| |
| |||||||
Log-Analyse und Auswertung: Windows 7 - Temp-Ordner verdächtiges VerhaltenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
05.01.2014, 15:54
| #1 |
 |  Windows 7 - Temp-Ordner verdächtiges Verhalten Hallo zusammen. Ich hab ein Problem bei dem ich nicht weiter komme und eure hilfe benötige. Ich hab meinen Temp Ordner auf C:\Temp und den sehe ich mir jeden Tag an dort tauchen .dll Dateien und auch .exe Dateien auf die sofort vom Virenprogramm als Trojaner erkannt werden. Hier nun die zusammengestellten Informationen. defogger_disable Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 14:51 on 05/01/2014 (silversurfer)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-01-2014
Ran by silversurfer (administrator) on MARCEL on 05-01-2014 14:53:08
Running from C:\Users\silversurfer\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin\ccSvcHst.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin\ccSvcHst.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin64\Smc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(FinalWire Ltd.) C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\system\HsMgr64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodtray.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 10\Snagit32.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\netzmanager.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Stardock) C:\Program Files (x86)\Stardock\ObjectDockPlus2\ObjectDock.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 10\TscHelp.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Stardock) C:\Program Files (x86)\Stardock\ObjectDockPlus2\Dock64.exe
(Microsoft) C:\Program Files (x86)\Stardock\ObjectDockPlus2\ObjectDockTray.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 10\SnagPriv.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 10\SnagitEditor.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE
(SWE Sven Ritter) C:\Program Files\SpeedProject\SpeedCommander 14\SpeedCommander.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
(Opera Software) C:\Program Files (x86)\Opera\opera.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [CmPCIaudio] - C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\CMICNFG3.dll,CMICtrlWnd
HKLM\...\Run: [Cmaudio8768GX] - C:\Windows\SysWOW64\HsMgr.exe [200704 2009-09-24] ()
HKLM\...\Run: [Cmaudio8768GX64] - C:\Windows\system\HsMgr64.exe [282112 2009-09-24] ()
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [OODefragTray] - C:\Program Files\OO Software\Defrag\oodtray.exe [3993416 2011-09-18] (O&O Software GmbH)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [3825176 2012-11-13] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-11-16] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] - C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe [840568 2013-09-03] (Adobe Systems Inc.)
Winlogon\Notify\LBTWlgn: C:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
HKCU\...\Run: [Spybot-S&D Cleaning] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3713032 2012-11-13] (Safer-Networking Ltd.)
HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-07-26] (Samsung)
HKCU\...\Policies\Explorer: [NoDrives] 0x00000000
HKCU\...\Policies\Explorer: [NoInstrumentation] 1
MountPoints2: {6956e08e-17a6-11e1-9373-001f1f63289b} - "L:\WD SmartWare.exe" autoplay=true
IFEO\Acrobat.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\acrodist.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\backitup.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\cdspeed.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\coverdes.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\drivespeed.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\formdesigner.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\infotool.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\kies.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\msaccess.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\nero.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\neroburnrights.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\nerohome.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\neromediahome.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\neroscoutoptions.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\nerostartsmart.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\nerovision.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\photosnap.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\photosnapviewer.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\recode.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\setup.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\setupneromobile.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\setupx.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\showtime.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\snapview.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\soundtrax.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\waveedit.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
Startup: C:\Users\silversurfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk
ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG)
Startup: C:\Users\silversurfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk
ShortcutTarget: Stardock ObjectDock.lnk -> C:\Program Files (x86)\Stardock\ObjectDockPlus2\ObjectDock.exe (Stardock)
BootExecute: autocheck autochk * OODBSsdnclean64.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7B53520D97ABCC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKCU - DefaultScope {4779D68D-A6BB-48BA-B1DF-309A8CD020E8} URL = hxxp://search.zonealarm.com/search?src=sp&tbid=base2013&Lan=de&q={searchTerms}&gu=47ddb6615e5f460785f860d643dca0e5&tu=10GX0007k1B0008&sku=&tstsId=&ver=&&r=318
SearchScopes: HKCU - {4779D68D-A6BB-48BA-B1DF-309A8CD020E8} URL = hxxp://search.zonealarm.com/search?src=sp&tbid=base2013&Lan=de&q={searchTerms}&gu=47ddb6615e5f460785f860d643dca0e5&tu=10GX0007k1B0008&sku=&tstsId=&ver=&&r=318
BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll (TechSmith Corporation)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll (TechSmith Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: SDHelper - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
BHO-x32: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin\IPS\IPSBHO.dll (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll (TechSmith Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll (TechSmith Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default
FF NewTab: about:newtab
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: DoNotTrackMe: Online Privacy Protection - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\donottrackplus@abine.com
FF Extension: Ghostery - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\firefox@ghostery.com
FF Extension: Flagfox - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF Extension: Blue Fox - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\{241aae70-0022-11de-87af-0800200c9a66}
FF Extension: FT GraphiteGlow - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\{99e34760-2754-11e0-91fa-0800200c9a66}
FF Extension: DownloadHelper - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: DNS Cache - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\dnscache@dominik.jungowski.xpi
FF Extension: FastestFox - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\smarterwiki@wikiatic.com.xpi
FF Extension: Google Translator for Firefox - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\translator@zoli.bod.xpi
FF Extension: RefControl - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\{455D905A-D37C-4643-A9E2-F6FEFAA0424A}.xpi
FF Extension: Cookie Monster - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\{45d8ff86-d909-11db-9705-005056c00008}.xpi
FF Extension: NoScript - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: Web Developer - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
FF Extension: Download Statusbar - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
FF Extension: Extended Statusbar - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\{daf44bf7-a45e-4450-979c-91cf07434c3d}.xpi
FF Extension: Tab Mix Plus - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
FF Extension: Adblock Edge - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Data\IPSFF
FF Extension: Symantec Intrusion Prevention - C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Data\IPSFF
==================== Services (Whitelisted) =================
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 Netzmanager Service; c:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG)
S4 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [3271496 2011-09-18] (O&O Software GmbH)
R2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [793048 2011-10-25] (PC Tools)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)
R2 SepMasterService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin\ccSvcHst.exe [137224 2011-06-14] (Symantec Corporation)
R3 SmcService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin64\Smc.exe [2591232 2011-06-17] (Symantec Corporation)
S3 SNAC; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin64\snac64.exe [324528 2011-06-17] (Symantec Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2100024 2013-08-30] (TuneUp Software)
==================== Drivers (Whitelisted) ====================
R3 AIDA64Driver; C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [28320 2011-10-25] ()
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2013-06-02] (Wondershare)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-10-07] ()
R1 BHDrvx64; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Data\Definitions\BASHDefs\20131203.011\BHDrvx64.sys [1526488 2013-12-03] (Symantec Corporation)
R3 cmuda3; C:\Windows\System32\drivers\cmudax3.sys [1029120 2010-08-24] (C-Media Inc)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-12-29] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-12-29] (Symantec Corporation)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-07-18] ()
R1 IDSVia64; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Data\Definitions\IPSDefs\20140103.001\IDSvia64.sys [521944 2013-12-13] (Symantec Corporation)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-10-07] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 MEMSWEEP2; C:\Windows\system32\F892.tmp [6144 2009-06-18] (Sophos Plc)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R3 NAVENG; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Data\Definitions\VirusDefs\20140104.006\ENG64.SYS [126040 2013-10-30] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Data\Definitions\VirusDefs\20140104.006\EX64.SYS [2099288 2013-10-30] (Symantec Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 RAMDiskVE; C:\Windows\System32\Drivers\RAMDiskVE.sys [63696 2010-09-22] ()
R3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation )
S3 RTL8192cu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1047144 2011-09-06] (Realtek Semiconductor Corporation )
S1 SAVRKBootTasks; C:\Windows\SysWow64\SAVRKBootTasks.sys [18816 2009-06-18] (Sophos Plc)
R1 SRTSP; C:\Windows\System32\Drivers\SEP\0C01029F\136B.105\x64\SRTSP64.SYS [745592 2011-05-27] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SEP\0C01029F\136B.105\x64\SRTSPX64.SYS [40568 2011-05-27] (Symantec Corporation)
S3 SyDvCtrl; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin64\SyDvCtrl64.sys [29664 2011-06-17] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\Drivers\SEP\0C01029F\136B.105\x64\SYMDS64.SYS [451192 2011-05-02] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\Drivers\SEP\0C01029F\136B.105\x64\SYMEFA64.SYS [928888 2011-05-17] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2013-09-16] (Symantec Corporation)
R1 SymIRON; C:\Windows\System32\Drivers\SEP\0C01029F\136B.105\x64\Ironx64.SYS [170104 2011-05-10] (Symantec Corporation)
R1 SYMNETS; C:\Windows\System32\Drivers\SEP\0C01029F\136B.105\x64\SYMNETS.SYS [386168 2011-04-20] (Symantec Corporation)
R1 SysPlant; C:\Windows\System32\Drivers\SysPlant.sys [147632 2013-09-16] (Symantec Corporation)
R1 Teefer2; C:\Windows\System32\DRIVERS\Teefer.sys [62136 2011-05-26] (Symantec Corporation)
R3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [117040 2011-12-19] (Oracle Corporation)
S3 aswArKrn; \??\c:\Temp\aswArKrn.sys [x]
S3 cpuz136; \??\c:\Temp\cpuz136\cpuz136_x64.sys [x]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-05 14:53 - 2014-01-05 14:53 - 00026510 _____ C:\Users\silversurfer\Desktop\FRST.txt
2014-01-05 14:52 - 2014-01-05 14:52 - 00000000 ____D C:\FRST
2014-01-05 14:51 - 2014-01-05 14:51 - 00000486 _____ C:\Users\silversurfer\Desktop\defogger_disable.log
2014-01-05 14:51 - 2014-01-05 14:51 - 00000000 _____ C:\Users\silversurfer\defogger_reenable
2014-01-05 14:39 - 2014-01-05 14:39 - 00065817 _____ C:\Users\silversurfer\Desktop\69886-alle-hilfesuchenden-eroeffnung-themas-beachten.html
2014-01-05 14:37 - 2014-01-05 14:37 - 00377856 _____ C:\Users\silversurfer\Desktop\gmer_2.1.19163.exe
2014-01-05 14:35 - 2014-01-05 14:35 - 00050477 _____ C:\Users\silversurfer\Desktop\Defogger.exe
2014-01-04 21:00 - 2014-01-04 21:00 - 01233962 _____ C:\Users\silversurfer\Desktop\adwcleaner.exe
2014-01-04 20:18 - 2014-01-04 20:18 - 01931368 _____ (Farbar) C:\Users\silversurfer\Desktop\FRST64.exe
2014-01-04 16:27 - 2014-01-04 16:27 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-01-04 16:25 - 2014-01-04 16:25 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2014-01-04 16:24 - 2014-01-04 16:24 - 00000000 ____D C:\Windows\PCHEALTH
2014-01-04 16:24 - 2014-01-04 16:24 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2014-01-04 16:24 - 2014-01-04 16:24 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2014-01-04 16:22 - 2014-01-04 16:24 - 00000000 ____D C:\Program Files\Microsoft Office
2014-01-04 16:22 - 2014-01-04 16:22 - 00000000 __RHD C:\MSOCache
