Users\PC\Downloads\FRST.txt

2017-12-06 12:07 - 2017-12-07 11:54 - 000000000 ____D C:\FRST

2017-12-06 12:06 - 2017-12-07 11:54 - 002390528 _____ (Farbar) C:\Users\PC\Downloads\FRST64.exe

2017-12-06 11:59 - 2017-12-06 11:59 - 001681749 _____ C:\Users\PC\Downloads\3c3aee2a-cbcc-44ee-9781-1af9327366ec.tmp

2017-12-06 11:56 - 2017-12-06 11:57 - 001681749 _____ C:\Users\PC\Downloads\13ca46ad-5423-4295-a0d2-e1483e39073e.tmp

2017-12-06 11:11 - 2017-12-06 11:11 - 002019656 _____ (Bleeping Computer, LLC) C:\Users\PC\Downloads\Nicht bestätigt 467470.crdownload

2017-12-05 23:09 - 2017-12-05 23:09 - 000001275 _____ C:\Users\PC\Desktop\RimWorld.lnk

2017-12-05 23:08 - 2017-12-05 23:08 - 000000000 ____D C:\Users\PC\Documents\Games

2017-12-02 00:28 - 2017-12-02 00:28 - 000000000 ____D C:\Users\PC\Desktop\Tor Browser

2017-12-02 00:21 - 2017-12-02 00:27 - 053494112 _____ C:\Users\PC\Downloads\torbrowser-install-7.0.10_en-US.exe

2017-12-01 23:45 - 2017-12-01 23:45 - 000000000 ____D C:\Users\PC\Downloads\TREADMILL FAIL!!! -Asian Dad (Original Video)

2017-12-01 21:23 - 2017-12-01 21:23 - 000000000 ____D C:\Users\PC\Downloads\OrHdJ65nD7v 17 days till Christmas 🎅🎄🎁

2017-12-01 19:10 - 2017-12-01 19:10 - 000002147 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f.lux.lnk

2017-12-01 18:30 - 2017-12-01 18:30 - 000000000 ____D C:\Users\PC\Downloads\Henry the Hoover's Cocaine Overdose

2017-12-01 14:21 - 2017-12-01 20:17 - 000000000 ____D C:\Users\PC\Downloads\210a12sd1af21sa2f45sa4f8saf45as----k

2017-12-01 13:59 - 2017-12-01 14:18 - 146515889 _____ C:\Users\PC\Downloads\210a12sd1af21sa2f45sa4f8saf45as----k.zip

2017-11-29 01:21 - 2017-11-29 01:21 - 000000000 ____D C:\Users\PC\Downloads\FireShot

2017-11-26 16:19 - 2017-11-26 16:19 - 000000000 ____D C:\Users\PC\AppData\LocalLow\Ludeon Studios

2017-11-26 16:18 - 2017-11-26 16:18 - 000000000 ____D C:\Users\PC\Downloads\FactX0.15.37-GXOG

2017-11-26 16:17 - 2017-12-05 23:08 - 000000000 ____D C:\Users\PC\Downloads\RimWorXv0.18.1722-3DM

2017-11-26 12:40 - 2017-11-26 15:30 - 763873120 _____ C:\Users\PC\Downloads\FactX0.15.37-GXOG.rar

2017-11-26 12:15 - 2017-11-26 12:39 - 107875300 _____ C:\Users\PC\Downloads\RimWorXv0.18.1722-3DM.rar

2017-11-24 23:20 - 2017-11-24 23:34 - 112424794 _____ C:\Users\PC\Downloads\$uicideboy$ - G.R.E.Y.G.O.D.S.I.I.zip

2017-11-23 17:12 - 2017-11-23 17:12 - 000000000 ____D C:\Users\PC\Downloads\0103

2017-11-23 16:29 - 2017-11-23 16:57 - 142981754 _____ C:\Users\PC\Downloads\0103.rar

2017-11-22 13:48 - 2017-11-22 13:53 - 000000000 ____D C:\Users\PC\AppData\Local\HyperLightDrifter

2017-11-21 18:22 - 2017-11-21 18:22 - 000001771 _____ C:\Users\Public\Desktop\Hyper Light Drifter.lnk

2017-11-21 18:22 - 2017-11-21 18:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hyper Light Drifter

2017-11-21 18:21 - 2017-11-21 18:21 - 000000000 ____D C:\Users\PC\Downloads\Hy1perLi1ghtDri1fter-Upd36-elamigos

2017-11-21 15:37 - 2017-11-21 18:10 - 784365666 _____ C:\Users\PC\Downloads\Hy1perLi1ghtDri1fter-Upd36-elamigos.rar

2017-11-17 18:27 - 2017-11-17 18:28 - 000000000 ____D C:\Users\PC\Downloads\JA-RT

2017-11-17 17:06 - 2017-11-17 18:26 - 157065106 _____ C:\Users\PC\Downloads\JA-RT.rar

