| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Einmal kurz durchcheckenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
09.07.2015, 20:18
| #1 |
 |  Einmal kurz durchchecken Hallo , ich arbeite mit dem computer sehr viel und lade sehr viell runter , also bitte einmal durchchecken lassen  |
|
09.07.2015, 21:16
| #2 |
| /// TB-Ausbilder /// Anleitungs-Guru  | Einmal kurz durchchecken Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das... 
 Hinweis:Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden. Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert. Adware & Co. können wir sehr gut entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean  bekommst.Los geht's: Schritt 1   Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Lesestoff Posten in CODE-Tags: So gehts... Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
10.07.2015, 08:34
| #3 |
| | Einmal kurz durchcheckenCode:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-07-2015
Ran by Marcel (administrator) on TSCHILLER123 on 10-07-2015 00:32:46
Running from C:\Users\Marcel\Desktop
Loaded Profiles: Marcel (Available Profiles: Marcel & Administrator)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(BitTorrent Inc.) C:\Users\Marcel\AppData\Roaming\uTorrent\uTorrent.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Worm] => wscript.exe //B "C:\Users\Marcel\AppData\Local\Temp\Worm.VBS.Dunihi.W.vbs" <===== ATTENTION
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5581888 2014-02-24] (ESET)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [43871968 2015-06-26] (Dropbox, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-2810977045-1315894760-386528613-1000\...\Run: [Worm] => wscript.exe //B "C:\Users\Marcel\AppData\Local\Temp\Worm.VBS.Dunihi.W.vbs" <===== ATTENTION
HKU\S-1-5-21-2810977045-1315894760-386528613-1000\...\Run: [uTorrent] => C:\Users\Marcel\AppData\Roaming\uTorrent\uTorrent.exe [1998432 2015-05-12] (BitTorrent Inc.)
HKU\S-1-5-21-2810977045-1315894760-386528613-1000\...\Policies\system: [EnableLUA] 0
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
BootExecute: autocheck autochk *
AlternateShell:
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: [S-1-5-21-2810977045-1315894760-386528613-1000] => :80
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2810977045-1315894760-386528613-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-06-11] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-06-11] (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{A7EBB1DE-C35B-475A-A7D0-64D00582BCEC}: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\dckb56gh.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: about:home
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-14] ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-06-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-06-11] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-14] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-13] (Oracle Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF user.js: detected! => C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\dckb56gh.default\user.js [2015-05-13]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\dckb56gh.default\Extensions\adblockpopups@jessehakanen.net.xpi [2015-05-15]
FF Extension: MEGA - C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\dckb56gh.default\Extensions\firefox@mega.co.nz.xpi [2015-05-16]
FF Extension: Adblock Plus - C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\dckb56gh.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-15]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2015-06-27]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\Marcel\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [Not Found]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-06-16] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (BlueStack Systems, Inc.)
S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [822904 2015-06-16] (BlueStack Systems, Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-09] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-09] (Dropbox, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1343408 2014-02-24] (ESET)
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1026944 2015-07-09] (Enigma Software Group USA, LLC.)
S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448976 2015-04-17] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [5821952 2015-05-11] (Broadcom Corporation) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [62152 2014-10-27] (Advanced Micro Devices, Inc.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-06-16] (BlueStack Systems)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [220232 2013-09-17] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-09-17] (ESET)
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2015-07-09] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-07-09] ()
S3 EsgScanner; C:\Windows\SysWOW64\DRIVERS\EsgScanner.sys [19984 2012-06-22] ()
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-05-14] (Glarysoft Ltd)
S3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [22600 2013-11-18] ()
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [37624 2015-06-27] ()
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115208 2015-05-13] (Oracle Corporation)
S3 atillk64; \??\C:\Program Files (x86)\ATI Technologies\AMD GPU Clock Tool\atillk64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-10 00:32 - 2015-07-10 00:33 - 00013189 _____ C:\Users\Marcel\Desktop\FRST.txt
2015-07-10 00:32 - 2015-07-10 00:32 - 02112512 _____ (Farbar) C:\Users\Marcel\Desktop\FRST64.exe
2015-07-09 21:29 - 2015-07-09 21:29 - 00000000 ____D C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP
2015-07-09 21:29 - 2015-07-09 21:29 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2015-07-09 21:29 - 2015-07-09 21:29 - 00000000 ____D C:\Program Files (x86)\Enigma Software Group
2015-07-09 21:16 - 2015-07-09 21:16 - 00000000 _____ C:\autoexec.bat
2015-07-09 21:15 - 2015-07-09 21:29 - 00002286 _____ C:\Users\Marcel\Desktop\SpyHunter.lnk
2015-07-09 21:15 - 2015-07-09 21:15 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Enigma Software Group
2015-07-09 21:15 - 2015-07-09 21:15 - 00000000 ____D C:\sh4ldr
2015-07-09 21:14 - 2015-07-09 21:14 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2015-07-09 21:14 - 2015-07-09 21:14 - 00000000 ____D C:\Program Files\Enigma Software Group
2015-07-09 21:12 - 2015-07-09 21:13 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\Marcel\Downloads\SpyHunter-Installer.exe
2015-07-09 21:00 - 2015-07-09 21:00 - 00000000 ____D C:\Users\Marcel\.android
2015-07-09 20:09 - 2015-07-10 00:15 - 00000000 ___RD C:\Users\Marcel\Dropbox
2015-07-09 20:09 - 2015-07-09 20:09 - 00001226 _____ C:\Users\Marcel\Desktop\Dropbox.lnk
2015-07-09 20:07 - 2015-07-09 20:07 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Dropbox
2015-07-09 20:05 - 2015-07-10 00:15 - 00000000 ____D C:\Users\Marcel\AppData\Local\Dropbox
2015-07-09 20:05 - 2015-07-09 20:08 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-07-09 20:05 - 2015-07-09 20:05 - 00660960 _____ (Dropbox, Inc.) C:\Users\Marcel\Downloads\DropboxInstaller.exe
2015-07-09 20:05 - 2015-07-09 20:05 - 00001210 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-07-09 19:01 - 2015-07-09 21:33 - 00000000 ____D C:\Users\Marcel\Desktop\uTorrent.3.4.3.Build.40633.Stable
2015-07-09 18:22 - 2015-07-09 19:16 - 00000000 ____D C:\Program Files (x86)\TorrentGrabber
2015-07-09 18:22 - 2015-07-09 18:22 - 00001081 _____ C:\Users\Public\Desktop\TorrentGrabber.lnk
2015-07-09 18:21 - 2015-07-09 18:22 - 04869053 _____ C:\Users\Marcel\Downloads\TorrentGrabber_Setup.exe
2015-07-09 17:51 - 2015-07-09 17:52 - 00000042 _____ C:\Users\Marcel\Desktop\Neues Textdokument.txt
2015-07-09 16:47 - 2015-07-09 16:47 - 00181730 _____ C:\Users\Marcel\Downloads\cmen.zip
2015-07-09 16:36 - 2015-07-09 16:41 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Azureus
2015-07-09 16:36 - 2015-07-09 16:41 - 00000000 ____D C:\Program Files\Vuze
2015-07-09 16:36 - 2015-07-09 16:36 - 00000000 ____D C:\Users\Marcel\.swt
2015-07-09 16:35 - 2015-07-09 16:35 - 00072496 _____ (Azureus Software, Inc.) C:\Users\Marcel\Downloads\VuzeBittorrentClientInstaller.exe
2015-07-09 16:08 - 2015-07-09 16:08 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\ESET
2015-07-09 16:08 - 2015-07-09 16:08 - 00000000 ____D C:\Users\Administrator\AppData\Local\ESET
2015-07-09 12:53 - 2015-07-09 12:53 - 04176437 _____ C:\Users\Marcel\Downloads\tdsskiller.zip
2015-07-09 12:53 - 2015-01-22 09:42 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Marcel\Desktop\TDSSKiller.exe
2015-06-27 20:35 - 2015-06-27 20:35 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\ESET
2015-06-27 20:31 - 2015-06-27 20:31 - 423546456 _____ C:\Windows\MEMORY.DMP
2015-06-27 20:16 - 2015-06-27 20:16 - 00278344 _____ C:\Windows\Minidump\062715-8876-01.dmp
2015-06-27 20:16 - 2015-06-27 20:16 - 00000000 ____D C:\Windows\Minidump
2015-06-27 20:15 - 2015-06-27 20:31 - 00000000 __SHD C:\Windows\SysWOW64\Application Services
2015-06-27 20:14 - 2015-06-27 20:40 - 00000000 ___HD C:\R55mbD
2015-06-27 20:14 - 2015-06-27 20:14 - 00000000 ___HD C:\P1E7U4VVUPQ1X1EE
2015-06-27 20:14 - 2015-06-27 20:14 - 00000000 ___HD C:\L49EE7LD7Q3MT2T7
2015-06-27 20:14 - 2015-06-27 20:14 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\32373FC0-3615-4443-845E-5D1D23278BBA
2015-06-27 20:14 - 2015-06-27 20:14 - 00000000 ____D C:\lang
2015-06-27 20:13 - 2015-06-27 20:40 - 00000000 ___HD C:\U0sWrj
2015-06-27 20:13 - 2015-06-27 20:40 - 00000000 ___HD C:\RsAH22
2015-06-27 20:13 - 2015-06-27 20:37 - 00000000 ___HD C:\7845Sp
2015-06-27 20:13 - 2015-06-27 20:37 - 00000000 ___HD C:\3rNe2s
2015-06-27 20:13 - 2015-06-27 20:13 - 00000000 ____H C:\Users\Marcel\AppData\Roaming\TSCHILLER123.glp
2015-06-27 20:03 - 2015-06-27 20:29 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Foldername
2015-06-27 18:15 - 2015-06-27 18:21 - 00000000 ____D C:\Users\Marcel\Desktop\HackPack
2015-06-27 17:37 - 2015-06-27 17:37 - 00000000 ____D C:\Users\Marcel\Documents\Remedy
2015-06-27 17:33 - 2015-06-27 17:33 - 00060056 _____ C:\Users\Marcel\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-27 17:28 - 2015-07-10 00:15 - 00000840 _____ C:\Windows\setupact.log
2015-06-27 17:28 - 2015-07-09 17:29 - 00077814 _____ C:\Windows\PFRO.log
2015-06-27 17:28 - 2015-06-27 17:28 - 00272560 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-27 17:28 - 2015-06-27 17:28 - 00000000 _____ C:\Windows\setuperr.log
2015-06-27 12:31 - 2015-06-27 12:38 - 00000356 _____ C:\Users\Marcel\AppData\Roaming\.foobillardrc
2015-06-27 11:22 - 2015-06-27 11:22 - 00008192 __RSH C:\BOOTSECT.BAK
2015-06-26 19:12 - 2015-06-27 12:28 - 00000000 ____D C:\Program Files (x86)\FooBillard
2015-06-26 19:12 - 2015-06-26 19:12 - 00000000 ____D C:\Program Files (x86)\TowerToppler
2015-06-26 19:07 - 2015-06-26 19:07 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\supertuxkart
2015-06-26 19:00 - 2015-06-26 19:00 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Pingus
2015-06-26 18:59 - 2015-06-27 11:34 - 00000000 ____D C:\Program Files (x86)\Energie Tycoon
2015-06-26 18:59 - 2015-06-26 18:59 - 00000000 ____D C:\Users\Marcel\Documents\OpenTTD
2015-06-26 18:55 - 2015-06-26 18:55 - 00000000 ____D C:\Users\Marcel\Documents\My Safes
2015-06-26 18:55 - 2015-06-26 18:55 - 00000000 ____D C:\Users\Marcel\AppData\Local\PasswordSafe
2015-06-26 18:53 - 2015-06-26 18:54 - 00000000 ____D C:\Users\Marcel\AppData\Local\DesktopOK
2015-06-26 18:52 - 2015-06-26 18:54 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\BatteryBar
2015-06-26 18:51 - 2015-06-26 18:56 - 00000000 ____D C:\Program Files (x86)\RocketDock
2015-06-26 17:56 - 2015-07-10 00:16 - 00401946 _____ C:\Windows\WindowsUpdate.log
2015-06-26 14:43 - 2015-06-26 14:43 - 00000000 ____D C:\Users\Marcel\Desktop\Neue Welt-
2015-06-26 13:50 - 2015-06-26 13:50 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Abelssoft
2015-06-26 13:50 - 2015-06-26 13:50 - 00000000 ____D C:\Users\Marcel\AppData\Local\Abelssoft
2015-06-26 11:00 - 2015-06-26 13:50 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Don't Panic!
2015-06-25 17:35 - 2015-06-26 13:41 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\dvdcss
2015-06-25 17:26 - 2015-03-10 13:58 - 00949741 _____ C:\Users\Marcel\Desktop\MC Account Checker.jar
2015-06-25 15:29 - 2015-06-25 15:29 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\.technic
2015-06-24 08:15 - 2013-08-07 14:28 - 00401408 _____ C:\Program Files (x86)\wget.exe
2015-06-24 08:04 - 2015-06-24 08:05 - 00000000 ____D C:\Users\Marcel\Desktop\400.Android.Games.Collection [PAID APPS ONLY] - DroidIP
2015-06-24 07:26 - 2015-07-09 21:10 - 00000000 ___RD C:\Users\Marcel\Desktop\RAT Zeug
2015-06-16 01:28 - 2015-06-24 07:58 - 00000000 ____D C:\Users\Marcel\Desktop\Minecraft Cracking Tools
2015-06-15 08:36 - 2015-06-24 07:22 - 00000000 ____D C:\Users\Marcel\osc_files
2015-06-15 08:24 - 2015-07-10 00:32 - 00000000 ____D C:\FRST
2015-06-15 06:50 - 2015-06-16 01:44 - 00000000 __RHD C:\Users\Marcel\AppData\Roaming\Beta
2015-06-15 06:45 - 2015-06-15 06:45 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Cloud
2015-06-15 06:41 - 2015-06-15 06:41 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Cloud Net Beta
2015-06-13 06:21 - 2015-06-13 06:21 - 00000000 ____D C:\Users\Marcel\Tracing
2015-06-13 03:08 - 2015-06-26 07:55 - 00000000 ____D C:\Program Files (x86)\Icecream Screen Recorder
2015-06-13 03:07 - 2015-06-13 03:08 - 00000000 ____D C:\Users\Marcel\AppData\Local\LoiLo
2015-06-12 09:34 - 2015-06-27 18:35 - 00000000 ____D C:\Users\Marcel\AppData\Local\CrashDumps
2015-06-12 04:46 - 2015-06-12 04:46 - 00000000 ____D C:\Users\Marcel\Desktop\Is working
2015-06-11 10:46 - 2015-06-11 10:45 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-06-11 10:46 - 2015-06-11 10:45 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-06-11 10:46 - 2015-06-11 10:45 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-06-11 10:46 - 2015-06-11 10:45 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-06-11 10:45 - 2015-06-11 10:45 - 00000000 ____D C:\Program Files\Java
2015-06-11 10:31 - 2015-06-11 10:49 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\ftblauncher
2015-06-11 10:31 - 2015-06-11 10:47 - 00000000 ____D C:\Users\Marcel\AppData\Local\ftblauncher
2015-06-11 08:14 - 2015-06-11 08:14 - 00000000 ____D C:\Users\Marcel\Documents\Klei
2015-06-11 08:13 - 2015-06-11 08:13 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Az-Art
2015-06-11 08:09 - 2015-06-11 08:09 - 00001421 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-11 08:09 - 2015-06-11 08:09 - 00000020 ___SH C:\Users\Administrator\ntuser.ini
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 _SHDL C:\Users\Administrator\Vorlagen
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 _SHDL C:\Users\Administrator\Startmenü
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 _SHDL C:\Users\Administrator\Netzwerkumgebung
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 _SHDL C:\Users\Administrator\Lokale Einstellungen
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 _SHDL C:\Users\Administrator\Eigene Dateien
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 _SHDL C:\Users\Administrator\Druckumgebung
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Verlauf
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Anwendungsdaten
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 _SHDL C:\Users\Administrator\Anwendungsdaten
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 ____D C:\Users\Administrator
2015-06-11 08:09 - 2009-07-13 21:54 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-11 08:09 - 2009-07-13 21:49 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-06-11 06:42 - 2015-06-11 06:42 - 00001047 _____ C:\Users\Marcel\Desktop\Terraria.exe.lnk
2015-06-11 06:24 - 2015-06-11 06:24 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\com.playsaurus.heroclicker
2015-06-11 06:01 - 2015-06-11 06:01 - 00000000 ____D C:\Users\Marcel\Documents\Colossal Order
2015-06-11 06:01 - 2015-06-11 06:01 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Steam
2015-06-11 06:01 - 2015-06-11 06:01 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Colossal Order
2015-06-11 06:01 - 2015-06-11 06:01 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\.mono
2015-06-11 06:01 - 2015-06-11 06:01 - 00000000 ____D C:\Users\Marcel\AppData\Local\Colossal Order
2015-06-10 22:55 - 2015-06-10 22:55 - 00000020 ___SH C:\Users\Marcel\ntuser.ini
2015-06-10 12:55 - 2015-06-10 12:55 - 00000000 __RHD C:\Users\Public\Libraries
2015-06-10 10:21 - 2015-06-10 10:21 - 00016738 _____ C:\Windows\SysWOW64\CCCInstall_201506101021471022.log
2015-06-10 10:17 - 2015-06-10 10:17 - 00000000 ____D C:\Program Files (x86)\Counter-Strike Global Offensive
2015-06-10 07:32 - 2015-06-10 07:32 - 00000000 ____D C:\Program Files (x86)\Universal Extractor
2015-06-10 07:01 - 2015-06-10 07:01 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA
2015-06-10 05:34 - 2015-06-26 18:59 - 00000000 ____D C:\Windows\SysWOW64\directx
2015-06-10 05:34 - 2015-06-10 06:20 - 00001030 _____ C:\Users\Marcel\Desktop\Left 4 Dead 2.lnk
2015-06-10 02:06 - 2015-06-01 12:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 02:06 - 2015-06-01 11:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-10 02:06 - 2015-05-27 07:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 02:06 - 2015-05-27 07:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-10 02:06 - 2015-05-25 10:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 02:06 - 2015-05-22 20:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-10 02:06 - 2015-05-22 20:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-10 02:06 - 2015-05-22 20:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-10 02:06 - 2015-05-22 20:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-10 02:06 - 2015-05-22 20:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-10 02:06 - 2015-05-22 20:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-10 02:06 - 2015-05-22 20:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-10 02:06 - 2015-05-22 20:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-10 02:06 - 2015-05-22 20:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-10 02:06 - 2015-05-22 20:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-10 02:06 - 2015-05-22 20:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-10 02:06 - 2015-05-22 20:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-10 02:06 - 2015-05-22 20:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-10 02:06 - 2015-05-22 19:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-10 02:06 - 2015-05-22 19:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-10 02:06 - 2015-05-22 19:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-10 02:06 - 2015-05-22 19:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-10 02:06 - 2015-05-22 19:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-10 02:06 - 2015-05-22 19:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-10 02:06 - 2015-05-22 19:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-10 02:06 - 2015-05-22 19:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-10 02:06 - 2015-05-22 19:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-10 02:06 - 2015-05-22 19:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-10 02:06 - 2015-05-22 19:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-10 02:06 - 2015-05-22 19:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-10 02:06 - 2015-05-22 19:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-10 02:06 - 2015-05-22 12:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 02:06 - 2015-05-22 12:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 02:06 - 2015-05-22 12:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 02:06 - 2015-05-22 12:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 02:06 - 2015-05-22 12:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 02:06 - 2015-05-22 12:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 02:06 - 2015-05-22 12:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 02:06 - 2015-05-22 11:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 02:06 - 2015-05-22 11:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 02:06 - 2015-05-22 11:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 02:06 - 2015-05-22 11:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 02:06 - 2015-05-22 11:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 02:06 - 2015-05-22 11:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 02:06 - 2015-05-22 11:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 02:06 - 2015-05-22 11:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 02:06 - 2015-05-22 11:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 02:06 - 2015-05-22 11:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 02:06 - 2015-05-22 11:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 02:06 - 2015-05-22 11:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 02:06 - 2015-05-22 11:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 02:06 - 2015-05-22 11:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 02:06 - 2015-05-22 11:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 02:06 - 2015-05-22 11:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 02:06 - 2015-05-22 11:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 02:06 - 2015-05-22 11:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 02:06 - 2015-05-22 11:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 02:06 - 2015-05-22 10:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 02:06 - 2015-05-22 10:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 02:06 - 2015-05-22 10:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 02:06 - 2015-05-22 10:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 02:06 - 2015-04-29 11:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 02:06 - 2015-04-29 11:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 02:06 - 2015-04-29 11:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 02:06 - 2015-04-29 11:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 02:06 - 2015-04-29 11:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 02:06 - 2015-04-29 11:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-10 02:06 - 2015-04-29 11:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-10 02:06 - 2015-04-29 11:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-10 02:06 - 2015-04-29 11:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-10 02:06 - 2015-04-29 11:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-10 02:06 - 2015-04-24 11:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 02:06 - 2015-04-24 10:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-10 00:32 - 2015-05-12 16:37 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\uTorrent
2015-07-10 00:20 - 2011-04-12 00:43 - 00699342 _____ C:\Windows\system32\perfh007.dat
2015-07-10 00:20 - 2011-04-12 00:43 - 00149450 _____ C:\Windows\system32\perfc007.dat
2015-07-10 00:20 - 2009-07-13 22:13 - 00965480 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-10 00:20 - 2009-07-13 21:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-10 00:20 - 2009-07-13 21:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-10 00:15 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-09 21:37 - 2015-05-26 10:13 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2015-07-09 21:15 - 2015-05-11 19:49 - 00000000 ____D C:\Users\Marcel
2015-07-09 17:30 - 2015-05-12 17:32 - 00000000 ____D C:\Users\Marcel\Documents\My Games
2015-07-09 16:09 - 2015-05-12 16:22 - 00000000 ____D C:\Program Files\Unlocker
2015-07-09 16:01 - 2015-05-15 19:44 - 00000000 ____D C:\Windows\pss
2015-06-27 21:15 - 2014-12-27 15:29 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\#REVOLUTION
2015-06-27 20:35 - 2015-05-15 19:33 - 00000000 ____D C:\Users\Marcel\AppData\Local\ESET
2015-06-27 20:34 - 2015-05-15 19:29 - 00000000 ____D C:\Program Files\ESET
2015-06-27 20:30 - 2015-05-14 04:48 - 00037624 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-06-27 20:29 - 2009-07-13 20:20 - 00000000 __RSD C:\Windows\Media
2015-06-27 20:16 - 2009-07-13 22:32 - 00000000 ____D C:\Windows\Offline Web Pages
2015-06-27 20:14 - 2009-07-13 19:34 - 00000254 _____ C:\Windows\system.ini
2015-06-27 20:00 - 2011-04-12 00:54 - 00000000 ____D C:\Windows\CSC
2015-06-27 18:17 - 2015-05-23 06:41 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\vlc
2015-06-27 17:37 - 2015-05-23 05:52 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-26 11:17 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\NDF
2015-06-26 10:57 - 2015-05-14 18:06 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5
2015-06-26 07:55 - 2015-05-14 18:23 - 00000000 ____D C:\Program Files\LoiLo
2015-06-26 07:49 - 2015-06-08 10:35 - 00000000 ___RD C:\Users\Marcel\Desktop\Passwörter oder sonstiges
2015-06-25 14:42 - 2015-05-13 20:03 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\.minecraft
2015-06-24 23:04 - 2015-06-09 06:51 - 00000000 ____D C:\Program Files\PeerBlock
2015-06-24 10:09 - 2015-05-23 04:19 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Notepad++
2015-06-24 07:45 - 2015-05-12 17:24 - 00000000 ____D C:\Program Files\WinRAR
2015-06-23 13:30 - 2010-11-20 20:27 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-06-16 01:23 - 2009-07-13 22:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-15 10:08 - 2015-05-29 09:10 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Skype
2015-06-13 07:05 - 2015-05-15 20:15 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-06-13 06:36 - 2015-05-15 20:33 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\TeamViewer
2015-06-10 22:55 - 2009-07-13 22:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-06-10 12:49 - 2015-05-14 18:07 - 00001188 _____ C:\Users\Marcel\Desktop\Glary Utilities 5.lnk
2015-06-10 12:41 - 2015-05-12 17:11 - 00000000 ____D C:\Program Files (x86)\ESET Online Scanner
2015-06-10 12:41 - 2009-07-13 20:20 - 00000000 __RHD C:\Users\Default
2015-06-10 12:12 - 2015-05-29 09:09 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-06-10 12:12 - 2009-07-13 20:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-06-10 12:10 - 2015-05-26 08:17 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2015-06-10 10:48 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files\DVD Maker
2015-06-10 10:48 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\Setup
2015-06-10 10:48 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-10 10:21 - 2015-05-11 19:51 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2015-06-10 08:14 - 2015-05-17 09:48 - 00000000 __SHD C:\Users\Marcel\AppData\Local\EmieUserList
2015-06-10 08:14 - 2015-05-17 09:48 - 00000000 __SHD C:\Users\Marcel\AppData\Local\EmieSiteList
2015-06-10 08:14 - 2015-05-17 09:48 - 00000000 __SHD C:\Users\Marcel\AppData\Local\EmieBrowserModeList
2015-06-10 08:12 - 2015-06-09 06:51 - 00001782 _____ C:\Users\Marcel\Desktop\PeerBlock.lnk
2015-06-10 07:09 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\oobe
2015-06-10 07:01 - 2015-06-07 07:29 - 00000000 ____D C:\GOG Games
2015-06-10 03:03 - 2015-05-15 14:25 - 00000000 ____D C:\Windows\system32\MRT
2015-06-10 03:00 - 2015-05-15 14:25 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Files in the root of some directories =======
2015-06-24 08:15 - 2013-08-07 14:28 - 0401408 _____ () C:\Program Files (x86)\wget.exe
2015-06-27 12:31 - 2015-06-27 12:38 - 0000356 _____ () C:\Users\Marcel\AppData\Roaming\.foobillardrc
2015-06-27 20:13 - 2015-06-27 20:13 - 0000000 ____H () C:\Users\Marcel\AppData\Roaming\TSCHILLER123.glp
Some files in TEMP:
====================
C:\Users\Marcel\AppData\Local\Temp\bassmod.dll
C:\Users\Marcel\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Marcel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp4oxjjb.dll
C:\Users\Marcel\AppData\Local\Temp\USkinDLL.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-25 18:32
==================== End of log ============================
[CODE]Additional FRST Logfile: Code:
ATTFilter scan result of Farbar Recovery Scan Tool (x64) Version:09-07-2015
Ran by Marcel at 2015-07-10 00:33:13
Running from C:\Users\Marcel\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2810977045-1315894760-386528613-500 - Administrator - Enabled) => C:\Users\Administrator
Gast (S-1-5-21-2810977045-1315894760-386528613-501 - Limited - Disabled)
Marcel (S-1-5-21-2810977045-1315894760-386528613-1000 - Administrator - Enabled) => C:\Users\Marcel
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2810977045-1315894760-386528613-1000\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Alan Wake's American Nightmare (HKLM-x32\...\Steam App 202750) (Version: - Remedy Entertainment)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.30.4239 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{79809712-A577-4B8C-A9FC-51945690C7DC}) (Version: 0.9.30.4239 - BlueStack Systems, Inc.)
Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.1.1500 - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: 5.100.82.97 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.6.8 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.29 - Dropbox, Inc.) Hidden
ESET Smart Security (HKLM\...\{C8F03593-6742-40F4-89E2-EBE0A2D8F719}) (Version: 7.0.400.1 - ESET, spol s r. o.)
Free Video to MP3 Converter version 5.0.58.415 (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version: 5.0.58.415 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.58.505 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.58.505 - DVDVideoSoft Ltd.)
Glary Utilities 5.25 (HKLM-x32\...\Glary Utilities 5) (Version: 5.25.0.44 - Glarysoft Ltd)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.6.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.01.1002 - Intel Corporation)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 37.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.2 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.8.2 - Notepad++ Team)
PeerBlock 1.1+ (r677) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.1.0.677 - PeerBlock, LLC)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.02 - Qualcomm Atheros)
S.K.I.L.L. - Special Force 2 (HKLM-x32\...\Steam App 286940) (Version: - )
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.101 - Skype Technologies S.A.)
SpyHunter (HKLM-x32\...\{AF549236-6258-4AC6-A043-5B5B89C6EB61}) (Version: 4.17.6.4336 - Enigma Software Group USA, LLC)
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.20.9.4533 - Enigma Software Group, LLC)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.41459 - TeamViewer)
Terraria (HKLM-x32\...\1207665503_is1) (Version: 2.0.0.1 - GOG.com)
TorrentGrabber (HKLM-x32\...\TorrentGrabber) (Version: 2.5 - TechNinja)
Universal Extractor 1.6.1 (HKLM-x32\...\Universal Extractor_is1) (Version: 1.6.1 - Jared Breland)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
09-07-2015 21:29:06 Installed SpyHunter
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 19:34 - 2015-06-10 12:39 - 00000768 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {B531456E-3FCD-4D08-8D3D-8E5D2EA9820F} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2010-07-14 21:44 - 2010-07-14 21:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2015-04-15 13:13 - 2015-04-15 13:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2015-05-23 09:11 - 2009-12-23 17:32 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-07-10 00:15 - 2015-07-10 00:15 - 00043008 _____ () c:\users\marcel\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp4oxjjb.dll
2015-07-09 20:08 - 2015-03-19 00:15 - 00750080 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2015-07-09 20:08 - 2015-03-19 00:15 - 00047616 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2015-07-09 20:08 - 2015-03-19 00:15 - 00865280 _____ () C:\Program Files (x86)\Dropbox\Client\plugins\platforms\qwindows.dll
2015-07-09 20:08 - 2015-03-19 00:15 - 00200704 _____ () C:\Program Files (x86)\Dropbox\Client\plugins\imageformats\qjpeg.dll
2015-07-09 20:08 - 2015-03-19 00:15 - 00010240 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll
2015-07-09 20:08 - 2015-03-19 00:15 - 00726016 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-09 20:08 - 2015-03-19 00:15 - 00010240 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll
2015-05-14 02:08 - 2015-05-14 02:08 - 16867504 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows\System32:{4B9A1497-0817-47C4-9612-D6A1C53ACF57}
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot => "AlternateShell"=""
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2810977045-1315894760-386528613-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{E4FD5A1E-A3F7-4CE0-AC7E-C0ED0C95C22E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4979CA39-5DF3-4E38-A674-DCF6A8E4EAF4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{00851861-AF57-4437-BB2C-4D54A53A0FF7}] => (Allow) C:\Users\Marcel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1A6C1CF2-16FC-4FC9-A6DA-C1A82588BF15}] => (Allow) C:\Users\Marcel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{1E85229A-88B0-4D41-8D39-C4CC55EC9664}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{B4B7DDAA-476C-415C-92F7-68F70F58095E}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{D1FBC41C-47FA-4C16-A601-3DDE966B9371}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{8CA0F89F-B83C-4E9F-89DD-0F7A6E221841}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{F4EF3336-A813-4B83-BDB6-B2AA88ECE367}C:\windows\syswow64\svchost.exe] => (Block) C:\windows\syswow64\svchost.exe
FirewallRules: [UDP Query User{46F434D9-DC23-4239-A38B-2335252A2AB7}C:\windows\syswow64\svchost.exe] => (Block) C:\windows\syswow64\svchost.exe
FirewallRules: [{ECCE2D40-FE2E-4E40-82BA-596B23F869E1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E63E7D81-9799-4483-870D-6B145079F583}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C4E200C3-A8A4-44C1-A592-3066DACD100E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{BFC78A42-738C-4AB9-8F30-E76194B4551F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{A6390810-7AAD-46E9-B04D-F8B8A8034729}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A26439AE-DD0F-4DB4-A476-A08677B4C448}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CD7A39EA-E7A9-4FB5-85A6-596F8ED7E607}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{5633E093-A841-4025-8C65-294CF57BF154}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{53EEED36-F459-4FC1-B0AD-783FE2B9C5DD}] => (Allow) D:\Steam yolomode\steamapps\common\SKILL\DFUBG.exe
FirewallRules: [{C950E02C-EDF8-460E-85F5-2B6FD36733FF}] => (Allow) D:\Steam yolomode\steamapps\common\SKILL\DFUBG.exe
FirewallRules: [{CB76EE55-02A0-49A8-B91E-93FF647ACDB5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DF0B06EA-4136-46E2-AA11-84BC94942AF9}] => (Allow) D:\Steam yolomode\steamapps\common\SKILL\Binaries\Win32\sf2.exe
FirewallRules: [{737C03E7-A52A-43DA-8A14-0DAB39E85AC1}] => (Allow) D:\Steam yolomode\steamapps\common\SKILL\Binaries\Win32\sf2.exe
FirewallRules: [{34A3D606-9E97-4BE5-BC3F-2C50CD4B31D8}] => (Allow) D:\Steam yolomode\steamapps\common\alan wakes american nightmare\alan_wakes_american_nightmare.exe
FirewallRules: [{28F01107-508A-476C-94FE-11F3A7997272}] => (Allow) D:\Steam yolomode\steamapps\common\alan wakes american nightmare\alan_wakes_american_nightmare.exe
==================== Faulty Device Manager Devices =============
Name: Ethernet-Controller
Description: Ethernet-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/10/2015 00:17:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/09/2015 00:51:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/09/2015 00:43:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/09/2015 09:39:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/09/2015 05:31:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/09/2015 04:15:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/09/2015 04:02:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/27/2015 08:34:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/27/2015 08:18:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/27/2015 08:02:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (07/09/2015 00:50:01 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 09.07.2015 um 12:48:42 unerwartet heruntergefahren.
Error: (07/09/2015 00:41:47 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 09.07.2015 um 12:40:57 unerwartet heruntergefahren.
Error: (07/09/2015 09:37:20 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 09.07.2015 um 21:36:15 unerwartet heruntergefahren.
Error: (07/09/2015 07:08:30 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (07/09/2015 04:12:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Driver Foundation - Benutzermodus-Treiberframework" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/09/2015 04:12:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Automatische WLAN-Konfiguration" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/09/2015 04:12:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Diagnosesystemhost" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/09/2015 04:12:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Sitzungs-Manager für Desktopfenster-Manager" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/09/2015 04:12:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Überwachung verteilter Verknüpfungen (Client)" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/09/2015 04:12:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Superfetch" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Microsoft Office:
=========================
Error: (07/10/2015 00:17:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/09/2015 00:51:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/09/2015 00:43:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/09/2015 09:39:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/09/2015 05:31:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/09/2015 04:15:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/09/2015 04:02:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/27/2015 08:34:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/27/2015 08:18:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/27/2015 08:02:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2015-05-19 08:05:54.323
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-05-19 08:05:54.276
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-05-19 07:46:15.679
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-05-19 07:46:15.632
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-05-19 07:45:11.615
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-05-19 07:45:11.568
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-05-19 07:45:11.521
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-05-19 07:45:11.474
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7 CPU M 620 @ 2.67GHz
Percentage of memory in use: 54%
Total physical RAM: 3766.68 MB
Available physical RAM: 1700.08 MB
Total Virtual: 7531.57 MB
Available Virtual: 5309.67 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:50 GB) (Free:10.53 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Lokaler Datenträger1) (Fixed) (Total:61.79 GB) (Free:29.3 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 1559283B)
Partition 1: (Not Active) - (Size=61.8 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=50 GB) - (Type=07 NTFS)
==================== End of log ============================
|
|
10.07.2015, 19:08
| #4 |
| /// TB-Ausbilder /// Anleitungs-Guru | Einmal kurz durchchecken Hi, gibts irgendwelche Symptome auf dem PC oder Probleme? Schritt 1 Deaktiviere bitte Dein Antivirenprogramm, da es die Entfernung von SpyHunter blockieren kann. Bitte downloade Dir  SpyHunterCleaner (von M-K-D-B) auf Deinen Desktop.
Schritt 2 Bitte starte FRST erneut, und drücke auf Scan. Bitte poste mir den Inhalt des Logs.
__________________ Gruß deeprybka  Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
10.07.2015, 21:15
| #5 |
| | ok ;) Wieso muss SpyHunter gecleant werden? Das is doch kein Virus  FRST : Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-07-2015
Ran by Marcel (administrator) on TSCHILLER123 on 10-07-2015 13:10:51
Running from C:\Users\Marcel\Desktop
Loaded Profiles: Marcel (Available Profiles: Marcel & Administrator)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(BitTorrent Inc.) C:\Users\Marcel\AppData\Roaming\uTorrent\uTorrent.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Worm] => wscript.exe //B "C:\Users\Marcel\AppData\Local\Temp\Worm.VBS.Dunihi.W.vbs" <===== ATTENTION
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [43871968 2015-06-26] (Dropbox, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-2810977045-1315894760-386528613-1000\...\Run: [Worm] => wscript.exe //B "C:\Users\Marcel\AppData\Local\Temp\Worm.VBS.Dunihi.W.vbs" <===== ATTENTION
HKU\S-1-5-21-2810977045-1315894760-386528613-1000\...\Run: [uTorrent] => C:\Users\Marcel\AppData\Roaming\uTorrent\uTorrent.exe [1998432 2015-05-12] (BitTorrent Inc.)
HKU\S-1-5-21-2810977045-1315894760-386528613-1000\...\Policies\system: [EnableLUA] 0
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
BootExecute: autocheck autochk *
AlternateShell:
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: [S-1-5-21-2810977045-1315894760-386528613-1000] => :80
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2810977045-1315894760-386528613-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-06-11] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-06-11] (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{A7EBB1DE-C35B-475A-A7D0-64D00582BCEC}: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\dckb56gh.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: about:home
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-14] ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-06-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-06-11] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-14] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-13] (Oracle Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF user.js: detected! => C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\dckb56gh.default\user.js [2015-05-13]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\dckb56gh.default\Extensions\adblockpopups@jessehakanen.net.xpi [2015-05-15]
FF Extension: MEGA - C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\dckb56gh.default\Extensions\firefox@mega.co.nz.xpi [2015-05-16]
FF Extension: Adblock Plus - C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\dckb56gh.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-15]
FF Extension: Greasemonkey - C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\dckb56gh.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-07-10]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\Marcel\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [Not Found]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-06-16] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (BlueStack Systems, Inc.)
S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [822904 2015-06-16] (BlueStack Systems, Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-09] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-09] (Dropbox, Inc.)
S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448976 2015-04-17] (TeamViewer GmbH)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [5821952 2015-05-11] (Broadcom Corporation) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [62152 2014-10-27] (Advanced Micro Devices, Inc.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-06-16] (BlueStack Systems)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-05-14] (Glarysoft Ltd)
S3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [22600 2013-11-18] ()
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115208 2015-05-13] (Oracle Corporation)
S3 atillk64; \??\C:\Program Files (x86)\ATI Technologies\AMD GPU Clock Tool\atillk64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-10 13:10 - 2015-07-10 13:11 - 00011703 _____ C:\Users\Marcel\Desktop\FRST.txt
2015-07-10 13:10 - 2015-07-10 13:10 - 02112512 _____ (Farbar) C:\Users\Marcel\Desktop\FRST64.exe
2015-07-10 13:08 - 2015-07-10 13:08 - 00496128 _____ C:\Users\Marcel\Desktop\SpyHunterCleaner_1.04.exe
2015-07-10 12:33 - 2015-07-10 12:33 - 00000988 _____ C:\Users\Marcel\Desktop\Bandicam.lnk
2015-07-10 12:33 - 2015-07-10 12:33 - 00000988 _____ C:\Users\Administrator\Desktop\Bandicam.lnk
2015-07-10 12:33 - 2015-07-10 12:33 - 00000000 ____D C:\Users\Marcel\Documents\Bandicam
2015-07-10 12:33 - 2015-07-10 12:33 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\BANDISOFT
2015-07-10 12:33 - 2015-07-10 12:33 - 00000000 ____D C:\Program Files (x86)\BandiMPEG1
2015-07-10 12:33 - 2015-07-10 12:33 - 00000000 ____D C:\Program Files (x86)\Bandicam
2015-07-10 09:39 - 2015-07-10 09:39 - 00000000 ____D C:\Users\Marcel\Desktop\SpyHunter 4.19.13.4482 Portable
2015-07-10 09:35 - 2015-07-10 10:06 - 00000000 ____D C:\Users\Marcel\Desktop\spyhunter
2015-07-10 09:31 - 2015-07-10 09:31 - 00002385 _____ C:\spyhunter.fix
2015-07-10 02:32 - 2015-07-10 02:32 - 00278344 _____ C:\Windows\Minidump\071015-9562-01.dmp
2015-07-10 01:23 - 2015-07-10 12:33 - 00000000 ____D C:\Users\Marcel\Desktop\Bandicam 2.2.3.804 Multilingual + Keymaker + 100% Working
2015-07-10 01:23 - 2015-07-10 01:23 - 00000000 ____D C:\Users\Marcel\Desktop\Essential Data Tools 2.8 + Keygen + 100% Working
2015-07-10 01:23 - 2015-07-10 01:23 - 00000000 ____D C:\Users\Marcel\Desktop\DocumentsRescue Pro 6.11 Build 1025 + Keygen + 100% Working
2015-07-10 01:05 - 2015-07-10 01:05 - 00000000 ____D C:\Users\Marcel\Desktop\Stranded.Deep.Alpha.v0.03
2015-07-10 00:39 - 2015-07-10 09:39 - 00001837 _____ C:\Users\Public\Desktop\FileZilla Client.lnk
2015-07-10 00:39 - 2015-07-10 00:45 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\FileZilla
2015-07-10 00:39 - 2015-07-10 00:39 - 06483456 _____ (Tim Kosse) C:\Users\Marcel\Downloads\FileZilla_3.12.0.2_win64-setup.exe
2015-07-10 00:39 - 2015-07-10 00:39 - 00000000 ____D C:\Program Files\FileZilla FTP Client
2015-07-10 00:37 - 2015-07-10 00:37 - 12665221 _____ C:\Users\Marcel\Downloads\filezilla312.zip
2015-07-09 21:29 - 2015-07-10 09:35 - 00000000 ____D C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP
2015-07-09 21:16 - 2015-07-09 21:16 - 00000000 _____ C:\autoexec.bat
2015-07-09 21:00 - 2015-07-09 21:00 - 00000000 ____D C:\Users\Marcel\.android
2015-07-09 20:09 - 2015-07-10 13:10 - 00000000 ___RD C:\Users\Marcel\Dropbox
2015-07-09 20:09 - 2015-07-09 20:09 - 00001226 _____ C:\Users\Marcel\Desktop\Dropbox.lnk
2015-07-09 20:07 - 2015-07-09 20:07 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Dropbox
2015-07-09 20:05 - 2015-07-10 13:10 - 00000000 ____D C:\Users\Marcel\AppData\Local\Dropbox
2015-07-09 20:05 - 2015-07-09 20:08 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-07-09 20:05 - 2015-07-09 20:05 - 00660960 _____ (Dropbox, Inc.) C:\Users\Marcel\Downloads\DropboxInstaller.exe
2015-07-09 20:05 - 2015-07-09 20:05 - 00001210 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-07-09 19:01 - 2015-07-09 21:33 - 00000000 ____D C:\Users\Marcel\Desktop\uTorrent.3.4.3.Build.40633.Stable
2015-07-09 18:21 - 2015-07-09 18:22 - 04869053 _____ C:\Users\Marcel\Downloads\TorrentGrabber_Setup.exe
2015-07-09 17:51 - 2015-07-09 17:52 - 00000042 _____ C:\Users\Marcel\Desktop\Neues Textdokument.txt
2015-07-09 16:47 - 2015-07-09 16:47 - 00181730 _____ C:\Users\Marcel\Downloads\cmen.zip
2015-07-09 16:36 - 2015-07-09 16:41 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Azureus
2015-07-09 16:36 - 2015-07-09 16:41 - 00000000 ____D C:\Program Files\Vuze
2015-07-09 16:36 - 2015-07-09 16:36 - 00000000 ____D C:\Users\Marcel\.swt
2015-07-09 16:35 - 2015-07-09 16:35 - 00072496 _____ (Azureus Software, Inc.) C:\Users\Marcel\Downloads\VuzeBittorrentClientInstaller.exe
2015-07-09 16:08 - 2015-07-09 16:08 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\ESET
2015-07-09 16:08 - 2015-07-09 16:08 - 00000000 ____D C:\Users\Administrator\AppData\Local\ESET
2015-07-09 12:53 - 2015-07-09 12:53 - 04176437 _____ C:\Users\Marcel\Downloads\tdsskiller.zip
2015-07-09 12:53 - 2015-01-22 09:42 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Marcel\Desktop\TDSSKiller.exe
2015-06-27 20:35 - 2015-06-27 20:35 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\ESET
2015-06-27 20:16 - 2015-07-10 02:32 - 00000000 ____D C:\Windows\Minidump
2015-06-27 20:16 - 2015-06-27 20:16 - 00278344 _____ C:\Windows\Minidump\062715-8876-01.dmp
2015-06-27 20:15 - 2015-06-27 20:31 - 00000000 __SHD C:\Windows\SysWOW64\Application Services
2015-06-27 20:14 - 2015-06-27 20:14 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\32373FC0-3615-4443-845E-5D1D23278BBA
2015-06-27 20:14 - 2015-06-27 20:14 - 00000000 ____D C:\lang
2015-06-27 20:13 - 2015-06-27 20:13 - 00000000 ____H C:\Users\Marcel\AppData\Roaming\TSCHILLER123.glp
2015-06-27 20:03 - 2015-06-27 20:29 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Foldername
2015-06-27 18:15 - 2015-06-27 18:21 - 00000000 ____D C:\Users\Marcel\Desktop\HackPack
2015-06-27 17:37 - 2015-06-27 17:37 - 00000000 ____D C:\Users\Marcel\Documents\Remedy
2015-06-27 17:33 - 2015-06-27 17:33 - 00060056 _____ C:\Users\Marcel\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-27 17:28 - 2015-07-10 13:09 - 00078164 _____ C:\Windows\PFRO.log
2015-06-27 17:28 - 2015-07-10 13:09 - 00001008 _____ C:\Windows\setupact.log
2015-06-27 17:28 - 2015-06-27 17:28 - 00272560 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-27 17:28 - 2015-06-27 17:28 - 00000000 _____ C:\Windows\setuperr.log
2015-06-27 12:31 - 2015-06-27 12:38 - 00000356 _____ C:\Users\Marcel\AppData\Roaming\.foobillardrc
2015-06-27 11:22 - 2015-06-27 11:22 - 00008192 __RSH C:\BOOTSECT.BAK
2015-06-26 19:12 - 2015-06-27 12:28 - 00000000 ____D C:\Program Files (x86)\FooBillard
2015-06-26 19:12 - 2015-06-26 19:12 - 00000000 ____D C:\Program Files (x86)\TowerToppler
2015-06-26 19:07 - 2015-06-26 19:07 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\supertuxkart
2015-06-26 19:00 - 2015-06-26 19:00 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Pingus
2015-06-26 18:59 - 2015-06-27 11:34 - 00000000 ____D C:\Program Files (x86)\Energie Tycoon
2015-06-26 18:59 - 2015-06-26 18:59 - 00000000 ____D C:\Users\Marcel\Documents\OpenTTD
2015-06-26 18:55 - 2015-06-26 18:55 - 00000000 ____D C:\Users\Marcel\Documents\My Safes
2015-06-26 18:55 - 2015-06-26 18:55 - 00000000 ____D C:\Users\Marcel\AppData\Local\PasswordSafe
2015-06-26 18:53 - 2015-06-26 18:54 - 00000000 ____D C:\Users\Marcel\AppData\Local\DesktopOK
2015-06-26 18:52 - 2015-06-26 18:54 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\BatteryBar
2015-06-26 18:51 - 2015-06-26 18:56 - 00000000 ____D C:\Program Files (x86)\RocketDock
2015-06-26 17:56 - 2015-07-10 13:09 - 00541428 _____ C:\Windows\WindowsUpdate.log
2015-06-26 14:43 - 2015-06-26 14:43 - 00000000 ____D C:\Users\Marcel\Desktop\Neue Welt-
2015-06-26 13:50 - 2015-06-26 13:50 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Abelssoft
2015-06-26 13:50 - 2015-06-26 13:50 - 00000000 ____D C:\Users\Marcel\AppData\Local\Abelssoft
2015-06-26 11:00 - 2015-06-26 13:50 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Don't Panic!