2014-01-04 16:22 - 2014-01-04 16:22 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2014-01-04 16:22 - 2014-01-04 16:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-12-31 10:36 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-31 10:36 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-31 10:36 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-31 10:36 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-31 10:36 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-31 10:36 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-31 10:36 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-31 10:36 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-31 10:36 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-31 10:36 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-31 10:36 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-31 10:36 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-31 10:36 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-31 10:36 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-31 10:36 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-31 10:36 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-31 10:36 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-31 10:36 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-31 10:36 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-31 10:36 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-31 10:36 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-31 10:36 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-31 10:36 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-31 10:36 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-31 10:36 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-31 10:36 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-31 10:36 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-31 10:36 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-31 10:36 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-31 10:36 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-31 10:36 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-30 12:43 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-30 12:43 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-30 12:43 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-30 12:43 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-30 12:37 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-12-30 12:33 - 2013-12-30 12:33 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-30 12:33 - 2013-12-30 12:33 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-30 12:33 - 2013-12-30 12:33 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-30 12:33 - 2013-12-30 12:33 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-30 12:33 - 2013-12-30 12:33 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-30 12:33 - 2013-12-30 12:33 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-30 12:33 - 2013-12-30 12:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-30 12:25 - 2013-09-04 13:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-12-30 12:25 - 2013-09-04 13:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-12-30 12:25 - 2013-09-04 13:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-12-30 12:25 - 2013-09-04 13:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-12-30 12:25 - 2013-09-04 13:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-12-30 12:25 - 2013-09-04 13:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-12-30 12:25 - 2013-09-04 13:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-12-30 11:09 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-30 11:09 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-30 11:09 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-30 11:09 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-30 11:09 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-30 11:08 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-30 11:08 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-30 11:08 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-30 11:08 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-30 11:08 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-30 11:08 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-30 11:08 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-12-30 11:08 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-12-30 11:08 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-12-30 11:08 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-30 11:08 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-12-30 11:08 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-30 11:08 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-12-30 11:08 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-30 11:08 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-30 11:08 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-30 11:08 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-30 11:08 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-12-30 11:08 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-12-30 11:08 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-12-30 11:08 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-12-30 11:08 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-12-30 11:08 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-30 11:08 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-12-30 11:08 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-12-30 11:08 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-12-30 11:08 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-30 11:08 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-12-30 11:08 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-12-30 11:08 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-12-30 11:08 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-12-30 11:08 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-12-30 11:08 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-12-30 11:08 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-12-30 11:08 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-12-30 11:08 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-12-30 11:08 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-12-30 11:08 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-12-30 11:08 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-12-30 11:08 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-12-30 11:08 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-12-30 11:08 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-12-30 11:08 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-12-30 11:08 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-12-29 20:32 - 2013-11-24 18:48 - 00001374 _____ C:\Users\silversurfer\Desktop\Windows 8.1 Pro x64.lnk
2013-12-29 20:19 - 2013-12-29 20:19 - 00000000 ____D C:\Users\silversurfer\Documents\mobackups
2013-12-14 13:57 - 2013-12-14 13:57 - 00000000 ____D C:\Users\silversurfer\AppData\Roaming\Mozilla
==================== One Month Modified Files and Folders =======
2014-01-05 14:53 - 2014-01-05 14:53 - 00026510 _____ C:\Users\silversurfer\Desktop\FRST.txt
2014-01-05 14:52 - 2014-01-05 14:52 - 00000000 ____D C:\FRST
2014-01-05 14:51 - 2014-01-05 14:51 - 00000486 _____ C:\Users\silversurfer\Desktop\defogger_disable.log
2014-01-05 14:51 - 2014-01-05 14:51 - 00000000 _____ C:\Users\silversurfer\defogger_reenable
2014-01-05 14:51 - 2011-11-25 17:15 - 00000000 ____D C:\Users\silversurfer
2014-01-05 14:39 - 2014-01-05 14:39 - 00065817 _____ C:\Users\silversurfer\Desktop\69886-alle-hilfesuchenden-eroeffnung-themas-beachten.html
2014-01-05 14:37 - 2014-01-05 14:37 - 00377856 _____ C:\Users\silversurfer\Desktop\gmer_2.1.19163.exe
2014-01-05 14:35 - 2014-01-05 14:35 - 00050477 _____ C:\Users\silversurfer\Desktop\Defogger.exe
2014-01-05 14:06 - 2011-11-25 21:59 - 00000000 ____D C:\Users\silversurfer\AppData\Roaming\AIMP
2014-01-05 14:01 - 2011-12-12 16:15 - 00000000 ____D C:\Users\silversurfer\AppData\Roaming\Notepad++
2014-01-05 13:58 - 2011-11-26 17:59 - 00000000 ____D C:\Users\silversurfer\AppData\Roaming\vlc
2014-01-05 12:59 - 2012-07-09 13:54 - 01821290 ____N C:\Windows\WindowsUpdate.log
2014-01-05 11:38 - 2009-07-14 05:45 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-05 11:38 - 2009-07-14 05:45 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-05 11:31 - 2013-06-25 21:24 - 00003246 _____ C:\Windows\System32\Tasks\AIDA64 AutoStart
2014-01-05 11:30 - 2011-12-21 09:46 - 01555894 _____ C:\Windows\system32\oodbs.lor
2014-01-05 11:30 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-04 22:56 - 2013-01-06 11:52 - 00000000 ____D C:\Users\silversurfer\.rs
2014-01-04 21:00 - 2014-01-04 21:00 - 01233962 _____ C:\Users\silversurfer\Desktop\adwcleaner.exe
2014-01-04 20:18 - 2014-01-04 20:18 - 01931368 _____ (Farbar) C:\Users\silversurfer\Desktop\FRST64.exe
2014-01-04 18:28 - 2011-04-12 08:43 - 00699432 _____ C:\Windows\system32\perfh007.dat
2014-01-04 18:28 - 2011-04-12 08:43 - 00149572 _____ C:\Windows\system32\perfc007.dat
2014-01-04 18:28 - 2009-07-14 06:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-04 18:22 - 2011-12-01 11:14 - 00000000 ____D C:\Program Files (x86)\PC Tools Registry Mechanic
2014-01-04 18:05 - 2011-11-25 21:56 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-04 18:05 - 2009-07-14 03:34 - 00000478 _____ C:\Windows\win.ini
2014-01-04 18:01 - 2013-08-18 19:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-04 16:27 - 2014-01-04 16:27 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-01-04 16:25 - 2014-01-04 16:25 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2014-01-04 16:25 - 2011-04-12 08:54 - 00000000 ____D C:\Windows\ShellNew
2014-01-04 16:25 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2014-01-04 16:24 - 2014-01-04 16:24 - 00000000 ____D C:\Windows\PCHEALTH
2014-01-04 16:24 - 2014-01-04 16:24 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2014-01-04 16:24 - 2014-01-04 16:24 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2014-01-04 16:24 - 2014-01-04 16:22 - 00000000 ____D C:\Program Files\Microsoft Office
2014-01-04 16:23 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\System
2014-01-04 16:22 - 2014-01-04 16:22 - 00000000 __RHD C:\MSOCache
2014-01-04 16:22 - 2014-01-04 16:22 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2014-01-04 16:22 - 2014-01-04 16:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2014-01-04 16:22 - 2011-11-25 21:56 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2014-01-04 16:18 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2014-01-03 22:12 - 2013-08-27 17:17 - 00000000 ____D C:\Users\silversurfer\AppData\Roaming\Media Player Classic
2014-01-03 22:12 - 2011-11-25 17:09 - 00000000 ____D C:\Windows\Panther
2014-01-02 21:50 - 2013-04-21 10:49 - 00000000 ____D C:\Program Files (x86)\JDownloader 2
2013-12-31 13:23 - 2011-11-29 16:54 - 00000000 ____D C:\Users\silversurfer\Documents\Snagit
2013-12-31 10:36 - 2011-11-25 18:37 - 01594028 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-12-30 16:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-30 12:50 - 2011-11-25 17:16 - 00001425 _____ C:\Users\silversurfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-30 12:45 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-30 12:33 - 2013-12-30 12:33 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-30 12:33 - 2013-12-30 12:33 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-30 12:33 - 2013-12-30 12:33 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-30 12:33 - 2013-12-30 12:33 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-30 12:33 - 2013-12-30 12:33 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-30 12:33 - 2013-12-30 12:33 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-30 12:33 - 2013-12-30 12:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-30 12:29 - 2013-07-27 20:34 - 00000000 ____D C:\Windows\system32\MRT
2013-12-30 10:59 - 2013-04-28 22:31 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-12-30 10:56 - 2012-04-05 08:37 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-30 10:56 - 2011-11-28 21:12 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-29 20:37 - 2011-11-25 22:51 - 00000000 ____D C:\Users\silversurfer\.VirtualBox
2013-12-29 20:27 - 2011-11-25 18:39 - 00000000 ____D C:\Program Files\CCleaner
2013-12-29 20:19 - 2013-12-29 20:19 - 00000000 ____D C:\Users\silversurfer\Documents\mobackups
2013-12-29 20:03 - 2011-04-12 08:54 - 00000000 ____D C:\Windows\CSC
2013-12-29 20:00 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Msdtc
2013-12-14 13:57 - 2013-12-14 13:57 - 00000000 ____D C:\Users\silversurfer\AppData\Roaming\Mozilla
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-30 12:15
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-01-2014
Ran by silversurfer at 2014-01-05 14:53:45
Running from C:\Users\silversurfer\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Symantec Endpoint Protection (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Symantec Endpoint Protection (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Symantec Endpoint Protection (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
==================== Installed Programs ======================
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0 - Igor Pavlov)
888poker (x32 Version: - )
Abloadtool (x32 Version: - Tim Demkowsky)
abylon EXIF-CLEANER 2013 (x32 Version: 2013 - abylonsoft)
ACDSee 16 (x32 Version: 16.1.88 - ACD Systems International Inc.)
Adobe Acrobat X Pro - English, Français, Deutsch (x32 Version: 10.1.8 - Adobe Systems)
Adobe AIR (x32 Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.7.1.19610 - Adobe Systems Incorporated) Hidden
Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.) Hidden
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.149 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Photoshop CS5.1 (x32 Version: 12.1 - Adobe Systems Incorporated)
AIDA64 Extreme Edition v2.00 (x32 Version: 2.00 - FinalWire Ltd.)
