| |
| |||||||
Log-Analyse und Auswertung: VirusTotal Trojanerfund 12/47 in Trash Email DateiWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
04.11.2013, 21:12
| #1 |
 |  VirusTotal Trojanerfund 12/47 in Trash Email Datei Habe Trojaner fund in einer E-Mail Trash Datei mit VirusTotal gefunden. Ist das ein Fehlarlam oder nicht? Danke! Code:
ATTFilter SHA256: d9789eb76b53893954cbdf2074c6a0d8472a5f2977e7817c7f9512632ab60bff
SHA1: bd9cf72d7a8396e50e9ef1d5b49cf569d1bc464b
MD5: cbd588d52503ac701899694b48eafb6e
Dateigröße: 9.7 MB ( 10138609 bytes )
Dateiname: Trash
Datei-Typ: Email
Erkennungsrate: 12 / 47
Analyse-Datum: 2013-11-04 19:01:41 UTC ( vor 4 Minuten )
0
0
Weniger Details
Analyse
Zusätzliche Informationen
Kommentare
Bewertungen
Antivirus Ergebnis Aktualisierung
Agnitum Trojan.Yakes!6gYq3uQPmxM 20131103
AhnLab-V3 20131104
AntiVir 20131104
Antiy-AVL 20131101
Avast 20131104
AVG 20131104
Baidu-International 20131104
BitDefender Trojan.GenericKDV.1216977 20131104
Bkav 20131104
ByteHero 20131104
CAT-QuickHeal 20131103
ClamAV 20131104
Commtouch 20131104
Comodo 20131104
DrWeb Trojan.DownLoader10.11436 20131104
Emsisoft 20131104
ESET-NOD32 20131104
F-Prot 20131104
F-Secure Trojan.GenericKDV.1216977 20131104
Fortinet W32/Yakes.DDZH!tr 20131104
GData Trojan.GenericKDV.1216977 20131104
Ikarus 20131104
Jiangmin 20131104
K7AntiVirus 20131104
K7GW 20131104
Kaspersky Trojan.Win32.Yakes.ddzh 20131104
Kingsoft 20130829
Malwarebytes 20131104
McAfee RDN/Generic.dx!cp3 20131104
McAfee-GW-Edition 20131104
Microsoft Trojan:Win32/Matsnu.L 20131104
MicroWorld-eScan Trojan.GenericKDV.1216977 20131028
NANO-Antivirus Trojan.Win32.Yakes.cgakvl 20131104
Norman 20131104
nProtect 20131101
Panda 20131104
Rising 20131104
Sophos 20131104
SUPERAntiSpyware 20131103
Symantec 20131104
TheHacker 20131103
TotalDefense 20131101
TrendMicro 20131104
TrendMicro-HouseCall 20131104
VBA32 Trojan.Yakes 20131104
VIPRE 20131104
ViRobot 20131104
Code:
ATTFilter SHA256: d9789eb76b53893954cbdf2074c6a0d8472a5f2977e7817c7f9512632ab60bff
SHA1: bd9cf72d7a8396e50e9ef1d5b49cf569d1bc464b
MD5: cbd588d52503ac701899694b48eafb6e
Dateigröße: 9.7 MB ( 10138609 bytes )
Dateiname: Trash
Datei-Typ: Email
Erkennungsrate: 12 / 47
Analyse-Datum: 2013-11-04 19:01:41 UTC ( vor 4 Minuten )
0
0
Weniger Details
Analyse
Zusätzliche Informationen
Kommentare
Bewertungen
File identification
MD5 cbd588d52503ac701899694b48eafb6e
SHA1 bd9cf72d7a8396e50e9ef1d5b49cf569d1bc464b
SHA256 d9789eb76b53893954cbdf2074c6a0d8472a5f2977e7817c7f9512632ab60bff
ssdeep
49152:PxYy58DYYJvkvSB9BX9Mk9tE+9+sJu+IpPBes1uUcqXWY9aCP9OGuePKAEO6wMFd:VJj4
File size 9.7 MB ( 10138609 bytes )
File type Email
Magic literal
Non-ISO extended-ASCII mail text, with very long lines, with CRLF, CR line terminators
TrID Standard Unix Mailbox (100.0%)
VirusTotal metadata
First submission 2013-11-04 19:01:41 UTC ( vor 11 Minuten )
Last submission 2013-11-04 19:01:41 UTC ( vor 11 Minuten )
Dateinamen Trash
Advanced heuristic and reputation engines
ClamAV PUA
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: hxxp://www.clamav.net/index.php?s=pua&lang=en .
Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-11-04 20:44:43
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1 Samsung_SSD_840_Series rev.DXT07B0Q 232,89GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\R\AppData\Local\Temp\pxldqpod.sys
---- Kernel code sections - GMER 2.1 ----
.text C:\WINDOWS\System32\win32k.sys!W32pServiceTable fffff96000187e00 15 bytes [00, 9F, 0F, 02, 40, BA, 6F, ...]
.text C:\WINDOWS\System32\win32k.sys!W32pServiceTable + 16 fffff96000187e10 11 bytes [00, E6, FB, FF, 80, 7E, D2, ...]
---- User code sections - GMER 2.1 ----
.text C:\WINDOWS\system32\atiesrxx.exe[904] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ff90ef0169a 4 bytes [F0, 0E, F9, 7F]
.text C:\WINDOWS\system32\atiesrxx.exe[904] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ff90ef016a2 4 bytes [F0, 0E, F9, 7F]
.text C:\WINDOWS\system32\atiesrxx.exe[904] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ff90ef0181a 4 bytes [F0, 0E, F9, 7F]
.text C:\WINDOWS\system32\atiesrxx.exe[904] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ff90ef01832 4 bytes [F0, 0E, F9, 7F]
.text C:\WINDOWS\system32\atieclxx.exe[656] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ff90ef0169a 4 bytes [F0, 0E, F9, 7F]
.text C:\WINDOWS\system32\atieclxx.exe[656] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ff90ef016a2 4 bytes [F0, 0E, F9, 7F]
.text C:\WINDOWS\system32\atieclxx.exe[656] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ff90ef0181a 4 bytes [F0, 0E, F9, 7F]
.text C:\WINDOWS\system32\atieclxx.exe[656] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ff90ef01832 4 bytes [F0, 0E, F9, 7F]
---- Threads - GMER 2.1 ----
Thread C:\WINDOWS\system32\csrss.exe [572:3836] fffff960008ec4d0
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed -554186270
Reg HKLM\SYSTEM\CurrentControlSet\Services\BITS@Start 3
Reg HKLM\SYSTEM\CurrentControlSet\Services\BITS
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\RegistrarData@LastRenewCollectionsInterest 0xC4 0x1A 0x90 0x9C ...