2017-11-14 21:45 - 2017-11-02 06:21 - 001578904 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll

2017-11-14 21:45 - 2017-11-02 06:21 - 000678808 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll

2017-11-14 21:45 - 2017-11-02 06:21 - 000612248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll

2017-11-14 21:45 - 2017-11-02 06:21 - 000379288 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll

2017-11-14 21:45 - 2017-11-02 06:21 - 000190360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll

2017-11-14 21:45 - 2017-11-02 06:21 - 000136088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe

2017-11-14 21:45 - 2017-11-02 06:20 - 002032536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe

2017-11-14 21:45 - 2017-11-02 06:20 - 001144728 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe

2017-11-14 21:45 - 2017-11-02 06:20 - 001015704 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe

2017-11-14 21:45 - 2017-11-02 06:20 - 000965016 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi

2017-11-14 21:45 - 2017-11-02 06:20 - 000821656 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe

2017-11-14 21:45 - 2017-11-02 06:20 - 000613784 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll

2017-11-14 21:45 - 2017-11-02 06:20 - 000543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe

2017-11-14 21:45 - 2017-11-02 06:20 - 000484248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll

2017-11-14 21:45 - 2017-11-02 06:20 - 000469568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll

2017-11-14 21:45 - 2017-11-02 06:20 - 000259992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll

2017-11-14 21:45 - 2017-11-02 06:20 - 000034712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe

2017-11-14 21:45 - 2017-11-02 06:16 - 008319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2017-11-14 21:45 - 2017-11-02 06:16 - 002398696 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll

2017-11-14 21:45 - 2017-11-02 06:16 - 002327448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys

2017-11-14 21:45 - 2017-11-02 06:15 - 001239448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys

2017-11-14 21:45 - 2017-11-02 06:15 - 000503704 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll

2017-11-14 21:45 - 2017-11-02 06:14 - 000667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll

2017-11-14 21:45 - 2017-11-02 06:14 - 000067992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll

2017-11-14 21:45 - 2017-11-02 06:13 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll

2017-11-14 21:45 - 2017-11-02 06:13 - 002443672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys

2017-11-14 21:45 - 2017-11-02 06:13 - 001345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll

2017-11-14 21:45 - 2017-11-02 06:13 - 000546712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys

2017-11-14 21:45 - 2017-11-02 06:13 - 000212888 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll

2017-11-14 21:45 - 2017-11-02 06:13 - 000095640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys

2017-11-14 21:45 - 2017-11-02 06:12 - 000727336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll

2017-11-14 21:45 - 2017-11-02 06:12 - 000714648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys

2017-11-14 21:45 - 2017-11-02 06:12 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll

2017-11-14 21:45 - 2017-11-02 06:12 - 000643192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys

2017-11-14 21:45 - 2017-11-02 06:12 - 000430848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll

2017-11-14 21:45 - 2017-11-02 06:12 - 000412752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll

2017-11-14 21:45 - 2017-11-02 06:12 - 000319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe

2017-11-14 21:45 - 2017-11-02 06:12 - 000144248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe

2017-11-14 21:45 - 2017-11-02 06:12 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys

2017-11-14 21:45 - 2017-11-02 06:12 - 000026472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe

2017-11-14 21:45 - 2017-11-02 06:11 - 021353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2017-11-14 21:45 - 2017-11-02 06:10 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll

2017-11-14 21:45 - 2017-11-02 06:05 - 000871408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll

2017-11-14 21:45 - 2017-11-02 06:05 - 000187800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe

2017-11-14 21:45 - 2017-11-02 06:04 - 001292360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll

2017-11-14 21:45 - 2017-11-02 06:03 - 000223640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll

2017-11-14 21:45 - 2017-11-02 05:49 - 001838848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll

2017-11-14 21:45 - 2017-11-02 05:45 - 000703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll

2017-11-14 21:45 - 2017-11-02 05:45 - 000613136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll

2017-11-14 21:45 - 2017-11-02 05:45 - 000362144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll

2017-11-14 21:45 - 2017-11-02 05:45 - 000354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll

2017-11-14 21:45 - 2017-11-02 05:45 - 000283544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe

2017-11-14 21:45 - 2017-11-02 05:45 - 000172952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe

2017-11-14 21:45 - 2017-11-02 05:45 - 000133896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe

2017-11-14 21:45 - 2017-11-02 05:44 - 023680000 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll

2017-11-14 21:45 - 2017-11-02 05:44 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll

2017-11-14 21:45 - 2017-11-02 05:44 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll

2017-11-14 21:45 - 2017-11-02 05:43 - 020372896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

2017-11-14 21:45 - 2017-11-02 05:37 - 003668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys

2017-11-14 21:45 - 2017-11-02 05:37 - 001278976 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll

2017-11-14 21:45 - 2017-11-02 05:37 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll

2017-11-14 21:45 - 2017-11-02 05:37 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE

2017-11-14 21:45 - 2017-11-02 05:37 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe

2017-11-14 21:45 - 2017-11-02 05:36 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll

2017-11-14 21:45 - 2017-11-02 05:36 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll

2017-11-14 21:45 - 2017-11-02 05:35 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll

2017-11-14 21:45 - 2017-11-02 05:35 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll

2017-11-14 21:45 - 2017-11-02 05:35 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll

2017-11-14 21:45 - 2017-11-02 05:35 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys

2017-11-14 21:45 - 2017-11-02 05:35 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll

2017-11-14 21:45 - 2017-11-02 05:34 - 012803072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2017-11-14 21:45 - 2017-11-02 05:34 - 000438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll

2017-11-14 21:45 - 2017-11-02 05:34 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe

2017-11-14 21:45 - 2017-11-02 05:34 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe

2017-11-14 21:45 - 2017-11-02 05:34 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageLiveTileTask.exe

2017-11-14 21:45 - 2017-11-02 05:34 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll

2017-11-14 21:45 - 2017-11-02 05:34 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll

2017-11-14 21:45 - 2017-11-02 05:34 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll

2017-11-14 21:45 - 2017-11-02 05:34 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll

2017-11-14 21:45 - 2017-11-02 05:33 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll

2017-11-14 21:45 - 2017-11-02 05:33 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageHandlers.dll

2017-11-14 21:45 - 2017-11-02 05:33 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll

2017-11-14 21:45 - 2017-11-02 05:33 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll

2017-11-14 21:45 - 2017-11-02 05:33 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertPKICmdlet.dll

2017-11-14 21:45 - 2017-11-02 05:32 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll

2017-11-14 21:45 - 2017-11-02 05:32 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll

2017-11-14 21:45 - 2017-11-02 05:32 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll

2017-11-14 21:45 - 2017-11-02 05:31 - 020512256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll

2017-11-14 21:45 - 2017-11-02 05:31 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll

2017-11-14 21:45 - 2017-11-02 05:31 - 000411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll

2017-11-14 21:45 - 2017-11-02 05:31 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll

2017-11-14 21:45 - 2017-11-02 05:30 - 013381120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll

2017-11-14 21:45 - 2017-11-02 05:30 - 007339008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll

2017-11-14 21:45 - 2017-11-02 05:30 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys

2017-11-14 21:45 - 2017-11-02 05:30 - 000719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll

2017-11-14 21:45 - 2017-11-02 05:30 - 000635392 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll

2017-11-14 21:45 - 2017-11-02 05:30 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll

2017-11-14 21:45 - 2017-11-02 05:30 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll

2017-11-14 21:45 - 2017-11-02 05:30 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll

2017-11-14 21:45 - 2017-11-02 05:30 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe

2017-11-14 21:45 - 2017-11-02 05:30 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2017-11-14 21:45 - 2017-11-02 05:30 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll

2017-11-14 21:45 - 2017-11-02 05:30 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE

2017-11-14 21:45 - 2017-11-02 05:29 - 019338240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2017-11-14 21:45 - 2017-11-02 05:29 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll

2017-11-14 21:45 - 2017-11-02 05:29 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys

2017-11-14 21:45 - 2017-11-02 05:29 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2017-11-14 21:45 - 2017-11-02 05:29 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2017-11-14 21:45 - 2017-11-02 05:29 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll

2017-11-14 21:45 - 2017-11-02 05:28 - 023684096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2017-11-14 21:45 - 2017-11-02 05:28 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll

2017-11-14 21:45 - 2017-11-02 05:28 - 000939008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll

2017-11-14 21:45 - 2017-11-02 05:28 - 000799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll

2017-11-14 21:45 - 2017-11-02 05:28 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll

2017-11-14 21:45 - 2017-11-02 05:28 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll

2017-11-14 21:45 - 2017-11-02 05:27 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2017-11-14 21:45 - 2017-11-02 05:27 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll

2017-11-14 21:45 - 2017-11-02 05:27 - 000537600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll

2017-11-14 21:45 - 2017-11-02 05:27 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll

2017-11-14 21:45 - 2017-11-02 05:27 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll

2017-11-14 21:45 - 2017-11-02 05:27 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll

2017-11-14 21:45 - 2017-11-02 05:27 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertPKICmdlet.dll

2017-11-14 21:45 - 2017-11-02 05:26 - 008197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll

2017-11-14 21:45 - 2017-11-02 05:26 - 005963776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll

2017-11-14 21:45 - 2017-11-02 05:26 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll

2017-11-14 21:45 - 2017-11-02 05:26 - 003060224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll

2017-11-14 21:45 - 2017-11-02 05:26 - 002809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll

2017-11-14 21:45 - 2017-11-02 05:26 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll

2017-11-14 21:45 - 2017-11-02 05:26 - 001937408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll

2017-11-14 21:45 - 2017-11-02 05:26 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll

2017-11-14 21:45 - 2017-11-02 05:26 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll

2017-11-14 21:45 - 2017-11-02 05:26 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll

2017-11-14 21:45 - 2017-11-02 05:26 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll

2017-11-14 21:45 - 2017-11-02 05:25 - 012227072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll

2017-11-14 21:45 - 2017-11-02 05:25 - 011888128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2017-11-14 21:45 - 2017-11-02 05:25 - 004727808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2017-11-14 21:45 - 2017-11-02 05:25 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll

2017-11-14 21:45 - 2017-11-02 05:25 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2017-11-14 21:45 - 2017-11-02 05:25 - 002052608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys

2017-11-14 21:45 - 2017-11-02 05:25 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll

2017-11-14 21:45 - 2017-11-02 05:25 - 001713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll

2017-11-14 21:45 - 2017-11-02 05:25 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll

2017-11-14 21:45 - 2017-11-02 05:25 - 000877568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll

2017-11-14 21:45 - 2017-11-02 05:25 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll

2017-11-14 21:45 - 2017-11-02 05:25 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll

2017-11-14 21:45 - 2017-11-02 05:25 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll

2017-11-14 21:45 - 2017-11-02 05:25 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll

2017-11-14 21:45 - 2017-11-02 05:24 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll

2017-11-14 21:45 - 2017-11-02 05:24 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll

2017-11-14 21:45 - 2017-11-02 05:24 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2017-11-14 21:45 - 2017-11-02 05:24 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll

2017-11-14 21:45 - 2017-11-02 05:24 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll

2017-11-14 21:45 - 2017-11-02 05:24 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll

2017-11-14 21:45 - 2017-11-02 05:23 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll

2017-11-14 21:45 - 2017-11-02 05:23 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2017-11-14 21:45 - 2017-11-02 05:23 - 000680960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll

2017-11-14 21:45 - 2017-11-02 05:23 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2017-11-14 21:45 - 2017-11-02 05:23 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll

2017-11-14 21:45 - 2017-11-02 05:23 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll

2017-11-14 21:45 - 2017-11-02 05:23 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll

2017-11-14 21:45 - 2017-11-02 05:22 - 006254080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll

2017-11-14 21:45 - 2017-11-02 05:22 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2017-11-14 21:45 - 2017-11-02 05:22 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2017-11-14 21:45 - 2017-11-02 05:22 - 001884160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll

2017-11-14 21:45 - 2017-11-02 05:22 - 001494528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll

2017-11-14 21:45 - 2017-11-02 05:21 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll

2017-11-14 21:45 - 2017-11-02 05:21 - 003653120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2017-11-14 21:45 - 2017-11-02 05:21 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll

2017-11-14 21:45 - 2017-11-02 05:21 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll

2017-11-14 21:45 - 2017-11-02 05:19 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys

2017-11-14 21:45 - 2017-10-25 08:40 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll

2017-11-14 21:45 - 2017-10-15 16:09 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll

2017-11-14 21:45 - 2017-10-15 16:03 - 006765728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll

2017-11-14 21:45 - 2017-10-15 16:01 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll

2017-11-14 21:45 - 2017-10-15 15:59 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll

2017-11-14 21:45 - 2017-10-15 15:57 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys

2017-11-14 21:45 - 2017-10-15 15:57 - 000409496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys

2017-11-14 21:45 - 2017-10-15 15:56 - 000872464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll

2017-11-14 21:45 - 2017-10-15 15:55 - 007910960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll

2017-11-14 21:45 - 2017-10-15 15:53 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll

2017-11-14 21:45 - 2017-10-15 15:53 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll

2017-11-14 21:45 - 2017-10-15 15:51 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll

2017-11-14 21:45 - 2017-10-15 15:49 - 000094616 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll

2017-11-14 21:45 - 2017-10-15 15:49 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll

2017-11-14 21:45 - 2017-10-15 15:45 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll

2017-11-14 21:45 - 2017-10-15 15:45 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll

2017-11-14 21:45 - 2017-10-15 15:44 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll

2017-11-14 21:45 - 2017-10-15 15:44 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll

2017-11-14 21:45 - 2017-10-15 15:42 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll

2017-11-14 21:45 - 2017-10-15 15:42 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll

2017-11-14 21:45 - 2017-10-15 15:41 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll

2017-11-14 21:45 - 2017-10-15 15:41 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll

2017-11-14 21:45 - 2017-10-15 15:38 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll

2017-11-14 21:45 - 2017-10-15 15:15 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll

2017-11-14 21:45 - 2017-10-15 15:14 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll

2017-11-14 21:45 - 2017-10-15 15:13 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll

2017-11-14 21:45 - 2017-10-15 15:10 - 001303040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll

2017-11-14 21:45 - 2017-10-15 15:09 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll

2017-11-14 21:45 - 2017-10-15 15:09 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll

2017-11-14 21:45 - 2017-10-15 15:08 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe

2017-11-14 21:45 - 2017-10-15 15:08 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll

2017-11-14 21:45 - 2017-10-15 15:07 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll

2017-11-14 21:45 - 2017-10-15 15:05 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll

2017-11-14 21:45 - 2017-10-15 15:05 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll

2017-11-14 21:45 - 2017-10-15 15:04 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll

2017-11-14 21:45 - 2017-10-15 15:02 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll

2017-11-14 21:45 - 2017-10-15 15:00 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll

2017-11-14 15:08 - 2017-11-14 15:39 - 158835064 _____ C:\Users\PC\Downloads\TVDA(2008)123456.rar

2017-11-14 12:13 - 2017-11-14 12:13 - 004482048 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe

2017-11-13 16:55 - 2017-11-13 16:55 - 000000000 ____D C:\Users\PC\Downloads\Zok(Limited)(2014)123456

2017-11-13 16:25 - 2017-11-13 16:25 - 000000000 ____D C:\Users\PC\Downloads\OCra(2016)123456

2017-11-13 16:04 - 2017-11-13 16:54 - 255593625 _____ C:\Users\PC\Downloads\Zok(Limited)(2014)123456.rar

2017-11-13 15:39 - 2017-11-13 16:00 - 107001181 _____ C:\Users\PC\Downloads\OCra(2016)123456.rar

2017-11-09 12:55 - 2017-11-09 12:55 - 000000000 ____D C:\Users\PC\Downloads\fraschenll&e16

2017-11-09 12:55 - 2017-11-09 12:55 - 000000000 ____D C:\Users\PC\Desktop\Gesa Füßle - Französisch schnell & easy (SilverLine Audio perfekt) Fokus Wortschatz und Redewendungen

2017-11-09 12:44 - 2017-11-09 12:52 - 077478268 _____ C:\Users\PC\Downloads\fraschenll&e16.rar

2017-11-08 22:49 - 2017-11-08 22:54 - 024134595 _____ C:\Users\PC\Downloads\Babbel Full 5.7.0.090411.apk
 

==================== Ein Monat: Geänderte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2017-12-07 11:26 - 2016-11-20 14:12 - 000000000 ____D C:\AdwCleaner

2017-12-07 11:23 - 2017-07-11 12:13 - 000000000 ____D C:\Users\PC

2017-12-07 11:08 - 2017-07-11 12:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy

2017-12-07 11:07 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness

2017-12-07 11:04 - 2016-10-27 01:15 - 000000000 ____D C:\ProgramData\NVIDIA

2017-12-06 19:09 - 2016-10-01 00:48 - 000545440 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

2017-12-06 19:04 - 2016-12-22 00:29 - 000000000 ____D C:\Users\PC\AppData\LocalLow\Mozilla

2017-12-06 19:03 - 2016-12-21 22:34 - 000001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2017-12-06 19:03 - 2016-12-21 22:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2017-12-06 19:03 - 2016-12-21 22:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox

2017-12-06 19:03 - 2016-10-02 19:07 - 000000000 ____D C:\Users\PC\AppData\Roaming\Mozilla

2017-12-06 17:15 - 2017-07-11 12:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT

2017-12-06 17:14 - 2017-03-18 12:40 - 001048576 _____ C:\WINDOWS\system32\config\BBI

2017-12-06 17:14 - 2016-09-30 22:30 - 000000008 __RSH C:\ProgramData\ntuser.pol

2017-12-06 17:06 - 2016-12-26 02:54 - 000000000 ____D C:\Users\PC\AppData\Roaming\vlc

2017-12-06 14:06 - 2016-09-30 22:17 - 000000000 ____D C:\Users\PC\AppData\Roaming\Adobe

2017-12-06 14:00 - 2016-10-02 18:45 - 000000000 ____D C:\ProgramData\Package Cache

2017-12-06 13:58 - 2017-03-18 12:40 - 000032768 _____ C:\WINDOWS\system32\config\ELAM

2017-12-06 13:25 - 2017-07-08 13:54 - 000000000 ___DC C:\WINDOWS\Panther

2017-12-06 13:06 - 2016-10-01 14:52 - 000000000 ____D C:\Program Files (x86)\Adobe

2017-12-06 12:09 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF

2017-12-06 11:27 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps

2017-12-06 11:16 - 2017-07-11 12:30 - 000003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA

2017-12-06 11:16 - 2017-07-11 12:30 - 000003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

2017-12-05 18:28 - 2017-07-25 18:04 - 000003360 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1276647347-2840311046-1827254929-1001

2017-12-05 18:28 - 2016-09-30 22:22 - 000002380 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2017-12-05 18:28 - 2016-05-03 14:43 - 000000000 ___RD C:\Users\PC\OneDrive