AIMP2 (x32 Version: - AIMP DevTeam)
AIMP2: Audio Tools (x32 Version: - AIMP DevTeam)
AMD Accelerated Video Transcoding (Version: 12.5.100.21116 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1016.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (Version: 8.0.891.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.71116.1554 - Advanced Micro Devices, Inc.) Hidden
ANNO 1404 - Venedig (x32 Version: 2.0.5008.0 - Ubisoft)
Anno 1404 (x32 Version: 1.00.0000 - Ubisoft) Hidden
ANNO 1404 (x32 Version: 1.02.0000 - Ubisoft)
ANNO 2070 (x32 Version: 1.0.0.0 - Ubisoft)
AnVir Task Manager (x32 Version: 6.3.1 - AnVir Software)
ASIO4ALL (x32 Version: 2.10 - Michael Tippach)
Battlefield 4™ (x32 Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (x32 Version: 2.3.0 - EA Digital Illusions CE AB)
BioShock 2 (x32 Version: 1.00.0000 - 2K Games)
CamStudio OSS Desktop Recorder (x32 Version: 2.6 Beta r294 - CamStudio Open Source Dev Team)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2012.1116.1515.27190 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
CCleaner (Version: 4.08 - Piriform)
CheshireCat's One Click Thumbnailer (x32 Version: 1.00.0000 - CheshireCat)
dBpoweramp [Calculate Audio CRC] Codec (x32 Version: - )
dBpoweramp Dalet Codec (x32 Version: - )
dBpoweramp DSP Effects (x32 Version: Release 6 - Illustrate)
dBpoweramp FLAC Codec (x32 Version: Release 12 (FLAC 1.2.1) - Illustrate)
dBpoweramp Monkeys Audio Codec (x32 Version: - )
dBpoweramp Mp2 and BwfMp2 codec (x32 Version: - )
dBpoweramp mp3 (Fraunhofer IIS) Codec (x32 Version: Release 2a (v4.0.3) - Illustrate)
dBpoweramp Music Converter (x32 Version: Release 14 - Illustrate)
dBpoweramp Ogg Vorbis Codec (x32 Version: Release 19 (Vorbis v1.2.0) - Illustrate)
dBpoweramp Real Audio (Helix) Encoder (x32 Version: - )
dBPoweramp tooLame MP2 codec (x32 Version: - )
dBpoweramp Wave64 Codec (x32 Version: - )
dBpoweramp WavPack Codec (x32 Version: - )
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (Version: - Microsoft)
DivX-Setup (x32 Version: 2.6.1.44 - DivX, LLC)
Driver Genius (x32 Version: 12.0 - Driver-Soft Inc.)
DX10 (x32 Version: - Image-Line)
Edison (x32 Version: - Image-Line bvba)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESN Sonar (x32 Version: 0.70.4 - ESN Social Software AB)
F1 2013 German (x32 Version: 1 - )
FIFA 14 Ultimate Edition MULTI-14 1.2.0 (x32 Version: - )
Filters Unlimited 2.0 (x32 Version: - )
Flash Player Pro V5.6 (x32 Version: - FlashPlayerPro.com)
Full Tilt Poker.Eu (x32 Version: 4.55.4.WIN.FullTilt.EU - )
GEAR driver installer for AMD64 and Intel EM64T (Version: 2.003.1 - GEAR Software, Inc.)
GetDataBack for NTFS (x32 Version: 4.22.000 - Runtime Software)
Google Earth (x32 Version: 7.0.2.8415 - Google)
Google Update Helper (x32 Version: 1.3.21.79 - Google Inc.) Hidden
Helium Music Manager 9.3 (x32 Version: 9.3.0.11570 - Imploded Software)
ID3-TagIT 3 (x32 Version: 3 - Michael Pluemper)
IL Download Manager (x32 Version: - Image-Line)
IL DrumSynth Live (x32 Version: - Image-Line)
IL Slicex (x32 Version: - Image-Line)
Index.dat Analyzer v2.5 (x32 Version: 2.5 - Systenance Software)
Java 7 Update 25 (x32 Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
JDownloader 2 (x32 Version: 2 - AppWork GmbH)
K-Lite Codec Pack 10.0.0 Full (x32 Version: 10.0.0 - )
Logitech SetPoint 6.32 (Version: 6.32.20 - Logitech)
MAGIX Video Pro X3 Download-Version (x32 Version: 10.0.12.2 - MAGIX AG)
MAGIX Video Pro X3 Download-Version (x32 Version: 10.0.12.2 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
MediaInfo 0.7.64 (Version: 0.7.64 - MediaArea.net)
MegaTrainer eXperience V1.0.0.5 (x32 Version: - )
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Baseline Security Analyzer 2.2 (Version: 2.2.2170 - Microsoft Corporation)
Microsoft DCF MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Groove MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Word MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
MixMeister Fusion Demo 7.4.4 (x32 Version: - MixMeister Technology LLC)
Mozilla Firefox 12.0 (x86 de) (x32 Version: 12.0 - Mozilla)
MSU Screen Capture Lossless Codec v1.2 (Remove Only) (x32 Version: - )
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0 - Microsoft Corporation)
MyPhoneExplorer (x32 Version: 1.8.5 - F.J. Wechselberger)
Nero 7 Ultra Edition (x32 Version: 7.02.9753 - Nero AG)
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
NetSpeedMonitor 2.5.4.0 x64 (Version: 2.5.4.0 - Florian Gilles)
Netzmanager (Version: 1.071 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
Notepad++ (x32 Version: 5.9.6.2 - )
O&O Defrag Professional (Version: 15.0.73 - O&O Software GmbH)
OpenAL (x32 Version: - )
Opera 12.16 (x32 Version: 12.16.1860 - Opera Software ASA)
Oracle VM VirtualBox 4.2.16 (Version: 4.2.16 - Oracle Corporation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PC Tools Registry Mechanic 11.0 (x32 Version: 11.0 - PC Tools)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
QuickSFV (Remove only) (Version: - )
RapidShare Manager 2 (x32 Version: 2 - RapidShare AG)
Samsung Kies (x32 Version: 2.1.0.11095_121 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.1.0.11095_121 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
SimSynth (x32 Version: - Image-Line)
Snagit 10.0.1 (x32 Version: 10.0.1 - TechSmith Corporation)
Sophos Anti-Rootkit 1.5.0 (x32 Version: 1.5.0 - Sophos Plc)
SpeedCommander 14 (x64) (Version: 14.61.7350 - SWE Sven Ritter)
Spybot - Search & Destroy (x32 Version: 2.0.12 - Safer-Networking Ltd.)
Stardock Software (x32 Version: 1.00 - Stardock Corporation) Hidden
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
SurfMusik 3.1a (x32 Version: 3.1a - Marcus Schmitt)
Symantec Endpoint Protection (Version: 12.1.671.4971 - Symantec Corporation)
Theatron Agrippa (Version: - )
TMPGEnc 4.0 XPress (x32 Version: 4.7.7.307 - Pegasys, Inc.)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.89 - TuneUp Software) Hidden
TuneUp Utilities 2014 (x32 Version: 14.0.1000.89 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.89 - TuneUp Software) Hidden
Ubisoft Game Launcher (x32 Version: 1.0.0.0 - UBISOFT)
UltraEdit (x32 Version: 17.10.1010 - IDM Computer Solutions, Inc.)
UltraEdit (x32 Version: 17.10.1010 - IDM Computer Solutions, Inc.) Hidden
UltraISO Premium V9.52 (x32 Version: - )
Universal Adb Driver (x32 Version: 1.0.0 - ClockworkMod)
Unlocker 1.9.1-x64 (Version: 1.9.1 - Cedrick Collomb)
Update for Microsoft Access 2013 (KB2768008) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Access 2013 (KB2827233) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft InfoPath 2013 (KB2837648) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2817678) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2738038) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760242) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760267) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760539) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760553) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817314) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817626) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2826004) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827225) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827230) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837626) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837637) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837638) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2850066) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2767850) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Project 2013 (KB2727085) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2837635) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft SkyDrive Pro (KB2817495) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft SkyDrive Pro (KB2837652) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Visio 2013 (KB2817306) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2850060) 64-Bit Edition (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.0.6 (x32 Version: 2.0.6 - VideoLAN)
WaveLab 6 (x32 Version: 6.1.0.340 - Steinberg)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0 - Microsoft Corporation)
WinPcap 4.1.3 (x32 Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.00 (64-Bit) (Version: 5.00.0 - win.rar GmbH)
Wireshark 1.10.2 (64-bit) (x32 Version: 1.10.2 - The Wireshark developer community, hxxp://www.wireshark.org)
Xvid Video Codec (x32 Version: 1.3.2 - Xvid Team)
ZoneAlarm Firewall (x32 Version: 11.0.000.057 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Security (x32 Version: 11.0.000.504 - Check Point Software Technologies Ltd.) Hidden
==================== Restore Points =========================
==================== Hosts content: ==========================
2013-04-18 11:18 - 2013-10-07 20:55 - 00002374 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 support.apowersoft.com
127.0.0.1 activate.adobe.com
127.0.0.1 flashfxp.com
127.0.0.1 flashfxp.org
127.0.0.1 flashfxp.ws
127.0.0.1 www.flashfxp.com
127.0.0.1 www.flashfxp.org
127.0.0.1 www.flashfxp.ws
127.0.0.1 liveupdate.inicom.net/verify.php
127.0.0.1 liveupdate.inicom.net
127.0.0.1 liveupdate.flashfxp.com
127.0.0.1 update.inicom.net
127.0.0.1 update.flashfxp.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na2m-pr.licenses.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 ereg.wip4.adobe.com
127.0.0.1 wip.adobe.com
127.0.0.1 wip1.adobe.com
127.0.0.1 wip2.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 wip4.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 hl2rcv.adobe.com
127.0.0.1 adobeereg.com
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
There are 22 more lines.
==================== Scheduled Tasks (whitelisted) =============
Task: {239DFFB1-C095-431C-A56A-A32D753967B1} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {2F219821-3EFD-46F2-B2F1-EF3C8F9DA243} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: {301B41BB-6EDA-439E-AB42-21E53825839A} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12] (Oracle Corporation)
Task: {3DA2EAB6-3FC4-4FC1-B4C3-F1234CB10806} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {6C15BA14-B28B-4A72-9AA8-B3F8DA262C67} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {859DF0C7-B0E0-46EB-B33A-4FD7E4A6E688} - System32\Tasks\RMSmartUpdate => C:\Program Files (x86)\PC Tools Registry Mechanic\Update.exe [2011-10-25] (PC Tools)
Task: {9AD9E316-3CFD-4D30-A8C2-3D8B57F94B60} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {A978F501-9BDA-49BB-8742-D033DA5ADD13} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {AE98D1D1-EB09-4A5B-B62E-B9CB67C6EAF8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {B4DC2474-F865-4FB3-8018-AF8BCDE045C2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {B5DE482C-65DA-4B03-B070-C62F531D9457} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {B6A272BA-0A0F-4CD1-A924-8135C83670DB} - System32\Tasks\AIDA64 AutoStart => C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.exe [2011-10-25] (FinalWire Ltd.)