---- EOF - GMER 2.1 ----
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-10-2013
Ran by R at 2013-11-04 20:38:36
Running from D:\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Adobe Bridge 1.0 (x32 Version: 001.000.001)
Adobe Common File Installer (x32 Version: 1.00.001)
Adobe Creative Suite 2 (x32)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Help Center 1.0 (x32 Version: 1.0.1)
Adobe Illustrator CS2 (x32 Version: 12.000.000)
Adobe InDesign CS2 (x32 Version: 004.000.000)
Adobe Photoshop CS2 (x32 Version: 9.0)
Adobe Stock Photos 1.0 (x32 Version: 1.0.1)
Adobe SVG Viewer 3.0 (x32 Version: 3.0)
Adobe Version Cue CS2 (x32 Version: 2.0)
AMD Accelerated Video Transcoding (Version: 13.15.100.30830)
AMD APP SDK Runtime (Version: 10.0.1084.4)
AMD Catalyst Control Center (x32 Version: 2013.0830.1944.33589)
AMD Catalyst Install Manager (Version: 8.0.915.0)
Bandizip (HKCU Version: 3.07)
Bing-Desktop (x32 Version: 1.3.171.0)
BufferChm (x32 Version: 130.0.327.000)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0830.1944.33589)
Catalyst Control Center InstallProxy (x32 Version: 2013.0830.1944.33589)
Catalyst Control Center Localization All (x32 Version: 2013.0830.1944.33589)
CCC Help Chinese Standard (x32 Version: 2013.0830.1943.33589)
CCC Help Chinese Traditional (x32 Version: 2013.0830.1943.33589)
CCC Help Czech (x32 Version: 2013.0830.1943.33589)
CCC Help Danish (x32 Version: 2013.0830.1943.33589)
CCC Help Dutch (x32 Version: 2013.0830.1943.33589)
CCC Help English (x32 Version: 2013.0830.1943.33589)
CCC Help Finnish (x32 Version: 2013.0830.1943.33589)
CCC Help French (x32 Version: 2013.0830.1943.33589)
CCC Help German (x32 Version: 2013.0830.1943.33589)
CCC Help Greek (x32 Version: 2013.0830.1943.33589)
CCC Help Hungarian (x32 Version: 2013.0830.1943.33589)
CCC Help Italian (x32 Version: 2013.0830.1943.33589)
CCC Help Japanese (x32 Version: 2013.0830.1943.33589)
CCC Help Korean (x32 Version: 2013.0830.1943.33589)
CCC Help Norwegian (x32 Version: 2013.0830.1943.33589)
CCC Help Polish (x32 Version: 2013.0830.1943.33589)
CCC Help Portuguese (x32 Version: 2013.0830.1943.33589)
CCC Help Russian (x32 Version: 2013.0830.1943.33589)
CCC Help Spanish (x32 Version: 2013.0830.1943.33589)
CCC Help Swedish (x32 Version: 2013.0830.1943.33589)
CCC Help Thai (x32 Version: 2013.0830.1943.33589)
CCC Help Turkish (x32 Version: 2013.0830.1943.33589)
ccc-utility64 (Version: 2013.0830.1944.33589)
CCleaner (Version: 4.07)
ClamWin Free Antivirus 0.98 (x32)
Classic Shell (Version: 4.0.2)
ContentSAFER for Wizmax (x32)
Destinations (x32 Version: 130.0.0.0)
DocProc (x32 Version: 13.0.0.0)
Flashtool (x32 Version: 0.9.7.0)
Foxit Reader (x32 Version: 6.0.6.722)
Free YouTube to MP3 Converter version 3.12.1.320 (x32 Version: 3.12.1.320)
GPBaseService2 (x32 Version: 130.0.367.000)
Gpg4win (2.2.1) (x32 Version: 2.2.1)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Scanjet 3800 (Version: 13.0)
HP Solution Center 13.0 (Version: 13.0)
HP Update (x32 Version: 4.000.011.006)
hpg3800 (x32 Version: 14.0.0.0)
HPPhotosmartEssential (x32 Version: 2.04.0000)
HPProductAssistant (x32 Version: 130.0.367.000)
James Cameron's AVATAR(tm): DAS SPIEL (x32 Version: 1.02.00)
Java 7 Update 45 (64-bit) (Version: 7.0.450)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
Kinect for Windows Developer Toolkit v1.7.0 (Version: 1.7.0.510)
Kinect for Windows Drivers v1.7 (Version: 1.7.0.529)
Kinect for Windows Runtime v1.7 (Version: 1.7.0.529)
Kinect for Windows SDK v1.7 (Version: 1.7.0.529)
Kinect for Windows Speech Recognition Language Pack (de-DE) (x32 Version: 11.0.7413.611)
Kinect for Windows Speech Recognition Language Pack (en-US) (x32 Version: 11.0.7400.336)
K-Lite Codec Pack 9.8.0 (64-bit) (Version: 9.8.0)
Konz 2012 (x32 Version: 1.00.0000)
lingDIALOG (x32 Version: 3.0908)
Logitech Gaming Software 5.09 (Version: 5.09.131)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Corporation (Version: 11.0.50727.0)
Microsoft Corporation (x32 Version: 11.0.50727.0)
Microsoft LifeCam (Version: 4.25.512.0)
Microsoft Server Speech Platform Runtime (x64) (Version: 11.0.7400.345)
Microsoft Server Speech Platform Runtime (x86) (x32 Version: 11.0.7400.345)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (x32 Version: 11.0.50727.1)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (x32 Version: 11.0.51106.1)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (x32 Version: 11.0.50727.1)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (x32 Version: 11.0.51106.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106)
Microsoft-Maus- und Tastatur-Center (Version: 2.2.173.0)
Mozilla Firefox 25.0 (x86 de) (x32 Version: 25.0)
Mozilla Maintenance Service (x32 Version: 24.1.0)
Mozilla Thunderbird 24.1.0 (x86 de) (x32 Version: 24.1.0)
Mp3tag v2.54 (x32 Version: v2.54)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
OpenOffice 4.0.0 (x32 Version: 4.00.9702)
PlexUTILITIES 1.3 (x32 Version: 1.3)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6873)
Richard Burns Rally (x32 Version: 1.00.000)
RoyalFLUSH (Version: 0.2.2.0812)
SAMSUNG Intelli-studio (x32 Version: 3.1.32.1)
Samsung Magician (x32 Version: 4.0.1)
Samsung Universal Print Driver (x32 Version: 2.03.09.00)
Scan (x32 Version: 13.0.0.0)
SCAR (x32 Version: 1.00.0000)
Secure Banking Version 1.5.2 (x32 Version: 1.5.2)
Shutdown8 (HKCU Version: 1.0)
Skype™ 6.9 (x32 Version: 6.9.106)
SolutionCenter (x32 Version: 130.0.369.000)
SpywareBlaster 5.0 (x32 Version: 5.0.0)
StarMoney (x32 Version: 3.0.5.8)
Steuer 2011 (x32 Version: 19.00.7304)
Sticky Password 6.0.10.445 (x32 Version: 6.0)
Suite Specific (x32 Version: 2.0.0)
SUPERAntiSpyware (Version: 5.6.1014)
TP-LINK Wireless Configuration Utility (x32 Version: 1.3.1)
Treiber-Studio 2013 (Version: 8.1.430)
Treiber-Studio 2013 (Version: 8.2.032)
TrueCrypt (x32 Version: 7.1a)
TweakMe! (x32 Version: 1.3.0.0)
Update Manager B12.0418.1 (x32 Version: 1.00.0000)
VLC media player 2.1.0 (x32 Version: 2.1.0)
WebReg (x32 Version: 130.0.128.017)
Windows-Treiberpaket - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/11/2009 2.0.0010.00002) (Version: 08/11/2009 2.0.0010.00002)
WRC 2 FIA World Rally Championship (x32 Version: 1.00.0000)
WRC 2 FIA World Rally Championship (x32 Version: 1.1.0000)
==================== Restore Points =========================
29-10-2013 20:42:06 Windows Update
03-11-2013 17:44:33 Windows Update
==================== Hosts content: ==========================
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {285E15CE-E84B-402C-B765-07953AF30099} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\System32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {6F76692C-179D-44F9-B860-0049EDE70D14} - System32\Tasks\Firefox => Firefox.exe
Task: {7C33CE56-598A-4D63-BED4-44B8F98DAFB8} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => C:\Windows\System32\AppXDeploymentClient.dll [2013-09-30] (Microsoft Corporation)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {ACF9ED53-0813-4B45-A9AE-9F16789C6084} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {C011CD6E-ACA0-4614-A0FF-5E2D5802862A} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DD002E81-8F82-4FAC-9660-BF1B34ABAB98} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\MouseKeyboardCenter.exe [2013-05-13] (Microsoft)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F1D802CD-A3CE-42BE-9F18-F7693783E8FE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-22] (Piriform Ltd)