2017-12-03 18:23 - 2016-10-01 16:48 - 000000000 ____D C:\Program Files (x86)\Steam

2017-12-03 15:12 - 2017-07-14 11:56 - 000000000 ____D C:\Users\PC\AppData\Local\PokerStars.EU

2017-12-02 02:22 - 2017-11-03 16:10 - 000000147 _____ C:\Users\PC\Desktop\E-Mail Adressen.txt

2017-12-02 00:25 - 2016-10-24 10:01 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

2017-12-02 00:24 - 2016-12-28 23:35 - 000000000 ____D C:\Program Files (x86)\Audacity

2017-12-01 23:53 - 2017-07-11 12:28 - 004266870 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2017-12-01 23:53 - 2017-03-20 05:35 - 002100858 _____ C:\WINDOWS\system32\perfh007.dat

2017-12-01 23:53 - 2017-03-20 05:35 - 000536118 _____ C:\WINDOWS\system32\perfc007.dat

2017-12-01 23:46 - 2016-10-02 02:53 - 000000000 ____D C:\Users\PC\AppData\Local\JDownloader v2.0

2017-12-01 00:13 - 2016-10-01 22:24 - 000000000 ____D C:\Users\PC\AppData\Roaming\Skype

2017-11-25 11:17 - 2017-01-10 21:59 - 000000000 ____D C:\Users\PC\AppData\Roaming\TS3Client

2017-11-25 11:16 - 2016-10-18 02:01 - 000000000 ____D C:\Users\PC\AppData\Local\CrashDumps

2017-11-21 18:22 - 2017-09-22 20:32 - 000000000 ____D C:\Games

2017-11-20 22:06 - 2017-09-22 20:33 - 000000000 ____D C:\Users\PC\AppData\Roaming\StardewValley

2017-11-16 14:54 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\rescache

2017-11-16 11:18 - 2016-09-30 23:00 - 000002266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2017-11-16 11:18 - 2016-09-30 23:00 - 000002254 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2017-11-14 22:33 - 2013-01-10 16:54 - 000000000 __RHD C:\Users\Public\AccountPictures

2017-11-14 22:31 - 2017-07-11 12:09 - 004975504 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2017-11-14 22:27 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\appraiser

2017-11-14 22:27 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\ShellExperiences

2017-11-14 22:27 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\Provisioning

2017-11-14 22:27 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer

2017-11-14 22:27 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer

2017-11-14 21:57 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp

2017-11-14 21:54 - 2016-10-01 00:47 - 000000000 ____D C:\WINDOWS\system32\MRT

2017-11-14 21:48 - 2017-10-10 21:13 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe

2017-11-14 21:48 - 2016-10-01 00:47 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2017-11-14 12:13 - 2017-07-11 12:30 - 000004588 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier

2017-11-14 12:13 - 2017-07-11 12:30 - 000004440 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater

2017-11-14 12:13 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed

2017-11-14 12:13 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Macromed

2017-11-12 19:00 - 2016-10-18 20:43 - 000000000 ____D C:\Users\PC\AppData\Roaming\.minecraft

2017-11-12 17:19 - 2016-10-18 20:37 - 000000000 ____D C:\Program Files (x86)\Minecraft

2017-11-07 19:14 - 2017-07-14 11:55 - 000000000 ____D C:\Program Files (x86)\PokerStars.EU
 

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
 

2017-01-02 00:00 - 2017-05-16 13:08 - 000000132 _____ () C:\Users\PC\AppData\Roaming\Adobe AIFF Format CS5 Prefs

2016-10-06 21:17 - 2017-09-22 19:34 - 000000132 _____ () C:\Users\PC\AppData\Roaming\Adobe PNG Format CS5 Prefs
 

==================== Bamital & volsnap ======================
 

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
 

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert

C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert

C:\WINDOWS\explorer.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert

C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert

C:\WINDOWS\system32\services.exe => Datei ist digital signiert

C:\WINDOWS\system32\User32.dll => Datei ist digital signiert

C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert

C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert

C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert

C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert

C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert

C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
 

LastRegBack: 2017-12-06 12:36
 

==================== Ende von FRST.txt ============================

Code:

Malwarebytes

www.malwarebytes.com
 

-Protokolldetails-

Scan-Datum: 07.12.17

Scan-Zeit: 13:43

Protokolldatei: 3b2a0bf6-db4c-11e7-96e7-b4b52fc7a5e7.json

Administrator: Ja
 

-Softwaredaten-

Version: 3.3.1.2183

Komponentenversion: 1.0.262

Version des Aktualisierungspakets: 1.0.3432

Lizenz: Testversion
 

-Systemdaten-

Betriebssystem: Windows 10 (Build 15063.726)

CPU: x64

Dateisystem: NTFS

Benutzer: Benutzer1\PC
 

-Scan-Übersicht-

Scan-Typ: Bedrohungs-Scan

Ergebnis: Abgeschlossen

Gescannte Objekte: 322192

Erkannte Bedrohungen: 109

In die Quarantäne verschobene Bedrohungen: 109

Abgelaufene Zeit: 12 Min., 6 Sek.
 