2015-06-25 17:35 - 2015-06-26 13:41 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\dvdcss
2015-06-25 17:26 - 2015-03-10 13:58 - 00949741 _____ C:\Users\Marcel\Desktop\MC Account Checker.jar
2015-06-25 15:29 - 2015-06-25 15:29 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\.technic
2015-06-24 08:15 - 2013-08-07 14:28 - 00401408 _____ C:\Program Files (x86)\wget.exe
2015-06-24 08:04 - 2015-06-24 08:05 - 00000000 ____D C:\Users\Marcel\Desktop\400.Android.Games.Collection [PAID APPS ONLY] - DroidIP
2015-06-24 07:26 - 2015-07-09 21:10 - 00000000 ___RD C:\Users\Marcel\Desktop\RAT Zeug
2015-06-16 01:28 - 2015-06-24 07:58 - 00000000 ____D C:\Users\Marcel\Desktop\Minecraft Cracking Tools
2015-06-15 08:36 - 2015-06-24 07:22 - 00000000 ____D C:\Users\Marcel\osc_files
2015-06-15 08:24 - 2015-07-10 13:10 - 00000000 ____D C:\FRST
2015-06-15 06:50 - 2015-06-16 01:44 - 00000000 __RHD C:\Users\Marcel\AppData\Roaming\Beta
2015-06-15 06:45 - 2015-06-15 06:45 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Cloud
2015-06-15 06:41 - 2015-06-15 06:41 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Cloud Net Beta
2015-06-13 06:21 - 2015-06-13 06:21 - 00000000 ____D C:\Users\Marcel\Tracing
2015-06-13 03:08 - 2015-06-26 07:55 - 00000000 ____D C:\Program Files (x86)\Icecream Screen Recorder
2015-06-13 03:07 - 2015-06-13 03:08 - 00000000 ____D C:\Users\Marcel\AppData\Local\LoiLo
2015-06-12 09:34 - 2015-06-27 18:35 - 00000000 ____D C:\Users\Marcel\AppData\Local\CrashDumps
2015-06-12 04:46 - 2015-06-12 04:46 - 00000000 ____D C:\Users\Marcel\Desktop\Is working
2015-06-11 10:46 - 2015-06-11 10:45 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-06-11 10:46 - 2015-06-11 10:45 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-06-11 10:46 - 2015-06-11 10:45 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-06-11 10:46 - 2015-06-11 10:45 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-06-11 10:45 - 2015-06-11 10:45 - 00000000 ____D C:\Program Files\Java
2015-06-11 10:31 - 2015-06-11 10:49 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\ftblauncher
2015-06-11 10:31 - 2015-06-11 10:47 - 00000000 ____D C:\Users\Marcel\AppData\Local\ftblauncher
2015-06-11 08:14 - 2015-06-11 08:14 - 00000000 ____D C:\Users\Marcel\Documents\Klei
2015-06-11 08:13 - 2015-06-11 08:13 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Az-Art
2015-06-11 08:09 - 2015-06-11 08:09 - 00001421 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-11 08:09 - 2015-06-11 08:09 - 00000020 ___SH C:\Users\Administrator\ntuser.ini
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 _SHDL C:\Users\Administrator\Vorlagen
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 _SHDL C:\Users\Administrator\Startmenü
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 _SHDL C:\Users\Administrator\Netzwerkumgebung
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 _SHDL C:\Users\Administrator\Lokale Einstellungen
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 _SHDL C:\Users\Administrator\Eigene Dateien
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 _SHDL C:\Users\Administrator\Druckumgebung
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Verlauf
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Anwendungsdaten
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 _SHDL C:\Users\Administrator\Anwendungsdaten
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 ____D C:\Users\Administrator
2015-06-11 08:09 - 2009-07-13 21:54 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-11 08:09 - 2009-07-13 21:49 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-06-11 06:42 - 2015-06-11 06:42 - 00001047 _____ C:\Users\Marcel\Desktop\Terraria.exe.lnk
2015-06-11 06:24 - 2015-06-11 06:24 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\com.playsaurus.heroclicker
2015-06-11 06:01 - 2015-06-11 06:01 - 00000000 ____D C:\Users\Marcel\Documents\Colossal Order
2015-06-11 06:01 - 2015-06-11 06:01 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Steam
2015-06-11 06:01 - 2015-06-11 06:01 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Colossal Order
2015-06-11 06:01 - 2015-06-11 06:01 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\.mono
2015-06-11 06:01 - 2015-06-11 06:01 - 00000000 ____D C:\Users\Marcel\AppData\Local\Colossal Order
2015-06-10 22:55 - 2015-06-10 22:55 - 00000020 ___SH C:\Users\Marcel\ntuser.ini
2015-06-10 12:55 - 2015-06-10 12:55 - 00000000 __RHD C:\Users\Public\Libraries
2015-06-10 10:21 - 2015-06-10 10:21 - 00016738 _____ C:\Windows\SysWOW64\CCCInstall_201506101021471022.log
2015-06-10 10:17 - 2015-06-10 10:17 - 00000000 ____D C:\Program Files (x86)\Counter-Strike Global Offensive
2015-06-10 07:32 - 2015-06-10 07:32 - 00000000 ____D C:\Program Files (x86)\Universal Extractor
2015-06-10 07:01 - 2015-06-10 07:01 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA
2015-06-10 05:34 - 2015-06-26 18:59 - 00000000 ____D C:\Windows\SysWOW64\directx
2015-06-10 05:34 - 2015-06-10 06:20 - 00001030 _____ C:\Users\Marcel\Desktop\Left 4 Dead 2.lnk
2015-06-10 02:06 - 2015-06-01 12:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 02:06 - 2015-06-01 11:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-10 02:06 - 2015-05-27 07:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 02:06 - 2015-05-27 07:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-10 02:06 - 2015-05-25 10:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 02:06 - 2015-05-22 20:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-10 02:06 - 2015-05-22 20:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-10 02:06 - 2015-05-22 20:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-10 02:06 - 2015-05-22 20:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-10 02:06 - 2015-05-22 20:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-10 02:06 - 2015-05-22 20:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-10 02:06 - 2015-05-22 20:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-10 02:06 - 2015-05-22 20:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-10 02:06 - 2015-05-22 20:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-10 02:06 - 2015-05-22 20:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-10 02:06 - 2015-05-22 20:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-10 02:06 - 2015-05-22 20:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-10 02:06 - 2015-05-22 20:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-10 02:06 - 2015-05-22 19:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-10 02:06 - 2015-05-22 19:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-10 02:06 - 2015-05-22 19:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-10 02:06 - 2015-05-22 19:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-10 02:06 - 2015-05-22 19:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-10 02:06 - 2015-05-22 19:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-10 02:06 - 2015-05-22 19:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-10 02:06 - 2015-05-22 19:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-10 02:06 - 2015-05-22 19:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-10 02:06 - 2015-05-22 19:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-10 02:06 - 2015-05-22 19:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-10 02:06 - 2015-05-22 19:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-10 02:06 - 2015-05-22 19:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-10 02:06 - 2015-05-22 12:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 02:06 - 2015-05-22 12:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 02:06 - 2015-05-22 12:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 02:06 - 2015-05-22 12:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 02:06 - 2015-05-22 12:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 02:06 - 2015-05-22 12:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 02:06 - 2015-05-22 12:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 02:06 - 2015-05-22 11:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 02:06 - 2015-05-22 11:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 02:06 - 2015-05-22 11:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 02:06 - 2015-05-22 11:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 02:06 - 2015-05-22 11:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 02:06 - 2015-05-22 11:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 02:06 - 2015-05-22 11:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 02:06 - 2015-05-22 11:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 02:06 - 2015-05-22 11:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 02:06 - 2015-05-22 11:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 02:06 - 2015-05-22 11:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 02:06 - 2015-05-22 11:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 02:06 - 2015-05-22 11:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 02:06 - 2015-05-22 11:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 02:06 - 2015-05-22 11:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 02:06 - 2015-05-22 11:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 02:06 - 2015-05-22 11:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 02:06 - 2015-05-22 11:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 02:06 - 2015-05-22 11:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 02:06 - 2015-05-22 10:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 02:06 - 2015-05-22 10:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 02:06 - 2015-05-22 10:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 02:06 - 2015-05-22 10:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 02:06 - 2015-04-29 11:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 02:06 - 2015-04-29 11:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 02:06 - 2015-04-29 11:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 02:06 - 2015-04-29 11:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 02:06 - 2015-04-29 11:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 02:06 - 2015-04-29 11:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-10 02:06 - 2015-04-29 11:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-10 02:06 - 2015-04-29 11:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-10 02:06 - 2015-04-29 11:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-10 02:06 - 2015-04-29 11:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-10 02:06 - 2015-04-24 11:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 02:06 - 2015-04-24 10:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-10 13:10 - 2015-05-12 16:37 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\uTorrent
2015-07-10 13:09 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-10 12:59 - 2015-05-15 19:29 - 00000000 ____D C:\Program Files\ESET
2015-07-10 11:58 - 2015-05-15 20:33 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\TeamViewer
2015-07-10 09:41 - 2009-07-13 21:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-10 09:41 - 2009-07-13 21:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-10 09:37 - 2011-04-12 00:43 - 00699342 _____ C:\Windows\system32\perfh007.dat
2015-07-10 09:37 - 2011-04-12 00:43 - 00149450 _____ C:\Windows\system32\perfc007.dat
2015-07-10 09:37 - 2009-07-13 22:13 - 00965480 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-10 00:59 - 2015-05-14 04:48 - 00037624 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-07-09 21:37 - 2015-05-26 10:13 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2015-07-09 21:15 - 2015-05-11 19:49 - 00000000 ____D C:\Users\Marcel
2015-07-09 17:30 - 2015-05-12 17:32 - 00000000 ____D C:\Users\Marcel\Documents\My Games
2015-07-09 16:09 - 2015-05-12 16:22 - 00000000 ____D C:\Program Files\Unlocker
2015-07-09 16:01 - 2015-05-15 19:44 - 00000000 ____D C:\Windows\pss
2015-06-27 21:15 - 2014-12-27 15:29 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\#REVOLUTION
2015-06-27 20:35 - 2015-05-15 19:33 - 00000000 ____D C:\Users\Marcel\AppData\Local\ESET
2015-06-27 20:29 - 2009-07-13 20:20 - 00000000 __RSD C:\Windows\Media
2015-06-27 20:16 - 2009-07-13 22:32 - 00000000 ____D C:\Windows\Offline Web Pages
2015-06-27 20:14 - 2009-07-13 19:34 - 00000254 _____ C:\Windows\system.ini
2015-06-27 20:00 - 2011-04-12 00:54 - 00000000 ____D C:\Windows\CSC
2015-06-27 18:17 - 2015-05-23 06:41 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\vlc
2015-06-27 17:37 - 2015-05-23 05:52 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-26 11:17 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\NDF
2015-06-26 10:57 - 2015-05-14 18:06 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5
2015-06-26 07:55 - 2015-05-14 18:23 - 00000000 ____D C:\Program Files\LoiLo
2015-06-26 07:49 - 2015-06-08 10:35 - 00000000 ___RD C:\Users\Marcel\Desktop\Passwörter oder sonstiges
2015-06-25 14:42 - 2015-05-13 20:03 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\.minecraft
2015-06-24 23:04 - 2015-06-09 06:51 - 00000000 ____D C:\Program Files\PeerBlock
2015-06-24 10:09 - 2015-05-23 04:19 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Notepad++
2015-06-24 07:45 - 2015-05-12 17:24 - 00000000 ____D C:\Program Files\WinRAR
2015-06-23 13:30 - 2010-11-20 20:27 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-06-16 01:23 - 2009-07-13 22:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-15 10:08 - 2015-05-29 09:10 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Skype
2015-06-13 07:05 - 2015-05-15 20:15 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-06-10 22:55 - 2009-07-13 22:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-06-10 12:49 - 2015-05-14 18:07 - 00001188 _____ C:\Users\Marcel\Desktop\Glary Utilities 5.lnk
2015-06-10 12:41 - 2015-05-12 17:11 - 00000000 ____D C:\Program Files (x86)\ESET Online Scanner
2015-06-10 12:41 - 2009-07-13 20:20 - 00000000 __RHD C:\Users\Default
2015-06-10 12:12 - 2015-05-29 09:09 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-06-10 12:12 - 2009-07-13 20:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-06-10 12:10 - 2015-05-26 08:17 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2015-06-10 10:48 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files\DVD Maker
2015-06-10 10:48 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\Setup
2015-06-10 10:48 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-10 10:21 - 2015-05-11 19:51 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2015-06-10 08:14 - 2015-05-17 09:48 - 00000000 __SHD C:\Users\Marcel\AppData\Local\EmieUserList
2015-06-10 08:14 - 2015-05-17 09:48 - 00000000 __SHD C:\Users\Marcel\AppData\Local\EmieSiteList
2015-06-10 08:14 - 2015-05-17 09:48 - 00000000 __SHD C:\Users\Marcel\AppData\Local\EmieBrowserModeList
2015-06-10 08:12 - 2015-06-09 06:51 - 00001782 _____ C:\Users\Marcel\Desktop\PeerBlock.lnk
2015-06-10 07:09 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\oobe
2015-06-10 07:01 - 2015-06-07 07:29 - 00000000 ____D C:\GOG Games
2015-06-10 03:03 - 2015-05-15 14:25 - 00000000 ____D C:\Windows\system32\MRT
2015-06-10 03:00 - 2015-05-15 14:25 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Files in the root of some directories =======
2015-06-24 08:15 - 2013-08-07 14:28 - 0401408 _____ () C:\Program Files (x86)\wget.exe
2015-06-27 12:31 - 2015-06-27 12:38 - 0000356 _____ () C:\Users\Marcel\AppData\Roaming\.foobillardrc
2015-06-27 20:13 - 2015-06-27 20:13 - 0000000 ____H () C:\Users\Marcel\AppData\Roaming\TSCHILLER123.glp
Some files in TEMP:
====================
C:\Users\Marcel\AppData\Local\Temp\bassmod.dll
C:\Users\Marcel\AppData\Local\Temp\bdfilters.dll
C:\Users\Marcel\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Marcel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp87jbuq.dll
C:\Users\Marcel\AppData\Local\Temp\EsgInstallerx64Stub.exe
C:\Users\Marcel\AppData\Local\Temp\USkinDLL.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-07-10 01:55
==================== End of log ============================
FRST Logfile: Code:
ATTFilter scan result of Farbar Recovery Scan Tool (x64) Version:09-07-2015
Ran by Marcel at 2015-07-10 13:13:04
Running from C:\Users\Marcel\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2810977045-1315894760-386528613-500 - Administrator - Enabled) => C:\Users\Administrator
Gast (S-1-5-21-2810977045-1315894760-386528613-501 - Limited - Disabled)
Marcel (S-1-5-21-2810977045-1315894760-386528613-1000 - Administrator - Enabled) => C:\Users\Marcel
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2810977045-1315894760-386528613-1000\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Alan Wake's American Nightmare (HKLM-x32\...\Steam App 202750) (Version: - Remedy Entertainment)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.2.3.804 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.30.4239 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{79809712-A577-4B8C-A9FC-51945690C7DC}) (Version: 0.9.30.4239 - BlueStack Systems, Inc.)
Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.1.1500 - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: 5.100.82.97 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.6.8 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.29 - Dropbox, Inc.) Hidden
FileZilla Client 3.12.0 (HKLM-x32\...\FileZilla Client) (Version: 3.12.0 - Tim Kosse)
Free Video to MP3 Converter version 5.0.58.415 (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version: 5.0.58.415 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.58.505 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.58.505 - DVDVideoSoft Ltd.)
Glary Utilities 5.25 (HKLM-x32\...\Glary Utilities 5) (Version: 5.25.0.44 - Glarysoft Ltd)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.6.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.01.1002 - Intel Corporation)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 37.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.2 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.8.2 - Notepad++ Team)
PeerBlock 1.1+ (r677) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.1.0.677 - PeerBlock, LLC)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.02 - Qualcomm Atheros)
S.K.I.L.L. - Special Force 2 (HKLM-x32\...\Steam App 286940) (Version: - )
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.101 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.41459 - TeamViewer)
Terraria (HKLM-x32\...\1207665503_is1) (Version: 2.0.0.1 - GOG.com)
Universal Extractor 1.6.1 (HKLM-x32\...\Universal Extractor_is1) (Version: 1.6.1 - Jared Breland)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
10-07-2015 09:35:00 Removed SpyHunter
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 19:34 - 2015-06-10 12:39 - 00000768 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {B531456E-3FCD-4D08-8D3D-8E5D2EA9820F} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2015-07-08 06:07 - 2015-07-08 06:07 - 00043480 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2010-07-14 21:44 - 2010-07-14 21:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2015-04-15 13:13 - 2015-04-15 13:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2015-05-23 09:11 - 2009-12-23 17:32 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-07-10 13:10 - 2015-07-10 13:10 - 00043008 _____ () c:\users\marcel\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp87jbuq.dll
2015-07-09 20:08 - 2015-03-19 00:15 - 00750080 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2015-07-09 20:08 - 2015-03-19 00:15 - 00047616 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2015-07-09 20:08 - 2015-03-19 00:15 - 00865280 _____ () C:\Program Files (x86)\Dropbox\Client\plugins\platforms\qwindows.dll
2015-07-09 20:08 - 2015-03-19 00:15 - 00200704 _____ () C:\Program Files (x86)\Dropbox\Client\plugins\imageformats\qjpeg.dll
2015-07-09 20:08 - 2015-03-19 00:15 - 00010240 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll
2015-07-09 20:08 - 2015-03-19 00:15 - 00726016 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-09 20:08 - 2015-03-19 00:15 - 00010240 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows\System32:{4B9A1497-0817-47C4-9612-D6A1C53ACF57}
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot => "AlternateShell"=""
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2810977045-1315894760-386528613-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{E4FD5A1E-A3F7-4CE0-AC7E-C0ED0C95C22E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4979CA39-5DF3-4E38-A674-DCF6A8E4EAF4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{00851861-AF57-4437-BB2C-4D54A53A0FF7}] => (Allow) C:\Users\Marcel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1A6C1CF2-16FC-4FC9-A6DA-C1A82588BF15}] => (Allow) C:\Users\Marcel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{1E85229A-88B0-4D41-8D39-C4CC55EC9664}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{B4B7DDAA-476C-415C-92F7-68F70F58095E}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{D1FBC41C-47FA-4C16-A601-3DDE966B9371}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{8CA0F89F-B83C-4E9F-89DD-0F7A6E221841}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{F4EF3336-A813-4B83-BDB6-B2AA88ECE367}C:\windows\syswow64\svchost.exe] => (Block) C:\windows\syswow64\svchost.exe
FirewallRules: [UDP Query User{46F434D9-DC23-4239-A38B-2335252A2AB7}C:\windows\syswow64\svchost.exe] => (Block) C:\windows\syswow64\svchost.exe
FirewallRules: [{ECCE2D40-FE2E-4E40-82BA-596B23F869E1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E63E7D81-9799-4483-870D-6B145079F583}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C4E200C3-A8A4-44C1-A592-3066DACD100E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{BFC78A42-738C-4AB9-8F30-E76194B4551F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{A6390810-7AAD-46E9-B04D-F8B8A8034729}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A26439AE-DD0F-4DB4-A476-A08677B4C448}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CD7A39EA-E7A9-4FB5-85A6-596F8ED7E607}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{5633E093-A841-4025-8C65-294CF57BF154}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{53EEED36-F459-4FC1-B0AD-783FE2B9C5DD}] => (Allow) D:\Steam yolomode\steamapps\common\SKILL\DFUBG.exe
FirewallRules: [{C950E02C-EDF8-460E-85F5-2B6FD36733FF}] => (Allow) D:\Steam yolomode\steamapps\common\SKILL\DFUBG.exe
FirewallRules: [{CB76EE55-02A0-49A8-B91E-93FF647ACDB5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DF0B06EA-4136-46E2-AA11-84BC94942AF9}] => (Allow) D:\Steam yolomode\steamapps\common\SKILL\Binaries\Win32\sf2.exe
FirewallRules: [{737C03E7-A52A-43DA-8A14-0DAB39E85AC1}] => (Allow) D:\Steam yolomode\steamapps\common\SKILL\Binaries\Win32\sf2.exe
FirewallRules: [{34A3D606-9E97-4BE5-BC3F-2C50CD4B31D8}] => (Allow) D:\Steam yolomode\steamapps\common\alan wakes american nightmare\alan_wakes_american_nightmare.exe
FirewallRules: [{28F01107-508A-476C-94FE-11F3A7997272}] => (Allow) D:\Steam yolomode\steamapps\common\alan wakes american nightmare\alan_wakes_american_nightmare.exe
==================== Faulty Device Manager Devices =============
Name: Ethernet-Controller
Description: Ethernet-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/10/2015 01:11:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/10/2015 01:07:47 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (07/10/2015 09:35:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/10/2015 02:34:47 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/10/2015 00:17:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/09/2015 00:51:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/09/2015 00:43:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/09/2015 09:39:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/09/2015 05:31:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/09/2015 04:15:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (07/10/2015 09:33:10 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 10.07.2015 um 09:32:21 unerwartet heruntergefahren.
Error: (07/10/2015 02:32:58 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000050 (0xfffffa8048e4f190, 0x0000000000000000, 0xfffff800034ab9c5, 0x0000000000000005)C:\Windows\MEMORY.DMP071015-9562-01
Error: (07/10/2015 02:32:56 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 10.07.2015 um 02:31:38 unerwartet heruntergefahren.
Error: (07/10/2015 01:59:19 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (07/09/2015 00:50:01 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 09.07.2015 um 12:48:42 unerwartet heruntergefahren.
Error: (07/09/2015 00:41:47 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 09.07.2015 um 12:40:57 unerwartet heruntergefahren.
Error: (07/09/2015 09:37:20 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 09.07.2015 um 21:36:15 unerwartet heruntergefahren.
Error: (07/09/2015 07:08:30 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (07/09/2015 04:12:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Driver Foundation - Benutzermodus-Treiberframework" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/09/2015 04:12:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Automatische WLAN-Konfiguration" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Microsoft Office:
=========================
Error: (07/10/2015 01:11:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/10/2015 01:07:47 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Program Files (x86)\ESET Online Scanner\ESETSmartInstaller.exe
Error: (07/10/2015 09:35:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/10/2015 02:34:47 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/10/2015 00:17:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/09/2015 00:51:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/09/2015 00:43:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/09/2015 09:39:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/09/2015 05:31:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/09/2015 04:15:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2015-05-19 08:05:54.323
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-05-19 08:05:54.276
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-05-19 07:46:15.679
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-05-19 07:46:15.632
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-05-19 07:45:11.615
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-05-19 07:45:11.568
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-05-19 07:45:11.521
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-05-19 07:45:11.474
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7 CPU M 620 @ 2.67GHz
Percentage of memory in use: 56%
Total physical RAM: 3766.68 MB
Available physical RAM: 1626.23 MB
Total Virtual: 7531.57 MB
Available Virtual: 5724.36 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:50 GB) (Free:10.47 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Lokaler Datenträger1) (Fixed) (Total:61.79 GB) (Free:3.27 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 1559283B)
Partition 1: (Not Active) - (Size=61.8 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=50 GB) - (Type=07 NTFS)
==================== End of log ============================
|
|
10.07.2015, 21:43
| #6 | |
| /// TB-Ausbilder /// Anleitungs-Guru | Einmal kurz durchcheckenZitat:
Schritt 1  Drücke bitte die  + R Taste und schreibe notepad in das Ausführen Fenster.Klicke auf OK und kopiere nun den Text aus der Codebox in das leere Textdokument: Code:
ATTFilter CloseProcesses:
HKLM\...\Run: [Worm] => wscript.exe //B "C:\Users\Marcel\AppData\Local\Temp\Worm.VBS.Dunihi.W.vbs"
HKU\S-1-5-21-2810977045-1315894760-386528613-1000\...\Run: [Worm] => wscript.exe //B "C:\Users\Marcel\AppData\Local\Temp\Worm.VBS.Dunihi.W.vbs"
ProxyServer: [S-1-5-21-2810977045-1315894760-386528613-1000] => :80
2015-07-10 09:39 - 2015-07-10 09:39 - 00000000 ____D C:\Users\Marcel\Desktop\SpyHunter 4.19.13.4482 Portable
2015-07-10 09:35 - 2015-07-10 10:06 - 00000000 ____D C:\Users\Marcel\Desktop\spyhunter
2015-07-10 09:31 - 2015-07-10 09:31 - 00002385 _____ C:\spyhunter.fix
AlternateDataStreams: C:\Windows\System32:{4B9A1497-0817-47C4-9612-D6A1C53ACF57}
AlternateShell:
EmptyTemp:
Nach dem Reboot: Schritt 2 Bitte starte FRST erneut, und drücke auf Scan. Bitte poste mir den Inhalt des Logs.
__________________ --> Einmal kurz durchchecken |
|
11.07.2015, 07:21
| #7 |
| | Einmal kurz durchcheckenCode:
ATTFilter Fix result of Farbar Recovery Scan Tool (x64) Version:09-07-2015
Ran by Marcel at 2015-07-10 23:18:15 Run:1
Running from C:\Users\Marcel\Desktop
Loaded Profiles: Marcel (Available Profiles: Marcel & Administrator)
Boot Mode: Normal
==============================================
fixlist content:
*****************
CloseProcesses:
HKLM\...\Run: [Worm] => wscript.exe //B "C:\Users\Marcel\AppData\Local\Temp\Worm.VBS.Dunihi.W.vbs"
HKU\S-1-5-21-2810977045-1315894760-386528613-1000\...\Run: [Worm] => wscript.exe //B "C:\Users\Marcel\AppData\Local\Temp\Worm.VBS.Dunihi.W.vbs"
ProxyServer: [S-1-5-21-2810977045-1315894760-386528613-1000] => :80
2015-07-10 09:39 - 2015-07-10 09:39 - 00000000 ____D C:\Users\Marcel\Desktop\SpyHunter 4.19.13.4482 Portable
2015-07-10 09:35 - 2015-07-10 10:06 - 00000000 ____D C:\Users\Marcel\Desktop\spyhunter
2015-07-10 09:31 - 2015-07-10 09:31 - 00002385 _____ C:\spyhunter.fix
AlternateDataStreams: C:\Windows\System32:{4B9A1497-0817-47C4-9612-D6A1C53ACF57}
AlternateShell:
EmptyTemp:
*****************
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Worm => value removed successfully
HKU\S-1-5-21-2810977045-1315894760-386528613-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Worm => value removed successfully
HKU\S-1-5-21-2810977045-1315894760-386528613-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully
C:\Users\Marcel\Desktop\SpyHunter 4.19.13.4482 Portable => moved successfully.
"C:\Users\Marcel\Desktop\spyhunter" => File/Folder not found.
C:\spyhunter.fix => moved successfully.
C:\Windows\System32 => ":{4B9A1497-0817-47C4-9612-D6A1C53ACF57}" ADS removed successfully.
hklm\System\CurrentControlSet\Control\SafeBoot\\AlternateShell => value restored successfully
EmptyTemp: => 557.8 MB temporary data Removed.
The system needed a reboot..
==== End of Fixlog 23:18:19 ====
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-07-2015
Ran by Marcel (administrator) on TSCHILLER123 on 10-07-2015 23:19:45
Running from C:\Users\Marcel\Desktop
Loaded Profiles: Marcel (Available Profiles: Marcel & Administrator)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [43871968 2015-06-26] (Dropbox, Inc.)
HKLM\...\RunOnce: [*EmptyTemp] => cmd /c rd /q/s C:\FRST\Temp
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-2810977045-1315894760-386528613-1000\...\Run: [uTorrent] => C:\Users\Marcel\AppData\Roaming\uTorrent\uTorrent.exe [1998432 2015-05-12] (BitTorrent Inc.)
HKU\S-1-5-21-2810977045-1315894760-386528613-1000\...\Policies\system: [EnableLUA] 0
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
BootExecute: autocheck autochk *
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2810977045-1315894760-386528613-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-06-11] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-06-11] (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{A7EBB1DE-C35B-475A-A7D0-64D00582BCEC}: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\dckb56gh.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: about:home
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-14] ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-06-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-06-11] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-14] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-13] (Oracle Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF user.js: detected! => C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\dckb56gh.default\user.js [2015-05-13]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\dckb56gh.default\Extensions\adblockpopups@jessehakanen.net.xpi [2015-05-15]
FF Extension: MEGA - C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\dckb56gh.default\Extensions\firefox@mega.co.nz.xpi [2015-05-16]
FF Extension: Adblock Plus - C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\dckb56gh.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-15]
FF Extension: Greasemonkey - C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\dckb56gh.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-07-10]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\Marcel\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [Not Found]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-06-16] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (BlueStack Systems, Inc.)
S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [822904 2015-06-16] (BlueStack Systems, Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-09] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-09] (Dropbox, Inc.)