Task: {F704F7D6-7175-4615-BEC9-2CC8C373949F} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\Windows\System32\oobe\setupsqm.exe [2013-08-22] (Microsoft Corporation)
Task: {F8AA99ED-3975-423F-B1D0-7960430428DC} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
==================== Loaded Modules (whitelisted) =============
2013-09-30 05:01 - 2013-09-30 05:01 - 00012728 _____ () C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.1.203_x64__8wekyb3d8bbwe\Microsoft.PerfTrack.winmd
2013-10-30 17:31 - 2013-10-30 17:31 - 00363520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\432868bf54b081b16eaf68729020b30a\Windows.Foundation.ni.dll
2013-10-30 17:31 - 2013-10-30 17:31 - 00347136 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Gloaae92e31#\e0e7493cf161f0e0899caa7eb5e0e259\Windows.Globalization.ni.dll
2013-10-30 17:31 - 2013-10-30 17:31 - 01782272 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\600862031eb4d4cfdc6f4d2025a7990e\Windows.ApplicationModel.ni.dll
2013-10-30 17:31 - 2013-10-30 17:31 - 00207872 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.System\e8f8737bea4f0df4b88bbc4bf24fa2a8\Windows.System.ni.dll
2013-10-30 17:31 - 2013-10-30 17:31 - 01278464 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Storage\4c323000d6c8d1d462abb0968333c937\Windows.Storage.ni.dll
2013-10-30 17:31 - 2013-10-30 17:31 - 01459712 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.UI\0ff25bd7c20be35c2e915bb82db13b72\Windows.UI.ni.dll
2013-11-01 20:12 - 2013-11-01 20:12 - 00278528 _____ () C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.1.203_x64__8wekyb3d8bbwe\Microsoft.Bing.AppEx.Telemetry.winmd
2013-10-30 17:31 - 2013-10-30 17:31 - 00632320 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Security\4f00f54318cefa03d2a77a61e842ffca\Windows.Security.ni.dll
2013-10-30 17:31 - 2013-10-30 17:31 - 01259520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Networking\45eee6d0ec199bb4a183edf3d8f2370f\Windows.Networking.ni.dll
2013-09-30 05:01 - 2013-09-30 05:01 - 00016312 _____ () C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.1.203_x64__8wekyb3d8bbwe\SqliteWrapper.winmd
2013-09-30 05:01 - 2013-09-30 05:01 - 00485816 _____ () C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.1.203_x64__8wekyb3d8bbwe\SqliteWrapper.dll
2013-09-30 05:01 - 2013-09-30 05:01 - 00660920 _____ () C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.1.203_x64__8wekyb3d8bbwe\Sqlite3.dll
2013-10-30 17:31 - 2013-10-30 17:31 - 01383936 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Web\2b0972e005263c87498242eb8f69480d\Windows.Web.ni.dll
2013-10-30 17:31 - 2013-10-30 17:31 - 00467456 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Graphics\e06f4482547bc7feaa453c9e02585f52\Windows.Graphics.ni.dll
2013-11-01 20:12 - 2013-11-01 20:12 - 00021504 _____ () C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.1.203_x64__8wekyb3d8bbwe\Microsoft.AppEx.Sports.BaseEnums.winmd
2013-11-01 20:12 - 2013-11-01 20:12 - 00864272 _____ () C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.1.203_x64__8wekyb3d8bbwe\Microsoft.AppEx.Sports.Schemas.winmd
2013-11-01 20:12 - 2013-11-01 20:12 - 00014848 _____ () C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.1.203_x64__8wekyb3d8bbwe\Microsoft.AppEx.Sports.TransformEngine.BaseSchemas.winmd
2013-11-01 20:12 - 2013-11-01 20:12 - 00022544 _____ () C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.1.203_x64__8wekyb3d8bbwe\Microsoft.AppEx.Sports.SportsEnums.winmd
2013-10-30 17:31 - 2013-10-30 17:31 - 00521216 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Data\4e1b0dc15d072d992e08612cd74a34db\Windows.Data.ni.dll
2013-10-30 17:31 - 2013-10-30 17:31 - 02019840 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Devices\aaa76dfc70840ddd1028b4e1783ec5aa\Windows.Devices.ni.dll
2013-10-29 22:32 - 2008-04-19 17:35 - 00080384 _____ () C:\Program Files (x86)\ClamWin\bin\ExpShell64.dll
2013-10-29 23:07 - 2013-06-30 17:01 - 00017920 _____ () C:\Program Files (x86)\Secure Banking\SecureBanking.dll
2013-10-29 23:07 - 2013-05-26 13:13 - 00008704 _____ () C:\Program Files (x86)\Secure Banking\funcs.dll
2013-10-29 22:32 - 2005-02-08 17:23 - 00979005 _____ () C:\Program Files (x86)\ClamWin\bin\python23.dll
2013-10-29 22:32 - 2004-11-20 03:27 - 00069632 _____ () C:\Program Files (x86)\ClamWin\lib\win32api.pyd
2013-10-29 22:32 - 2004-10-11 20:21 - 00094208 _____ () C:\Program Files (x86)\ClamWin\lib\pywintypes23.dll
2013-10-29 22:32 - 2004-05-25 21:18 - 00057401 _____ () C:\Program Files (x86)\ClamWin\lib\_sre.pyd
2013-10-29 22:32 - 2004-11-20 03:27 - 00086016 _____ () C:\Program Files (x86)\ClamWin\lib\win32gui.pyd
2013-10-29 22:32 - 2004-11-20 03:27 - 00024576 _____ () C:\Program Files (x86)\ClamWin\lib\win32event.pyd
2013-10-29 22:32 - 2004-11-20 03:27 - 00036864 _____ () C:\Program Files (x86)\ClamWin\lib\win32process.pyd
2013-10-29 22:32 - 2004-05-25 21:18 - 00049212 _____ () C:\Program Files (x86)\ClamWin\lib\_socket.pyd
2013-10-29 22:32 - 2004-05-25 21:18 - 00495616 _____ () C:\Program Files (x86)\ClamWin\lib\_ssl.pyd
2013-10-29 22:32 - 2004-05-25 21:20 - 00036864 _____ () C:\Program Files (x86)\ClamWin\lib\_winreg.pyd
2013-10-29 22:32 - 2004-10-11 20:22 - 00315392 _____ () C:\Program Files (x86)\ClamWin\lib\pythoncom23.dll
2013-10-29 22:32 - 2004-11-20 03:27 - 00106496 _____ () C:\Program Files (x86)\ClamWin\lib\shell.pyd
2013-10-29 22:32 - 2004-11-20 03:27 - 00065536 _____ () C:\Program Files (x86)\ClamWin\lib\win32security.pyd
2013-10-29 22:32 - 2004-01-15 14:45 - 00061440 _____ () C:\Program Files (x86)\ClamWin\lib\_ctypes.pyd
2013-10-29 22:32 - 2004-11-20 03:27 - 00077824 _____ () C:\Program Files (x86)\ClamWin\lib\win32file.pyd
2013-10-29 22:32 - 2004-11-20 03:27 - 00024576 _____ () C:\Program Files (x86)\ClamWin\lib\win32pipe.pyd
2013-10-29 22:32 - 2003-10-01 13:40 - 02240512 _____ () C:\Program Files (x86)\ClamWin\lib\wxc.pyd
2013-10-29 22:32 - 2003-10-01 11:43 - 03239936 _____ () C:\Program Files (x86)\ClamWin\lib\wxmsw24h.dll
2013-10-29 22:32 - 2003-08-10 09:14 - 00061440 _____ () C:\Program Files (x86)\ClamWin\lib\mxDateTime.pyd
2013-10-29 22:32 - 2004-05-25 21:17 - 00622651 _____ () C:\Program Files (x86)\ClamWin\lib\_bsddb.pyd
2013-10-29 22:32 - 2004-05-25 21:19 - 00045117 _____ () C:\Program Files (x86)\ClamWin\lib\datetime.pyd
2013-10-29 18:59 - 2013-10-29 18:59 - 03368048 _____ () D:\Programme\Firefox\mozjs.dll
2013-10-29 22:32 - 2008-04-19 17:35 - 00081920 _____ () C:\Program Files (x86)\ClamWin\bin\ExpShell.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
AlternateDataStreams: C:\Users\R\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SystemEventsBroker => ""="Service"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/01/2013 08:49:11 PM) (Source: Application Hang) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.16384 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 880
Startzeit: 01ced73aba27257b
Endzeit: 4294967295
Anwendungspfad: C:\WINDOWS\system32\wwahost.exe
Berichts-ID: ad557e22-432e-11e3-bfd7-902b343d2621
Vollständiger Name des fehlerhaften Pakets: 19120CensoredUser.YouTubeRT_1.5.3.4_neutral__c0tqyanwsgfn6
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (11/01/2013 07:42:05 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest.
Error: (10/29/2013 08:52:08 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.34003 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 2272. Meldungs-ID: [0x2509].