Task: {B7AAAC85-A9C9-4ED5-92A7-13474FB08AC8} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2013-08-30] (TuneUp Software)
Task: {BE60BFCF-1F31-42D7-840C-9D5F600A1C73} - System32\Tasks\AdobeAAMUpdater-1.0-marcel-silversurfer => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {EDB5A878-417B-415B-AA7C-056E0B779FA1} - System32\Tasks\RMSchedule => C:\Program Files (x86)\PC Tools Registry Mechanic\RegMech.exe [2011-10-25] (PC Tools)
Task: C:\Windows\Tasks\RMSchedule.job => C:\Program Files (x86)\PC Tools Registry Mechanic\RegMech.exe
==================== Loaded Modules (whitelisted) =============
2011-12-01 11:28 - 2010-09-22 21:20 - 00776704 _____ () C:\Program Files (x86)\Stardock\ObjectDockPlus2\Dock64.dll
2010-07-15 05:44 - 2010-07-15 05:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2011-06-14 17:10 - 2011-06-14 17:10 - 00115200 _____ () C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ue64ctmn.dll
2011-07-18 22:04 - 2011-07-18 22:04 - 00301568 _____ () C:\Program Files (x86)\Notepad++\NppShell_04.dll
2011-10-07 10:39 - 2011-10-07 10:39 - 01304856 _____ () C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
2013-06-18 14:49 - 2013-06-18 14:49 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2012-11-16 15:09 - 2012-11-16 15:09 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-07-19 12:55 - 2013-07-19 12:55 - 01421480 _____ () C:\Program Files\Microsoft Office\Office15\ADDINS\UmOutlookAddin.dll
2013-10-17 11:25 - 2013-10-17 11:25 - 00170664 _____ () C:\Program Files\Microsoft Office\Office15\OUTLCTL.DLL
2013-04-28 22:31 - 2012-11-13 13:06 - 00108960 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-04-28 22:31 - 2012-11-13 13:06 - 00416160 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-04-28 22:31 - 2012-11-13 13:06 - 00158624 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-04-28 22:31 - 2012-08-23 08:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-04-28 22:31 - 2012-11-13 13:06 - 00528288 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl
2011-12-01 11:28 - 2010-10-01 02:50 - 00675840 _____ () C:\Program Files (x86)\Stardock\ObjectDockPlus2\DockShellHook.dll
2013-04-28 22:31 - 2012-11-13 13:06 - 00554400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl
2011-12-01 11:28 - 2011-12-01 11:31 - 00807936 _____ () C:\Program Files (x86)\Stardock\ObjectDockPlus2\CrashRpt.dll
2011-12-01 11:28 - 2010-03-09 22:58 - 00053760 _____ () C:\Program Files (x86)\Stardock\ObjectDockPlus2\zlib.dll
2013-12-29 20:11 - 2013-12-29 20:12 - 01952696 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-12-30 10:56 - 2013-12-30 10:56 - 16242056 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SepMasterService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmcService => ""="Service"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/05/2014 02:27:02 PM) (Source: Symantec AntiVirus) (User: marcel)
Description: SYMANTEC MANIPULATIONSSCHUTZ WARNMELDUNG
Ziel: C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin\ccSvcHst.exe
Ereignisinfo: Erstellen Vorgang
Durchgeführte Aktion: Blockiert
Angreifender Prozess: C:\PROGRAM FILES\LOGITECH\SETPOINTP\SETPOINT.EXE (PID 380)
Zeit: Sonntag, 5. Januar 2014 14:27:02
System errors:
=============
Microsoft Office Sessions:
=========================
Error: (01/05/2014 02:27:02 PM) (Source: Symantec AntiVirus)(User: marcel)
Description: SYMANTEC MANIPULATIONSSCHUTZ WARNMELDUNG
Ziel: C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin\ccSvcHst.exe
Ereignisinfo: Erstellen Vorgang
Durchgeführte Aktion: Blockiert
Angreifender Prozess: C:\PROGRAM FILES\LOGITECH\SETPOINTP\SETPOINT.EXE (PID 380)
Zeit: Sonntag, 5. Januar 2014 14:27:02
CodeIntegrity Errors:
===================================
Date: 2014-01-05 11:36:43.141
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sysfer.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-05 11:30:41.656
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sysfer.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-04 18:42:01.960
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sysfer.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-04 18:22:03.873
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sysfer.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-04 18:12:01.804
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sysfer.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-04 15:47:47.484
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sysfer.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-04 15:40:15.332
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sysfer.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-04 12:25:42.959
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sysfer.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-04 11:59:35.388
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sysfer.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-04 10:13:28.184
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sysfer.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 70%
Total physical RAM: 4095.05 MB
Available physical RAM: 1211.3 MB
Total Pagefile: 8188.29 MB
Available Pagefile: 4558.99 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:186.21 GB) (Free:125.88 GB) NTFS
Drive e: (Laufwerk) (Fixed) (Total:931.51 GB) (Free:219.62 GB) NTFS
Drive k: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 68666768)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 186 GB) (Disk ID: 5906C79D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=186 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
05.01.2014, 15:58
| #2 |
| | Windows 7 - Temp-Ordner verdächtiges Verhalten Gmer
__________________Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2014-01-05 15:23:56
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T0L0-2 SAMSUNG_HD200HJ rev.KF100-06 186,31GB
Running: gmer_2.1.19163.exe; Driver: c:\Temp\uwldypog.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff800031b9000 45 bytes [00, 00, 00, 00, 00, 00, 00, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 575 fffff800031b902f 16 bytes [00, 00, 00, 00, 00, 00, 00, ...]
---- User code sections - GMER 2.1 ----
.text C:\Windows\system32\lsm.exe[564] C:\Windows\SYSTEM32\ntdll.dll!NtOpenKey 0000000077a313d0 5 bytes JMP 0000000175562a51
.text C:\Windows\system32\lsm.exe[564] C:\Windows\SYSTEM32\ntdll.dll!NtCreateKey 0000000077a31480 5 bytes JMP 00000001755628e9
.text C:\Windows\system32\lsm.exe[564] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationFile 0000000077a31520 5 bytes JMP 0000000175562b41
.text C:\Windows\system32\lsm.exe[564] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 0000000077a31530 5 bytes JMP 00000001755629d9
.text C:\Windows\system32\lsm.exe[564] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateProcess 0000000077a31570 5 bytes JMP 0000000175562bb9
.text C:\Windows\system32\lsm.exe[564] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile 0000000077a315e0 5 bytes JMP 0000000175562a15
.text C:\Windows\system32\lsm.exe[564] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateThread 0000000077a317e0 5 bytes JMP 0000000175562bf5
.text C:\Windows\system32\lsm.exe[564] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile 0000000077a31800 5 bytes JMP 00000001755628ad
.text C:\Windows\system32\lsm.exe[564] C:\Windows\SYSTEM32\ntdll.dll!NtSetValueKey 0000000077a318b0 5 bytes JMP 0000000175562b7d
.text C:\Windows\system32\lsm.exe[564] C:\Windows\SYSTEM32\ntdll.dll!NtCreateUserProcess 0000000077a31d80 5 bytes JMP 0000000175562925
.text C:\Windows\system32\lsm.exe[564] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteFile 0000000077a31e00 5 bytes JMP 0000000175562961
.text C:\Windows\system32\lsm.exe[564] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteKey 0000000077a31e10 5 bytes JMP 0000000175562ac9
.text C:\Windows\system32\lsm.exe[564] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteValueKey 0000000077a31e40 5 bytes JMP 000000017556299d
.text C:\Windows\system32\lsm.exe[564] C:\Windows\SYSTEM32\ntdll.dll!NtOpenKeyEx 0000000077a32200 5 bytes JMP 0000000175562a8d
.text C:\Windows\system32\lsm.exe[564] C:\Windows\SYSTEM32\ntdll.dll!NtRenameKey 0000000077a32690 5 bytes JMP 0000000175562b05
.text C:\Windows\system32\svchost.exe[664] C:\Windows\SYSTEM32\ntdll.dll!NtOpenKey 0000000077a313d0 5 bytes JMP 0000000175562a51
.text C:\Windows\system32\svchost.exe[664] C:\Windows\SYSTEM32\ntdll.dll!NtCreateKey 0000000077a31480 5 bytes JMP 00000001755628e9
.text C:\Windows\system32\svchost.exe[664] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationFile 0000000077a31520 5 bytes JMP 0000000175562b41
.text C:\Windows\system32\svchost.exe[664] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 0000000077a31530 5 bytes JMP 00000001755629d9
.text C:\Windows\system32\svchost.exe[664] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateProcess 0000000077a31570 5 bytes JMP 0000000175562bb9
.text C:\Windows\system32\svchost.exe[664] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile 0000000077a315e0 5 bytes JMP 0000000175562a15
.text C:\Windows\system32\svchost.exe[664] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateThread 0000000077a317e0 5 bytes JMP 0000000175562bf5
.text C:\Windows\system32\svchost.exe[664] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile 0000000077a31800 5 bytes JMP 00000001755628ad
.text C:\Windows\system32\svchost.exe[664] C:\Windows\SYSTEM32\ntdll.dll!NtSetValueKey 0000000077a318b0 5 bytes JMP 0000000175562b7d
.text C:\Windows\system32\svchost.exe[664] C:\Windows\SYSTEM32\ntdll.dll!NtCreateUserProcess 0000000077a31d80 5 bytes JMP 0000000175562925
.text C:\Windows\system32\svchost.exe[664] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteFile 0000000077a31e00 5 bytes JMP 0000000175562961
.text C:\Windows\system32\svchost.exe[664] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteKey 0000000077a31e10 5 bytes JMP 0000000175562ac9
.text C:\Windows\system32\svchost.exe[664] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteValueKey 0000000077a31e40 5 bytes JMP 000000017556299d
.text C:\Windows\system32\svchost.exe[664] C:\Windows\SYSTEM32\ntdll.dll!NtOpenKeyEx 0000000077a32200 5 bytes JMP 0000000175562a8d
.text C:\Windows\system32\svchost.exe[664] C:\Windows\SYSTEM32\ntdll.dll!NtRenameKey 0000000077a32690 5 bytes JMP 0000000175562b05
.text C:\Windows\system32\winlogon.exe[696] C:\Windows\SYSTEM32\ntdll.dll!NtOpenKey 0000000077a313d0 5 bytes JMP 0000000175562a51
.text C:\Windows\system32\winlogon.exe[696] C:\Windows\SYSTEM32\ntdll.dll!NtCreateKey 0000000077a31480 5 bytes JMP 00000001755628e9
.text C:\Windows\system32\winlogon.exe[696] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationFile 0000000077a31520 5 bytes JMP 0000000175562b41
.text C:\Windows\system32\winlogon.exe[696] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 0000000077a31530 5 bytes JMP 00000001755629d9
.text C:\Windows\system32\winlogon.exe[696] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateProcess 0000000077a31570 5 bytes JMP 0000000175562bb9
.text C:\Windows\system32\winlogon.exe[696] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile 0000000077a315e0 5 bytes JMP 0000000175562a15
.text C:\Windows\system32\winlogon.exe[696] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateThread 0000000077a317e0 5 bytes JMP 0000000175562bf5
.text C:\Windows\system32\winlogon.exe[696] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile 0000000077a31800 5 bytes JMP 00000001755628ad