S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448976 2015-04-17] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [5821952 2015-05-11] (Broadcom Corporation) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [62152 2014-10-27] (Advanced Micro Devices, Inc.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-06-16] (BlueStack Systems)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-05-14] (Glarysoft Ltd)
S3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [22600 2013-11-18] ()
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115208 2015-05-13] (Oracle Corporation)
S3 atillk64; \??\C:\Program Files (x86)\ATI Technologies\AMD GPU Clock Tool\atillk64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-10 23:19 - 2015-07-10 23:19 - 00010822 _____ C:\Users\Marcel\Desktop\FRST.txt
2015-07-10 13:10 - 2015-07-10 13:10 - 02112512 _____ (Farbar) C:\Users\Marcel\Desktop\FRST64.exe
2015-07-10 12:33 - 2015-07-10 12:33 - 00000988 _____ C:\Users\Marcel\Desktop\Bandicam.lnk
2015-07-10 12:33 - 2015-07-10 12:33 - 00000988 _____ C:\Users\Administrator\Desktop\Bandicam.lnk
2015-07-10 12:33 - 2015-07-10 12:33 - 00000000 ____D C:\Users\Marcel\Documents\Bandicam
2015-07-10 12:33 - 2015-07-10 12:33 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\BANDISOFT
2015-07-10 12:33 - 2015-07-10 12:33 - 00000000 ____D C:\Program Files (x86)\BandiMPEG1
2015-07-10 12:33 - 2015-07-10 12:33 - 00000000 ____D C:\Program Files (x86)\Bandicam
2015-07-10 02:32 - 2015-07-10 02:32 - 00278344 _____ C:\Windows\Minidump\071015-9562-01.dmp
2015-07-10 01:23 - 2015-07-10 01:23 - 00000000 ____D C:\Users\Marcel\Desktop\Essential Data Tools 2.8 + Keygen + 100% Working
2015-07-10 01:23 - 2015-07-10 01:23 - 00000000 ____D C:\Users\Marcel\Desktop\DocumentsRescue Pro 6.11 Build 1025 + Keygen + 100% Working
2015-07-10 01:05 - 2015-07-10 01:05 - 00000000 ____D C:\Users\Marcel\Desktop\Stranded.Deep.Alpha.v0.03
2015-07-10 00:39 - 2015-07-10 09:39 - 00001837 _____ C:\Users\Public\Desktop\FileZilla Client.lnk
2015-07-10 00:39 - 2015-07-10 00:45 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\FileZilla
2015-07-10 00:39 - 2015-07-10 00:39 - 00000000 ____D C:\Program Files\FileZilla FTP Client
2015-07-09 21:29 - 2015-07-10 09:35 - 00000000 ____D C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP
2015-07-09 21:16 - 2015-07-09 21:16 - 00000000 _____ C:\autoexec.bat
2015-07-09 21:00 - 2015-07-09 21:00 - 00000000 ____D C:\Users\Marcel\.android
2015-07-09 20:09 - 2015-07-10 23:16 - 00000000 ___RD C:\Users\Marcel\Dropbox
2015-07-09 20:09 - 2015-07-09 20:09 - 00001226 _____ C:\Users\Marcel\Desktop\Dropbox.lnk
2015-07-09 20:07 - 2015-07-09 20:07 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Dropbox
2015-07-09 20:05 - 2015-07-10 23:16 - 00000000 ____D C:\Users\Marcel\AppData\Local\Dropbox
2015-07-09 20:05 - 2015-07-09 20:08 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-07-09 20:05 - 2015-07-09 20:05 - 00001210 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-07-09 19:01 - 2015-07-09 21:33 - 00000000 ____D C:\Users\Marcel\Desktop\uTorrent.3.4.3.Build.40633.Stable
2015-07-09 17:51 - 2015-07-09 17:52 - 00000042 _____ C:\Users\Marcel\Desktop\Neues Textdokument.txt
2015-07-09 16:36 - 2015-07-09 16:41 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Azureus
2015-07-09 16:36 - 2015-07-09 16:41 - 00000000 ____D C:\Program Files\Vuze
2015-07-09 16:36 - 2015-07-09 16:36 - 00000000 ____D C:\Users\Marcel\.swt
2015-07-09 16:08 - 2015-07-09 16:08 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\ESET
2015-07-09 16:08 - 2015-07-09 16:08 - 00000000 ____D C:\Users\Administrator\AppData\Local\ESET
2015-07-09 12:53 - 2015-01-22 09:42 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Marcel\Desktop\TDSSKiller.exe
2015-06-27 20:35 - 2015-06-27 20:35 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\ESET
2015-06-27 20:16 - 2015-07-10 02:32 - 00000000 ____D C:\Windows\Minidump
2015-06-27 20:16 - 2015-06-27 20:16 - 00278344 _____ C:\Windows\Minidump\062715-8876-01.dmp
2015-06-27 20:15 - 2015-06-27 20:31 - 00000000 __SHD C:\Windows\SysWOW64\Application Services
2015-06-27 20:14 - 2015-06-27 20:14 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\32373FC0-3615-4443-845E-5D1D23278BBA
2015-06-27 20:14 - 2015-06-27 20:14 - 00000000 ____D C:\lang
2015-06-27 20:13 - 2015-06-27 20:13 - 00000000 ____H C:\Users\Marcel\AppData\Roaming\TSCHILLER123.glp
2015-06-27 20:03 - 2015-06-27 20:29 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Foldername
2015-06-27 18:15 - 2015-06-27 18:21 - 00000000 ____D C:\Users\Marcel\Desktop\HackPack
2015-06-27 17:37 - 2015-06-27 17:37 - 00000000 ____D C:\Users\Marcel\Documents\Remedy
2015-06-27 17:33 - 2015-06-27 17:33 - 00060056 _____ C:\Users\Marcel\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-27 17:28 - 2015-07-10 23:15 - 00001064 _____ C:\Windows\setupact.log
2015-06-27 17:28 - 2015-07-10 13:09 - 00078164 _____ C:\Windows\PFRO.log
2015-06-27 17:28 - 2015-06-27 17:28 - 00272560 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-27 17:28 - 2015-06-27 17:28 - 00000000 _____ C:\Windows\setuperr.log
2015-06-27 12:31 - 2015-06-27 12:38 - 00000356 _____ C:\Users\Marcel\AppData\Roaming\.foobillardrc
2015-06-27 11:22 - 2015-06-27 11:22 - 00008192 __RSH C:\BOOTSECT.BAK
2015-06-26 19:12 - 2015-06-27 12:28 - 00000000 ____D C:\Program Files (x86)\FooBillard
2015-06-26 19:12 - 2015-06-26 19:12 - 00000000 ____D C:\Program Files (x86)\TowerToppler
2015-06-26 19:07 - 2015-06-26 19:07 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\supertuxkart
2015-06-26 19:00 - 2015-06-26 19:00 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Pingus
2015-06-26 18:59 - 2015-06-27 11:34 - 00000000 ____D C:\Program Files (x86)\Energie Tycoon
2015-06-26 18:59 - 2015-06-26 18:59 - 00000000 ____D C:\Users\Marcel\Documents\OpenTTD
2015-06-26 18:55 - 2015-06-26 18:55 - 00000000 ____D C:\Users\Marcel\Documents\My Safes
2015-06-26 18:55 - 2015-06-26 18:55 - 00000000 ____D C:\Users\Marcel\AppData\Local\PasswordSafe
2015-06-26 18:53 - 2015-06-26 18:54 - 00000000 ____D C:\Users\Marcel\AppData\Local\DesktopOK
2015-06-26 18:52 - 2015-06-26 18:54 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\BatteryBar
2015-06-26 18:51 - 2015-06-26 18:56 - 00000000 ____D C:\Program Files (x86)\RocketDock
2015-06-26 17:56 - 2015-07-10 23:18 - 00558751 _____ C:\Windows\WindowsUpdate.log
2015-06-26 14:43 - 2015-06-26 14:43 - 00000000 ____D C:\Users\Marcel\Desktop\Neue Welt-
2015-06-26 13:50 - 2015-06-26 13:50 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Abelssoft
2015-06-26 13:50 - 2015-06-26 13:50 - 00000000 ____D C:\Users\Marcel\AppData\Local\Abelssoft
2015-06-26 11:00 - 2015-06-26 13:50 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Don't Panic!
2015-06-25 17:35 - 2015-06-26 13:41 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\dvdcss
2015-06-25 17:26 - 2015-03-10 13:58 - 00949741 _____ C:\Users\Marcel\Desktop\MC Account Checker.jar
2015-06-25 15:29 - 2015-06-25 15:29 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\.technic
2015-06-24 08:15 - 2013-08-07 14:28 - 00401408 _____ C:\Program Files (x86)\wget.exe
2015-06-24 08:04 - 2015-06-24 08:05 - 00000000 ____D C:\Users\Marcel\Desktop\400.Android.Games.Collection [PAID APPS ONLY] - DroidIP
2015-06-24 07:26 - 2015-07-09 21:10 - 00000000 ___RD C:\Users\Marcel\Desktop\RAT Zeug
2015-06-16 01:28 - 2015-06-24 07:58 - 00000000 ____D C:\Users\Marcel\Desktop\Minecraft Cracking Tools
2015-06-15 08:36 - 2015-06-24 07:22 - 00000000 ____D C:\Users\Marcel\osc_files
2015-06-15 08:24 - 2015-07-10 23:19 - 00000000 ____D C:\FRST
2015-06-15 06:50 - 2015-06-16 01:44 - 00000000 __RHD C:\Users\Marcel\AppData\Roaming\Beta
2015-06-15 06:45 - 2015-06-15 06:45 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Cloud
2015-06-15 06:41 - 2015-06-15 06:41 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Cloud Net Beta
2015-06-13 06:21 - 2015-06-13 06:21 - 00000000 ____D C:\Users\Marcel\Tracing
2015-06-13 03:08 - 2015-06-26 07:55 - 00000000 ____D C:\Program Files (x86)\Icecream Screen Recorder
2015-06-13 03:07 - 2015-06-13 03:08 - 00000000 ____D C:\Users\Marcel\AppData\Local\LoiLo
2015-06-12 09:34 - 2015-06-27 18:35 - 00000000 ____D C:\Users\Marcel\AppData\Local\CrashDumps
2015-06-12 04:46 - 2015-06-12 04:46 - 00000000 ____D C:\Users\Marcel\Desktop\Is working
2015-06-11 10:46 - 2015-06-11 10:45 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-06-11 10:46 - 2015-06-11 10:45 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-06-11 10:46 - 2015-06-11 10:45 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-06-11 10:46 - 2015-06-11 10:45 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-06-11 10:45 - 2015-06-11 10:45 - 00000000 ____D C:\Program Files\Java
2015-06-11 10:31 - 2015-06-11 10:49 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\ftblauncher
2015-06-11 10:31 - 2015-06-11 10:47 - 00000000 ____D C:\Users\Marcel\AppData\Local\ftblauncher
2015-06-11 08:14 - 2015-06-11 08:14 - 00000000 ____D C:\Users\Marcel\Documents\Klei
2015-06-11 08:13 - 2015-06-11 08:13 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Az-Art
2015-06-11 08:09 - 2015-06-11 08:09 - 00001421 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-11 08:09 - 2015-06-11 08:09 - 00000020 ___SH C:\Users\Administrator\ntuser.ini
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 _SHDL C:\Users\Administrator\Vorlagen
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 _SHDL C:\Users\Administrator\Startmenü
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 _SHDL C:\Users\Administrator\Netzwerkumgebung
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 _SHDL C:\Users\Administrator\Lokale Einstellungen
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 _SHDL C:\Users\Administrator\Eigene Dateien
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 _SHDL C:\Users\Administrator\Druckumgebung
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Verlauf
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Anwendungsdaten
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 _SHDL C:\Users\Administrator\Anwendungsdaten
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2015-06-11 08:09 - 2015-06-11 08:09 - 00000000 ____D C:\Users\Administrator
2015-06-11 08:09 - 2009-07-13 21:54 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-11 08:09 - 2009-07-13 21:49 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-06-11 06:42 - 2015-06-11 06:42 - 00001047 _____ C:\Users\Marcel\Desktop\Terraria.exe.lnk
2015-06-11 06:24 - 2015-06-11 06:24 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\com.playsaurus.heroclicker
2015-06-11 06:01 - 2015-06-11 06:01 - 00000000 ____D C:\Users\Marcel\Documents\Colossal Order
2015-06-11 06:01 - 2015-06-11 06:01 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Steam
2015-06-11 06:01 - 2015-06-11 06:01 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Colossal Order
2015-06-11 06:01 - 2015-06-11 06:01 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\.mono
2015-06-11 06:01 - 2015-06-11 06:01 - 00000000 ____D C:\Users\Marcel\AppData\Local\Colossal Order
2015-06-10 22:55 - 2015-06-10 22:55 - 00000020 ___SH C:\Users\Marcel\ntuser.ini
2015-06-10 12:55 - 2015-06-10 12:55 - 00000000 __RHD C:\Users\Public\Libraries
2015-06-10 10:21 - 2015-06-10 10:21 - 00016738 _____ C:\Windows\SysWOW64\CCCInstall_201506101021471022.log
2015-06-10 10:17 - 2015-06-10 10:17 - 00000000 ____D C:\Program Files (x86)\Counter-Strike Global Offensive
2015-06-10 07:32 - 2015-06-10 07:32 - 00000000 ____D C:\Program Files (x86)\Universal Extractor
2015-06-10 07:01 - 2015-06-10 07:01 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA
2015-06-10 05:34 - 2015-06-26 18:59 - 00000000 ____D C:\Windows\SysWOW64\directx
2015-06-10 05:34 - 2015-06-10 06:20 - 00001030 _____ C:\Users\Marcel\Desktop\Left 4 Dead 2.lnk
2015-06-10 02:06 - 2015-06-01 12:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 02:06 - 2015-06-01 11:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-10 02:06 - 2015-05-27 07:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 02:06 - 2015-05-27 07:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-10 02:06 - 2015-05-25 10:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 02:06 - 2015-05-22 20:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-10 02:06 - 2015-05-22 20:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-10 02:06 - 2015-05-22 20:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-10 02:06 - 2015-05-22 20:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-10 02:06 - 2015-05-22 20:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-10 02:06 - 2015-05-22 20:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-10 02:06 - 2015-05-22 20:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-10 02:06 - 2015-05-22 20:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-10 02:06 - 2015-05-22 20:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-10 02:06 - 2015-05-22 20:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-10 02:06 - 2015-05-22 20:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-10 02:06 - 2015-05-22 20:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-10 02:06 - 2015-05-22 20:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-10 02:06 - 2015-05-22 19:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-10 02:06 - 2015-05-22 19:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-10 02:06 - 2015-05-22 19:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-10 02:06 - 2015-05-22 19:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-10 02:06 - 2015-05-22 19:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-10 02:06 - 2015-05-22 19:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-10 02:06 - 2015-05-22 19:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-10 02:06 - 2015-05-22 19:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-10 02:06 - 2015-05-22 19:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-10 02:06 - 2015-05-22 19:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-10 02:06 - 2015-05-22 19:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-10 02:06 - 2015-05-22 19:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-10 02:06 - 2015-05-22 19:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-10 02:06 - 2015-05-22 12:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 02:06 - 2015-05-22 12:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 02:06 - 2015-05-22 12:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 02:06 - 2015-05-22 12:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 02:06 - 2015-05-22 12:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 02:06 - 2015-05-22 12:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 02:06 - 2015-05-22 12:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 02:06 - 2015-05-22 11:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 02:06 - 2015-05-22 11:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 02:06 - 2015-05-22 11:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 02:06 - 2015-05-22 11:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 02:06 - 2015-05-22 11:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 02:06 - 2015-05-22 11:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 02:06 - 2015-05-22 11:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 02:06 - 2015-05-22 11:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 02:06 - 2015-05-22 11:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 02:06 - 2015-05-22 11:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 02:06 - 2015-05-22 11:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 02:06 - 2015-05-22 11:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 02:06 - 2015-05-22 11:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 02:06 - 2015-05-22 11:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 02:06 - 2015-05-22 11:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 02:06 - 2015-05-22 11:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 02:06 - 2015-05-22 11:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 02:06 - 2015-05-22 11:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 02:06 - 2015-05-22 11:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 02:06 - 2015-05-22 10:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 02:06 - 2015-05-22 10:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 02:06 - 2015-05-22 10:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 02:06 - 2015-05-22 10:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 02:06 - 2015-04-29 11:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 02:06 - 2015-04-29 11:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 02:06 - 2015-04-29 11:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 02:06 - 2015-04-29 11:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 02:06 - 2015-04-29 11:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 02:06 - 2015-04-29 11:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-10 02:06 - 2015-04-29 11:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-10 02:06 - 2015-04-29 11:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-10 02:06 - 2015-04-29 11:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-10 02:06 - 2015-04-29 11:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-10 02:06 - 2015-04-24 11:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 02:06 - 2015-04-24 10:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-10 23:18 - 2009-07-13 21:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-10 23:18 - 2009-07-13 21:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-10 23:15 - 2015-05-12 16:37 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\uTorrent
2015-07-10 23:15 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-10 13:16 - 2011-04-12 00:43 - 00699342 _____ C:\Windows\system32\perfh007.dat
2015-07-10 13:16 - 2011-04-12 00:43 - 00149450 _____ C:\Windows\system32\perfc007.dat
2015-07-10 13:16 - 2009-07-13 22:13 - 00965480 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-10 12:59 - 2015-05-15 19:29 - 00000000 ____D C:\Program Files\ESET
2015-07-10 11:58 - 2015-05-15 20:33 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\TeamViewer
2015-07-10 00:59 - 2015-05-14 04:48 - 00037624 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-07-09 21:37 - 2015-05-26 10:13 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2015-07-09 21:15 - 2015-05-11 19:49 - 00000000 ____D C:\Users\Marcel
2015-07-09 17:30 - 2015-05-12 17:32 - 00000000 ____D C:\Users\Marcel\Documents\My Games
2015-07-09 16:09 - 2015-05-12 16:22 - 00000000 ____D C:\Program Files\Unlocker
2015-07-09 16:01 - 2015-05-15 19:44 - 00000000 ____D C:\Windows\pss
2015-06-27 21:15 - 2014-12-27 15:29 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\#REVOLUTION
2015-06-27 20:35 - 2015-05-15 19:33 - 00000000 ____D C:\Users\Marcel\AppData\Local\ESET
2015-06-27 20:29 - 2009-07-13 20:20 - 00000000 __RSD C:\Windows\Media
2015-06-27 20:16 - 2009-07-13 22:32 - 00000000 ____D C:\Windows\Offline Web Pages
2015-06-27 20:14 - 2009-07-13 19:34 - 00000254 _____ C:\Windows\system.ini
2015-06-27 20:00 - 2011-04-12 00:54 - 00000000 ____D C:\Windows\CSC
2015-06-27 18:17 - 2015-05-23 06:41 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\vlc
2015-06-27 17:37 - 2015-05-23 05:52 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-26 11:17 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\NDF
2015-06-26 10:57 - 2015-05-14 18:06 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5
2015-06-26 07:55 - 2015-05-14 18:23 - 00000000 ____D C:\Program Files\LoiLo
2015-06-26 07:49 - 2015-06-08 10:35 - 00000000 ___RD C:\Users\Marcel\Desktop\Passwörter oder sonstiges
2015-06-25 14:42 - 2015-05-13 20:03 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\.minecraft
2015-06-24 23:04 - 2015-06-09 06:51 - 00000000 ____D C:\Program Files\PeerBlock
2015-06-24 10:09 - 2015-05-23 04:19 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Notepad++
2015-06-24 07:45 - 2015-05-12 17:24 - 00000000 ____D C:\Program Files\WinRAR
2015-06-23 13:30 - 2010-11-20 20:27 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-06-16 01:23 - 2009-07-13 22:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-15 10:08 - 2015-05-29 09:10 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Skype
2015-06-13 07:05 - 2015-05-15 20:15 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-06-10 22:55 - 2009-07-13 22:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-06-10 12:49 - 2015-05-14 18:07 - 00001188 _____ C:\Users\Marcel\Desktop\Glary Utilities 5.lnk
2015-06-10 12:41 - 2015-05-12 17:11 - 00000000 ____D C:\Program Files (x86)\ESET Online Scanner
2015-06-10 12:41 - 2009-07-13 20:20 - 00000000 __RHD C:\Users\Default
2015-06-10 12:12 - 2015-05-29 09:09 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-06-10 12:12 - 2009-07-13 20:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-06-10 12:10 - 2015-05-26 08:17 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2015-06-10 10:48 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files\DVD Maker
2015-06-10 10:48 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\Setup
2015-06-10 10:48 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-10 10:21 - 2015-05-11 19:51 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2015-06-10 08:14 - 2015-05-17 09:48 - 00000000 __SHD C:\Users\Marcel\AppData\Local\EmieUserList
2015-06-10 08:14 - 2015-05-17 09:48 - 00000000 __SHD C:\Users\Marcel\AppData\Local\EmieSiteList
2015-06-10 08:14 - 2015-05-17 09:48 - 00000000 __SHD C:\Users\Marcel\AppData\Local\EmieBrowserModeList
2015-06-10 08:12 - 2015-06-09 06:51 - 00001782 _____ C:\Users\Marcel\Desktop\PeerBlock.lnk
2015-06-10 07:09 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\oobe
2015-06-10 07:01 - 2015-06-07 07:29 - 00000000 ____D C:\GOG Games
2015-06-10 03:03 - 2015-05-15 14:25 - 00000000 ____D C:\Windows\system32\MRT
2015-06-10 03:00 - 2015-05-15 14:25 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Files in the root of some directories =======
2015-06-24 08:15 - 2013-08-07 14:28 - 0401408 _____ () C:\Program Files (x86)\wget.exe
2015-06-27 12:31 - 2015-06-27 12:38 - 0000356 _____ () C:\Users\Marcel\AppData\Roaming\.foobillardrc
2015-06-27 20:13 - 2015-06-27 20:13 - 0000000 ____H () C:\Users\Marcel\AppData\Roaming\TSCHILLER123.glp
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-07-10 01:55
==================== End of log ============================
FRST Logfile: Code:
ATTFilter scan result of Farbar Recovery Scan Tool (x64) Version:09-07-2015
Ran by Marcel at 2015-07-10 23:20:07
Running from C:\Users\Marcel\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2810977045-1315894760-386528613-500 - Administrator - Enabled) => C:\Users\Administrator
Gast (S-1-5-21-2810977045-1315894760-386528613-501 - Limited - Disabled)
Marcel (S-1-5-21-2810977045-1315894760-386528613-1000 - Administrator - Enabled) => C:\Users\Marcel
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2810977045-1315894760-386528613-1000\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Alan Wake's American Nightmare (HKLM-x32\...\Steam App 202750) (Version: - Remedy Entertainment)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.2.3.804 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.30.4239 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{79809712-A577-4B8C-A9FC-51945690C7DC}) (Version: 0.9.30.4239 - BlueStack Systems, Inc.)
Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.1.1500 - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: 5.100.82.97 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.6.8 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.29 - Dropbox, Inc.) Hidden
FileZilla Client 3.12.0 (HKLM-x32\...\FileZilla Client) (Version: 3.12.0 - Tim Kosse)
Free Video to MP3 Converter version 5.0.58.415 (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version: 5.0.58.415 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.58.505 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.58.505 - DVDVideoSoft Ltd.)
Glary Utilities 5.25 (HKLM-x32\...\Glary Utilities 5) (Version: 5.25.0.44 - Glarysoft Ltd)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.6.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.01.1002 - Intel Corporation)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 37.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.2 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.8.2 - Notepad++ Team)
PeerBlock 1.1+ (r677) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.1.0.677 - PeerBlock, LLC)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.02 - Qualcomm Atheros)
S.K.I.L.L. - Special Force 2 (HKLM-x32\...\Steam App 286940) (Version: - )
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.101 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.41459 - TeamViewer)
Terraria (HKLM-x32\...\1207665503_is1) (Version: 2.0.0.1 - GOG.com)
Universal Extractor 1.6.1 (HKLM-x32\...\Universal Extractor_is1) (Version: 1.6.1 - Jared Breland)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
10-07-2015 09:35:00 Removed SpyHunter
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 19:34 - 2015-06-10 12:39 - 00000768 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {B531456E-3FCD-4D08-8D3D-8E5D2EA9820F} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2015-07-08 06:07 - 2015-07-08 06:07 - 00043480 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2010-07-14 21:44 - 2010-07-14 21:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2015-04-15 13:13 - 2015-04-15 13:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2810977045-1315894760-386528613-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{E4FD5A1E-A3F7-4CE0-AC7E-C0ED0C95C22E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4979CA39-5DF3-4E38-A674-DCF6A8E4EAF4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{00851861-AF57-4437-BB2C-4D54A53A0FF7}] => (Allow) C:\Users\Marcel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1A6C1CF2-16FC-4FC9-A6DA-C1A82588BF15}] => (Allow) C:\Users\Marcel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{1E85229A-88B0-4D41-8D39-C4CC55EC9664}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{B4B7DDAA-476C-415C-92F7-68F70F58095E}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{D1FBC41C-47FA-4C16-A601-3DDE966B9371}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{8CA0F89F-B83C-4E9F-89DD-0F7A6E221841}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{F4EF3336-A813-4B83-BDB6-B2AA88ECE367}C:\windows\syswow64\svchost.exe] => (Block) C:\windows\syswow64\svchost.exe
FirewallRules: [UDP Query User{46F434D9-DC23-4239-A38B-2335252A2AB7}C:\windows\syswow64\svchost.exe] => (Block) C:\windows\syswow64\svchost.exe
FirewallRules: [{ECCE2D40-FE2E-4E40-82BA-596B23F869E1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E63E7D81-9799-4483-870D-6B145079F583}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C4E200C3-A8A4-44C1-A592-3066DACD100E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{BFC78A42-738C-4AB9-8F30-E76194B4551F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{A6390810-7AAD-46E9-B04D-F8B8A8034729}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A26439AE-DD0F-4DB4-A476-A08677B4C448}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CD7A39EA-E7A9-4FB5-85A6-596F8ED7E607}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{5633E093-A841-4025-8C65-294CF57BF154}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{53EEED36-F459-4FC1-B0AD-783FE2B9C5DD}] => (Allow) D:\Steam yolomode\steamapps\common\SKILL\DFUBG.exe
FirewallRules: [{C950E02C-EDF8-460E-85F5-2B6FD36733FF}] => (Allow) D:\Steam yolomode\steamapps\common\SKILL\DFUBG.exe
FirewallRules: [{CB76EE55-02A0-49A8-B91E-93FF647ACDB5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DF0B06EA-4136-46E2-AA11-84BC94942AF9}] => (Allow) D:\Steam yolomode\steamapps\common\SKILL\Binaries\Win32\sf2.exe
FirewallRules: [{737C03E7-A52A-43DA-8A14-0DAB39E85AC1}] => (Allow) D:\Steam yolomode\steamapps\common\SKILL\Binaries\Win32\sf2.exe
FirewallRules: [{34A3D606-9E97-4BE5-BC3F-2C50CD4B31D8}] => (Allow) D:\Steam yolomode\steamapps\common\alan wakes american nightmare\alan_wakes_american_nightmare.exe
FirewallRules: [{28F01107-508A-476C-94FE-11F3A7997272}] => (Allow) D:\Steam yolomode\steamapps\common\alan wakes american nightmare\alan_wakes_american_nightmare.exe
==================== Faulty Device Manager Devices =============
Name: Ethernet-Controller
Description: Ethernet-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/10/2015 11:18:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/10/2015 11:17:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/10/2015 01:11:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/10/2015 01:07:47 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (07/10/2015 09:35:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/10/2015 02:34:47 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/10/2015 00:17:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/09/2015 00:51:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/09/2015 00:43:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/09/2015 09:39:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (07/10/2015 11:18:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Software Protection" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/10/2015 11:18:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/10/2015 11:18:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/10/2015 11:18:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Druckwarteschlange" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/10/2015 11:18:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Broadcom Wireless LAN Tray Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/10/2015 11:18:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AMD External Events Utility" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/10/2015 09:33:10 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 10.07.2015 um 09:32:21 unerwartet heruntergefahren.