Error: (10/29/2013 07:01:28 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: WORLDPC)
Description: Das Paket „52375DrWindows.Dr.Windows_1.2.7.36_neutral__chdjs8pthps04“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (10/29/2013 06:28:35 PM) (Source: ESENT) (User: )
Description: taskhostex (1744) Versuch, Datei "C:\Users\R\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" für den Lesezugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
Error: (10/29/2013 06:28:03 PM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "select * from __InstanceModificationEvent where targetinstance isa '__ArbitratorConfiguration'" konnte im Namespace "//./root" aufgrund des Fehlers "0x80041033" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
Error: (10/29/2013 06:28:03 PM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __TimerEvent" zu registrieren, deren Zielklasse "__TimerEvent" im Namespace "//./root" nicht vorhanden ist. Die Abfrage wird ignoriert.
Error: (10/29/2013 06:28:03 PM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __SystemEvent" zu registrieren, deren Zielklasse "__SystemEvent" im Namespace "//./root" nicht vorhanden ist. Die Abfrage wird ignoriert.
Error: (10/29/2013 06:28:03 PM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __TimerEvent" zu registrieren, deren Zielklasse "__TimerEvent" im Namespace "//./root/CIMV2" nicht vorhanden ist. Die Abfrage wird ignoriert.
Error: (10/29/2013 06:28:03 PM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __NamespaceOperationEvent" zu registrieren, deren Zielklasse "__NamespaceOperationEvent" im Namespace "//./root" nicht vorhanden ist. Die Abfrage wird ignoriert.
System errors:
=============
Error: (11/04/2013 08:24:19 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft Silverlight (KB2890788)
Error: (11/04/2013 06:54:14 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft Silverlight (KB2890788)
Error: (11/04/2013 05:45:52 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft Silverlight (KB2890788)
Error: (11/04/2013 04:35:27 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft Silverlight (KB2890788)
Error: (11/04/2013 03:28:01 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft Silverlight (KB2890788)
Error: (11/04/2013 02:45:54 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft Silverlight (KB2890788)
Error: (11/04/2013 02:07:47 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft Silverlight (KB2890788)
Error: (11/04/2013 01:34:31 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (11/04/2013 01:31:30 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Bing Desktop Update service erreicht.
Error: (11/03/2013 08:20:23 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft Silverlight (KB2890788)
Microsoft Office Sessions:
=========================
Error: (11/01/2013 08:49:11 PM) (Source: Application Hang)(User: )
Description: wwahost.exe6.3.9600.1638488001ced73aba27257b4294967295C:\WINDOWS\system32\wwahost.exead557e22-432e-11e3-bfd7-902b343d262119120CensoredUser.YouTubeRT_1.5.3.4_neutral__c0tqyanwsgfn6App
Error: (11/01/2013 07:42:05 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifestC:\Users\R\AppData\Local\Temp\KMP_3.7.0.113.exe
Error: (10/29/2013 08:52:08 PM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version 4.0.30319.34003 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 2272. Meldungs-ID: [0x2509].
Error: (10/29/2013 07:01:28 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: WORLDPC)
Description: 52375DrWindows.Dr.Windows_1.2.7.36_neutral__chdjs8pthps04
Error: (10/29/2013 06:28:35 PM) (Source: ESENT)(User: )
Description: taskhostex1744C:\Users\R\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat-1032 (0xfffffbf8)32 (0x00000020)Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
Error: (10/29/2013 06:28:03 PM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: //./rootselect * from __InstanceModificationEvent where targetinstance isa '__ArbitratorConfiguration'0x80041033
Error: (10/29/2013 06:28:03 PM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: $Coreselect * from __TimerEvent__TimerEvent//./root
Error: (10/29/2013 06:28:03 PM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: $Coreselect * from __SystemEvent__SystemEvent//./root
Error: (10/29/2013 06:28:03 PM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: $Coreselect * from __TimerEvent__TimerEvent//./root/CIMV2
Error: (10/29/2013 06:28:03 PM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: $Coreselect * from __NamespaceOperationEvent__NamespaceOperationEvent//./root
==================== Memory info ===========================
Percentage of memory in use: 25%
Total physical RAM: 8154.3 MB
Available physical RAM: 6080.83 MB
Total Pagefile: 9434.3 MB
Available Pagefile: 6661.02 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:60.93 GB) (Free:36.69 GB) NTFS
Drive d: (EigeneDaten) (Fixed) (Total:161.85 GB) (Free:102.57 GB) NTFS
Drive e: (WRC2) (CDROM) (Total:3.81 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: C1DEC34E)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=61 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=238 MB) - (Type=83)
Partition 4: (Not Active) - (Size=171 GB) - (Type=05)
==================== End Of Log ============================
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-10-2013
Ran by R (administrator) on WORLDPC on 04-11-2013 20:37:20
Running from D:\Downloads
Windows 8.1 Pro (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\WINDOWS\system32\atiesrxx.exe
(AMD) C:\WINDOWS\system32\atieclxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Kinect Drivers\Service\KinectManagementService.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Secure Banking) C:\Program Files (x86)\Secure Banking\SecureBanking.exe
() C:\Program Files (x86)\Secure Banking\sbservice.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
(alch) C:\Program Files (x86)\ClamWin\bin\ClamTray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\WINDOWS\system32\wwahost.exe
(Mozilla Corporation) D:\Programme\Firefox\firefox.exe
(Mozilla Corporation) D:\Programme\Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-29] (Realtek Semiconductor)
HKLM\...\Run: [Start WingMan Profiler] - C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-05-05] (Logitech Inc.)
HKLM\...\Policies\Explorer: [NoInstrumentation] 1
HKCU\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE [6588144 2013-10-04] (SUPERAntiSpyware)
HKCU\...\Run: [SecureBanking] - C:\Program Files (x86)\Secure Banking\SecureBanking.exe [507904 2013-06-30] (Secure Banking)
HKLM-x32\...\Run: [hpqSRMon] - C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe [150016 2008-08-20] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe Version Cue CS2] - D:\Programme\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe [856064 2005-04-06] (Adobe Sytems Incorporated)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [ClamWin] - C:\Program Files (x86)\ClamWin\bin\ClamTray.exe [86016 2013-10-18] (alch)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x0B3F2FFD4B6CCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
BHO: Plus-HD-2.6 - {11111111-1111-1111-1111-110311341140} - C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-bho64.dll No File
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Sticky Password Toolbar - {AC02E217-6E13-4F14-9BAC-D7BA27C1E912} - D:\Programme\Sticky Password\spIEBho.dll (Lamantine Software a.s.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Sticky Password Toolbar - {AC02E217-6E13-4F14-9BAC-D7BA27C1E912} - D:\Programme\Sticky Password\spIEBho.dll (Lamantine Software a.s.)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\jhgy9zie.default
FF user.js: detected! => C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\jhgy9zie.default\user.js
FF DefaultSearchEngine: Ixquick HTTPS - Deutsch
FF SelectedSearchEngine: Ixquick HTTPS - Deutsch
FF NetworkProxy: "ftp", "94.228.213.108"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "http", "94.228.213.108"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "94.228.213.108"
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", "94.228.213.108"
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - D:\Programme\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\jhgy9zie.default\searchplugins\ixquick-https---deutsch.xml
FF SearchPlugin: C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\jhgy9zie.default\searchplugins\youtube-ssl.xml
FF Extension: Plus-HD-2.6 - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\jhgy9zie.default\Extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com
FF Extension: Fast Dial - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\jhgy9zie.default\Extensions\fastdial@telega.phpnet.us
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\jhgy9zie.default\Extensions\ich@maltegoetz.de
FF Extension: Super Start - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\jhgy9zie.default\Extensions\superstart@enjoyfreeware.org
FF Extension: Reader - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\jhgy9zie.default\Extensions\{20068ab2-1901-4140-9f3c-81207d4dacc4}
FF Extension: WOT - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\jhgy9zie.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: DownloadHelper - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\jhgy9zie.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: addon - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\jhgy9zie.default\Extensions\addon@snip-me.de.xpi
FF Extension: ck - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\jhgy9zie.default\Extensions\ck@everygain.com.xpi
FF Extension: client - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\jhgy9zie.default\Extensions\client@anonymox.net.xpi
FF Extension: compatibility - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\jhgy9zie.default\Extensions\compatibility@addons.mozilla.org.xpi
FF Extension: firefoxaddon - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\jhgy9zie.default\Extensions\firefoxaddon@youtubeenhancer.com.xpi
FF Extension: info - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\jhgy9zie.default\Extensions\info@mp3it.eu.xpi
FF Extension: jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\jhgy9zie.default\Extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi
FF Extension: jid1-QqA8RBLaxLGXxg - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\jhgy9zie.default\Extensions\jid1-QqA8RBLaxLGXxg@jetpack.xpi
FF Extension: nosquint - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\jhgy9zie.default\Extensions\nosquint@urandom.ca.xpi
FF Extension: secureLogin - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\jhgy9zie.default\Extensions\secureLogin@blueimp.net.xpi
FF Extension: smarterwiki - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\jhgy9zie.default\Extensions\smarterwiki@wikiatic.com.xpi
FF Extension: stealthyextension - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\jhgy9zie.default\Extensions\stealthyextension@gmail.com.xpi
FF Extension: tiletabs - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\jhgy9zie.default\Extensions\tiletabs@DW-dev.xpi
FF Extension: aios - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\jhgy9zie.default\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi
FF Extension: mydefaults - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\jhgy9zie.default\Extensions\{28FAD68E-4001-48d5-B994-68069F7CFB1D}.xpi
FF Extension: noscript - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\jhgy9zie.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\jhgy9zie.default\Extensions\{C1F83B1E-D6EE-11DE-B441-1AD556D89593}.xpi
FF Extension: oxygenkdeoptions - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\jhgy9zie.default\Extensions\{c2a3f51e-2920-4eab-9008-1bcb44d21d57}.xpi
FF Extension: Adblock Plus - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\jhgy9zie.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: esbpref - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\jhgy9zie.default\Extensions\{daf44bf7-a45e-4450-979c-91cf07434c3d}.xpi
FF Extension: No Name - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\jhgy9zie.default\Extensions\{dbd63b80-1735-11df-8a39-0800200c9a66}.xpi
FF Extension: tabmix - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\jhgy9zie.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
FF Extension: dta - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\jhgy9zie.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
FF Extension: greasemonkey - C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\jhgy9zie.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
==================== Services (Whitelisted) =================
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-05-22] (Adobe Systems)
S3 AppReadiness; C:\Windows\system32\AppReadiness.dll [533504 2013-09-30] (Microsoft Corporation)
S3 AppXSvc; C:\Windows\system32\appxdeploymentserver.dll [1302016 2013-09-30] (Microsoft Corporation)
S2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-20] (Microsoft Corp.)