-Scan-Optionen-

Speicher: Aktiviert

Start: Aktiviert

Dateisystem: Aktiviert

Archive: Aktiviert

Rootkits: Deaktiviert

Heuristik: Aktiviert

PUP: Erkennung

PUM: Erkennung
 

-Scan-Details-

Prozess: 0

(keine bösartigen Elemente erkannt)
 

Modul: 0

(keine bösartigen Elemente erkannt)
 

Registrierungsschlüssel: 5

PUP.Optional.SearchManager, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ, In Quarantäne, [473], [183362],1.0.3432

PUP.Optional.SearchManager, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ, In Quarantäne, [473], [183362],1.0.3432

PUP.Optional.SearchManager, HKU\S-1-5-21-1276647347-2840311046-1827254929-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pilplloabdedfmialnfchjomjmpjcoej, In Quarantäne, [473], [183362],1.0.3432

PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0CE02FFA-A6B0-46F6-BA2F-BD32C3630126}, In Quarantäne, [56], [182758],1.0.3432

PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0CE02FFA-A6B0-46F6-BA2F-BD32C3630126}, In Quarantäne, [56], [182758],1.0.3432
 

Registrierungswert: 2

PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0CE02FFA-A6B0-46F6-BA2F-BD32C3630126}|URL, In Quarantäne, [56], [182758],1.0.3432

PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0CE02FFA-A6B0-46F6-BA2F-BD32C3630126}|URL, In Quarantäne, [56], [182758],1.0.3432
 

Registrierungsdaten: 2

PUP.Optional.WinYahoo, HKU\S-1-5-21-1276647347-2840311046-1827254929-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Ersetzt, [56], [292990],1.0.3432

PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Ersetzt, [56], [293461],1.0.3432
 

Daten-Stream: 0

(keine bösartigen Elemente erkannt)
 

Ordner: 17

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\icons\weather, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\content\external, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\content\chrome, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\content\common, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\content\search, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\external, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\images, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\fonts, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\icons, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\_metadata, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\css, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\content, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\USERS\PC\APPDATA\LOCAL\CHROMIUM\USER DATA\Default\EXTENSIONS\pilplloabdedfmialnfchjomjmpjcoej, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.HahoMedia, C:\Windows\SysWOW64\Policies\161011, In Quarantäne, [1480], [338620],1.0.3432

PUP.Optional.HahoMedia, C:\WINDOWS\SYSWOW64\POLICIES, In Quarantäne, [1480], [338620],1.0.3432
 

Datei: 83

PUP.Optional.SearchManager, C:\USERS\PC\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Ersetzt, [473], [183362],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\content\chrome\common.js, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\content\chrome\lifecycle.js, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\content\chrome\settings.js, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\content\chrome\setup.js, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\content\chrome\utils.js, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\content\common\abtest.js, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\content\common\conf-sys.js, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\content\common\conf.js, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\content\common\nt_ptr.js, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\content\common\prefs-sys.js, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\content\common\prefs.js, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\content\common\settings-dev.js, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\content\common\udata.js, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\content\external\jquery-2.1.1.min.js, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\content\external\md5.min.js, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\content\external\string.min.js, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\content\external\underscore-min.js, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\content\search\AutoSuggest.js, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\content\search\contentscript.js, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\content\search\newtab-base.js, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\content\search\newtab-msg.js, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\content\search\search-engines.js, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\content\search\search-form.js, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\content\search\search-redirect.js, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\content\background.html, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\content\favicon.ico, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\content\newtab.html, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\css\newtab.css, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\css\search.css, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\css\search2.css, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\css\styles.css, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\css\white_bg.css, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\external\normalize.css, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\fonts\HelveticaNeue-Thin.otf, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\fonts\neue-bold.woff, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\fonts\neue.woff, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\icons\weather\01d.svg, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\icons\weather\01n.svg, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\icons\weather\02d.svg, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\icons\weather\02n.svg, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\icons\weather\03d.svg, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\icons\weather\03n.svg, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\icons\weather\04d.svg, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\icons\weather\04n.svg, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\icons\weather\09d.svg, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\icons\weather\09n.svg, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\icons\weather\10d.svg, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\icons\weather\10n.svg, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\icons\weather\11d.svg, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\icons\weather\11n.svg, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\icons\weather\13d.svg, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\icons\weather\13n.svg, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\icons\weather\50d.svg, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\icons\weather\50n.svg, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\icons\128.png, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\icons\16.png, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\icons\48.png, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\icons\close.png, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\images\bg.jpg, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\images\bing.png, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\images\bluesky-bg.jpg, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\images\brush.png, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\images\clock.png, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\images\cloud.png, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\images\cupcake-bg.jpg, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\images\desk-bg.jpg, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\images\doodle.png, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\images\down.png, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\images\google.png, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\images\just-the-box.png, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\images\mountain-bg.jpg, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\images\pointer2.png, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\images\sea-bg.jpg, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\images\yahoo.png, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\skin\images\yahoo.svg, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\_metadata\verified_contents.json, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.SearchManager, C:\Users\PC\AppData\Local\chromium\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej\1.0.10.42_0\manifest.json, In Quarantäne, [473], [453140],1.0.3432