Error: (07/10/2015 02:32:58 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000050 (0xfffffa8048e4f190, 0x0000000000000000, 0xfffff800034ab9c5, 0x0000000000000005)C:\Windows\MEMORY.DMP071015-9562-01
Error: (07/10/2015 02:32:56 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 10.07.2015 um 02:31:38 unerwartet heruntergefahren.
Error: (07/10/2015 01:59:19 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Microsoft Office:
=========================
Error: (07/10/2015 11:18:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/10/2015 11:17:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/10/2015 01:11:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/10/2015 01:07:47 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Program Files (x86)\ESET Online Scanner\ESETSmartInstaller.exe
Error: (07/10/2015 09:35:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/10/2015 02:34:47 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/10/2015 00:17:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/09/2015 00:51:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/09/2015 00:43:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/09/2015 09:39:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2015-05-19 08:05:54.323
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-05-19 08:05:54.276
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-05-19 07:46:15.679
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-05-19 07:46:15.632
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-05-19 07:45:11.615
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-05-19 07:45:11.568
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-05-19 07:45:11.521
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-05-19 07:45:11.474
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7 CPU M 620 @ 2.67GHz
Percentage of memory in use: 32%
Total physical RAM: 3766.68 MB
Available physical RAM: 2544.41 MB
Total Virtual: 7531.57 MB
Available Virtual: 6211.4 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:50 GB) (Free:11.15 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Lokaler Datenträger1) (Fixed) (Total:61.79 GB) (Free:2.32 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 1559283B)
Partition 1: (Not Active) - (Size=61.8 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=50 GB) - (Type=07 NTFS)
==================== End of log ============================
|
|
11.07.2015, 12:19
| #8 |
| /// TB-Ausbilder /// Anleitungs-Guru | Einmal kurz durchchecken Gut soweit. Jetzt bitte das ganze illegale Zeug und die Cracks entfernen. Sonst ist hier Feierabend. Schritt 1   Download
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
11.07.2015, 18:14
| #9 |
| | Illegales entfernt Hier bidde  Der hat mein ganzes HackPak erased ! ;( Emsisoft Emergency Kit - Version 10.0 Letztes Update: 11.07.2015 09:56:14 Benutzerkonto: TSCHILLER123\Marcel Scan-Einstellungen: Scan-Methode: Eigener Scan Objekte: Rootkits, Speicher, Traces, C:\ PUPs-Erkennung: An Archiv-Scan: An ADS Scan: An Dateitypen-Filter: Aus Erweitertes Caching: An Direkter Festplattenzugriff: Aus Scan-Beginn: 11.07.2015 09:56:42 C:\Users\Marcel\AppData\Roaming\FolderName\ Gefunden: Trojan-Downloader.Win32.Andromeda (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\PROD.CAP Gefunden: Application.AdReg (A) C:\Users\Marcel\Desktop\HackPack\AccountCheckers\Elite Crackers HF Checker.exe Gefunden: Trojan.Generic.9105598 (B) C:\Users\Marcel\Desktop\HackPack\AccountCheckers\Profile_It_v1.6.exe Gefunden: Gen:Variant.Kazy.86627 (B) C:\Users\Marcel\Desktop\HackPack\Binder\Binder stubMOD .rar -> Binder stubMOD .exe Gefunden: Gen:Trojan.Heur.DP.bGW@auxM5oc (B) C:\Users\Marcel\Desktop\HackPack\Binder\DarkBinderV1.rar -> DarkBinderV1\DarKB!nder v1.exe Gefunden: Gen:Variant.Strictor.57864 (B) C:\Users\Marcel\Desktop\HackPack\Binder\Simple Binder By Nathan72389.rar -> Simple Binder By Nathan72389.exe Gefunden: Gen:Variant.Zusy.52716 (B) C:\Users\Marcel\Desktop\HackPack\Binder\ZMini.rar -> ZMini.exe Gefunden: Trojan.GenericKD.1854647 (B) C:\Users\Marcel\Desktop\HackPack\Bombers Spammers\Aneurysm E-bomber.rar -> Aneurysm E-bomber.exe Gefunden: Gen:Variant.Kazy.134755 (B) C:\Users\Marcel\Desktop\HackPack\Bombers Spammers\Binder stubMOD .rar -> Binder stubMOD .exe Gefunden: Gen:Trojan.Heur.DP.bGW@auxM5oc (B) C:\Users\Marcel\Desktop\HackPack\Binder\nBinder V 5.5.rar -> nBinder V 5.5\nBinderPRO_setup.exe Gefunden: Win32.Sality.3 (B) C:\Users\Marcel\Desktop\HackPack\Bombers Spammers\DarkBinderV1.rar -> DarkBinderV1\DarKB!nder v1.exe Gefunden: Gen:Variant.Strictor.57864 (B) C:\Users\Marcel\Desktop\HackPack\Bombers Spammers\Email bomber.rar -> Email bomber.exe Gefunden: Trojan.GenericKD.2370311 (B) C:\Users\Marcel\Desktop\HackPack\Bombers Spammers\Frosty Tools - Shell + Email Bomber.rar -> Frosty Tools - Shell + Email Bomber\Frosty Tools.exe Gefunden: Trojan.Generic.14540727 (B) C:\Users\Marcel\Desktop\HackPack\Bombers Spammers\Recreation Email Bomber.rar -> Recreation Email Bomber.exe Gefunden: Trojan.Generic.8171338 (B) C:\Users\Marcel\Desktop\HackPack\Bombers Spammers\Simple Binder By Nathan72389.rar -> Simple Binder By Nathan72389.exe Gefunden: Gen:Variant.Zusy.52716 (B) C:\Users\Marcel\Desktop\HackPack\Bombers Spammers\ZMini.rar -> ZMini.exe Gefunden: Trojan.GenericKD.1854647 (B) C:\Users\Marcel\Desktop\HackPack\Bombers Spammers\nBinder V 5.5.rar -> nBinder V 5.5\nBinderPRO_setup.exe Gefunden: Win32.Sality.3 (B) C:\Users\Marcel\Desktop\HackPack\Booter\AmusBoot.exe Gefunden: Gen:Variant.Kazy.541687 (B) C:\Users\Marcel\Desktop\HackPack\Bombers Spammers\my-sms.rar -> my-sms\smsb0mb.exe Gefunden: Win32.Sality.3 (B) C:\Users\Marcel\Desktop\HackPack\Bombers Spammers\Nuisance Pack.rar -> Nuisance Pack.exe Gefunden: Trojan.Generic.7010105 (B) C:\Users\Marcel\Desktop\HackPack\Booter\Kbot Builder.rar -> Kbot Builder\KBot Builder.exe Gefunden: Gen:Variant.Kazy.149634 (B) C:\Users\Marcel\Desktop\HackPack\Botnet\ExoNet - Full Source\debugging\ExoNet- EXE\AdobeAir\obj\x86\Debug\AdobeAirUpdater.exe Gefunden: Gen:Variant.Zusy.98086 (B) C:\Users\Marcel\Desktop\HackPack\Botnet\ExoNet - Full Source\debugging\ExoNet- EXE\AdobeAir\obj\x86\Release\AdobeAirUpdater.exe Gefunden: Gen:Variant.Zusy.98086 (B) C:\Users\Marcel\Desktop\HackPack\Botnet\Kbot Builder.rar -> Kbot Builder\KBot Builder.exe Gefunden: Gen:Variant.Kazy.149634 (B) C:\Users\Marcel\Desktop\HackPack\Botnet\SmokeBot Cracked.rar -> SmokeBot Cracked\SmokeBuilder.exe Gefunden: Gen:Variant.Kazy.131813 (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{Bat}\Deadly computer batches(dont run).rar -> Deadly computer batches(dont run)\Killer.bat Gefunden: BehavesLike:BAT.Gen (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{Perl}\17.rar -> 17.pl Gefunden: Trojan.Script.30201 (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{HTTP botnets}\Exodus Loader.rar -> Exodus Loader\Server\NACL\obj\x86\Debug\lssas.exe Gefunden: Gen:Variant.Kazy.88356 (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{Perl}\Perl Scripting.rar -> Perl Scripting\ConnectBack Backdoor Shell vs 1.0.pl -> (unicode) Gefunden: Trojan.Script.147509 (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{Perl}\Perl Scripting.rar -> Perl Scripting\Stealth ShellBot Verson 0.2.pl -> (unicode) Gefunden: Trojan.Script.152422 (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\antichat.rar -> antichat.txt Gefunden: Backdoor.PHP.WebShell.W (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\antichat.rar -> antichat.php Gefunden: Backdoor.PHP.C99Shell.AX (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\Antichat_Shell_v1.3.rar -> Antichat_Shell_v1.3.txt Gefunden: Backdoor.PHP.WebShell.W (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\aspx.rar -> aspx.txt -> (SCRIPT-EXTERNAL 1) Gefunden: Trojan.JS.Agent.FDA (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\Ayyildiz_Tim_AYT_Shell_v 2.1_Biz.rar -> Ayyildiz_Tim_AYT_Shell_v 2.1_Biz.txt Gefunden: Trojan.Script.40786 (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\aspx.rar -> aspx.txt -> (SCRIPT-EXTERNAL 2) Gefunden: Trojan.JS.Agent.FDA (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\aspx.rar -> aspx.txt -> (SCRIPT-EXTERNAL 3) Gefunden: Trojan.JS.Agent.FDA (B) C:\Users\Marcel\Desktop\HackPack\Botnet\vOlk 4.rar -> vOlk 4\vb6 Source Server\Modules\iDonwExec.bas Gefunden: Generic.XPL.ADODB.2DD359C4 (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\c100(1).rar -> c100(1).txt -> (SCRIPT-EXTERNAL 1) Gefunden: Trojan.JS.Agent.FDA (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\c100(1).rar -> c100(1).txt -> (SCRIPT-EXTERNAL 2) Gefunden: Trojan.JS.Agent.FDA (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\c99ud.rar -> c99ud.txt Gefunden: Trojan.Script.449504 (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\c100.rar -> c100.txt Gefunden: Backdoor.PHP.AMB (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\c100.rar -> c100.php Gefunden: Backdoor.PHP.C99Shell.AX (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\c99.rar -> c99.php Gefunden: Virtool.PHP.C99Shell.B (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\cgi.rar -> cgi.php Gefunden: Backdoor.PHP.C99Shell.AX (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\c999.rar -> c999.php Gefunden: Virtool.PHP.C99Shell.D (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\Crystal.rar -> Crystal.txt Gefunden: Trojan.Script.204868 (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\cmd.rar -> cmd.txt -> (SCRIPT-EXTERNAL 1) Gefunden: Trojan.JS.Agent.FDA (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\cmd.rar -> cmd.txt -> (SCRIPT-EXTERNAL 2) Gefunden: Trojan.JS.Agent.FDA (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\CWShellDumper.rar -> CWShellDumper.txt -> (SCRIPT-EXTERNAL 1) Gefunden: Trojan.JS.Agent.FDA (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\CWShellDumper.rar -> CWShellDumper.txt -> (SCRIPT-EXTERNAL 2) Gefunden: Trojan.JS.Agent.FDA (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\ctt_sh.rar -> ctt_sh.txt Gefunden: Backdoor.PHP.C99Shell.AH (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\CWShellDumper.rar -> CWShellDumper.php Gefunden: Backdoor.PHP.C99Shell.AX (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\Dive_Shell_1.0_Emperor_Hacking_Team.rar -> Dive_Shell_1.0_Emperor_Hacking_Team.txt Gefunden: Trojan.Script.227734 (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\dC3_Security_Crew_Shell_PRiV.rar -> dC3_Security_Crew_Shell_PRiV.txt Gefunden: Trojan.Script.17569 (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\Dx.rar -> Dx.txt Gefunden: Backdoor.PHP.PhpShell.E (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\ekin0x.rar -> ekin0x.txt -> (SCRIPT-EXTERNAL 1) Gefunden: Trojan.JS.Agent.FDA (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\ekin0x.rar -> ekin0x.txt -> (SCRIPT-EXTERNAL 2) Gefunden: Trojan.JS.Agent.FDA (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\ekin0x.rar -> ekin0x.php Gefunden: Backdoor.PHP.C99Shell.AX (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\dq.rar -> dq.txt Gefunden: Backdoor.PHP.C99Shell.Q (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\erne.rar -> erne.php Gefunden: Backdoor.PHP.C99Shell.AX (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\fso.rar -> fso.txt -> (unicode) -> (SCRIPT-EXTERNAL 1) Gefunden: Trojan.JS.Agent.FDA (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\GFS web-shell ver 3.1.7 - PRiV8.rar -> GFS web-shell ver 3.1.7 - PRiV8.txt Gefunden: Backdoor.PHP.RST.H (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\fso.rar -> fso.php Gefunden: Backdoor.PHP.C99Shell.AX (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\itsecteam_shell.rar -> itsecteam_shell.php Gefunden: Backdoor.PHP.AOQ (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\Jackal v1.9.rar -> Jackal v1.9.php Gefunden: Trojan.Script.O (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\gfs_sh.rar -> gfs_sh.txt Gefunden: Backdoor.PHP.RST.H (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\kacak.rar -> kacak.txt -> (SCRIPT-EXTERNAL 1) Gefunden: Trojan.JS.Agent.FDA (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\liz0zim.rar -> liz0zim.txt Gefunden: Trojan.Exploit.PHP.K (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\liz0zim.rar -> liz0zim.php Gefunden: Backdoor.PHP.C99Shell.AX (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\lamashell.rar -> lamashell.txt Gefunden: Trojan.Script.15027 (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\kacak.rar -> kacak.txt -> (SCRIPT-EXTERNAL 3) Gefunden: Trojan.JS.Agent.FDA (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\kacak.rar -> kacak.php Gefunden: Backdoor.PHP.C99Shell.AX (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\login.rar -> login.php Gefunden: Backdoor.PHP.C99Shell.AX (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\Liz0ziM Private Safe Mode.rar -> Liz0ziM Private Safe Mode.txt Gefunden: Trojan.Exploit.PHP.K (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\Moroccan Spamers Ma-EditioN By GhOsT.rar -> Moroccan Spamers Ma-EditioN By GhOsT.txt Gefunden: Trojan.Script.228354 (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\Moroccan Spamers Ma-EditioN By GhOsT.rar -> Moroccan Spamers Ma-EditioN By GhOsT.php Gefunden: Trojan.Script.228354 (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\nstview.rar -> nstview.txt Gefunden: Trojan.Script.26770 (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\nst.rar -> nst.txt Gefunden: Trojan.Script.26770 (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\PHANTASMA.rar -> PHANTASMA.txt Gefunden: Trojan.Exploit.SSN (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\NIX REMOTE WEB-SHELL v.0.5 alpha Lite Public Version.rar -> NIX REMOTE WEB-SHELL v.0.5 alpha Lite Public Version.txt Gefunden: Backdoor.PHP.RST.H (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\PH Vayv.rar -> PH Vayv.txt Gefunden: Backdoor.PHP.AUE (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\NIX REMOTE WEB-SHELL v.0.5 alpha Lite Public Version.rar -> NIX REMOTE WEB-SHELL v.0.5 alpha Lite Public Version.php Gefunden: Backdoor.PHP.RST.H (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\r57.rar -> r57.txt Gefunden: Backdoor.PHP.RST.H (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\r57.rar -> r57.php Gefunden: Backdoor.PHP.RST.H (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\ru24_post_sh.rar -> ru24_post_sh.txt Gefunden: Trojan.Script.113507 (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\r57shell1.40.rar -> r57shell1.40.txt Gefunden: Backdoor.PHP.RST.H (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\safe0ver.rar -> safe0ver.txt Gefunden: Application.PHP.Haxplorer.A (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\safe0ver.rar -> safe0ver.php Gefunden: Backdoor.PHP.C99Shell.AX (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\safe0ver(1).rar -> safe0ver(1).txt Gefunden: Application.PHP.Haxplorer.A (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\simattacker.rar -> simattacker.php Gefunden: Backdoor.PHP.C99Shell.AX (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\simattacker(1).rar -> simattacker(1).txt -> (SCRIPT-EXTERNAL 1) Gefunden: Trojan.JS.Agent.FDA (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\SimShell 1.0 - Simorgh Security MGZ.rar -> SimShell 1.0 - Simorgh Security MGZ.txt Gefunden: Trojan.Script.44186 (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\sosyete(1).rar -> sosyete(1).txt -> (SCRIPT-EXTERNAL 1) Gefunden: Trojan.JS.Agent.FDA (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\sosyete(1).rar -> sosyete(1).txt -> (SCRIPT-EXTERNAL 2) Gefunden: Trojan.JS.Agent.FDA (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\sosyete.rar -> sosyete.php Gefunden: Backdoor.PHP.C99Shell.AX (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\Misc Script.rar -> Misc Script\madspotshell.php Gefunden: Trojan.Script.CFW (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\stres.rar -> stres.php Gefunden: Backdoor.PHP.C99Shell.AX (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\tryag1.rar -> tryag1.txt -> (SCRIPT-EXTERNAL 1) Gefunden: Trojan.JS.Agent.FDA (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\tryag1.rar -> tryag1.txt -> (SCRIPT-EXTERNAL 2) Gefunden: Trojan.JS.Agent.FDA (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\zacosmall.rar -> zacosmall.txt Gefunden: Trojan.Script.40326 (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\zehir4.rar -> zehir4.txt Gefunden: Backdoor.ASP.Ace.F (B) C:\Users\Marcel\Desktop\HackPack\Bots\IRC Bot Builder\Builder.exe Gefunden: Trojan.Generic.7569248 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\0 Crypter .exe Gefunden: Gen:Variant.Zusy.60373 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\Black-Crypt.rar -> Black Crypt.exe Gefunden: Trojan.Generic.12182020 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\Black-Crypt.rar -> Ccleaner.exe Gefunden: Gen:Variant.Kazy.489311 (B) C:\Users\Marcel\Desktop\HackPack\Bots\{youtube bots}\Youtube Viewer.rar -> Youtube Viewer\Auto Youtube viewer.exe Gefunden: Win32.Sality.3 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\CryptexV3Cracked.exe Gefunden: Gen:Variant.Strictor.136 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\DarKB!nder v1.exe Gefunden: Gen:Variant.Strictor.57864 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\Grieve Crypter 2012.exe Gefunden: Trojan.GenericKD.1695433 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\Infinity Crypter v2.exe Gefunden: Trojan.Generic.7555382 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\Infinity Crypter\Infinity Crypter.exe Gefunden: Trojan.Generic.KDV.102818 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\Infinity Crypter\Stubs\Stub_1.exe Gefunden: Gen:Variant.Kazy.238695 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\Infinity Crypter\Stubs\Stub_2.exe Gefunden: Gen:Variant.Strictor.28970 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\Infinity Crypter\Stubs\Stub_3.exe Gefunden: Gen:Variant.Kazy.467060 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\Infinity Crypter\Stubs\Stub_4.exe Gefunden: Trojan.Generic.3295278 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\Infinity Crypter\Stubs\Stub_5.exe Gefunden: Gen:Variant.Zusy.14467 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\Mingo Crypter V3.exe Gefunden: Trojan.GenericKD.1959191 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\MoonCrypter.exe Gefunden: Gen:Variant.Raldhep.1 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\Porn Crypter.rar -> PC.exe Gefunden: Gen:Variant.Kazy.459985 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\Byte Crypter V3.rar -> Byte Crypter V3\ByteCrypter v3 cracked by blackpearl[deceptiveengineering.info].exe Gefunden: Gen:Variant.Kazy.147394 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\Psomasweb_Public_Rinajel_Crypter.exe Gefunden: Gen:Variant.Kazy.105505 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\Sikandar's Crypter Version 7.0.exe Gefunden: Gen:Variant.Kazy.386880 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\Stub3.exe Gefunden: Gen:Trojan.Heur.VP2.lm0@aG!o60Q (B) C:\Users\Marcel\Desktop\HackPack\Crypter\Syslogger.zip -> Syslogger/Syslogger Builder.exe Gefunden: Gen:Variant.Kazy.83584 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\SImple Crypt0r v2.rar -> SImple Crypt0r v2\Crypter.exe Gefunden: Gen:Variant.Graftor.35086 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\SImple Crypt0r v2.rar -> SImple Crypt0r v2\Stub.exe Gefunden: Gen:Heur.VB.Krypt.16 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\Tyna Crypter.rar -> Tyna Crypter\Tyna Crypter.exe Gefunden: Trojan.GenericKD.1464705 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\ZMini.exe Gefunden: Trojan.GenericKD.1854647 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\ZMini.rar -> ZMini.exe Gefunden: Trojan.GenericKD.1854647 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\Unknow Crypter Private.rar -> Unknow Crypter rivate\stub.exe Gefunden: Trojan.Generic.7506173 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\Codelux Crypter v2.6.1 cracked by blazed.rar -> Codelux Crypter v2.6.1 cracked by blazed\CodeluxCrypterV2.6.1.exe -> (NSIS o) -> zlib_nsis0001 Gefunden: Gen:Variant.Symmi.32007 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\Codelux Crypter v2.6.1 cracked by blazed.rar -> Codelux Crypter v2.6.1 cracked by blazed\CodeluxCrypterV2.6.1.exe -> (NSIS o) -> zlib_nsis0002 Gefunden: Trojan.Generic.9426359 (B) C:\Users\Marcel\Desktop\HackPack\Crypto Cracker\mdbruterzip20040221-1.rar -> mdbruterzip20040221-1\mdbruter.exe Gefunden: Trojan.Agent.BJNI (B) C:\Users\Marcel\Desktop\HackPack\Crypter\CrypteX Advanced.rar -> CrypteX Advanced\Cryptex_Advanced-V3.0.5 - Cracked by RoN1N.exe Gefunden: Gen:Variant.Strictor.18484 (B) C:\Users\Marcel\Desktop\HackPack\DDOS tools\ByteDOS v3.2.1.rar -> ByteDOS v3.2.1\ByteDOS v3.2.exe Gefunden: Application.Hacktool.DOS.D (B) C:\Users\Marcel\Desktop\HackPack\DDOS tools\Flooder.exe Gefunden: Gen:Variant.Kazy.74137 (B) C:\Users\Marcel\Desktop\HackPack\DDOS tools\Hoic.rar -> Hoic\DutchFreedom.hoic Gefunden: Trojan.Hacktool.Agent.BK (B) C:\Users\Marcel\Desktop\HackPack\DDOS tools\Hoic.rar -> Hoic\GenericBoost.hoic Gefunden: Trojan.Hacktool.Agent.BK (B) C:\Users\Marcel\Desktop\HackPack\DDOS tools\UDP Flood Pack v1.rar -> UDP Flood Pack v1.exe Gefunden: Gen:Heur.Tomegun.15 (B) C:\Users\Marcel\Desktop\HackPack\DDOS tools\Hoic.rar -> Hoic\visa_stress.hoic Gefunden: Trojan.Hacktool.Agent.BK (B) C:\Users\Marcel\Desktop\HackPack\DDOS tools\UDP Flooder.rar -> UDP Flooder.exe Gefunden: Gen:Heur.Tomegun.15 (B) C:\Users\Marcel\Desktop\HackPack\DDOS tools\aDoser.rar -> aDoser\xRun.jar -> impl/DisableWebcamLightsStub.jar -> DisableWebcamLights.class Gefunden: Java.Trojan.Jrat.A (B) C:\Users\Marcel\Desktop\HackPack\DDOS tools\BFF DoS (Ping) v1.0.exe Gefunden: Riskware.Win32.DosFlood (A) C:\Users\Marcel\Desktop\HackPack\DDOS tools\UDP Flooder By FKN.exe Gefunden: Gen:Heur.Tomegun.15 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\blackhole\blackhole\games\javaobe.jar -> workpack/editor.class Gefunden: Java.Exploit.CVE-2010-0840.AW (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\blackhole\blackhole\games\javaobe.jar -> xmleditor/peers.class Gefunden: Java.Exploit.CVE-2010-0840.Y (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\Bleeding Life v2\Bleeding Life v2\Bleeding Life v2\exploits\Java-2010-0842.jar -> ToolsDemo.class Gefunden: Java.Exploit.CVE-2010-0842.G (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\Bleeding Life v2\Bleeding Life v2\Bleeding Life v2\exploits\JavaSignedApplet.jar -> RequiredJavaComponent.class Gefunden: Java.Trojan.Downloader.OpenConnection.AL (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\CRIMEPACK 3.0\CRIMEPACK 3.0\dlstub Gefunden: Trojan.Generic.4050242 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\CRIMEPACK 3.0\CRIMEPACK 3.0\jvm.dll Gefunden: Trojan.Generic.4820172 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\admin\crupt.php Gefunden: Trojan.Script.224586 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\Gr3eNoX LFi Exploiter.exe Gefunden: Gen:Variant.Strictor.2474 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\Bleeding Life v2\Bleeding Life v2\Bleeding Life v2.zip -> Bleeding Life v2/exploits/Java-2010-0842.jar -> ToolsDemo.class Gefunden: Java.Exploit.CVE-2010-0842.G (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\Bleeding Life v2\Bleeding Life v2\Bleeding Life v2.zip -> Bleeding Life v2/exploits/JavaSignedApplet.jar -> RequiredJavaComponent.class Gefunden: Java.Trojan.Downloader.OpenConnection.AL (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\exploits\x1.php Gefunden: Trojan.Script.55254 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\exploits\x12.php Gefunden: Exploit.RealPlr.K (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\exploits\x15.php Gefunden: Trojan.Script.55261 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\exploits\x10.php Gefunden: Exploit.RealPlr.K (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\exploits\x1_all.php Gefunden: Trojan.Script.55254 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\exploits\x16.php Gefunden: Exploit.RealPlr.K (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\exploits\x4.php Gefunden: Trojan.Script.66125 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\exploits\x2.php Gefunden: Trojan.Script.55418 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\exploits\x6.php Gefunden: Trojan.Script.55727 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\exploits\x5.php Gefunden: Trojan.Script.96015 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\exploits\x7.php Gefunden: Trojan.Script.64357 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\exploits\x8.php Gefunden: Exploit.RealPlr.K (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\exploits\x3.php Gefunden: Trojan.Script.55662 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\index.php Gefunden: Trojan.Downloader.JS.DF (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\Luiz Eleonore Exp 1.2\Luiz Eleonore Exp 1.2\Luiz Eleonore Exp 1.2\pdf.php Gefunden: Trojan.Script.191762 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\Luiz Eleonore Exp 1.2\Luiz Eleonore Exp 1.2\Luiz Eleonore Exp 1.2\virutalg_elen2.sql Gefunden: Trojan.Script.296531 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\Luiz Eleonore Exp 1.2\Luiz Eleonore Exp 1.2\Luiz Eleonore Exp 1.2.rar -> Luiz Eleonore Exp 1.2\exp.php Gefunden: Trojan.Script.206005 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\Luiz Eleonore Exp 1.2\Luiz Eleonore Exp 1.2\Luiz Eleonore Exp 1.2.rar -> Luiz Eleonore Exp 1.2\pdf.php Gefunden: Trojan.Script.191762 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\Luiz Eleonore Exp 1.2\Luiz Eleonore Exp 1.2\Luiz Eleonore Exp 1.2.rar -> Luiz Eleonore Exp 1.2\virutalg_elen2.sql Gefunden: Trojan.Script.296531 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\Luiz Eleonore Exp 1.2\Luiz Eleonore Exp 1.2\Luiz Eleonore Exp 1.2\exp.php Gefunden: Trojan.Script.206005 