.text C:\Windows\system32\winlogon.exe[696] C:\Windows\SYSTEM32\ntdll.dll!NtSetValueKey 0000000077a318b0 5 bytes JMP 0000000175562b7d
.text C:\Windows\system32\winlogon.exe[696] C:\Windows\SYSTEM32\ntdll.dll!NtCreateUserProcess 0000000077a31d80 5 bytes JMP 0000000175562925
.text C:\Windows\system32\winlogon.exe[696] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteFile 0000000077a31e00 5 bytes JMP 0000000175562961
.text C:\Windows\system32\winlogon.exe[696] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteKey 0000000077a31e10 5 bytes JMP 0000000175562ac9
.text C:\Windows\system32\winlogon.exe[696] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteValueKey 0000000077a31e40 5 bytes JMP 000000017556299d
.text C:\Windows\system32\winlogon.exe[696] C:\Windows\SYSTEM32\ntdll.dll!NtOpenKeyEx 0000000077a32200 5 bytes JMP 0000000175562a8d
.text C:\Windows\system32\winlogon.exe[696] C:\Windows\SYSTEM32\ntdll.dll!NtRenameKey 0000000077a32690 5 bytes JMP 0000000175562b05
.text C:\Windows\system32\svchost.exe[788] C:\Windows\SYSTEM32\ntdll.dll!NtOpenKey 0000000077a313d0 5 bytes JMP 0000000175562a51
.text C:\Windows\system32\svchost.exe[788] C:\Windows\SYSTEM32\ntdll.dll!NtCreateKey 0000000077a31480 5 bytes JMP 00000001755628e9
.text C:\Windows\system32\svchost.exe[788] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationFile 0000000077a31520 5 bytes JMP 0000000175562b41
.text C:\Windows\system32\svchost.exe[788] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 0000000077a31530 5 bytes JMP 00000001755629d9
.text C:\Windows\system32\svchost.exe[788] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateProcess 0000000077a31570 5 bytes JMP 0000000175562bb9
.text C:\Windows\system32\svchost.exe[788] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile 0000000077a315e0 5 bytes JMP 0000000175562a15
.text C:\Windows\system32\svchost.exe[788] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateThread 0000000077a317e0 5 bytes JMP 0000000175562bf5
.text C:\Windows\system32\svchost.exe[788] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile 0000000077a31800 5 bytes JMP 00000001755628ad
.text C:\Windows\system32\svchost.exe[788] C:\Windows\SYSTEM32\ntdll.dll!NtSetValueKey 0000000077a318b0 5 bytes JMP 0000000175562b7d
.text C:\Windows\system32\svchost.exe[788] C:\Windows\SYSTEM32\ntdll.dll!NtCreateUserProcess 0000000077a31d80 5 bytes JMP 0000000175562925
.text C:\Windows\system32\svchost.exe[788] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteFile 0000000077a31e00 5 bytes JMP 0000000175562961
.text C:\Windows\system32\svchost.exe[788] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteKey 0000000077a31e10 5 bytes JMP 0000000175562ac9
.text C:\Windows\system32\svchost.exe[788] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteValueKey 0000000077a31e40 5 bytes JMP 000000017556299d
.text C:\Windows\system32\svchost.exe[788] C:\Windows\SYSTEM32\ntdll.dll!NtOpenKeyEx 0000000077a32200 5 bytes JMP 0000000175562a8d
.text C:\Windows\system32\svchost.exe[788] C:\Windows\SYSTEM32\ntdll.dll!NtRenameKey 0000000077a32690 5 bytes JMP 0000000175562b05
.text C:\Windows\system32\atiesrxx.exe[868] C:\Windows\SYSTEM32\ntdll.dll!NtOpenKey 0000000077a313d0 5 bytes JMP 0000000175562a51
.text C:\Windows\system32\atiesrxx.exe[868] C:\Windows\SYSTEM32\ntdll.dll!NtCreateKey 0000000077a31480 5 bytes JMP 00000001755628e9
.text C:\Windows\system32\atiesrxx.exe[868] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationFile 0000000077a31520 5 bytes JMP 0000000175562b41
.text C:\Windows\system32\atiesrxx.exe[868] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 0000000077a31530 5 bytes JMP 00000001755629d9
.text C:\Windows\system32\atiesrxx.exe[868] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateProcess 0000000077a31570 5 bytes JMP 0000000175562bb9
.text C:\Windows\system32\atiesrxx.exe[868] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile 0000000077a315e0 5 bytes JMP 0000000175562a15
.text C:\Windows\system32\atiesrxx.exe[868] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateThread 0000000077a317e0 5 bytes JMP 0000000175562bf5
.text C:\Windows\system32\atiesrxx.exe[868] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile 0000000077a31800 5 bytes JMP 00000001755628ad
.text C:\Windows\system32\atiesrxx.exe[868] C:\Windows\SYSTEM32\ntdll.dll!NtSetValueKey 0000000077a318b0 5 bytes JMP 0000000175562b7d
.text C:\Windows\system32\atiesrxx.exe[868] C:\Windows\SYSTEM32\ntdll.dll!NtCreateUserProcess 0000000077a31d80 5 bytes JMP 0000000175562925
.text C:\Windows\system32\atiesrxx.exe[868] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteFile 0000000077a31e00 5 bytes JMP 0000000175562961
.text C:\Windows\system32\atiesrxx.exe[868] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteKey 0000000077a31e10 5 bytes JMP 0000000175562ac9
.text C:\Windows\system32\atiesrxx.exe[868] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteValueKey 0000000077a31e40 5 bytes JMP 000000017556299d
.text C:\Windows\system32\atiesrxx.exe[868] C:\Windows\SYSTEM32\ntdll.dll!NtOpenKeyEx 0000000077a32200 5 bytes JMP 0000000175562a8d
.text C:\Windows\system32\atiesrxx.exe[868] C:\Windows\SYSTEM32\ntdll.dll!NtRenameKey 0000000077a32690 5 bytes JMP 0000000175562b05
.text C:\Windows\System32\svchost.exe[924] C:\Windows\SYSTEM32\ntdll.dll!NtOpenKey 0000000077a313d0 5 bytes JMP 0000000175562a51
.text C:\Windows\System32\svchost.exe[924] C:\Windows\SYSTEM32\ntdll.dll!NtCreateKey 0000000077a31480 5 bytes JMP 00000001755628e9
.text C:\Windows\System32\svchost.exe[924] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationFile 0000000077a31520 5 bytes JMP 0000000175562b41
.text C:\Windows\System32\svchost.exe[924] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 0000000077a31530 5 bytes JMP 00000001755629d9
.text C:\Windows\System32\svchost.exe[924] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateProcess 0000000077a31570 5 bytes JMP 0000000175562bb9
.text C:\Windows\System32\svchost.exe[924] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile 0000000077a315e0 5 bytes JMP 0000000175562a15
.text C:\Windows\System32\svchost.exe[924] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateThread 0000000077a317e0 5 bytes JMP 0000000175562bf5
.text C:\Windows\System32\svchost.exe[924] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile 0000000077a31800 5 bytes JMP 00000001755628ad
.text C:\Windows\System32\svchost.exe[924] C:\Windows\SYSTEM32\ntdll.dll!NtSetValueKey 0000000077a318b0 5 bytes JMP 0000000175562b7d
.text C:\Windows\System32\svchost.exe[924] C:\Windows\SYSTEM32\ntdll.dll!NtCreateUserProcess 0000000077a31d80 5 bytes JMP 0000000175562925
.text C:\Windows\System32\svchost.exe[924] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteFile 0000000077a31e00 5 bytes JMP 0000000175562961
.text C:\Windows\System32\svchost.exe[924] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteKey 0000000077a31e10 5 bytes JMP 0000000175562ac9
.text C:\Windows\System32\svchost.exe[924] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteValueKey 0000000077a31e40 5 bytes JMP 000000017556299d
.text C:\Windows\System32\svchost.exe[924] C:\Windows\SYSTEM32\ntdll.dll!NtOpenKeyEx 0000000077a32200 5 bytes JMP 0000000175562a8d
.text C:\Windows\System32\svchost.exe[924] C:\Windows\SYSTEM32\ntdll.dll!NtRenameKey 0000000077a32690 5 bytes JMP 0000000175562b05
.text C:\Windows\System32\svchost.exe[968] C:\Windows\SYSTEM32\ntdll.dll!NtOpenKey 0000000077a313d0 5 bytes JMP 0000000175562a51
.text C:\Windows\System32\svchost.exe[968] C:\Windows\SYSTEM32\ntdll.dll!NtCreateKey 0000000077a31480 5 bytes JMP 00000001755628e9
.text C:\Windows\System32\svchost.exe[968] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationFile 0000000077a31520 5 bytes JMP 0000000175562b41
.text C:\Windows\System32\svchost.exe[968] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 0000000077a31530 5 bytes JMP 00000001755629d9
.text C:\Windows\System32\svchost.exe[968] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateProcess 0000000077a31570 5 bytes JMP 0000000175562bb9
.text C:\Windows\System32\svchost.exe[968] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile 0000000077a315e0 5 bytes JMP 0000000175562a15
.text C:\Windows\System32\svchost.exe[968] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateThread 0000000077a317e0 5 bytes JMP 0000000175562bf5
.text C:\Windows\System32\svchost.exe[968] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile 0000000077a31800 5 bytes JMP 00000001755628ad
.text C:\Windows\System32\svchost.exe[968] C:\Windows\SYSTEM32\ntdll.dll!NtSetValueKey 0000000077a318b0 5 bytes JMP 0000000175562b7d
.text C:\Windows\System32\svchost.exe[968] C:\Windows\SYSTEM32\ntdll.dll!NtCreateUserProcess 0000000077a31d80 5 bytes JMP 0000000175562925
.text C:\Windows\System32\svchost.exe[968] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteFile 0000000077a31e00 5 bytes JMP 0000000175562961
.text C:\Windows\System32\svchost.exe[968] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteKey 0000000077a31e10 5 bytes JMP 0000000175562ac9
.text C:\Windows\System32\svchost.exe[968] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteValueKey 0000000077a31e40 5 bytes JMP 000000017556299d
.text C:\Windows\System32\svchost.exe[968] C:\Windows\SYSTEM32\ntdll.dll!NtOpenKeyEx 0000000077a32200 5 bytes JMP 0000000175562a8d
.text C:\Windows\System32\svchost.exe[968] C:\Windows\SYSTEM32\ntdll.dll!NtRenameKey 0000000077a32690 5 bytes JMP 0000000175562b05
.text C:\Windows\system32\svchost.exe[1008] C:\Windows\SYSTEM32\ntdll.dll!NtOpenKey 0000000077a313d0 5 bytes JMP 0000000175562a51
.text C:\Windows\system32\svchost.exe[1008] C:\Windows\SYSTEM32\ntdll.dll!NtCreateKey 0000000077a31480 5 bytes JMP 00000001755628e9
.text C:\Windows\system32\svchost.exe[1008] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationFile 0000000077a31520 5 bytes JMP 0000000175562b41
.text C:\Windows\system32\svchost.exe[1008] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 0000000077a31530 5 bytes JMP 00000001755629d9
.text C:\Windows\system32\svchost.exe[1008] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateProcess 0000000077a31570 5 bytes JMP 0000000175562bb9
.text C:\Windows\system32\svchost.exe[1008] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile 0000000077a315e0 5 bytes JMP 0000000175562a15
.text C:\Windows\system32\svchost.exe[1008] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateThread 0000000077a317e0 5 bytes JMP 0000000175562bf5
.text C:\Windows\system32\svchost.exe[1008] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile 0000000077a31800 5 bytes JMP 00000001755628ad
.text C:\Windows\system32\svchost.exe[1008] C:\Windows\SYSTEM32\ntdll.dll!NtSetValueKey 0000000077a318b0 5 bytes JMP 0000000175562b7d
.text C:\Windows\system32\svchost.exe[1008] C:\Windows\SYSTEM32\ntdll.dll!NtCreateUserProcess 0000000077a31d80 5 bytes JMP 0000000175562925
.text C:\Windows\system32\svchost.exe[1008] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteFile 0000000077a31e00 5 bytes JMP 0000000175562961
.text C:\Windows\system32\svchost.exe[1008] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteKey 0000000077a31e10 5 bytes JMP 0000000175562ac9
.text C:\Windows\system32\svchost.exe[1008] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteValueKey 0000000077a31e40 5 bytes JMP 000000017556299d
.text C:\Windows\system32\svchost.exe[1008] C:\Windows\SYSTEM32\ntdll.dll!NtOpenKeyEx 0000000077a32200 5 bytes JMP 0000000175562a8d