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [111616 2013-08-22] (Microsoft Corporation)
R2 KinectManagement; C:\Program Files\Microsoft Kinect Drivers\Service\KinectManagementService.exe [98816 2013-02-27] (Microsoft Corporation)
S3 lfsvc; C:\Windows\System32\GeofenceMonitorService.dll [491520 2013-09-30] (Microsoft Corporation)
S4 MsKeyboardFilter; C:\Windows\System32\KeyboardFilterSvc.dll [90464 2013-09-30] (Microsoft Corporation)
R3 NcbService; C:\Windows\System32\ncbservice.dll [151040 2013-08-22] (Microsoft Corporation)
S3 Samsung UPD Service2; C:\Windows\System32\SUPDSvc2.exe [158208 2012-04-06] (Samsung Electronics)
S3 ScDeviceEnum; C:\Windows\System32\ScDeviceEnum.dll [130560 2013-08-22] (Microsoft Corporation)
S3 smphost; C:\Windows\System32\smphost.dll [13312 2013-08-22] (Microsoft Corporation)
S3 vmicguestinterface; C:\Windows\System32\ICSvc.dll [517120 2013-08-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\Windows\system32\wephostsvc.dll [24576 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
S3 workfolderssvc; C:\Windows\system32\workfolderssvc.dll [1581568 2013-09-30] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R1 ahcache; C:\Windows\System32\DRIVERS\ahcache.sys [76800 2013-08-22] (Microsoft Corporation)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21600 2013-03-29] (Advanced Micro Devices, Inc.)
R3 athur; C:\Windows\system32\DRIVERS\athuw8x.sys [3744256 2012-11-21] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [129536 2013-07-05] (Advanced Micro Devices)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
S3 gdrv; C:\Windows\gdrv.sys [25640 2013-02-09] (Windows (R) Server 2003 DDK provider)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-09-30] (Microsoft Corporation)
S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-09-30] (Microsoft Corporation)
R3 LcUvcUpper; C:\Windows\system32\DRIVERS\LcUvcUpper.sys [34408 2013-09-27] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146272 2013-08-22] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [56672 2013-08-22] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
NETSVC: lfsvc -> C:\Windows\System32\GeofenceMonitorService.dll (Microsoft Corporation)
NETSVC: MsKeyboardFilter -> C:\Windows\System32\KeyboardFilterSvc.dll (Microsoft Corporation)
==================== One Month Created Files and Folders ========
2013-11-04 20:36 - 2013-11-04 20:36 - 00000000 ____D C:\FRST
2013-11-03 18:44 - 2013-11-03 18:44 - 00000000 ___RD C:\WINDOWS\BrowserChoice
2013-11-03 18:44 - 2013-11-03 18:44 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2013-11-03 18:44 - 2013-11-03 18:44 - 00000000 ____D C:\Program Files\AMD
2013-11-01 20:01 - 2013-11-01 20:01 - 00007600 _____ C:\WINDOWS\PFRO.log
2013-11-01 17:14 - 2013-11-03 20:00 - 00002456 _____ C:\WINDOWS\setupact.log
2013-11-01 17:14 - 2013-11-01 17:14 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-10-30 18:43 - 2013-11-04 20:34 - 02041299 _____ C:\WINDOWS\WindowsUpdate.log
2013-10-30 17:09 - 2013-10-30 17:09 - 00000000 ____D C:\ProgramData\ClassicShell
2013-10-30 16:25 - 2013-10-30 16:25 - 00000000 ____D C:\Users\R\AppData\Roaming\Malwarebytes
2013-10-30 16:25 - 2013-10-30 16:25 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-30 16:25 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-10-30 16:19 - 2013-10-30 16:19 - 00000000 ____D C:\ProgramData\Licenses
2013-10-30 16:19 - 2011-11-04 05:13 - 01070352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCTL.OCX
2013-10-29 23:07 - 2013-10-29 23:07 - 00000000 ____D C:\Program Files (x86)\Secure Banking
2013-10-29 22:41 - 2013-10-29 22:40 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2013-10-29 22:33 - 2013-10-29 22:35 - 00000000 ____D C:\Users\R\AppData\Roaming\.clamwin
2013-10-29 22:32 - 2013-10-29 22:32 - 00000000 ____D C:\ProgramData\.clamwin
2013-10-29 22:32 - 2013-10-29 22:32 - 00000000 ____D C:\Program Files (x86)\ClamWin
2013-10-29 21:08 - 2013-10-29 21:08 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_LcUvcUpper_01011.Wdf
2013-10-29 21:07 - 2013-11-04 13:32 - 00000000 __RDO C:\Users\R\SkyDrive
2013-10-29 21:06 - 2013-10-29 21:06 - 00001485 _____ C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-10-29 21:06 - 2013-10-29 21:06 - 00000020 ___SH C:\Users\R\ntuser.ini
2013-10-29 20:51 - 2013-10-29 20:51 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-10-29 20:51 - 2013-10-29 20:51 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-10-29 20:51 - 2013-10-29 20:51 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-10-29 20:51 - 2013-10-29 20:51 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-10-29 20:51 - 2013-10-29 20:51 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-10-29 20:51 - 2013-10-29 20:51 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-10-29 20:51 - 2013-10-29 20:51 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-29 20:51 - 2013-10-29 20:51 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-10-29 20:51 - 2013-10-29 20:51 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-10-29 20:51 - 2013-10-29 20:51 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-10-29 20:51 - 2013-10-29 20:51 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-29 20:51 - 2013-10-29 20:51 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-10-29 20:51 - 2013-10-29 20:51 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-10-29 20:50 - 2013-10-29 20:50 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2013-10-29 20:48 - 2013-10-29 21:07 - 00000000 ____D C:\Users\R
2013-10-29 20:48 - 2013-10-29 20:50 - 00024768 _____ C:\WINDOWS\diagwrn.xml
2013-10-29 20:48 - 2013-10-29 20:50 - 00024768 _____ C:\WINDOWS\diagerr.xml
2013-10-29 20:48 - 2013-10-29 20:48 - 00000000 _SHDL C:\Users\R\Vorlagen
2013-10-29 20:48 - 2013-10-29 20:48 - 00000000 _SHDL C:\Users\R\Startmenü
2013-10-29 20:48 - 2013-10-29 20:48 - 00000000 _SHDL C:\Users\R\Netzwerkumgebung
2013-10-29 20:48 - 2013-10-29 20:48 - 00000000 _SHDL C:\Users\R\Lokale Einstellungen
2013-10-29 20:48 - 2013-10-29 20:48 - 00000000 _SHDL C:\Users\R\Eigene Dateien
2013-10-29 20:48 - 2013-10-29 20:48 - 00000000 _SHDL C:\Users\R\Druckumgebung
2013-10-29 20:48 - 2013-10-29 20:48 - 00000000 _SHDL C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-29 20:48 - 2013-10-29 20:48 - 00000000 _SHDL C:\Users\R\AppData\Local\Verlauf
2013-10-29 20:48 - 2013-10-29 20:48 - 00000000 _SHDL C:\Users\R\AppData\Local\Anwendungsdaten
2013-10-29 20:48 - 2013-10-29 20:48 - 00000000 _SHDL C:\Users\R\Anwendungsdaten
2013-10-29 20:48 - 2013-10-29 20:48 - 00000000 ___RD C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-10-29 20:48 - 2013-10-29 20:48 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2013-10-29 20:48 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-10-29 20:48 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-10-29 20:48 - 2013-08-22 16:36 - 00000000 ____D C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-29 20:46 - 2013-10-30 16:53 - 00000000 ___DC C:\WINDOWS\Panther
2013-10-29 20:46 - 2013-10-29 20:49 - 00000000 ____D C:\Program Files\Microsoft LifeCam
2013-10-29 20:46 - 2013-10-29 20:49 - 00000000 ____D C:\Program Files (x86)\Microsoft LifeCam
2013-10-29 20:46 - 2013-10-29 20:46 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_dc3d_01011.Wdf
2013-10-29 20:46 - 2013-10-29 20:46 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2013-10-29 20:46 - 2013-10-29 20:46 - 00000000 ____D C:\Program Files\Realtek