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN.rar -> admin\crupt.php Gefunden: Trojan.Script.224586 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN.rar -> exploits\x1.php Gefunden: Trojan.Script.55254 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN.rar -> exploits\x10.php Gefunden: Exploit.RealPlr.K (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN.rar -> exploits\x12.php Gefunden: Exploit.RealPlr.K (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN.rar -> exploits\x15.php Gefunden: Trojan.Script.55261 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\mod\______________ ______(__ ________)\cmd\cmd.txt Gefunden: Generic.XPL.HelpX.9672BADE (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN.rar -> exploits\x16.php Gefunden: Exploit.RealPlr.K (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN.rar -> exploits\x1_all.php Gefunden: Trojan.Script.55254 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN.rar -> exploits\x2.php Gefunden: Trojan.Script.55418 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN.rar -> exploits\x3.php Gefunden: Trojan.Script.55662 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN.rar -> exploits\x4.php Gefunden: Trojan.Script.66125 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN.rar -> exploits\x5.php Gefunden: Trojan.Script.96015 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN.rar -> exploits\x6.php Gefunden: Trojan.Script.55727 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN.rar -> exploits\x7.php Gefunden: Trojan.Script.64357 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN.rar -> exploits\x8.php Gefunden: Exploit.RealPlr.K (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN.rar -> index.php Gefunden: Trojan.Downloader.JS.DF (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\mod\______________ ______(__ ________)\lz\lz.txt Gefunden: Generic.XPL.Phel.CB4D90E2 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\mod\ok\ani\ani.anr Gefunden: Exploit.Win32.MS05-002.Gen (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\mod\ok\java\java.jar Gefunden: Trojan.Downloader.Java.OpenConnection.AJ (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\mod\ok\jpg+chm\ch\x.htm -> (JAVASCRIPT 1) Gefunden: Generic.XPL.CodeBase.5B753616 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\mod\ok\jpg+chm\counter.gif Gefunden: Generic.XPL.MhtRedir.F7065105 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\mod\ok\xhta.hta Gefunden: Trojan.Script.415311 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\mod\ok\ppp3.php Gefunden: Generic.XPL.HelpX.2CB75853 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\mod\popup\bh\bh.html -> (JAVASCRIPT 3) Gefunden: Trojan.Dropper.Js.Agent.D (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\mod\popup\wscript\wn2.htm -> (JAVASCRIPT 3) Gefunden: JS.Exploit.DialogArg.B (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\mod\shell\shellcodes\2K-EN-0x77E70000\2k_sc_utf16.txt Gefunden: Trojan.Script.433843 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\mod\popup\wscript\wn2.htm -> (JAVASCRIPT-COMPILATION) Gefunden: JS.Exploit.DialogArg.B (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\mod\shell\shellcodes\95-EN-0xBFF70000\95_sc_utf16.txt Gefunden: Trojan.Script.437872 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\mod\shell\shellcodes\98-EN-0xBFF70000\98_sc_utf16.txt Gefunden: Trojan.Script.437872 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\mod\shell\shellcodes\ME-EN-0xBFF60000\me_sc_utf16.txt Gefunden: Trojan.Script.228462 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\mod\shell\shellcodes\NT-EN-0x77F00000\nt_sc_utf16.txt Gefunden: Trojan.Script.235341 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\mod\popup\wscript.php -> (JAVASCRIPT 5) Gefunden: JS.HidePopup.A (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\mod\popup\wscript.php -> (JAVASCRIPT-COMPILATION) Gefunden: JS.HidePopup.A (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\mod\shell\shellcodes\XP-EN-0x77F60000\xp_sc_utf16.txt Gefunden: Trojan.Script.452443 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\progs\ANISPL\ani.anr Gefunden: Exploit.Win32.MS05-002.Gen (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\mod\shell\shellcodes\XP-RU-0x7C800000\xp-ru_sc_utf16.txt Gefunden: Trojan.Script.462461 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\progs\ANISPL\ani.exe Gefunden: Trojan.Generic.1572364 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\progs\SHELLCODE_GEN\95-EN-0xBFF70000\95_sc_utf16.txt Gefunden: Trojan.Script.437872 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\progs\SHELLCODE_GEN\98-EN-0xBFF70000\98_sc_utf16.txt Gefunden: Trojan.Script.437872 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\progs\SHELLCODE_GEN\ME-EN-0xBFF60000\me_sc_utf16.txt Gefunden: Trojan.Script.228462 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\progs\SHELLCODE_GEN\NT-EN-0x77F00000\nt_sc_utf16.txt Gefunden: Trojan.Script.235341 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\progs\SHELLCODE_GEN\payload.exe Gefunden: Trojan.Generic.5516307 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\progs\SHELLCODE_GEN\test_shell_code.exe Gefunden: Trojan.Generic.3985463 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\progs\SHELLCODE_GEN\XP-EN-0x77F60000\xp_sc_utf16.txt Gefunden: Trojan.Script.452443 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\progs\SHELLCODE_GEN\XP-RU-0x7C800000\xp-ru_sc_utf16.txt Gefunden: Trojan.Script.462461 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\progs\SHELLCODE_GEN\2K-EN-0x77E70000\2k_sc_utf16.txt Gefunden: Trojan.Script.433843 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\2.6\index.php Gefunden: Trojan.Downloader.HTML.E (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\3.0\index.php Gefunden: Trojan.Downloader.HTML.E (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\___\files\spl\ani.anr Gefunden: Exploit.Win32.MS05-002.Gen (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\___\files\spl\firefox\fxsploit.php Gefunden: Exploit.HTML.IframeBof.BN (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\___\files\spl\java\java.jar -> SuperMSClassLoader.class Gefunden: Trojan.Java.Exploit.Bytverify.A (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\___\files\spl\java\java.jar -> Installer.class Gefunden: Trojan.Downloader.JAVA.Netlu.A (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\___\files\spl\onload\fillmem.php Gefunden: Generic.XPL.IECrash.A755A0E0 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\___\files\spl\odre.hta Gefunden: Exploit.ADODB.Stream.O (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\adpack-1\12.htm Gefunden: Exploit.HTML.IframeBof.BN (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\adpack-1\index.php Gefunden: Trojan.Script.26015 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\adpack-1\load.php Gefunden: Trojan.Script.123290 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\adpack-1\rifff.htm Gefunden: Exploit.Win32.MS05-002.Gen (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\adpack-2\exploits.php -> (JAVASCRIPT 2) Gefunden: Trojan.Script.52415 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\adpack-2\exploits.php -> (JAVASCRIPT 3) Gefunden: Trojan.Script.444945 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\adpack-2\exploits.php -> (JAVASCRIPT-COMPILATION) Gefunden: Trojan.Script.9875 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\adpack-2\index.php Gefunden: Trojan.Script.26015 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\adpack-2\java.php Gefunden: Trojan.Agent.AIXE (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\adpack-2\load.php Gefunden: Trojan.Script.123290 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\armitage\bof.php Gefunden: Exploit.HTML.Agent.AO (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\armitage\e.php Gefunden: Generic.XPL.ADODB.06320A17 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\armitage\ff.php Gefunden: Exploit.HTML.Agent.AO (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\armitage\opera.php -> (JAVASCRIPT 1) Gefunden: Trojan.Script.36919 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\cry217\xd.php Gefunden: Exploit.ADODB.Stream.GH (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\fiesta-1\index.php Gefunden: Trojan.Script.26838 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\fiesta-1\java.php Gefunden: Trojan.Agent.AIXE (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\fiesta-2\1.swf Gefunden: Exploit.CVE-2007-0071.Gen (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\fiesta-2\_1.swf Gefunden: Exploit.CVE-2007-0071.Gen (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\fiesta-2\index.php Gefunden: Trojan.Script.14756 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\adpack-1\file.exe Gefunden: Trojan.PWS.LDPinch.TDD (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\firepack-2\exp\msie.php Gefunden: Exploit.ADODB.Stream.GH (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\g-pack\admin.php Gefunden: Trojan.Script.18375 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\g-pack\exploits.php -> (JAVASCRIPT 2) Gefunden: Trojan.Script.23785 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\g-pack\exploits.php -> (JAVASCRIPT 3) Gefunden: Trojan.Script.444945 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\g-pack\exploits.php -> (JAVASCRIPT-COMPILATION) Gefunden: Trojan.Script.151893 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\g-pack\index.php Gefunden: Trojan.Script.8782 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\adpack-1\_file.exe Gefunden: Trojan.Spy.ZBot.BA (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\adpack-1\exploits.php Gefunden: Trojan.JS.Psyme.J (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\ice-pack-1\exploits\i.php Gefunden: Trojan.Script.224243 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\ice-pack-1\exploits\movie.bin Gefunden: Exploit.JS.BO.D (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\ice-pack-1\exploits\f.php Gefunden: Trojan.Script.2493 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\ice-pack-1\exploits\o.php Gefunden: Trojan.Script.2493 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\ice-pack-1\exploits\ff.php Gefunden: Trojan.Downloader.JS.DF (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\ice-pack-1\index.php Gefunden: Trojan.Downloader.JS.DF (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\ice-pack-2\admin\functions.php Gefunden: Trojan.Dropper.Agent.AOC (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\ice-pack-2\exploits\js.php Gefunden: Exploit.HTML.Agent.AO (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\ice-pack-2\exploits\ff.php -> (JAVASCRIPT 1) Gefunden: Trojan.Script.61914 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\ice-pack-2\exploits\ff.php -> (JAVASCRIPT-COMPILATION) Gefunden: Trojan.Script.61914 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\ice-pack-2\exploits\opera.php -> (JAVASCRIPT 1) Gefunden: Trojan.Script.13298 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\ice-pack-2\functions.php Gefunden: Trojan.Script.59240 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\ice-pack-3\admin\crupt.php Gefunden: Trojan.Script.224586 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\ice-pack-2\file.exe Gefunden: Trojan.Patched.BI (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\ice-pack-3\exploits\x1.php Gefunden: Trojan.Script.55254 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\ice-pack-3\exploits\x10.php Gefunden: Exploit.RealPlr.K (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\ice-pack-3\exploits\x12.php Gefunden: Exploit.RealPlr.K (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\ice-pack-3\exploits\x16.php Gefunden: Exploit.RealPlr.K (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\ice-pack-3\exploits\x15.php Gefunden: Trojan.Script.55261 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\ice-pack-3\exploits\x1_all.php Gefunden: Trojan.Script.55254 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\ice-pack-3\exploits\x2.php Gefunden: Trojan.Script.55418 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\ice-pack-3\exploits\x3.php Gefunden: Trojan.Script.55662 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\ice-pack-3\exploits\x7.php Gefunden: Trojan.Script.64357 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\ice-pack-3\exploits\x6.php Gefunden: Trojan.Script.55727 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\ice-pack-3\exploits\x4.php Gefunden: Trojan.Script.66125 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\ice-pack-3\exploits\x5.php Gefunden: Trojan.Script.96015 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\ice-pack-3\exploits\x8.php Gefunden: Exploit.RealPlr.K (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\ice-pack-3\index.php Gefunden: Trojan.Downloader.JS.DF (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\infector\inc\sess.php Gefunden: Trojan.Script.27371 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\infector\topcounter.php Gefunden: Trojan.VBS.Downloader.J (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack-081\anifile.php Gefunden: Trojan.Script.16727 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\infector\inc\cont\jvm.jar -> VaaaaaaaBaa.class Gefunden: Trojan.Java.Classloader.AO (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\infector\inc\cont\jvm.jar -> Baaaaa.class Gefunden: Java.Trojan.Exploit.Bytverify.I (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\infector\inc\cont\jvm.jar -> Dex.class Gefunden: Trojan.Classloader.G (B) C:\Users\Marcel\Desktop\HackPack\Ebooks\{others}\1000 Hacking Tutorials (The Best of 2008).rar -> 1000 Hacking Tutorials (The Best of 2008)\Tutorials - blacksun.box.sk\coding\Batch File Programming.txt Gefunden: Trojan.BAT (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\infector\inc\cont\jvm.jar -> Dix.class Gefunden: Trojan.Java.ClassLoader.D (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\infector\inc\cont\jvm.jar -> Dux.class Gefunden: Trojan.Java.ClassLoader.D (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack-081\megapack1.php Gefunden: Exploit.HTML.IESlice.E (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack-081\ms06-044_w2k.php Gefunden: Trojan.Script.33393 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack-081\qtl.bin Gefunden: Exploit.JS.BO.D (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack-086\anifile.php Gefunden: Trojan.Script.16727 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack-086\crypt.php Gefunden: Exploit.HTML.IESlice.E (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack-086\index.php Gefunden: Trojan.Script.224250 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack-086\megapack1.php Gefunden: Exploit.HTML.IESlice.E (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack-086\ms06-044_w2k.php Gefunden: Trojan.Script.33393 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack-086\mdac4.php Gefunden: Generic.XPL.ADODB.F18EEAC4 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack-086\stats.php Gefunden: Trojan.Script.224261 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack-086\qtl.bin Gefunden: Exploit.JS.BO.D (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack-086\xml.php Gefunden: Trojan.Downloader.JS.DF (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack-091\admin.php Gefunden: Trojan.Hacktool.Php.Mphak.A.Admin.A (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack-091\anifile.php Gefunden: Trojan.Script.16727 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack-091\crypt2.php Gefunden: Trojan.Script.230708 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack-091\ff.php Gefunden: Trojan.Downloader.JS.DF (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack-091\ani2.dat Gefunden: Exploit.Win32.MS05-002.Gen (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack-091\file.php Gefunden: Trojan.Script.20358 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack-091\index.php Gefunden: Trojan.Script.224249 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack-091\megapack1.php Gefunden: Exploit.HTML.Agent.AO (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack-091\ms06-044_w2k.php Gefunden: Trojan.Script.100839 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack-091\mdac4.php Gefunden: Generic.XPL.ADODB.F18EEAC4 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack-091\o7.php Gefunden: Trojan.Downloader.JS.DF (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack-091\qtl.bin Gefunden: Exploit.JS.BO.D (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack-091\xml.php Gefunden: Trojan.Downloader.JS.DF (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack-099\admin.php Gefunden: Trojan.Script.219934 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack-099\ani2.dat Gefunden: Exploit.Win32.MS05-002.Gen (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack-099\anifile.php Gefunden: Trojan.Script.16727 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack-099\crypt_of.php Gefunden: Exploit.HTML.IESlice.E (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack-099\crypt.php Gefunden: Exploit.HTML.IESlice.E (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack-099\crypt2.php Gefunden: Trojan.Script.230708 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack-099\ff.php Gefunden: Trojan.Downloader.JS.DF (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack-099\file.php Gefunden: Trojan.Script.20358 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack-099\megapack1.php Gefunden: Exploit.HTML.Agent.AO (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack-099\mpng.php Gefunden: Exploit.HTML.Agent.AO (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack-099\ms06-044_w2k.php Gefunden: Generic.XPL.ADODB.FCEAA601 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack-099\o7.php Gefunden: Trojan.Downloader.JS.DF (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack-099\qt.php Gefunden: Trojan.Script.37970 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack-099\qtl.bin Gefunden: Exploit.JS.BO.D (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack-099\xml.php Gefunden: Trojan.Downloader.JS.DF (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack-099\stats.php Gefunden: Trojan.Script.224261 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack\FolderIcon.js Gefunden: Exploit.HTML.Agent.AO (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack\rds.js Gefunden: Generic.XPL.ADODB.620B7102 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack\rst.zip -> FolderIcon.js Gefunden: Exploit.HTML.Agent.AO (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack\rst.zip -> load.exe Gefunden: Trojan.PWS.LdPinch.TUO (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack\rst.zip -> rds.js Gefunden: Generic.XPL.ADODB.620B7102 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\mpack-099\null.exe Gefunden: Trojan.Patched.BI (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\my-poly-sploit\expl_ff.php Gefunden: Exploit.HTML.Agent.AO (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\my-poly-sploit\expl_ie6_adodb.php.txt Gefunden: Generic.XPL.ADODB.CE579A55 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\my-poly-sploit\expl_ie7.php Gefunden: Trojan.JS.Downloader.BEY (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\my-poly-sploit\expl_o7.php Gefunden: Trojan.Script.2493 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\my-poly-sploit\expl_o9.php Gefunden: Trojan.Script.428554 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\rds\index.php Gefunden: Exploit.ADODB.Stream.CZ (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\smartpack\exploits\sploit.html Gefunden: Trojan.Script.438 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\ice-pack-3\load\file.exe Gefunden: Trojan.Packed.Gen.1 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\tor\count.php Gefunden: Trojan.Downloader.JS.DF (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\tor\data\ftp\iframes.dat Gefunden: Trojan.Script.9574 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\target-exploit\exploit\chm\chm.chm -> logo.php Gefunden: Exploit.Html.Codebase.Exec.E (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\target-exploit\exploit\chm\chm.chm -> web.exe Gefunden: Dropped:Generic.Malware.FYBdldldg.81FE3CEE (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\target-exploit\exploit\chm\logo.php Gefunden: Exploit.Html.Codebase.Exec.E (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\target-exploit\exploit\chm.chm -> logo.php Gefunden: Exploit.Html.Codebase.Exec.E (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\target-exploit\exploit\chm.chm -> web.exe Gefunden: Dropped:Generic.Malware.FYBdldldg.81FE3CEE (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\unkown\mod\_mdac.php -> (INFECTED_JS) Gefunden: JS:Trojan.Crypt.C (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\unkown\mod\_rds.php -> (INFECTED_JS) Gefunden: JS:Trojan.Crypt.C (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\unkown\mod\dd.php Gefunden: Exploit.HTML.Agent.B (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\unkown\mod\dd2.php Gefunden: Generic.XPL.ADODB.11C5BF19 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\unkown\mod\dfree0.php Gefunden: Exploit.HTML.Agent.AO (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\unkown\mod\exp.jpg Gefunden: Exploit.Win32.MS05-002.Gen (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\unkown\mod\expl1.php Gefunden: Exploit.HTML.Agent.AO (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\unkown\mod\vml.php Gefunden: Exploit.HTML.Agent.AO (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\Phoenix\Phoenix\exploits\ff.php Gefunden: Trojan.Script.437850 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\Phoenix\Phoenix\exploits\ie.php Gefunden: Trojan.Script.229497 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\Phoenix\Phoenix\exploits\ie8.php Gefunden: Trojan.Script.229497 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\unkown\mod\_folder.php -> (INFECTED_JS) Gefunden: JS:Trojan.Crypt.C (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\unkown\mod\_folder.php -> (CODE 1) Gefunden: Trojan.Downloader.Tiny.AC (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\Phoenix\Phoenix\exploits\vistaie7.php Gefunden: Trojan.Script.229497 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\Phoenix\Phoenix\exploits\xpie7.php Gefunden: Trojan.Script.229497 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\unkown\mod\_vml.php -> (INFECTED_JS) Gefunden: JS:Trojan.Crypt.C (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\unkown\mod\_vml.php -> (CODE 1) Gefunden: Trojan.Downloader.Tiny.AC (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\Phoenix\Phoenix\files\all.pdf -> (JAVASCRIPT-COMPILATION) Gefunden: Exploit.PDF-JS.Gen (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\Phoenix\Phoenix\files\other.swf Gefunden: Script.SWF.C22 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\unkown\mod\_xml.php -> (INFECTED_JS) Gefunden: JS:Trojan.Crypt.C (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\unkown\mod\_xml.php -> (CODE 1) Gefunden: Trojan.Downloader.Tiny.AC (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\unkown\mod\ani.php Gefunden: Exploit.HTML.Agent.AO (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\Phoenix\Phoenix\shellcode.php Gefunden: Exploit.HTML.Agent.X (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\Phoenix\Phoenix\files\collab.pdf -> (JAVASCRIPT-COMPILATION) Gefunden: Exploit.PDF-JS.Gen (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\Phoenix\Phoenix\files\collab.pdf -> (INFECTED_JS) Gefunden: Exploit.CVE-2007-5659.Gen (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\Phoenix\Phoenix\files\collab.pdf -> (INFECTED_JS) Gefunden: PDF:Exploit.CVE-2007-5659.A (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\Phoenix\Phoenix\files\collab.pdf -> (CODE 1) Gefunden: Trojan.Downloader.JMUB (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\Phoenix\Phoenix\files\ie.swf Gefunden: Script.SWF.C22 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\Phoenix\Phoenix\files\geticon.pdf -> (JAVASCRIPT-COMPILATION) Gefunden: Exploit.PDF-JS.Gen (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\Phoenix\Phoenix\files\geticon.pdf -> (INFECTED_JS) Gefunden: Exploit.CVE-2009-0927.Gen (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\Phoenix\Phoenix\files\geticon.pdf -> (CODE 1) Gefunden: Trojan.Downloader.JMUB (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\X-Pack [Home Made]\X-Pack [Home Made]\x-pack\x-pack\DSjjgher.DIR Gefunden: Exploit.CVE-2010-3653.A (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\X-Pack [Home Made]\X-Pack [Home Made]\x-pack\x-pack\exp.php Gefunden: Trojan.HTML.Downloader.Agent.NAQ (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\X-Pack [Home Made]\X-Pack [Home Made]\x-pack\x-pack\plug.jar Gefunden: Java.Exploit.CVE-2009-3867.Gen.A (B) C:\Users\Marcel\Desktop\HackPack\Flooders\DarkDDos.exe Gefunden: Gen:Variant.Strictor.54296 (B) C:\Users\Marcel\Desktop\HackPack\Flooders\Flooder.exe Gefunden: Gen:Variant.Kazy.74137 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\X-Pack [Home Made]\X-Pack [Home Made]\x-pack\x-pack\FrEWgRr5213pdf -> (JAVASCRIPT) Gefunden: Exploit.PDF-JS.Gen (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\X-Pack [Home Made]\X-Pack [Home Made]\x-pack\x-pack\FrEWgRr5213pdf -> (INFECTED_JS) Gefunden: Exploit.CVE-2009-0927.Gen (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\X-Pack [Home Made]\X-Pack [Home Made]\x-pack\x-pack\FrEWgRr5213pdf -> (INFECTED_JS) Gefunden: PDF:Exploit.CVE-2007-5659.C (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\X-Pack [Home Made]\X-Pack [Home Made]\x-pack\x-pack\FrEWgRr5213pdf -> (CODE 1) Gefunden: Exploit.Shellcode.BJ (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\Phoenix\Phoenix\files\printf.pdf -> (JAVASCRIPT) Gefunden: Trojan.Script.475499 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\Phoenix\Phoenix\files\printf.pdf -> (JAVASCRIPT-COMPILATION) Gefunden: Exploit.PDF-JS.Gen (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\Phoenix\Phoenix\files\printf.pdf -> (INFECTED_JS) Gefunden: Exploit.CVE-2008-2992.Gen (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\Phoenix\Phoenix\files\printf.pdf -> (INFECTED_JS) Gefunden: PDF:Exploit.PDF-JS.ABV (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\Phoenix\Phoenix\files\printf.pdf -> (CODE 1) Gefunden: Trojan.Downloader.JMUB (B) C:\Users\Marcel\Desktop\HackPack\Keylogger\GForce Keylogger.exe Gefunden: Gen:Heur.Tomegun.8 (B) C:\Users\Marcel\Desktop\HackPack\Keylogger\Keylogger.rar -> Keylogger\bin\Debug\WindowsApplication1.exe Gefunden: Trojan.Generic.13288532 (B) C:\Users\Marcel\Desktop\HackPack\Keylogger\PoisonLogger.exe Gefunden: Trojan.Generic.7848416 (B) C:\Users\Marcel\Desktop\HackPack\Keylogger\PoisonLogger\PoisonLogger.exe Gefunden: Trojan.Generic.7848416 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\X-Pack [Home Made]\X-Pack [Home Made]\x-pack.rar -> x-pack\DSjjgher.DIR Gefunden: Exploit.CVE-2010-3653.A (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\X-Pack [Home Made]\X-Pack [Home Made]\x-pack.rar -> x-pack\exp.php Gefunden: Trojan.HTML.Downloader.Agent.NAQ (B) C:\Users\Marcel\Desktop\HackPack\Keylogger\Syslogger.zip -> Syslogger/Syslogger Builder.exe Gefunden: Gen:Variant.Kazy.83584 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\X-Pack [Home Made]\X-Pack [Home Made]\x-pack.rar -> x-pack\FrEWgRr5213pdf -> (JAVASCRIPT) Gefunden: Exploit.PDF-JS.Gen (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\X-Pack [Home Made]\X-Pack [Home Made]\x-pack.rar -> x-pack\FrEWgRr5213pdf -> (INFECTED_JS) Gefunden: Exploit.CVE-2009-0927.Gen (B) C:\Users\Marcel\Desktop\HackPack\Keylogger\Syslogger\Syslogger Builder.exe Gefunden: Gen:Variant.Kazy.78948 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\X-Pack [Home Made]\X-Pack [Home Made]\x-pack.rar -> x-pack\FrEWgRr5213pdf -> (INFECTED_JS) Gefunden: PDF:Exploit.CVE-2007-5659.C (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\X-Pack [Home Made]\X-Pack [Home Made]\x-pack.rar -> x-pack\FrEWgRr5213pdf -> (CODE 1) Gefunden: Exploit.Shellcode.BJ (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\X-Pack [Home Made]\X-Pack [Home Made]\x-pack.rar -> x-pack\plug.jar Gefunden: Java.Exploit.CVE-2009-3867.Gen.A (B) C:\Users\Marcel\Desktop\HackPack\Keylogger\Ardamax Keylogger remover.rar -> Ardamax Keylogger remover.exe Gefunden: Win32.Sality.3 (B) C:\Users\Marcel\Desktop\HackPack\Keylogger\UltimateLogger\UltimageLogger by exe.exe Gefunden: Application.Keylogger.QDR (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\( uploadMB.com ) Runescape Autominer Bot v19.exe Gefunden: Gen:Variant.Barys.2319 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\123114784.exe -> jcrypt/Decrypter.class Gefunden: Java.Backdoor.Jacksbot.B (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\372707501.exe Gefunden: Backdoor.HVLRat.5.A (B) C:\Users\Marcel\Desktop\HackPack\Keylogger\Digital_Keylogger_v3.3.rar -> Digital_Keylogger_v3.3.exe Gefunden: Win32.Sality.3 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\138525454.exe Gefunden: Trojan.GenericKD.2315979 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\290623a0c082abca899b6e3275e5052281696744f33f90a60a908c4e4a65018c.exe Gefunden: Gen:Variant.Zusy.19326 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\38b855d75d3fb9958579e0f02cf343f80fe8fb026aad3d2c11724a28ccac391c.exe -> (NSIS o) -> zlib_nsis0000 Gefunden: Application.Downloader.RO (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\5a967d8355a34285dab6c18a00bcaa9ef6b654574da446f6e144a8ecd1d6d82a.exe Gefunden: Gen:Variant.Symmi.15797 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\3c9fb6ab4dfbda65dd84018571ad30f0d0b6143888f5d7523dc3c6c9ec9f529d.exe Gefunden: Trojan.Downloader.JRQL (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\51cd49d9c91cddccb87950872ffa2c2710c128961abe0b92bec1d27e8f03e0f8.exe Gefunden: Gen:Variant.Symmi.52161 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\6e57b297b4b4c56041795076a29730d9ea9c86c4e67da95b842f742d40723943.exe Gefunden: Gen:Variant.Barys.5516 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\5b91762e164b369d85985ac2fedbfd2a0526b809301714ab278e5b30260fa679.exe Gefunden: Gen:Variant.Zusy.142008 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\5e91a5f64d853f81ee765aef83aedff6edc9b4d63121cf23c7e368de4424fab0.exe Gefunden: Trojan.GenericKD.2346191 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\8cb1823009f2a07a1fa6d478086354fd5006dca6299499814faf9c44b9313b41.exe Gefunden: Trojan.Agent.BJHH (B) C:\Users\Marcel\Desktop\HackPack\Keylogger\007 keylogger.rar -> 007 keylogger\007install3.90\007install3.90.exe Gefunden: Win32.Sality.3 (B) C:\Users\Marcel\Desktop\HackPack\Keylogger\007 keylogger.rar -> 007 keylogger\007install3.90\Get 'em all ¬トᄁ ᅡᄅ\Signature ¬トᄁ ᅡᄅ.exe Gefunden: Win32.Sality.3 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\8fbee4b842fd87287d6fcc31e4063d7727ba5946d8e29d188e25b57d6b87c762.exe Gefunden: Trojan.Generic.13138931 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\a362ed95267f856d19aad7684941badc46b47e69a0027b63c8de29e95b628be8.exe Gefunden: Trojan.GenericKD.2319141 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\878565169.exe -> bdcli100.exe Gefunden: Trojan.Hacdef.84 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\a898a5d5e68383443d7170f3e22d4f81436824fe28854bc4aaff7ebc6145cb30.exe Gefunden: Trojan.GenericKD.2211425 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\878565169.exe -> hxdef100.exe Gefunden: Backdoor.Generic.172981 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\878565169.exe -> hxdOFena.exe Gefunden: Generic.Hacdef.FC16D811 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Adware SafeSurfer.exe Gefunden: Gen:Variant.Zusy.138391 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\878565169.exe -> rdrbs100.exe Gefunden: Backdoor.Hacdef.1.0.0 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\878565169.exe -> hxdef100.2.ini Gefunden: Generic.Hacdef.INI.C0089884 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\878565169.exe -> hxdef100.ini Gefunden: Generic.Hacdef.INI.96E7B6FA (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\878565169.exe -> src.zip -> driver/driver.sys Gefunden: Backdoor.Hacdef.0.8.3 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\878565169.exe -> src.zip -> driver.res -> (Embedded EXE g) Gefunden: Backdoor.Hacdef.0.8.3 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Artemis!6D3528144EFB.exe Gefunden: Gen:Variant.Kazy.588901 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\b7d6940f6078b1383c0adfb8bd7d04ee60a385c898c5325efd3bb434a4dcd32d.exe Gefunden: Trojan.GenericKD.2302042 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\81b28bf4e32d899d0bb2bc213af7333743e40d4e0cc66fcd5ea2e497e91085f5.exe Gefunden: Gen:Variant.Jaiko.581 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\BackDoor-TrojanDownloader.exe Gefunden: Trojan.Downloader.JRJV (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\BackDoor Androm.exe Gefunden: Backdoor.Win32.Androm (A) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Backdoor.Win32.Androm.gsok.exe Gefunden: Trojan.GenericKD.2326508 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\BackdoorMSILBladabindi!rfn.exe Gefunden: Trojan.GenericKD.2235043 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\BackdoorMSILBladabindi.exe Gefunden: Trojan.GenericKD.2314417 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\CryptoLocker.exe Gefunden: Gen:Variant.Kazy.328440 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\ced9ca1b065e18ea2c1e7cc946a7fe6f73afd999ba27ba51807240890c0ead76.exe -> (NSIS o) -> lzma_nsis0002 Gefunden: Gen:Variant.Mikey.10622 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\BehavesLike.Win32.Downloader.dh.exe Gefunden: Gen:Variant.Kazy.612711 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\DroppedAdware.Generic.1228817.exe Gefunden: Application.Bundler.Outbrowse.BE (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Downloader.CTBLocker.Win32.3.exe Gefunden: Trojan.Agent.BJMD (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\GenVariant.Strictor.82726.exe Gefunden: Gen:Variant.Strictor.82726 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\EZ Bot.exe Gefunden: Gen:Heur.MSIL.Krypt.83 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\DroppedTrojan.Generic.13085359.exe Gefunden: Dropped:Trojan.Generic.13085359 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\GNX Bot.exe Gefunden: Gen:Variant.Barys.27778 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\ef90072bef255a48d144de646d17a3ca04cc3ef60e447d4a811c9b60afdc7941.exe Gefunden: Trojan.GenericKD.2312778 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\KeyLogger.gen!r.exe Gefunden: Gen:Variant.Kazy.381519 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\jRAT Example.exe -> jcrypt/Decrypter.class Gefunden: Java.Backdoor.Jacksbot.B (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Luk22.exe Gefunden: Trojan-Downloader.Win32.Upatre (A) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\MSILCrypt-WK [Trj].exe Gefunden: Gen:Heur.MSIL.Androm.3 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Packed.Win32.exe Gefunden: Trojan.Agent.BJIS (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\OldschoolConstruction.jar -> jcrypt/Decrypter.class Gefunden: Java.Backdoor.Jacksbot.B (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Infostealer.Dexter.exe Gefunden: Dropped:Generic.Malware.SYdg.453F97CA (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Osbot-07-2015.exe Gefunden: Trojan.GenericKDZ.26913 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Persistant RAT.exe Gefunden: Trojan.Generic.12717179 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\RS Bot 2014 V1.233.exe Gefunden: Gen:Variant.Barys.17070 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\RDNGeneric BackDoor!bcs.exe Gefunden: Gen:Variant.Kazy.605154 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Infostealer.Dyranges.exe Gefunden: Trojan.GenericKD.2337145 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\roulement_service.scr Gefunden: Trojan.Agent.BJFL (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\RsTrainer_2.0.exe Gefunden: Gen:Variant.Kazy.298904 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Runescape Bot 2015.exe Gefunden: Trojan.GenericKD.2287941 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Stub.exe Gefunden: Backdoor.MSIL.Agent.GD (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Trojan Agent.exe Gefunden: Gen:Variant.Zusy.129547 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\RSBot-6060.exe Gefunden: Gen:Variant.Strictor.84063 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Trojan Autoit.exe Gefunden: Gen:Variant.Strictor.56262 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Trojan Dropper.exe Gefunden: Gen:Variant.Kazy.568564 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Trojan Generic(1).exe Gefunden: Gen:Variant.Barys.709 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Trojan Ransom.exe Gefunden: Gen:Variant.Zusy.129547 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Trojan Zbot(0).exe Gefunden: Trojan.GenericKDZ.26779 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Trojan-Downloader ( 004b8d561 ).exe Gefunden: Trojan.Upatre.AZ (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Trojan Zbot(1).exe Gefunden: Trojan.MSIL.WRI (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Trojan-Downloader.Win32.Upatre.fuo.exe Gefunden: Trojan.Upatre.Gen.3 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Trojan-Dropper.Win32.Injector.lmrk.exe Gefunden: Gen:Variant.Zusy.132900 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Trojan-Downloader.Win32.exe Gefunden: Gen:Variant.Jaiko.560 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Trojan-Spy.Win32.POSCardStealer.f.exe Gefunden: Gen:Variant.Graftor.178746 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Trojan.Banker.exe Gefunden: Gen:Variant.Graftor.183568 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Trojan.Cryptolocker.E.exe Gefunden: Trojan.GenericKD.2329190 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Trojan.Downloader(1).exe Gefunden: Trojan.Downloader.JRQL (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Trojan.Downloader32.exe Gefunden: Gen:Variant.Zusy.135109 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Trojan.Gen.exe Gefunden: Trojan.Generic.13158664 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Trojan.Generic(1).exe Gefunden: Trojan.GenericKD.2346191 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Trojan.Generic(3).exe Gefunden: Trojan.GenericKD.2318249 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Trojan.Generic.exe Gefunden: Trojan.Generic.12892360 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Trojan.GenericKD.2329448.exe Gefunden: Trojan.GenericKD.2329448 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Trojan.Downloader.exe Gefunden: Gen:Application.Bundler.Firseria.1 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Trojan.Kryptik.exe Gefunden: Gen:Variant.Symmi.19271 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Trojan.Necurs.exe Gefunden: Gen:Variant.Kazy.340918 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Trojan.Ransome.exe Gefunden: Trojan.Ransom.AHW (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\unkown\mod\_ffox.php -> (INFECTED_JS) Gefunden: JS:Trojan.Crypt.C (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\unkown\mod\_ffox.php -> (CODE 1) Gefunden: Trojan.Downloader.Tiny.AC (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Trojan.Win32.Generic!BT.exe Gefunden: Trojan.GenericKDZ.27711 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Trojan.Downloader3.exe Gefunden: Generic.Malware.SFdld.141BF37C (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Trojan.Ransom.alphacrypt.exe Gefunden: Trojan.GenericKD.2345051 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Trojan[Ransom]Win32.Foreign.exe Gefunden: Trojan.GenericKD.2226447 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\TrojanW32.Packer.98304.AP.exe Gefunden: Trojan.Agent.BJKG (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Vinsert.exe Gefunden: Trojan.Generic.8975467 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Trojan.Win32.Agent.apjcj.png Gefunden: Gen:Trojan.Heur.RP.puW@ai8LbOgi (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Trojan.Win32.KeyLogger.dnzspl.exe Gefunden: Gen:Variant.Kazy.552964 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\wBot.exe Gefunden: Gen:Heur.MSIL.Androm.9 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\W32.Sality.exe Gefunden: Win32.Sality.3 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Trojan.Win32.Vapsup.bjg.exe Gefunden: Trojan.Zlob.7.Gen (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Worm.VBS.Dunihi.W.vbs Gefunden: Worm.VBS.Dunihi.W (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\4. PC Game Hack Tools\Borderlands 2\BordL2+28Tr-LNG.exe Gefunden: Trojan.Generic.7938903 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\4. PC Game Hack Tools\Guitar Hero III Legends of Rock\GH3_Trn_P.exe Gefunden: Trojan.Generic.6579749 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Trojan Generic(0).exe Gefunden: Gen:Heur.JVD.4 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\8ecfee1f4d4fa42dd2623f68263df82eb22afe23e4092965db902c0a8102a8f3.exe Gefunden: Gen:Heur.JVD.4 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\4. PC Game Hack Tools\Need For Speed The Run\Trainer_NFSR_1_1.exe Gefunden: Backdoor.Generic.759040 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\4. PC Game Hack Tools\Sim City 4\CXL2011_Suite.EXE Gefunden: Trojan.Generic.4960290 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\6. Other Tools\[SRC] BIODOX\Password Plugin\Project1.RES -> (Embedded EXE g) Gefunden: Gen:Application.Heur.cmKfbCcalmaO (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\6. Other Tools\[SRC] BIODOX\Password Plugin\Project1.RES -> (Embedded EXE 3g) Gefunden: Gen:Application.Heur.cmKfbymm6hbO (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\6. Other Tools\[SRC] BIODOX\Password Plugin\Project1.RES -> (Embedded EXE 4g) Gefunden: Application.Nirsoft.K (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\6. Other Tools\[SRC] BIODOX\Password Plugin\Project1.RES -> (Embedded EXE 5g) Gefunden: Gen:Application.Heur.cmKfbaFNpupO (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\6. Other Tools\[SRC] BIODOX\Password Plugin\Project1.RES -> (Embedded EXE 6g) Gefunden: Gen:Application.Heur.cmKfb8XXUGgO (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\6. Other Tools\Amazon Receipt Generator v2.exe Gefunden: Backdoor.Generic.541925 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\6. Other Tools\DeLuXe Chat Spam.exe Gefunden: Trojan.Generic.11745547 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\6. Other Tools\File Binders\Binder stubMOD .exe Gefunden: Gen:Trojan.Heur.DP.bGW@auxM5oc (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\6. Other Tools\File Binders\Simple Binder By Nathan72389.exe Gefunden: Gen:Variant.Zusy.52716 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\6. Other Tools\Hotmail Locker.exe Gefunden: Trojan.Generic.IS.567684 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\6. Other Tools\File Binders\Shock Labs File Binder v1.0.exe Gefunden: Trojan-Dropper.MSIL.Agent (A) C:\Users\Marcel\Desktop\HackPack\Other Crap\6. Other Tools\Infinity YouTube Cracker.exe Gefunden: Backdoor.Generic.250947 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\6. Other Tools\Zeus Bot\builder.exe Gefunden: Gen:Variant.Barys.653 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\6. Other Tools\Zeus Bot\webinjects.txt Gefunden: Trojan.Agent.BIBH (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\Anonymous Tools\Anonymous Skype Tool.exe Gefunden: Trojan.Generic.11861514 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\All of Eternals Stuff.rar -> All of Eternals Stuff\UDP Flood Pack v1.exe Gefunden: Gen:Heur.Tomegun.15 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\All of Eternals Stuff.rar -> All of Eternals Stuff\UDP Flooder.exe Gefunden: Gen:Heur.Tomegun.15 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\Chat Exploits.rar -> Chat Exploits\DeLuXe Chat Spam.exe Gefunden: Gen:Variant.Kazy.312430 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\Chat Exploits.rar -> Chat Exploits\Email bomber v2 ~ By TehCallum.exe Gefunden: Gen:Variant.Kazy.99009 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\Crime24\Crime24 Stealer.exe Gefunden: Trojan.Generic.8029926 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\Batch Makers.rar -> Batch Makers\Aurora - Batch Virus Maker.exe Gefunden: Gen:Heur.Bodegun.1 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\Batch Makers.rar -> Batch Makers\Batch File Maker.exe Gefunden: Gen:Heur.Bodegun.1 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\virus spreader.exe Gefunden: Gen:Variant.Kazy.325752 (B) C:\Users\Marcel\Desktop\HackPack\Rats\Blackshades 5.3 Cracked\data\station.bin Gefunden: Backdoor.Generic.682673 (B) C:\Users\Marcel\Desktop\HackPack\Rats\Blackshades 5.3 Cracked\data\stub.bin Gefunden: DeepScan:Generic.Keylogger.2.C69F573E (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\FastStone Capture 7.4 [CORE].rar -> FastStone Capture 7.4 [CORE]\Keygen\keygen.exe Gefunden: Trojan.Generic.6526237 (B) C:\Users\Marcel\Desktop\HackPack\Rats\DaRK DDoSeR Cracked\DaRK DDoSeR Cracked.exe Gefunden: Gen:Variant.Strictor.54296 (B) C:\Users\Marcel\Desktop\HackPack\Rats\Insidious\stub\stub.exe Gefunden: Trojan.GenericKD.2375438 (B) C:\Users\Marcel\Desktop\HackPack\Rats\Ghost.rar -> Ghost\Ghost_Infector\obj\Debug\Win32.exe Gefunden: Trojan.Generic.11526863 (B) C:\Users\Marcel\Desktop\HackPack\Rats\Iris 1.9 Cracked\iris v1.9.exe Gefunden: Trojan.Generic.8404140 (B) C:\Users\Marcel\Desktop\HackPack\Rats\Insidious\Insidious.exe Gefunden: Trojan.Generic.14483788 (B) C:\Users\Marcel\Desktop\HackPack\Rats\Nove Lite 3.7 Cracked\NovaLite 3.7 LO.exe Gefunden: Trojan.Generic.8233816 (B) C:\Users\Marcel\Desktop\HackPack\Rats\Paradox RAT\Paradox RAT 4.2.3 Cracked.exe Gefunden: Gen:Variant.Barys.524 (B) C:\Users\Marcel\Desktop\HackPack\Rats\jRat.rar -> jRat\Server.jar -> N.class Gefunden: Java.Backdoor.Jacksbot.N (B) C:\Users\Marcel\Desktop\HackPack\Rats\jRat.rar -> jRat\Server.jar -> s.class Gefunden: Java.Backdoor.Jacksbot.N (B) C:\Users\Marcel\Desktop\HackPack\Rats\jRat.rar -> jRat\Server.jar -> Main.class Gefunden: Java.Backdoor.Jacksbot.M (B) C:\Users\Marcel\Desktop\HackPack\Rats\jRat.rar -> jRat\Server.jar -> b.class Gefunden: Java.Backdoor.Jacksbot.N (B) C:\Users\Marcel\Desktop\HackPack\SHells\cmd.rar -> cmd.php Gefunden: Backdoor.PHP.C99Shell.AX (B) C:\Users\Marcel\Desktop\HackPack\SHells\CWShellDumper.rar -> CWShellDumper.php Gefunden: Backdoor.PHP.C99Shell.AX (B) C:\Users\Marcel\Desktop\HackPack\SHells\r57.rar -> r57.php Gefunden: Backdoor.PHP.RST.H (B) C:\Users\Marcel\Desktop\HackPack\SHells\login.rar -> login.php Gefunden: Backdoor.PHP.C99Shell.AX (B) C:\Users\Marcel\Desktop\HackPack\Rats\Website Ratter Cracked\LokiRAT_Relapse.exe Gefunden: Gen:Variant.Symmi.1790 (B) C:\Users\Marcel\Desktop\HackPack\Rats\Loki Rat.rar -> Loki Rat\LokiRAT_Relapse.exe Gefunden: Gen:Variant.Symmi.1790 (B) C:\Users\Marcel\Desktop\HackPack\Web Tools\Abalams ISP Tracer.rar -> Abalams ISP Tracer.exe Gefunden: Trojan.Generic.11139345 (B) C:\Users\Marcel\Desktop\HackPack\Web Tools\{Dork scanner}\DorkToolsV.5.0.rar -> DorkToolsV.5.0\Dorktools V.5.0.exe Gefunden: Gen:Trojan.Heur.VP2.dmKfaeQkT1mi (B) C:\Users\Marcel\Desktop\HackPack\Web Tools\port cheker.rar -> port cheker.exe Gefunden: Win32.Sality.3 (B) C:\Users\Marcel\Desktop\HackPack\Web Tools\{vulnerable scanner}\Gr3eNoX LFi Exploiter.rar -> Gr3eNoX LFi Exploiter.exe Gefunden: Gen:Variant.Strictor.2474 (B) C:\Users\Marcel\Desktop\HackPack\Web Tools\{vulnerable scanner}\{Sqli tools}\SQL Helper.rar -> SQL Helper\SQL Helper\sqlihelperv.2.7.exe Gefunden: Application.Htool.WHE (B) C:\Users\Marcel\Desktop\HackPack\{Mysql tools}\sql injection.rar -> Havij 1.15 - Advanced SQL Injection.rar -> Havij 1.15 - Advanced SQL Injection\Havij.exe Gefunden: Win32.Sality.3 (B) C:\Users\Marcel\Desktop\HackPack\Web Tools\{vulnerable scanner}\{Sqli tools}\Warbot VersaoSQL Tool v1.0 Alpha Build 6.rar -> Warbot VersaoSQL Tool v1.0 Alpha Build 6\Warbot VersaoSQL Tool v1.0 Alpha Build 6\Warbot VersaoSQL Tool v1.0 Alpha Build 6.exe Gefunden: Gen:Variant.Kazy.611884 (B) C:\Users\Marcel\Desktop\HackPack\{Mysql tools}\exploitmyunion.rar -> exploitmyunion\ExploitMyUnion.exe Gefunden: Win32.Sality.3 (B) C:\Users\Marcel\Desktop\HackPack\{Mysql tools}\exploitmyunion.rar -> exploitmyunion\w9xpopen.exe Gefunden: Win32.Sality.3 (B) C:\Users\Marcel\Desktop\RAT Zeug\Novaly Tech Crypter v5.1.exe Gefunden: Trojan.Generic.12066279 (B) C:\Users\Marcel\Desktop\RAT Zeug\Loki Rat\LokiRAT_Relapse.exe Gefunden: Gen:Variant.Symmi.1790 (B) C:\Users\Marcel\Desktop\RAT Zeug\Rebel Botnet by Zidane\Rebel Botnet.exe Gefunden: Trojan.Generic.11705359 (B) Gescannt: 192140 Gefunden 581 Scan-Ende: 11.07.2015 10:08:32 Scan-Zeit: 0:11:50 C:\Users\Marcel\Desktop\RAT Zeug\Rebel Botnet by Zidane\Rebel Botnet.exe Quarantäne Trojan.Generic.11705359 (B) C:\Users\Marcel\Desktop\RAT Zeug\Loki Rat\LokiRAT_Relapse.exe Quarantäne Gen:Variant.Symmi.1790 (B) C:\Users\Marcel\Desktop\RAT Zeug\Novaly Tech Crypter v5.1.exe Quarantäne Trojan.Generic.12066279 (B) C:\Users\Marcel\Desktop\HackPack\{Mysql tools}\exploitmyunion.rar Quarantäne Win32.Sality.3 (B) C:\Users\Marcel\Desktop\HackPack\Web Tools\{vulnerable scanner}\{Sqli tools}\Warbot VersaoSQL Tool v1.0 Alpha Build 6.rar Quarantäne Gen:Variant.Kazy.611884 (B) C:\Users\Marcel\Desktop\HackPack\{Mysql tools}\sql injection.rar Quarantäne Win32.Sality.3 (B) C:\Users\Marcel\Desktop\HackPack\Web Tools\{vulnerable scanner}\{Sqli tools}\SQL Helper.rar Quarantäne Application.Htool.WHE (B) C:\Users\Marcel\Desktop\HackPack\Web Tools\{vulnerable scanner}\Gr3eNoX LFi Exploiter.rar Quarantäne Gen:Variant.Strictor.2474 (B) C:\Users\Marcel\Desktop\HackPack\Web Tools\port cheker.rar Quarantäne Win32.Sality.3 (B) C:\Users\Marcel\Desktop\HackPack\Web Tools\{Dork scanner}\DorkToolsV.5.0.rar Quarantäne Gen:Trojan.Heur.VP2.dmKfaeQkT1mi (B) C:\Users\Marcel\Desktop\HackPack\Web Tools\Abalams ISP Tracer.rar Quarantäne Trojan.Generic.11139345 (B) C:\Users\Marcel\Desktop\HackPack\Rats\Loki Rat.rar Quarantäne Gen:Variant.Symmi.1790 (B) C:\Users\Marcel\Desktop\HackPack\Rats\Website Ratter Cracked\LokiRAT_Relapse.exe Quarantäne Gen:Variant.Symmi.1790 (B) C:\Users\Marcel\Desktop\HackPack\SHells\login.rar Quarantäne Backdoor.PHP.C99Shell.AX (B) C:\Users\Marcel\Desktop\HackPack\SHells\r57.rar Quarantäne Backdoor.PHP.RST.H (B) C:\Users\Marcel\Desktop\HackPack\SHells\CWShellDumper.rar Quarantäne Backdoor.PHP.C99Shell.AX (B) C:\Users\Marcel\Desktop\HackPack\SHells\cmd.rar Quarantäne Backdoor.PHP.C99Shell.AX (B) C:\Users\Marcel\Desktop\HackPack\Rats\jRat.rar Quarantäne Java.Backdoor.Jacksbot.N (B) C:\Users\Marcel\Desktop\HackPack\Rats\Paradox RAT\Paradox RAT 4.2.3 Cracked.exe Quarantäne Gen:Variant.Barys.524 (B) C:\Users\Marcel\Desktop\HackPack\Rats\Nove Lite 3.7 Cracked\NovaLite 3.7 LO.exe Quarantäne Trojan.Generic.8233816 (B) C:\Users\Marcel\Desktop\HackPack\Rats\Insidious\Insidious.exe Quarantäne Trojan.Generic.14483788 (B) C:\Users\Marcel\Desktop\HackPack\Rats\Iris 1.9 Cracked\iris v1.9.exe Quarantäne Trojan.Generic.8404140 (B) C:\Users\Marcel\Desktop\HackPack\Rats\Ghost.rar Quarantäne Trojan.Generic.11526863 (B) C:\Users\Marcel\Desktop\HackPack\Rats\Insidious\stub\stub.exe Quarantäne Trojan.GenericKD.2375438 (B) C:\Users\Marcel\Desktop\HackPack\Rats\DaRK DDoSeR Cracked\DaRK DDoSeR Cracked.exe Quarantäne Gen:Variant.Strictor.54296 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\FastStone Capture 7.4 [CORE].rar