.text C:\Windows\system32\svchost.exe[1008] C:\Windows\SYSTEM32\ntdll.dll!NtRenameKey 0000000077a32690 5 bytes JMP 0000000175562b05
.text C:\Windows\system32\svchost.exe[324] C:\Windows\SYSTEM32\ntdll.dll!NtOpenKey 0000000077a313d0 5 bytes JMP 0000000175562a51
.text C:\Windows\system32\svchost.exe[324] C:\Windows\SYSTEM32\ntdll.dll!NtCreateKey 0000000077a31480 5 bytes JMP 00000001755628e9
.text C:\Windows\system32\svchost.exe[324] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationFile 0000000077a31520 5 bytes JMP 0000000175562b41
.text C:\Windows\system32\svchost.exe[324] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 0000000077a31530 5 bytes JMP 00000001755629d9
.text C:\Windows\system32\svchost.exe[324] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateProcess 0000000077a31570 5 bytes JMP 0000000175562bb9
.text C:\Windows\system32\svchost.exe[324] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile 0000000077a315e0 5 bytes JMP 0000000175562a15
.text C:\Windows\system32\svchost.exe[324] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateThread 0000000077a317e0 5 bytes JMP 0000000175562bf5
.text C:\Windows\system32\svchost.exe[324] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile 0000000077a31800 5 bytes JMP 00000001755628ad
.text C:\Windows\system32\svchost.exe[324] C:\Windows\SYSTEM32\ntdll.dll!NtSetValueKey 0000000077a318b0 5 bytes JMP 0000000175562b7d
.text C:\Windows\system32\svchost.exe[324] C:\Windows\SYSTEM32\ntdll.dll!NtCreateUserProcess 0000000077a31d80 5 bytes JMP 0000000175562925
.text C:\Windows\system32\svchost.exe[324] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteFile 0000000077a31e00 5 bytes JMP 0000000175562961
.text C:\Windows\system32\svchost.exe[324] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteKey 0000000077a31e10 5 bytes JMP 0000000175562ac9
.text C:\Windows\system32\svchost.exe[324] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteValueKey 0000000077a31e40 5 bytes JMP 000000017556299d
.text C:\Windows\system32\svchost.exe[324] C:\Windows\SYSTEM32\ntdll.dll!NtOpenKeyEx 0000000077a32200 5 bytes JMP 0000000175562a8d
.text C:\Windows\system32\svchost.exe[324] C:\Windows\SYSTEM32\ntdll.dll!NtRenameKey 0000000077a32690 5 bytes JMP 0000000175562b05
.text C:\Windows\system32\svchost.exe[1016] C:\Windows\SYSTEM32\ntdll.dll!NtOpenKey 0000000077a313d0 5 bytes JMP 0000000175562a51
.text C:\Windows\system32\svchost.exe[1016] C:\Windows\SYSTEM32\ntdll.dll!NtCreateKey 0000000077a31480 5 bytes JMP 00000001755628e9
.text C:\Windows\system32\svchost.exe[1016] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationFile 0000000077a31520 5 bytes JMP 0000000175562b41
.text C:\Windows\system32\svchost.exe[1016] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 0000000077a31530 5 bytes JMP 00000001755629d9
.text C:\Windows\system32\svchost.exe[1016] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateProcess 0000000077a31570 5 bytes JMP 0000000175562bb9
.text C:\Windows\system32\svchost.exe[1016] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile 0000000077a315e0 5 bytes JMP 0000000175562a15
.text C:\Windows\system32\svchost.exe[1016] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateThread 0000000077a317e0 5 bytes JMP 0000000175562bf5
.text C:\Windows\system32\svchost.exe[1016] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile 0000000077a31800 5 bytes JMP 00000001755628ad
.text C:\Windows\system32\svchost.exe[1016] C:\Windows\SYSTEM32\ntdll.dll!NtSetValueKey 0000000077a318b0 5 bytes JMP 0000000175562b7d
.text C:\Windows\system32\svchost.exe[1016] C:\Windows\SYSTEM32\ntdll.dll!NtCreateUserProcess 0000000077a31d80 5 bytes JMP 0000000175562925
.text C:\Windows\system32\svchost.exe[1016] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteFile 0000000077a31e00 5 bytes JMP 0000000175562961
.text C:\Windows\system32\svchost.exe[1016] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteKey 0000000077a31e10 5 bytes JMP 0000000175562ac9
.text C:\Windows\system32\svchost.exe[1016] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteValueKey 0000000077a31e40 5 bytes JMP 000000017556299d
.text C:\Windows\system32\svchost.exe[1016] C:\Windows\SYSTEM32\ntdll.dll!NtOpenKeyEx 0000000077a32200 5 bytes JMP 0000000175562a8d
.text C:\Windows\system32\svchost.exe[1016] C:\Windows\SYSTEM32\ntdll.dll!NtRenameKey 0000000077a32690 5 bytes JMP 0000000175562b05
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\SYSTEM32\ntdll.dll!NtOpenKey 0000000077a313d0 5 bytes JMP 0000000175562a51
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\SYSTEM32\ntdll.dll!NtCreateKey 0000000077a31480 5 bytes JMP 00000001755628e9
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationFile 0000000077a31520 5 bytes JMP 0000000175562b41
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 0000000077a31530 5 bytes JMP 00000001755629d9
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateProcess 0000000077a31570 5 bytes JMP 0000000175562bb9
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile 0000000077a315e0 5 bytes JMP 0000000175562a15
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateThread 0000000077a317e0 5 bytes JMP 0000000175562bf5
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile 0000000077a31800 5 bytes JMP 00000001755628ad
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\SYSTEM32\ntdll.dll!NtSetValueKey 0000000077a318b0 5 bytes JMP 0000000175562b7d
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\SYSTEM32\ntdll.dll!NtCreateUserProcess 0000000077a31d80 5 bytes JMP 0000000175562925
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteFile 0000000077a31e00 5 bytes JMP 0000000175562961
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteKey 0000000077a31e10 5 bytes JMP 0000000175562ac9
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteValueKey 0000000077a31e40 5 bytes JMP 000000017556299d
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\SYSTEM32\ntdll.dll!NtOpenKeyEx 0000000077a32200 5 bytes JMP 0000000175562a8d
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\SYSTEM32\ntdll.dll!NtRenameKey 0000000077a32690 5 bytes JMP 0000000175562b05
.text C:\Windows\system32\atieclxx.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!NtOpenKey 0000000077a313d0 5 bytes JMP 0000000175562a51
.text C:\Windows\system32\atieclxx.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!NtCreateKey 0000000077a31480 5 bytes JMP 00000001755628e9
.text C:\Windows\system32\atieclxx.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationFile 0000000077a31520 5 bytes JMP 0000000175562b41
.text C:\Windows\system32\atieclxx.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 0000000077a31530 5 bytes JMP 00000001755629d9
.text C:\Windows\system32\atieclxx.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateProcess 0000000077a31570 5 bytes JMP 0000000175562bb9
.text C:\Windows\system32\atieclxx.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile 0000000077a315e0 5 bytes JMP 0000000175562a15
.text C:\Windows\system32\atieclxx.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateThread 0000000077a317e0 5 bytes JMP 0000000175562bf5
.text C:\Windows\system32\atieclxx.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile 0000000077a31800 5 bytes JMP 00000001755628ad
.text C:\Windows\system32\atieclxx.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!NtSetValueKey 0000000077a318b0 5 bytes JMP 0000000175562b7d
.text C:\Windows\system32\atieclxx.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!NtCreateUserProcess 0000000077a31d80 5 bytes JMP 0000000175562925
.text C:\Windows\system32\atieclxx.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteFile 0000000077a31e00 5 bytes JMP 0000000175562961
.text C:\Windows\system32\atieclxx.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteKey 0000000077a31e10 5 bytes JMP 0000000175562ac9
.text C:\Windows\system32\atieclxx.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteValueKey 0000000077a31e40 5 bytes JMP 000000017556299d
.text C:\Windows\system32\atieclxx.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!NtOpenKeyEx 0000000077a32200 5 bytes JMP 0000000175562a8d
.text C:\Windows\system32\atieclxx.exe[1260] C:\Windows\SYSTEM32\ntdll.dll!NtRenameKey 0000000077a32690 5 bytes JMP 0000000175562b05
.text C:\Windows\System32\spoolsv.exe[1388] C:\Windows\SYSTEM32\ntdll.dll!NtOpenKey 0000000077a313d0 5 bytes JMP 0000000175562a51
.text C:\Windows\System32\spoolsv.exe[1388] C:\Windows\SYSTEM32\ntdll.dll!NtCreateKey 0000000077a31480 5 bytes JMP 00000001755628e9
.text C:\Windows\System32\spoolsv.exe[1388] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationFile 0000000077a31520 5 bytes JMP 0000000175562b41
.text C:\Windows\System32\spoolsv.exe[1388] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 0000000077a31530 5 bytes JMP 00000001755629d9
.text C:\Windows\System32\spoolsv.exe[1388] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateProcess 0000000077a31570 5 bytes JMP 0000000175562bb9
.text C:\Windows\System32\spoolsv.exe[1388] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile 0000000077a315e0 5 bytes JMP 0000000175562a15
.text C:\Windows\System32\spoolsv.exe[1388] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateThread 0000000077a317e0 5 bytes JMP 0000000175562bf5
.text C:\Windows\System32\spoolsv.exe[1388] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile 0000000077a31800 5 bytes JMP 00000001755628ad
.text C:\Windows\System32\spoolsv.exe[1388] C:\Windows\SYSTEM32\ntdll.dll!NtSetValueKey 0000000077a318b0 5 bytes JMP 0000000175562b7d
.text C:\Windows\System32\spoolsv.exe[1388] C:\Windows\SYSTEM32\ntdll.dll!NtCreateUserProcess 0000000077a31d80 5 bytes JMP 0000000175562925
.text C:\Windows\System32\spoolsv.exe[1388] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteFile 0000000077a31e00 5 bytes JMP 0000000175562961
.text C:\Windows\System32\spoolsv.exe[1388] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteKey 0000000077a31e10 5 bytes JMP 0000000175562ac9
.text C:\Windows\System32\spoolsv.exe[1388] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteValueKey 0000000077a31e40 5 bytes JMP 000000017556299d
.text C:\Windows\System32\spoolsv.exe[1388] C:\Windows\SYSTEM32\ntdll.dll!NtOpenKeyEx 0000000077a32200 5 bytes JMP 0000000175562a8d
.text C:\Windows\System32\spoolsv.exe[1388] C:\Windows\SYSTEM32\ntdll.dll!NtRenameKey 0000000077a32690 5 bytes JMP 0000000175562b05
.text C:\Windows\system32\svchost.exe[1416] C:\Windows\SYSTEM32\ntdll.dll!NtOpenKey 0000000077a313d0 5 bytes JMP 0000000175562a51
.text C:\Windows\system32\svchost.exe[1416] C:\Windows\SYSTEM32\ntdll.dll!NtCreateKey 0000000077a31480 5 bytes JMP 00000001755628e9
.text C:\Windows\system32\svchost.exe[1416] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationFile 0000000077a31520 5 bytes JMP 0000000175562b41
.text C:\Windows\system32\svchost.exe[1416] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection 0000000077a31530 5 bytes JMP 00000001755629d9
.text C:\Windows\system32\svchost.exe[1416] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateProcess 0000000077a31570 5 bytes JMP 0000000175562bb9
.text C:\Windows\system32\svchost.exe[1416] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile 0000000077a315e0 5 bytes JMP 0000000175562a15
.text C:\Windows\system32\svchost.exe[1416] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateThread 0000000077a317e0 5 bytes JMP 0000000175562bf5