2013-10-29 20:46 - 2013-10-29 20:46 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2013-10-29 20:46 - 2013-10-29 20:46 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2013-10-29 20:45 - 2013-10-29 20:45 - 23213056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 17143808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 12995072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 11222016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 02763776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2013-10-29 20:45 - 2013-10-29 20:45 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2013-10-29 20:45 - 2013-10-29 20:45 - 02166272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 02144768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 01537880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-10-29 20:45 - 2013-10-29 20:45 - 01286552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 01018960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 00977408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 00872840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 00837120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 00698880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 00698232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2013-10-29 20:45 - 2013-10-29 20:45 - 00294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2013-10-29 20:45 - 2013-10-29 20:45 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-10-29 20:44 - 2013-10-29 20:44 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2013-10-29 20:44 - 2013-10-29 20:44 - 00000000 ____D C:\Program Files\Reference Assemblies
2013-10-29 20:44 - 2013-10-29 20:44 - 00000000 ____D C:\Program Files\MSBuild
2013-10-29 20:44 - 2013-10-29 20:44 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2013-10-29 20:44 - 2013-10-29 20:44 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-10-29 20:44 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2013-10-29 20:44 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-29 20:44 - 2013-08-03 05:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2013-10-29 20:44 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2013-10-29 20:44 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-29 20:44 - 2013-08-03 05:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2013-10-29 11:33 - 2013-11-04 19:34 - 00000000 ____D C:\Users\R\AppData\Roaming\ClassicShell
2013-10-29 11:32 - 2013-10-29 11:31 - 00002205 _____ C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\startscreen.lnk
2013-10-29 11:31 - 2013-10-30 17:09 - 00000000 ____D C:\Program Files\Classic Shell
2013-10-27 11:00 - 2013-10-27 13:17 - 00000308 _____ C:\Users\R\AppData\Roaming\Rim.Transcoder.Exception.log
2013-10-27 11:00 - 2013-10-27 11:01 - 00012288 _____ C:\Users\R\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-27 08:46 - 2013-10-27 14:01 - 00000000 ____D C:\Users\R\AppData\Local\Research In Motion
2013-10-27 08:46 - 2013-10-27 13:17 - 00000770 _____ C:\Users\R\AppData\Roaming\Rim.DesktopHelper.Exception.log
2013-10-27 08:46 - 2013-10-27 13:17 - 00000770 _____ C:\Users\R\AppData\Roaming\Rim.Desktop.Exception.log
2013-10-27 08:45 - 2013-10-27 08:45 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_RimSerial_AMD64_01007.Wdf
2013-10-27 08:44 - 2013-10-27 14:01 - 00005737 _____ C:\Users\R\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2013-10-27 08:44 - 2012-12-10 15:48 - 00044544 _____ (Research in Motion Ltd) C:\WINDOWS\system32\Drivers\RimSerial_AMD64.sys
2013-10-24 18:15 - 2013-10-24 18:16 - 00000000 ____D C:\Users\R\AppData\Roaming\gnupg
2013-10-24 18:15 - 2013-10-24 18:15 - 00000000 ____D C:\ProgramData\GNU
2013-10-20 17:47 - 2013-10-20 17:47 - 00329216 _____ (IvoSoft) C:\WINDOWS\system32\StartMenuHelper64.dll
2013-10-20 17:46 - 2013-10-20 17:46 - 00268288 _____ (IvoSoft) C:\WINDOWS\SysWOW64\StartMenuHelper32.dll
2013-10-17 16:37 - 2013-10-17 16:37 - 00312744 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2013-10-17 16:37 - 2013-10-17 16:37 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2013-10-17 16:37 - 2013-10-17 16:37 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2013-10-17 16:37 - 2013-10-17 16:37 - 00108968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2013-10-17 16:37 - 2013-10-17 16:37 - 00000000 ____D C:\Program Files\Java
2013-10-17 16:32 - 2013-10-17 16:32 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2013-10-17 16:32 - 2013-10-17 16:32 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2013-10-17 16:32 - 2013-10-17 16:32 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2013-10-17 16:32 - 2013-10-17 16:32 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2013-10-17 16:32 - 2013-10-17 16:32 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-16 20:51 - 2013-10-30 16:43 - 00000000 ____D C:\Users\R\AppData\Roaming\Skype
2013-10-16 20:51 - 2013-10-16 20:51 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-16 20:51 - 2013-10-16 20:51 - 00000000 ____D C:\ProgramData\Skype
2013-10-11 15:29 - 2013-10-11 15:29 - 00058035 _____ C:\WINDOWS\SysWOW64\CCCInstall_201310111629583468.log
2013-10-11 15:29 - 2013-10-11 15:29 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2013-10-11 15:28 - 2013-10-11 15:28 - 00000000 ____D C:\Program Files (x86)\ATI
2013-10-05 19:31 - 2013-10-05 19:31 - 00000000 ____D C:\adt-bundle-windows-x86_64-20130917
==================== One Month Modified Files and Folders =======
2013-11-04 20:36 - 2013-11-04 20:36 - 00000000 ____D C:\FRST
2013-11-04 20:34 - 2013-10-30 18:43 - 02041299 _____ C:\WINDOWS\WindowsUpdate.log
2013-11-04 20:00 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru
2013-11-04 19:34 - 2013-10-29 11:33 - 00000000 ____D C:\Users\R\AppData\Roaming\ClassicShell
2013-11-04 16:35 - 2013-02-09 10:05 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2289756328-226002163-528899214-1001
2013-11-04 14:45 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2013-11-04 13:35 - 2013-09-30 05:14 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-11-04 13:35 - 2013-09-30 04:56 - 00764340 _____ C:\WINDOWS\system32\perfh007.dat
2013-11-04 13:35 - 2013-09-30 04:56 - 00159160 _____ C:\WINDOWS\system32\perfc007.dat
2013-11-04 13:32 - 2013-10-29 21:07 - 00000000 __RDO C:\Users\R\SkyDrive
2013-11-04 13:31 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-11-03 21:00 - 2013-08-22 14:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2013-11-03 20:00 - 2013-11-01 17:14 - 00002456 _____ C:\WINDOWS\setupact.log
2013-11-03 19:55 - 2013-03-10 15:14 - 00000000 ____D C:\Users\R\AppData\Roaming\Intelli-studio
2013-11-03 18:45 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2013-11-03 18:44 - 2013-11-03 18:44 - 00000000 ___RD C:\WINDOWS\BrowserChoice
2013-11-03 18:44 - 2013-11-03 18:44 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2013-11-03 18:44 - 2013-11-03 18:44 - 00000000 ____D C:\Program Files\AMD
2013-11-03 18:44 - 2013-02-09 09:58 - 00000000 ____D C:\Users\R\AppData\Local\Packages
2013-11-03 18:28 - 2013-02-09 13:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-01 20:01 - 2013-11-01 20:01 - 00007600 _____ C:\WINDOWS\PFRO.log
2013-11-01 18:57 - 2013-05-13 18:42 - 00000782 _____ C:\WINDOWS\wiso.ini
2013-11-01 18:56 - 2013-05-13 18:44 - 00000000 ____D C:\Program Files (x86)\Steuer 2011
2013-11-01 17:14 - 2013-11-01 17:14 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-10-30 17:09 - 2013-10-30 17:09 - 00000000 ____D C:\ProgramData\ClassicShell
2013-10-30 17:09 - 2013-10-29 11:31 - 00000000 ____D C:\Program Files\Classic Shell
2013-10-30 16:53 - 2013-10-29 20:46 - 00000000 ___DC C:\WINDOWS\Panther