Quarantäne Trojan.Generic.6526237 (B) C:\Users\Marcel\Desktop\HackPack\Rats\Blackshades 5.3 Cracked\data\stub.bin Quarantäne DeepScan:Generic.Keylogger.2.C69F573E (B) C:\Users\Marcel\Desktop\HackPack\Rats\Blackshades 5.3 Cracked\data\station.bin Quarantäne Backdoor.Generic.682673 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\virus spreader.exe Quarantäne Gen:Variant.Kazy.325752 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\Batch Makers.rar Quarantäne Gen:Heur.Bodegun.1 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\Crime24\Crime24 Stealer.exe Quarantäne Trojan.Generic.8029926 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\Chat Exploits.rar Quarantäne Gen:Variant.Kazy.99009 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\All of Eternals Stuff.rar Quarantäne Gen:Heur.Tomegun.15 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\Anonymous Tools\Anonymous Skype Tool.exe Quarantäne Trojan.Generic.11861514 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\6. Other Tools\Zeus Bot\webinjects.txt Quarantäne Trojan.Agent.BIBH (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\6. Other Tools\Zeus Bot\builder.exe Quarantäne Gen:Variant.Barys.653 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\6. Other Tools\Infinity YouTube Cracker.exe Quarantäne Backdoor.Generic.250947 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\6. Other Tools\File Binders\Shock Labs File Binder v1.0.exe Quarantäne Trojan-Dropper.MSIL.Agent (A) C:\Users\Marcel\Desktop\HackPack\Other Crap\6. Other Tools\Hotmail Locker.exe Quarantäne Trojan.Generic.IS.567684 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\6. Other Tools\File Binders\Simple Binder By Nathan72389.exe Quarantäne Gen:Variant.Zusy.52716 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\6. Other Tools\File Binders\Binder stubMOD .exe Quarantäne Gen:Trojan.Heur.DP.bGW@auxM5oc (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\6. Other Tools\DeLuXe Chat Spam.exe Quarantäne Trojan.Generic.11745547 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\6. Other Tools\Amazon Receipt Generator v2.exe Quarantäne Backdoor.Generic.541925 (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\6. Other Tools\[SRC] BIODOX\Password Plugin\Project1.RES Quarantäne Gen:Application.Heur.cmKfb8XXUGgO (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\Trojan.Downloader.exe Quarantäne Gen:Application.Bundler.Firseria.1 (B) C:\Users\Marcel\Desktop\HackPack\DDOS tools\ByteDOS v3.2.1.rar Quarantäne Application.Hacktool.DOS.D (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\safe0ver.rar Quarantäne Application.PHP.Haxplorer.A (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\safe0ver(1).rar Quarantäne Application.PHP.Haxplorer.A (B) C:\Users\Marcel\Desktop\HackPack\DDOS tools\BFF DoS (Ping) v1.0.exe Quarantäne Riskware.Win32.DosFlood (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\PROD.CAP Quarantäne Application.AdReg (A) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\38b855d75d3fb9958579e0f02cf343f80fe8fb026aad3d2c11724a28ccac391c.exe Quarantäne Application.Downloader.RO (B) C:\Users\Marcel\Desktop\HackPack\Other Crap\100 Virus Samples Pack\Vir Pack\DroppedAdware.Generic.1228817.exe Quarantäne Application.Bundler.Outbrowse.BE (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN.rar Quarantäne Trojan.Script.55254 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\Luiz Eleonore Exp 1.2\Luiz Eleonore Exp 1.2\Luiz Eleonore Exp 1.2\exp.php Quarantäne Trojan.Script.206005 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\Luiz Eleonore Exp 1.2\Luiz Eleonore Exp 1.2\Luiz Eleonore Exp 1.2.rar Quarantäne Trojan.Script.296531 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\exploits\x3.php Quarantäne Trojan.Script.55662 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\exploits\x8.php Quarantäne Exploit.RealPlr.K (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\exploits\x7.php Quarantäne Trojan.Script.64357 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\index.php Quarantäne Trojan.Downloader.JS.DF (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\Luiz Eleonore Exp 1.2\Luiz Eleonore Exp 1.2\Luiz Eleonore Exp 1.2\virutalg_elen2.sql Quarantäne Trojan.Script.296531 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\Luiz Eleonore Exp 1.2\Luiz Eleonore Exp 1.2\Luiz Eleonore Exp 1.2\pdf.php Quarantäne Trojan.Script.191762 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\mod\ok\ani\ani.anr Quarantäne Exploit.Win32.MS05-002.Gen (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\mod\ok\java\java.jar Quarantäne Trojan.Downloader.Java.OpenConnection.AJ (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\mod\______________ ______(__ ________)\lz\lz.txt Quarantäne Generic.XPL.Phel.CB4D90E2 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\mod\______________ ______(__ ________)\cmd\cmd.txt Quarantäne Generic.XPL.HelpX.9672BADE (B) C:\Users\Marcel\Desktop\HackPack\DDOS tools\aDoser.rar Quarantäne Java.Trojan.Jrat.A (B) C:\Users\Marcel\Desktop\HackPack\DDOS tools\UDP Flooder By FKN.exe Quarantäne Gen:Heur.Tomegun.15 (B) C:\Users\Marcel\Desktop\HackPack\DDOS tools\Hoic.rar Quarantäne Trojan.Hacktool.Agent.BK (B) C:\Users\Marcel\Desktop\HackPack\DDOS tools\UDP Flooder.rar Quarantäne Gen:Heur.Tomegun.15 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\Bleeding Life v2\Bleeding Life v2\Bleeding Life v2\exploits\Java-2010-0842.jar Quarantäne Java.Exploit.CVE-2010-0842.G (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\Bleeding Life v2\Bleeding Life v2\Bleeding Life v2\exploits\JavaSignedApplet.jar Quarantäne Java.Trojan.Downloader.OpenConnection.AL (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\blackhole\blackhole\games\javaobe.jar Quarantäne Java.Exploit.CVE-2010-0840.AW (B) C:\Users\Marcel\Desktop\HackPack\Crypto Cracker\mdbruterzip20040221-1.rar Quarantäne Trojan.Agent.BJNI (B) C:\Users\Marcel\Desktop\HackPack\Crypter\CrypteX Advanced.rar Quarantäne Gen:Variant.Strictor.18484 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\Codelux Crypter v2.6.1 cracked by blazed.rar Quarantäne Gen:Variant.Symmi.32007 (B) C:\Users\Marcel\Desktop\HackPack\DDOS tools\UDP Flood Pack v1.rar Quarantäne Gen:Heur.Tomegun.15 (B) C:\Users\Marcel\Desktop\HackPack\DDOS tools\Flooder.exe Quarantäne Gen:Variant.Kazy.74137 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\exploits\x1_all.php Quarantäne Trojan.Script.55254 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\exploits\x16.php Quarantäne Exploit.RealPlr.K (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\exploits\x15.php Quarantäne Trojan.Script.55261 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\exploits\x10.php Quarantäne Exploit.RealPlr.K (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\exploits\x6.php Quarantäne Trojan.Script.55727 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\exploits\x5.php Quarantäne Trojan.Script.96015 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\exploits\x4.php Quarantäne Trojan.Script.66125 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\exploits\x2.php Quarantäne Trojan.Script.55418 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\admin\crupt.php Quarantäne Trojan.Script.224586 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\Gr3eNoX LFi Exploiter.exe Quarantäne Gen:Variant.Strictor.2474 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\CRIMEPACK 3.0\CRIMEPACK 3.0\dlstub Quarantäne Trojan.Generic.4050242 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\CRIMEPACK 3.0\CRIMEPACK 3.0\jvm.dll Quarantäne Trojan.Generic.4820172 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\exploits\x1.php Quarantäne Trojan.Script.55254 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\IcePack-Platinum09-1x33x7-EN\IcePack-Platinum09-1x33x7-EN\exploits\x12.php Quarantäne Exploit.RealPlr.K (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\Bleeding Life v2\Bleeding Life v2\Bleeding Life v2.zip Quarantäne Java.Exploit.CVE-2010-0842.G (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\adpack-2\java.php Quarantäne Trojan.Agent.AIXE (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\adpack-2\load.php Quarantäne Trojan.Script.123290 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\adpack-2\exploits.php Quarantäne Trojan.Script.9875 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\adpack-2\index.php Quarantäne Trojan.Script.26015 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\armitage\ff.php Quarantäne Exploit.HTML.Agent.AO (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\armitage\opera.php Quarantäne Trojan.Script.36919 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\armitage\bof.php Quarantäne Exploit.HTML.Agent.AO (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\armitage\e.php Quarantäne Generic.XPL.ADODB.06320A17 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\adpack-1\12.htm Quarantäne Exploit.HTML.IframeBof.BN (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\adpack-1\index.php Quarantäne Trojan.Script.26015 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\___\files\spl\onload\fillmem.php Quarantäne Generic.XPL.IECrash.A755A0E0 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\___\files\spl\odre.hta Quarantäne Exploit.ADODB.Stream.O (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\adpack-1\load.php Quarantäne Trojan.Script.123290 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\adpack-1\rifff.htm Quarantäne Exploit.Win32.MS05-002.Gen (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\cry217\xd.php Quarantäne Exploit.ADODB.Stream.GH (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\g-pack\exploits.php Quarantäne Trojan.Script.151893 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\g-pack\index.php Quarantäne Trojan.Script.8782 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\ice-pack-1\exploits\i.php Quarantäne Trojan.Script.224243 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\ice-pack-1\exploits\movie.bin Quarantäne Exploit.JS.BO.D (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\adpack-1\_file.exe Quarantäne Trojan.Spy.ZBot.BA (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\adpack-1\exploits.php Quarantäne Trojan.JS.Psyme.J (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\fiesta-2\1.swf Quarantäne Exploit.CVE-2007-0071.Gen (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\fiesta-2\_1.swf Quarantäne Exploit.CVE-2007-0071.Gen (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\fiesta-1\index.php Quarantäne Trojan.Script.26838 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\fiesta-1\java.php Quarantäne Trojan.Agent.AIXE (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\firepack-2\exp\msie.php Quarantäne Exploit.ADODB.Stream.GH (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\g-pack\admin.php Quarantäne Trojan.Script.18375 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\fiesta-2\index.php Quarantäne Trojan.Script.14756 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\adpack-1\file.exe Quarantäne Trojan.PWS.LDPinch.TDD (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\mod\shell\shellcodes\ME-EN-0xBFF60000\me_sc_utf16.txt Quarantäne Trojan.Script.228462 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\mod\shell\shellcodes\NT-EN-0x77F00000\nt_sc_utf16.txt Quarantäne Trojan.Script.235341 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\mod\shell\shellcodes\95-EN-0xBFF70000\95_sc_utf16.txt Quarantäne Trojan.Script.437872 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\mod\shell\shellcodes\98-EN-0xBFF70000\98_sc_utf16.txt Quarantäne Trojan.Script.437872 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\mod\shell\shellcodes\XP-EN-0x77F60000\xp_sc_utf16.txt Quarantäne Trojan.Script.452443 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\progs\ANISPL\ani.anr Quarantäne Exploit.Win32.MS05-002.Gen (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\mod\popup\wscript.php Quarantäne JS.HidePopup.A (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\mod\ok\xhta.hta Quarantäne Trojan.Script.415311 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\mod\ok\ppp3.php Quarantäne Generic.XPL.HelpX.2CB75853 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\mod\ok\jpg+chm\ch\x.htm Quarantäne Generic.XPL.CodeBase.5B753616 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\mod\ok\jpg+chm\counter.gif Quarantäne Generic.XPL.MhtRedir.F7065105 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\mod\shell\shellcodes\2K-EN-0x77E70000\2k_sc_utf16.txt Quarantäne Trojan.Script.433843 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\mod\popup\wscript\wn2.htm Quarantäne JS.Exploit.DialogArg.B (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\mod\popup\bh\bh.html Quarantäne Trojan.Dropper.Js.Agent.D (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\mod\shell\shellcodes\XP-RU-0x7C800000\xp-ru_sc_utf16.txt Quarantäne Trojan.Script.462461 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\2.6\index.php Quarantäne Trojan.Downloader.HTML.E (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\3.0\index.php Quarantäne Trojan.Downloader.HTML.E (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\progs\SHELLCODE_GEN\XP-RU-0x7C800000\xp-ru_sc_utf16.txt Quarantäne Trojan.Script.462461 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\progs\SHELLCODE_GEN\2K-EN-0x77E70000\2k_sc_utf16.txt Quarantäne Trojan.Script.433843 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\___\files\spl\java\java.jar Quarantäne Trojan.Java.Exploit.Bytverify.A (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\___\files\spl\ani.anr Quarantäne Exploit.Win32.MS05-002.Gen (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\___\files\spl\firefox\fxsploit.php Quarantäne Exploit.HTML.IframeBof.BN (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\progs\SHELLCODE_GEN\98-EN-0xBFF70000\98_sc_utf16.txt Quarantäne Trojan.Script.437872 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\progs\SHELLCODE_GEN\ME-EN-0xBFF60000\me_sc_utf16.txt Quarantäne Trojan.Script.228462 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\progs\ANISPL\ani.exe Quarantäne Trojan.Generic.1572364 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\progs\SHELLCODE_GEN\95-EN-0xBFF70000\95_sc_utf16.txt Quarantäne Trojan.Script.437872 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\progs\SHELLCODE_GEN\test_shell_code.exe Quarantäne Trojan.Generic.3985463 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\progs\SHELLCODE_GEN\XP-EN-0x77F60000\xp_sc_utf16.txt Quarantäne Trojan.Script.452443 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\progs\SHELLCODE_GEN\NT-EN-0x77F00000\nt_sc_utf16.txt Quarantäne Trojan.Script.235341 (B) C:\Users\Marcel\Desktop\HackPack\Exploiters\packs\packz\0x88\0x88\progs\SHELLCODE_GEN\payload.exe Quarantäne Trojan.Generic.5516307 (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\c100.rar Quarantäne Backdoor.PHP.C99Shell.AX (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\c99.rar Quarantäne Virtool.PHP.C99Shell.B (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\c99ud.rar Quarantäne Trojan.Script.449504 (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\Crystal.rar Quarantäne Trojan.Script.204868 (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\cmd.rar Quarantäne Trojan.JS.Agent.FDA (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\cgi.rar Quarantäne Backdoor.PHP.C99Shell.AX (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\c999.rar Quarantäne Virtool.PHP.C99Shell.D (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\Ayyildiz_Tim_AYT_Shell_v 2.1_Biz.rar Quarantäne Trojan.Script.40786 (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\aspx.rar Quarantäne Trojan.JS.Agent.FDA (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\Antichat_Shell_v1.3.rar Quarantäne Backdoor.PHP.WebShell.W (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\c100(1).rar Quarantäne Trojan.JS.Agent.FDA (B) C:\Users\Marcel\Desktop\HackPack\Botnet\vOlk 4.rar Quarantäne Generic.XPL.ADODB.2DD359C4 (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\ekin0x.rar Quarantäne Backdoor.PHP.C99Shell.AX (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\dq.rar Quarantäne Backdoor.PHP.C99Shell.Q (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\GFS web-shell ver 3.1.7 - PRiV8.rar Quarantäne Backdoor.PHP.RST.H (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\fso.rar Quarantäne Backdoor.PHP.C99Shell.AX (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\erne.rar Quarantäne Backdoor.PHP.C99Shell.AX (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\CWShellDumper.rar Quarantäne Trojan.JS.Agent.FDA (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\ctt_sh.rar Quarantäne Backdoor.PHP.C99Shell.AH (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\dC3_Security_Crew_Shell_PRiV.rar Quarantäne Trojan.Script.17569 (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\Dx.rar Quarantäne Backdoor.PHP.PhpShell.E (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\Dive_Shell_1.0_Emperor_Hacking_Team.rar Quarantäne Trojan.Script.227734 (B) C:\Users\Marcel\Desktop\HackPack\Bombers Spammers\DarkBinderV1.rar Quarantäne Gen:Variant.Strictor.57864 (B) C:\Users\Marcel\Desktop\HackPack\Bombers Spammers\Email bomber.rar Quarantäne Trojan.GenericKD.2370311 (B) C:\Users\Marcel\Desktop\HackPack\Bombers Spammers\Binder stubMOD .rar Quarantäne Gen:Trojan.Heur.DP.bGW@auxM5oc (B) C:\Users\Marcel\Desktop\HackPack\Binder\nBinder V 5.5.rar Quarantäne Win32.Sality.3 (B) C:\Users\Marcel\Desktop\HackPack\Bombers Spammers\Simple Binder By Nathan72389.rar Quarantäne Gen:Variant.Zusy.52716 (B) C:\Users\Marcel\Desktop\HackPack\Bombers Spammers\ZMini.rar Quarantäne Trojan.GenericKD.1854647 (B) C:\Users\Marcel\Desktop\HackPack\Bombers Spammers\Frosty Tools - Shell + Email Bomber.rar Quarantäne Trojan.Generic.14540727 (B) C:\Users\Marcel\Desktop\HackPack\Bombers Spammers\Recreation Email Bomber.rar Quarantäne Trojan.Generic.8171338 (B) C:\Users\Marcel\Desktop\HackPack\AccountCheckers\Profile_It_v1.6.exe Quarantäne Gen:Variant.Kazy.86627 (B) C:\Users\Marcel\Desktop\HackPack\Binder\Binder stubMOD .rar Quarantäne Gen:Trojan.Heur.DP.bGW@auxM5oc (B) C:\Users\Marcel\AppData\Roaming\FolderName\ Quarantäne Trojan-Downloader.Win32.Andromeda (A) C:\Users\Marcel\Desktop\HackPack\AccountCheckers\Elite Crackers HF Checker.exe Quarantäne Trojan.Generic.9105598 (B) C:\Users\Marcel\Desktop\HackPack\Binder\ZMini.rar Quarantäne Trojan.GenericKD.1854647 (B) C:\Users\Marcel\Desktop\HackPack\Bombers Spammers\Aneurysm E-bomber.rar Quarantäne Gen:Variant.Kazy.134755 (B) C:\Users\Marcel\Desktop\HackPack\Binder\DarkBinderV1.rar Quarantäne Gen:Variant.Strictor.57864 (B) C:\Users\Marcel\Desktop\HackPack\Binder\Simple Binder By Nathan72389.rar Quarantäne Gen:Variant.Zusy.52716 (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{Perl}\17.rar Quarantäne Trojan.Script.30201 (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{HTTP botnets}\Exodus Loader.rar Quarantäne Gen:Variant.Kazy.88356 (B) C:\Users\Marcel\Desktop\HackPack\Botnet\SmokeBot Cracked.rar Quarantäne Gen:Variant.Kazy.131813 (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{Bat}\Deadly computer batches(dont run).rar Quarantäne BehavesLike:BAT.Gen (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\antichat.rar Quarantäne Backdoor.PHP.WebShell.W (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{Perl}\Perl Scripting.rar Quarantäne Trojan.Script.147509 (B) C:\Users\Marcel\Desktop\HackPack\Bombers Spammers\my-sms.rar Quarantäne Win32.Sality.3 (B) C:\Users\Marcel\Desktop\HackPack\Bombers Spammers\Nuisance Pack.rar Quarantäne Trojan.Generic.7010105 (B) C:\Users\Marcel\Desktop\HackPack\Bombers Spammers\nBinder V 5.5.rar Quarantäne Win32.Sality.3 (B) C:\Users\Marcel\Desktop\HackPack\Booter\AmusBoot.exe Quarantäne Gen:Variant.Kazy.541687 (B) C:\Users\Marcel\Desktop\HackPack\Botnet\ExoNet - Full Source\debugging\ExoNet- EXE\AdobeAir\obj\x86\Release\AdobeAirUpdater.exe Quarantäne Gen:Variant.Zusy.98086 (B) C:\Users\Marcel\Desktop\HackPack\Botnet\Kbot Builder.rar Quarantäne Gen:Variant.Kazy.149634 (B) C:\Users\Marcel\Desktop\HackPack\Booter\Kbot Builder.rar Quarantäne Gen:Variant.Kazy.149634 (B) C:\Users\Marcel\Desktop\HackPack\Botnet\ExoNet - Full Source\debugging\ExoNet- EXE\AdobeAir\obj\x86\Debug\AdobeAirUpdater.exe Quarantäne Gen:Variant.Zusy.98086 (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\itsecteam_shell.rar Quarantäne Backdoor.PHP.AOQ (B) C:\Users\Marcel\Desktop\HackPack\Crypter\Grieve Crypter 2012.exe Quarantäne Trojan.GenericKD.1695433 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\Infinity Crypter v2.exe Quarantäne Trojan.Generic.7555382 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\CryptexV3Cracked.exe Quarantäne Gen:Variant.Strictor.136 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\DarKB!nder v1.exe Quarantäne Gen:Variant.Strictor.57864 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\Infinity Crypter\Stubs\Stub_2.exe Quarantäne Gen:Variant.Strictor.28970 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\Infinity Crypter\Stubs\Stub_3.exe Quarantäne Gen:Variant.Kazy.467060 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\Infinity Crypter\Infinity Crypter.exe Quarantäne Trojan.Generic.KDV.102818 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\Infinity Crypter\Stubs\Stub_1.exe Quarantäne Gen:Variant.Kazy.238695 (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\zehir4.rar Quarantäne Backdoor.ASP.Ace.F (B) C:\Users\Marcel\Desktop\HackPack\Bots\IRC Bot Builder\Builder.exe Quarantäne Trojan.Generic.7569248 (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\tryag1.rar Quarantäne Trojan.JS.Agent.FDA (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\zacosmall.rar Quarantäne Trojan.Script.40326 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\Black-Crypt.rar Quarantäne Gen:Variant.Kazy.489311 (B) C:\Users\Marcel\Desktop\HackPack\Bots\{youtube bots}\Youtube Viewer.rar Quarantäne Win32.Sality.3 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\0 Crypter .exe Quarantäne Gen:Variant.Zusy.60373 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\SImple Crypt0r v2.rar Quarantäne Gen:Variant.Graftor.35086 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\Stub3.exe Quarantäne Gen:Trojan.Heur.VP2.lm0@aG!o60Q (B) C:\Users\Marcel\Desktop\HackPack\Crypter\Syslogger.zip Quarantäne Gen:Variant.Kazy.83584 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\ZMini.rar Quarantäne Trojan.GenericKD.1854647 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\Unknow Crypter Private.rar Quarantäne Trojan.Generic.7506173 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\Tyna Crypter.rar Quarantäne Trojan.GenericKD.1464705 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\ZMini.exe Quarantäne Trojan.GenericKD.1854647 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\Mingo Crypter V3.exe Quarantäne Trojan.GenericKD.1959191 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\MoonCrypter.exe Quarantäne Gen:Variant.Raldhep.1 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\Infinity Crypter\Stubs\Stub_4.exe Quarantäne Trojan.Generic.3295278 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\Infinity Crypter\Stubs\Stub_5.exe Quarantäne Gen:Variant.Zusy.14467 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\Psomasweb_Public_Rinajel_Crypter.exe Quarantäne Gen:Variant.Kazy.105505 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\Sikandar's Crypter Version 7.0.exe Quarantäne Gen:Variant.Kazy.386880 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\Porn Crypter.rar Quarantäne Gen:Variant.Kazy.459985 (B) C:\Users\Marcel\Desktop\HackPack\Crypter\Byte Crypter V3.rar Quarantäne Gen:Variant.Kazy.147394 (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\Moroccan Spamers Ma-EditioN By GhOsT.rar Quarantäne Trojan.Script.228354 (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\login.rar Quarantäne Backdoor.PHP.C99Shell.AX (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\Liz0ziM Private Safe Mode.rar Quarantäne Trojan.Exploit.PHP.K (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\PHANTASMA.rar Quarantäne Trojan.Exploit.SSN (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\NIX REMOTE WEB-SHELL v.0.5 alpha Lite Public Version.rar Quarantäne Backdoor.PHP.RST.H (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\nstview.rar Quarantäne Trojan.Script.26770 (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\nst.rar Quarantäne Trojan.Script.26770 (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\kacak.rar Quarantäne Trojan.JS.Agent.FDA (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\liz0zim.rar Quarantäne Trojan.Exploit.PHP.K (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\Jackal v1.9.rar Quarantäne Trojan.Script.O (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\gfs_sh.rar Quarantäne Backdoor.PHP.RST.H (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\lamashell.rar Quarantäne Trojan.Script.15027 (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\sosyete(1).rar Quarantäne Trojan.JS.Agent.FDA (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\simattacker(1).rar Quarantäne Trojan.JS.Agent.FDA (B) C:\Users\Marcel\Desktop\HackPack\Botnet\{Scripts}\{PHP Shells}\SimShell 1.0 - Simorgh Security MGZ.rar Quarantäne Trojan.Script.44186 (B) Quarantäne 480 [/CODE] |
|
11.07.2015, 18:22
| #10 |
| /// TB-Ausbilder /// Anleitungs-Guru | Einmal kurz durchchecken Gut, hier endet dann auch meine Hilfsbereitschaft.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
11.07.2015, 18:31
| #11 |
| | Ähhh Hab ich was falschgemacht??? |
|
11.07.2015, 18:37
| #12 |
| /// TB-Ausbilder /// Anleitungs-Guru | Einmal kurz durchchecken Ich helfe hier Usern, die unfreiwillig mit Malware in Kontakt gekommen sind und Probleme haben, nicht solchen die sich die ganze Platte mit dem Mist vollpacken.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
| Themen zu Einmal kurz durchchecken |
| compu, computer, durchchecken, runter |