.text C:\Windows\system32\svchost.exe[1416] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile 0000000077a31800 5 bytes JMP 00000001755628ad
.text C:\Windows\system32\svchost.exe[1416] C:\Windows\SYSTEM32\ntdll.dll!NtSetValueKey 0000000077a318b0 5 bytes JMP 0000000175562b7d
.text C:\Windows\system32\svchost.exe[1416] C:\Windows\SYSTEM32\ntdll.dll!NtCreateUserProcess 0000000077a31d80 5 bytes JMP 0000000175562925
.text C:\Windows\system32\svchost.exe[1416] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteFile 0000000077a31e00 5 bytes JMP 0000000175562961
.text C:\Windows\system32\svchost.exe[1416] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteKey 0000000077a31e10 5 bytes JMP 0000000175562ac9
.text C:\Windows\system32\svchost.exe[1416] C:\Windows\SYSTEM32\ntdll.dll!NtDeleteValueKey 0000000077a31e40 5 bytes JMP 000000017556299d
.text C:\Windows\system32\svchost.exe[1416] C:\Windows\SYSTEM32\ntdll.dll!NtOpenKeyEx 0000000077a32200 5 bytes JMP 0000000175562a8d
.text C:\Windows\system32\svchost.exe[1416] C:\Windows\SYSTEM32\ntdll.dll!NtRenameKey 0000000077a32690 5 bytes JMP 0000000175562b05
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1572] C:\Windows\SysWOW64\ntdll.dll!NtOpenKey + 5 0000000077bdfa2d 5 bytes JMP 0000000173fb05e4
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1572] C:\Windows\SysWOW64\ntdll.dll!NtCreateKey + 5 0000000077bdfb45 5 bytes JMP 0000000173fb047c
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1572] C:\Windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5 0000000077bdfc3d 5 bytes JMP 0000000173fb06d4
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1572] C:\Windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5 0000000077bdfc55 5 bytes JMP 0000000173fb056c
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1572] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess + 5 0000000077bdfcb5 5 bytes JMP 0000000173fb074c
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1572] C:\Windows\SysWOW64\ntdll.dll!NtOpenFile + 5 0000000077bdfd69 5 bytes JMP 0000000173fb05a8
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1572] C:\Windows\SysWOW64\ntdll.dll!NtTerminateThread + 5 0000000077be0089 5 bytes JMP 0000000173fb0788
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1572] C:\Windows\SysWOW64\ntdll.dll!NtCreateFile + 5 0000000077be00b9 5 bytes JMP 0000000173fb0440
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1572] C:\Windows\SysWOW64\ntdll.dll!NtSetValueKey + 5 0000000077be01c9 5 bytes JMP 0000000173fb0710
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1572] C:\Windows\SysWOW64\ntdll.dll!NtCreateUserProcess + 5 0000000077be0921 5 bytes JMP 0000000173fb04b8
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1572] C:\Windows\SysWOW64\ntdll.dll!NtDeleteFile + 5 0000000077be09e9 5 bytes JMP 0000000173fb04f4
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1572] C:\Windows\SysWOW64\ntdll.dll!NtDeleteKey + 5 0000000077be0a01 5 bytes JMP 0000000173fb065c
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1572] C:\Windows\SysWOW64\ntdll.dll!NtDeleteValueKey + 5 0000000077be0a49 5 bytes JMP 0000000173fb0530
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1572] C:\Windows\SysWOW64\ntdll.dll!NtOpenKeyEx + 5 0000000077be101d 5 bytes JMP 0000000173fb0620
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1572] C:\Windows\SysWOW64\ntdll.dll!NtRenameKey + 5 0000000077be171d 5 bytes JMP 0000000173fb0698
.text C:\Windows\system32\svchost.exe[1620] C:\Windows\SYSTEM32\ntdll.dll!NtOpenKey 0000000077a313d0 5 bytes JMP 0000000175562a51
.text C:\Windows\system32\svchost.exe[1620] C:\Windows\SYSTEM32\ntdll.dll!NtCreateKey 0000000077a31480 5 bytes JMP 00000001755628e9
.text C:\Windows\system32\svchost.exe[1620] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationFile 0000000077a31520 5 bytes JMP 0000000175562b41
.text C:\Windows\system32\svchost.exe[1620] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection
Code:
ATTFilter Dateiname,Risiko,Aktion,Risikotyp,Quelladresse,Computer,Benutzer,Status,Aktueller Ablageort,Prim„re Aktion,Sekund„re Aktion,Protokolliert von,Aktionsbeschreibung,Datum und Uhrzeit
dwh4d55.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","02.01.2014 13:00:32"
dwh231b.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","02.01.2014 13:00:53"
dwh3b4d.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","02.01.2014 13:01:09"
dwh5331.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","02.01.2014 13:01:28"
dwh6ad7.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","02.01.2014 13:01:44"
dwh825e.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","02.01.2014 13:01:59"
dwhb30a.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","04.01.2014 19:46:04"
dwhd50c.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","04.01.2014 19:46:35"
dwhed10.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","04.01.2014 19:47:07"
dwhee.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","04.01.2014 19:47:36"
dwh2080.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","04.01.2014 19:48:13"
dwhac84.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","05.01.2014 12:20:32"
dwh3420.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","04.01.2014 19:48:48"
dwhd192.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","05.01.2014 12:21:01"
dwh47c1.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","04.01.2014 19:49:19"
dwhe571.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","05.01.2014 12:21:25"
dwh5bde.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","04.01.2014 19:49:37"
dwhf96f.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","05.01.2014 12:21:51"
dwh6feb.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","04.01.2014 19:49:56"
dwh12ba.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","05.01.2014 12:22:06"
dwh8c90.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","04.01.2014 19:50:20"
dwh2273.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","05.01.2014 12:22:20"
dwhb2d1.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","02.01.2014 13:02:15"
dwhabf3.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","04.01.2014 19:50:39"
dwh3614.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","05.01.2014 12:22:34"
dwh4aae.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","05.01.2014 12:22:49"
dwhc9a1.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","04.01.2014 19:50:58"
dwh5e8c.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","05.01.2014 12:23:03"
dwh7a18.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","05.01.2014 12:23:20"
dwh91af.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","05.01.2014 12:23:36"
dwh131e.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","05.01.2014 12:23:52"
dwhdd80.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","04.01.2014 19:51:14"
dwhf130.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","04.01.2014 19:51:33"
dwh26af.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","05.01.2014 12:24:06"
dwh3e36.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","05.01.2014 12:24:21"
dwh4ef.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","04.01.2014 19:51:52"
dwhb0ee.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","02.01.2014 13:02:31"
dwhc487.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","04.01.2014 19:52:09"
dwhf3c3.exe,"Suspicious.Cloud.2","Isoliert","Datei Heuristikvirus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","04.01.2014 19:52:28"
dwhb4a.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","04.01.2014 19:52:51"
dwh5dfc.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","04.01.2014 19:53:07"
dwh89dd.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","04.01.2014 19:53:22"
dwhb4e4.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","04.01.2014 19:53:37"
dwhc0a8.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","02.01.2014 13:06:48"
dwhd83e.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","02.01.2014 13:07:07"
dwhd88b.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","04.01.2014 19:53:51"
dwhdc2d.dll,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","04.01.2014 19:54:07"
dwhedc1.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","04.01.2014 19:54:22"
dwh595.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","04.01.2014 19:54:37"
dwh2518.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","04.01.2014 19:54:51"
dwh365.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","02.01.2014 13:07:23"
dwh39ff.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","04.01.2014 19:55:06"
dwhebde.dll,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","02.01.2014 13:07:38"
dwhe8b9.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","05.01.2014 12:24:36"
dwh1c19.exe,"Suspicious.Cloud.2","Isoliert","Datei Heuristikvirus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","05.01.2014 12:24:54"
dwh51c6.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","05.01.2014 12:25:11"
dwhacfd.exe,"Suspicious.Cloud.2","Isoliert","Datei Heuristikvirus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","02.01.2014 13:07:52"
dwh5a6c.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","04.01.2014 19:55:21"
dwh3391.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","05.01.2014 12:25:28"
dwh725f.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","04.01.2014 19:55:35"
dwhb35.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","02.01.2014 13:08:07"
dwh5581.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","02.01.2014 13:08:21"
dwhd28b.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","04.01.2014 19:55:49"
dwhe6a8.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","04.01.2014 19:56:04"
dwh7594.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","04.01.2014 19:56:20"
dwhcbb1.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","04.01.2014 19:56:34"
dwh3622.exe,"Suspicious.Cloud.2","Isoliert","Datei Heuristikvirus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","04.01.2014 19:56:48"
dwh913f.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","04.01.2014 19:57:03"
dwh517f.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","04.01.2014 19:57:17"
dwhae96.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","04.01.2014 19:57:33"
dwhfaa6.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","04.01.2014 19:57:47"
dwh8a63.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","04.01.2014 19:58:02"
dwhe37.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","04.01.2014 19:58:17"
dwhfaae.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","04.01.2014 19:58:33"
dwhe337.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","04.01.2014 19:58:50"
dwh23d9.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","02.01.2014 16:58:14"
Danke für die Hilfe im vorraus. Geändert von Scotty7 (05.01.2014 um 16:22 Uhr) |
|
05.01.2014, 16:03
| #3 |
| /// TB-Ausbilder   | Windows 7 - Temp-Ordner verdächtiges Verhalten Hi,
__________________ich hab bei der ersten schnelle Durchsicht der Logs gesehen, dass du unsaubere Software nutzt. Das unterstützen wir nicht: http://www.trojaner-board.de/95394-c...-software.html Wenn ich dir helfen soll, dann deinstalliere und entferne jetzt zuerst restlos alle illegale Software (Cracks, Keygens, etc.). Sobald alles weg ist, können wir loslegen. Sollte ich im weiteren Verlauf aber trotz dieser Warnung nochmals sowas sehen, ist Schluss. Gib mir Bescheid, sobald es hier weiter geht.