2013-10-30 16:43 - 2013-10-16 20:51 - 00000000 ____D C:\Users\R\AppData\Roaming\Skype
2013-10-30 16:25 - 2013-10-30 16:25 - 00000000 ____D C:\Users\R\AppData\Roaming\Malwarebytes
2013-10-30 16:25 - 2013-10-30 16:25 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-30 16:19 - 2013-10-30 16:19 - 00000000 ____D C:\ProgramData\Licenses
2013-10-30 14:29 - 2013-02-09 09:58 - 00000000 ____D C:\Users\R\AppData\Local\VirtualStore
2013-10-29 23:07 - 2013-10-29 23:07 - 00000000 ____D C:\Program Files (x86)\Secure Banking
2013-10-29 22:40 - 2013-10-29 22:41 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2013-10-29 22:35 - 2013-10-29 22:33 - 00000000 ____D C:\Users\R\AppData\Roaming\.clamwin
2013-10-29 22:32 - 2013-10-29 22:32 - 00000000 ____D C:\ProgramData\.clamwin
2013-10-29 22:32 - 2013-10-29 22:32 - 00000000 ____D C:\Program Files (x86)\ClamWin
2013-10-29 21:42 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\restore
2013-10-29 21:08 - 2013-10-29 21:08 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_LcUvcUpper_01011.Wdf
2013-10-29 21:07 - 2013-10-29 20:48 - 00000000 ____D C:\Users\R
2013-10-29 21:06 - 2013-10-29 21:06 - 00001485 _____ C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-10-29 21:06 - 2013-10-29 21:06 - 00000020 ___SH C:\Users\R\ntuser.ini
2013-10-29 21:06 - 2013-02-09 09:58 - 00000000 ___RD C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-29 21:06 - 2013-02-09 09:58 - 00000000 ___RD C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-29 20:51 - 2013-10-29 20:51 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-10-29 20:51 - 2013-10-29 20:51 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-10-29 20:51 - 2013-10-29 20:51 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-10-29 20:51 - 2013-10-29 20:51 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-10-29 20:51 - 2013-10-29 20:51 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-10-29 20:51 - 2013-10-29 20:51 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-10-29 20:51 - 2013-10-29 20:51 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-29 20:51 - 2013-10-29 20:51 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-10-29 20:51 - 2013-10-29 20:51 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-10-29 20:51 - 2013-10-29 20:51 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-10-29 20:51 - 2013-10-29 20:51 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-29 20:51 - 2013-10-29 20:51 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-10-29 20:51 - 2013-10-29 20:51 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-10-29 20:51 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Registration
2013-10-29 20:51 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows NT
2013-10-29 20:51 - 2013-08-22 14:36 - 00000000 __RHD C:\Users\Default
2013-10-29 20:50 - 2013-10-29 20:50 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2013-10-29 20:50 - 2013-10-29 20:48 - 00024768 _____ C:\WINDOWS\diagwrn.xml
2013-10-29 20:50 - 2013-10-29 20:48 - 00024768 _____ C:\WINDOWS\diagerr.xml
2013-10-29 20:50 - 2013-08-22 16:36 - 00000000 __RSD C:\WINDOWS\Media
2013-10-29 20:50 - 2013-08-22 16:36 - 00000000 __RHD C:\Users\Public\Libraries
2013-10-29 20:50 - 2013-08-22 15:44 - 00432264 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-10-29 20:49 - 2013-10-29 20:46 - 00000000 ____D C:\Program Files\Microsoft LifeCam
2013-10-29 20:49 - 2013-10-29 20:46 - 00000000 ____D C:\Program Files (x86)\Microsoft LifeCam
2013-10-29 20:49 - 2013-09-30 04:56 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2013-10-29 20:49 - 2013-09-30 04:56 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2013-10-29 20:49 - 2013-09-30 04:56 - 00000000 ____D C:\WINDOWS\system32\WCN
2013-10-29 20:49 - 2013-08-22 16:43 - 00000000 ____D C:\WINDOWS\DigitalLocker
2013-10-29 20:49 - 2013-08-22 16:36 - 00000000 __SHD C:\Program Files\Windows Sidebar
2013-10-29 20:49 - 2013-08-22 16:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2013-10-29 20:49 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2013-10-29 20:49 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2013-10-29 20:49 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2013-10-29 20:49 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2013-10-29 20:49 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2013-10-29 20:49 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\spool
2013-10-29 20:49 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2013-10-29 20:49 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\MUI
2013-10-29 20:49 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\IME
2013-10-29 20:49 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\IME
2013-10-29 20:49 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Help
2013-10-29 20:49 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-10-29 20:49 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2013-10-29 20:49 - 2013-08-22 14:25 - 00008192 ___SH C:\WINDOWS\system32\config\ELAM
2013-10-29 20:49 - 2013-05-22 14:15 - 00000000 ____D C:\WINDOWS\SysWOW64\Adobe
2013-10-29 20:49 - 2013-05-13 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Visagesoft
2013-10-29 20:49 - 2013-05-13 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\AIM
2013-10-29 20:49 - 2013-05-02 13:45 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2013-10-29 20:49 - 2013-02-09 09:58 - 00000000 ____D C:\ProgramData\PRICache
2013-10-29 20:49 - 2012-07-26 06:37 - 00000000 ____D C:\Users\Default.migrated
2013-10-29 20:48 - 2013-10-29 20:48 - 00000000 _SHDL C:\Users\R\Vorlagen
2013-10-29 20:48 - 2013-10-29 20:48 - 00000000 _SHDL C:\Users\R\Startmenü
2013-10-29 20:48 - 2013-10-29 20:48 - 00000000 _SHDL C:\Users\R\Netzwerkumgebung
2013-10-29 20:48 - 2013-10-29 20:48 - 00000000 _SHDL C:\Users\R\Lokale Einstellungen
2013-10-29 20:48 - 2013-10-29 20:48 - 00000000 _SHDL C:\Users\R\Eigene Dateien
2013-10-29 20:48 - 2013-10-29 20:48 - 00000000 _SHDL C:\Users\R\Druckumgebung
2013-10-29 20:48 - 2013-10-29 20:48 - 00000000 _SHDL C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-29 20:48 - 2013-10-29 20:48 - 00000000 _SHDL C:\Users\R\AppData\Local\Verlauf
2013-10-29 20:48 - 2013-10-29 20:48 - 00000000 _SHDL C:\Users\R\AppData\Local\Anwendungsdaten
2013-10-29 20:48 - 2013-10-29 20:48 - 00000000 _SHDL C:\Users\R\Anwendungsdaten
2013-10-29 20:48 - 2013-10-29 20:48 - 00000000 ___RD C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-10-29 20:48 - 2013-10-29 20:48 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2013-10-29 20:48 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\Recovery
2013-10-29 20:48 - 2013-03-18 15:05 - 00000000 ____D C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bandizip
2013-10-29 20:48 - 2013-03-14 20:15 - 00000000 ____D C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flashtool
2013-10-29 20:48 - 2013-02-09 18:16 - 00000000 ____D C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Treiber-Studio 2013
2013-10-29 20:48 - 2013-02-09 17:46 - 00000000 ____D C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlexUTILITIES
2013-10-29 20:47 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2013-10-29 20:47 - 2013-01-26 12:19 - 00000000 __SHD C:\Recovery
2013-10-29 20:46 - 2013-10-29 20:46 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_dc3d_01011.Wdf
2013-10-29 20:46 - 2013-10-29 20:46 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2013-10-29 20:46 - 2013-10-29 20:46 - 00000000 ____D C:\Program Files\Realtek