PUP.Optional.HahoMedia, C:\WINDOWS\SYSWOW64\POLICIES\161011\POLICIES.EXE.CONFIG, In Quarantäne, [1480], [338620],1.0.3432

PUP.Optional.HahoMedia, C:\Windows\SysWOW64\Policies\161011\aUtil.dll, In Quarantäne, [1480], [338620],1.0.3432

PUP.Optional.HahoMedia, C:\Windows\SysWOW64\Policies\161011\aUtil.dll.config, In Quarantäne, [1480], [338620],1.0.3432

PUP.Optional.BabylonToolBar, C:\USERS\PC\DOWNLOADS\13CA46AD-5423-4295-A0D2-E1483E39073E.TMP, In Quarantäne, [6055], [76262],1.0.3432

PUP.Optional.BabylonToolBar, C:\USERS\PC\DOWNLOADS\3C3AEE2A-CBCC-44EE-9781-1AF9327366EC.TMP, In Quarantäne, [6055], [76262],1.0.3432
 

Physischer Sektor: 0

(keine bösartigen Elemente erkannt)
 
 

(end)

Code:

14:03:56 # product=EOS

# version=8

# flags=0

# esetonlinescanner_deu.exe=2.0.19.0

# EOSSerial=

# end=init

# utc_time=2017-12-07 13:03:55

# local_time=2017-12-07 14:03:55 (+0100, Mitteleuropäische Zeit)

# country="Germany"

# osver=10.0.15063 NT 

14:04:00 # product=EOS

# version=8

# flags=0

# esetonlinescanner_deu.exe=2.0.19.0

# EOSSerial=b23da61b991aa14eb8a899566c4d1e99

# end=init

# utc_time=2017-12-07 13:03:59

# local_time=2017-12-07 14:03:59 (+0100, Mitteleuropäische Zeit)

# country="Germany"

# osver=10.0.15063 NT 

14:04:18 Updating

14:04:18 Update Init

14:04:20 Update Download

14:17:24 esets_scanner_reload returned 0

14:17:24 g_uiModuleBuild: 35653

14:17:24 Update Finalize

14:17:24 Call m_esets_charon_send

14:17:24 Call m_esets_charon_destroy

14:17:24 Updated modules version: 35653

14:17:34 Call m_esets_charon_setup_create

14:17:34 Call m_esets_charon_create

14:17:34 m_esets_charon_create OK

14:17:34 Call m_esets_charon_start_send_thread

14:17:34 Call m_esets_charon_setup_set

14:17:34 m_esets_charon_setup_set OK

14:17:34 Scanner engine: 35653

17:40:14 # product=EOS

# version=8

# flags=0

# esetonlinescanner_deu.exe=2.0.19.0

# EOSSerial=b23da61b991aa14eb8a899566c4d1e99

# engine=35653

# end=finished

# remove_checked=false

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# sfx_checked=true

# utc_time=2017-12-07 16:40:13

# local_time=2017-12-07 17:40:13 (+0100, Mitteleuropäische Zeit)

# country="Germany"

# lang=1031

# osver=10.0.15063 NT 

# compatibility_mode_1=''

# compatibility_mode=5893 16776573 100 94 22875 22797809 0 0

# scanned=2

# found=0

# cleaned=0

# scan_time=12168

17:54:55 Call m_esets_charon_send

17:54:56 Call m_esets_charon_destroy

17:54:59 RecursiveRemoveDirectoryAndAllFiles: C:\Users\PC\AppData\Local\ESET\ESETOnlineScanner\Quarantine\

Code:

 Results of screen317's Security Check version 1.009  

   x64 (UAC is enabled)  

 Internet Explorer 11  
 ``````````````Antivirus/Firewall Check:`````````````` 

Windows Defender   

 WMI entry may not exist for antivirus; attempting automatic update. 
 `````````Anti-malware/Other Utilities Check:````````` 

 Google Chrome (62.0.3202.94) 

 Google Chrome (SetupMetrics...) 
 ````````Process Check: objlist.exe by Laurent````````  

 Windows Defender MSMpEng.exe 

 Malwarebytes Anti-Malware mbamservice.exe  

 Malwarebytes Anti-Malware mbamtray.exe  

 Windows Defender MSASCuiL.exe   
 `````````````````System Health check````````````````` 

 Total Fragmentation on Drive C:  % 
 ````````````````````End of Log``````````````````````