2013-10-29 20:46 - 2013-10-29 20:46 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2013-10-29 20:46 - 2013-10-29 20:46 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2013-10-29 20:45 - 2013-10-29 20:45 - 23213056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 17143808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 12995072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 11222016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 02763776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2013-10-29 20:45 - 2013-10-29 20:45 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2013-10-29 20:45 - 2013-10-29 20:45 - 02166272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 02144768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 01537880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-10-29 20:45 - 2013-10-29 20:45 - 01286552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 01018960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 00977408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 00872840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 00837120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 00698880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 00698232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2013-10-29 20:45 - 2013-10-29 20:45 - 00294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2013-10-29 20:45 - 2013-10-29 20:45 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2013-10-29 20:45 - 2013-10-29 20:45 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-10-29 20:45 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2013-10-29 20:45 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-29 20:45 - 2013-08-22 16:36 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template
2013-10-29 20:45 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\WinStore
2013-10-29 20:45 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Camera
2013-10-29 20:44 - 2013-10-29 20:44 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2013-10-29 20:44 - 2013-10-29 20:44 - 00000000 ____D C:\Program Files\Reference Assemblies
2013-10-29 20:44 - 2013-10-29 20:44 - 00000000 ____D C:\Program Files\MSBuild
2013-10-29 20:44 - 2013-10-29 20:44 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2013-10-29 20:44 - 2013-10-29 20:44 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-10-29 20:33 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2013-10-29 18:36 - 2013-02-10 10:53 - 00000000 ____D C:\Program Files\CCleaner
2013-10-29 16:09 - 2013-09-30 12:18 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2013-10-29 11:31 - 2013-10-29 11:32 - 00002205 _____ C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\startscreen.lnk
2013-10-27 14:37 - 2013-05-22 14:01 - 00000000 ____D C:\Creative Suite CS2
2013-10-27 14:01 - 2013-10-27 08:46 - 00000000 ____D C:\Users\R\AppData\Local\Research In Motion
2013-10-27 14:01 - 2013-10-27 08:44 - 00005737 _____ C:\Users\R\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2013-10-27 13:17 - 2013-10-27 11:00 - 00000308 _____ C:\Users\R\AppData\Roaming\Rim.Transcoder.Exception.log
2013-10-27 13:17 - 2013-10-27 08:46 - 00000770 _____ C:\Users\R\AppData\Roaming\Rim.DesktopHelper.Exception.log
2013-10-27 13:17 - 2013-10-27 08:46 - 00000770 _____ C:\Users\R\AppData\Roaming\Rim.Desktop.Exception.log
2013-10-27 11:01 - 2013-10-27 11:00 - 00012288 _____ C:\Users\R\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-27 08:45 - 2013-10-27 08:45 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_RimSerial_AMD64_01007.Wdf
2013-10-24 18:16 - 2013-10-24 18:15 - 00000000 ____D C:\Users\R\AppData\Roaming\gnupg
2013-10-24 18:15 - 2013-10-24 18:15 - 00000000 ____D C:\ProgramData\GNU
2013-10-23 14:08 - 2013-02-10 10:41 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-10-20 17:47 - 2013-10-20 17:47 - 00329216 _____ (IvoSoft) C:\WINDOWS\system32\StartMenuHelper64.dll
2013-10-20 17:46 - 2013-10-20 17:46 - 00268288 _____ (IvoSoft) C:\WINDOWS\SysWOW64\StartMenuHelper32.dll
2013-10-17 16:37 - 2013-10-17 16:37 - 00312744 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2013-10-17 16:37 - 2013-10-17 16:37 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2013-10-17 16:37 - 2013-10-17 16:37 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2013-10-17 16:37 - 2013-10-17 16:37 - 00108968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2013-10-17 16:37 - 2013-10-17 16:37 - 00000000 ____D C:\Program Files\Java
2013-10-17 16:37 - 2013-10-01 07:44 - 00000000 ____D C:\ProgramData\Oracle
2013-10-17 16:32 - 2013-10-17 16:32 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2013-10-17 16:32 - 2013-10-17 16:32 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2013-10-17 16:32 - 2013-10-17 16:32 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2013-10-17 16:32 - 2013-10-17 16:32 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2013-10-17 16:32 - 2013-10-17 16:32 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-16 20:51 - 2013-10-16 20:51 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-16 20:51 - 2013-10-16 20:51 - 00000000 ____D C:\ProgramData\Skype
2013-10-11 16:54 - 2013-02-10 18:07 - 00000000 ____D C:\Users\R\AppData\Roaming\vlc
2013-10-11 15:29 - 2013-10-11 15:29 - 00058035 _____ C:\WINDOWS\SysWOW64\CCCInstall_201310111629583468.log
2013-10-11 15:29 - 2013-10-11 15:29 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2013-10-11 15:29 - 2013-02-09 17:28 - 00000000 ____D C:\ProgramData\AMD
2013-10-11 15:29 - 2013-02-09 17:27 - 00000000 ____D C:\Program Files\ATI
2013-10-11 15:28 - 2013-10-11 15:28 - 00000000 ____D C:\Program Files (x86)\ATI
2013-10-11 15:28 - 2013-04-21 15:56 - 00000000 ____D C:\ProgramData\Package Cache
2013-10-05 19:31 - 2013-10-05 19:31 - 00000000 ____D C:\adt-bundle-windows-x86_64-20130917
Some content of TEMP:
====================
C:\Users\R\AppData\Local\Temp\Checkupdate.exe
C:\Users\R\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\R\AppData\Local\Temp\gcapi_dll.dll
C:\Users\R\AppData\Local\Temp\gtapi_signed.dll
C:\Users\R\AppData\Local\Temp\secuniasi8809097848018402901.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2013-08-22 12:40] - [2013-08-22 13:39] - 0312160 ____A (Microsoft Corporation) 9F9CE33B50611A1C61A46B8911E0B30B
LastRegBack: 2013-10-29 20:46
==================== End Of Log ============================
|
|
04.11.2013, 23:01
| #2 |
| /// the machine /// TB-Ausbilder    | VirusTotal Trojanerfund 12/47 in Trash Email Datei Kein Fehlalarm, aber der Rechner ist sauber. War da ein anhang bei? Hast Du den geöffnet?
__________________
__________________ |
|
05.11.2013, 06:16
| #3 |
| | VirusTotal Trojanerfund 12/47 in Trash Email Datei Hallo Schrauber,
__________________kann nicht sagen welche Mail das konkret ist. Habe folgendes Verzeichnis geprüft C: User/r/appdata/roaming/thunderbird/imap1&1..... Anhänge von unbekanten Mails ÖFFNE ICH NICHT. |
|
05.11.2013, 15:17
| #4 |
| /// the machine /// TB-Ausbilder | VirusTotal Trojanerfund 12/47 in Trash Email Datei Dann ist alles gut, lösch einfach die Mail 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu VirusTotal Trojanerfund 12/47 in Trash Email Datei |
| adblock, branding, converter, defender, e-mail, email, farbar, farbar recovery scan tool, firefox, flash player, helper, launch, photoshop, plug-in, rdn/generic.dx!cp3, registry, richtlinie, security, services.exe, software, svchost.exe, system, trojan:win32/matsnu.l, updates, w32/yakes.ddzh!tr, win32/matsnu.l, win32k.sys, windowsapps |
Linear-Darstellung