__________________ |
|
10.01.2014, 13:41
| #4 |
| | Windows 7 - Temp-Ordner verdächtiges Verhalten Hi Leo, ich hab nun alles an Software deinstalliert was meines wissens nich dort drauf geört, was jetzt noch auf dem PC verweilt, ist entweder Freeware oder gekaufte Software. Demnach können wir hier weiter machen.  |
|
10.01.2014, 13:51
| #5 |
| /// TB-Ausbilder | Windows 7 - Temp-Ordner verdächtiges Verhalten Ok, alles klar. Starte noch einmal FRST.
__________________ cheers, Leo |
|
10.01.2014, 14:17
| #6 |
| | Windows 7 - Temp-Ordner verdächtiges Verhalten Hier die neu angeforderten Logs.. FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-01-2014
Ran by silversurfer (administrator) on MARCEL on 10-01-2014 13:58:23
Running from C:\Users\silversurfer\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin\ccSvcHst.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin\ccSvcHst.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\system\HsMgr64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodtray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(FinalWire Ltd.) C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 10\Snagit32.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\netzmanager.exe
(Stardock) C:\Program Files (x86)\Stardock\ObjectDockPlus2\ObjectDock.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 10\TscHelp.exe
(Stardock) C:\Program Files (x86)\Stardock\ObjectDockPlus2\Dock64.exe
(Microsoft) C:\Program Files (x86)\Stardock\ObjectDockPlus2\ObjectDockTray.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin64\Smc.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 10\SnagPriv.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 10\SnagitEditor.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(SWE Sven Ritter) C:\Program Files\SpeedProject\SpeedCommander 14\SpeedCommander.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [CmPCIaudio] - C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\CMICNFG3.dll,CMICtrlWnd
HKLM\...\Run: [Cmaudio8768GX] - C:\Windows\SysWOW64\HsMgr.exe [200704 2009-09-24] ()
HKLM\...\Run: [Cmaudio8768GX64] - C:\Windows\system\HsMgr64.exe [282112 2009-09-24] ()
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [OODefragTray] - C:\Program Files\OO Software\Defrag\oodtray.exe [3993416 2011-09-18] (O&O Software GmbH)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [3825176 2012-11-13] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-11-16] (Advanced Micro Devices, Inc.)
Winlogon\Notify\LBTWlgn: C:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
HKCU\...\Run: [Spybot-S&D Cleaning] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3713032 2012-11-13] (Safer-Networking Ltd.)
HKCU\...\Policies\Explorer: [NoDrives] 0x00000000
HKCU\...\Policies\Explorer: [NoInstrumentation] 1
MountPoints2: {6956e08e-17a6-11e1-9373-001f1f63289b} - "L:\WD SmartWare.exe" autoplay=true
Startup: C:\Users\silversurfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk
ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG)
Startup: C:\Users\silversurfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk
ShortcutTarget: Stardock ObjectDock.lnk -> C:\Program Files (x86)\Stardock\ObjectDockPlus2\ObjectDock.exe (Stardock)
BootExecute: autocheck autochk * OODBSsdnclean64.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7B53520D97ABCC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKCU - DefaultScope {4779D68D-A6BB-48BA-B1DF-309A8CD020E8} URL = hxxp://search.zonealarm.com/search?src=sp&tbid=base2013&Lan=de&q={searchTerms}&gu=47ddb6615e5f460785f860d643dca0e5&tu=10GX0007k1B0008&sku=&tstsId=&ver=&&r=318
SearchScopes: HKCU - {4779D68D-A6BB-48BA-B1DF-309A8CD020E8} URL = hxxp://search.zonealarm.com/search?src=sp&tbid=base2013&Lan=de&q={searchTerms}&gu=47ddb6615e5f460785f860d643dca0e5&tu=10GX0007k1B0008&sku=&tstsId=&ver=&&r=318
BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll (TechSmith Corporation)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll (TechSmith Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: SDHelper - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
BHO-x32: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin\IPS\IPSBHO.dll (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll (TechSmith Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll (TechSmith Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: DoNotTrackMe: Online Privacy Protection - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\donottrackplus@abine.com
FF Extension: Ghostery - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\firefox@ghostery.com
FF Extension: No Name - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\staged
FF Extension: Flagfox - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF Extension: Blue Fox - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\{241aae70-0022-11de-87af-0800200c9a66}
FF Extension: FT GraphiteGlow - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\{99e34760-2754-11e0-91fa-0800200c9a66}
FF Extension: DownloadHelper - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: DNS Cache - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\dnscache@dominik.jungowski.xpi
FF Extension: FastestFox - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\smarterwiki@wikiatic.com.xpi
FF Extension: Google Translator for Firefox - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\translator@zoli.bod.xpi
FF Extension: RefControl - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\{455D905A-D37C-4643-A9E2-F6FEFAA0424A}.xpi
FF Extension: Cookie Monster - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\{45d8ff86-d909-11db-9705-005056c00008}.xpi
FF Extension: NoScript - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: Web Developer - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
FF Extension: Download Statusbar - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
FF Extension: Extended Statusbar - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\{daf44bf7-a45e-4450-979c-91cf07434c3d}.xpi
FF Extension: Tab Mix Plus - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
FF Extension: Adblock Edge - C:\Users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Data\IPSFF
FF Extension: Symantec Intrusion Prevention - C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Data\IPSFF
==================== Services (Whitelisted) =================
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 Netzmanager Service; c:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [3271496 2011-09-18] (O&O Software GmbH)
R2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [793048 2011-10-25] (PC Tools)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)
R2 SepMasterService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin\ccSvcHst.exe [137224 2011-06-14] (Symantec Corporation)
R3 SmcService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin64\Smc.exe [2591232 2011-06-17] (Symantec Corporation)
S3 SNAC; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin64\snac64.exe [324528 2011-06-17] (Symantec Corporation)
==================== Drivers (Whitelisted) ====================
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2013-06-02] (Wondershare)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-10-07] ()
R1 BHDrvx64; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Data\Definitions\BASHDefs\20131203.011\BHDrvx64.sys [1526488 2013-12-03] (Symantec Corporation)
R3 cmuda3; C:\Windows\System32\drivers\cmudax3.sys [1029120 2010-08-24] (C-Media Inc)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-12-29] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-12-29] (Symantec Corporation)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-07-18] ()
R1 IDSVia64; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Data\Definitions\IPSDefs\20140109.001\IDSvia64.sys [521944 2013-12-13] (Symantec Corporation)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-10-07] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 MEMSWEEP2; C:\Windows\system32\F892.tmp [6144 2009-06-18] (Sophos Plc)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R3 NAVENG; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Data\Definitions\VirusDefs\20140109.018\ENG64.SYS [126040 2013-10-30] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Data\Definitions\VirusDefs\20140109.018\EX64.SYS [2099288 2013-10-30] (Symantec Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 RAMDiskVE; C:\Windows\System32\Drivers\RAMDiskVE.sys [63696 2010-09-22] ()
R3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation )
S3 RTL8192cu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1047144 2011-09-06] (Realtek Semiconductor Corporation )
R1 SRTSP; C:\Windows\System32\Drivers\SEP\0C01029F\136B.105\x64\SRTSP64.SYS [745592 2011-05-27] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SEP\0C01029F\136B.105\x64\SRTSPX64.SYS [40568 2011-05-27] (Symantec Corporation)
S3 SyDvCtrl; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin64\SyDvCtrl64.sys [29664 2011-06-17] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\Drivers\SEP\0C01029F\136B.105\x64\SYMDS64.SYS [451192 2011-05-02] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\Drivers\SEP\0C01029F\136B.105\x64\SYMEFA64.SYS [928888 2011-05-17] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2013-09-16] (Symantec Corporation)
R1 SymIRON; C:\Windows\System32\Drivers\SEP\0C01029F\136B.105\x64\Ironx64.SYS [170104 2011-05-10] (Symantec Corporation)
R1 SYMNETS; C:\Windows\System32\Drivers\SEP\0C01029F\136B.105\x64\SYMNETS.SYS [386168 2011-04-20] (Symantec Corporation)
R1 SysPlant; C:\Windows\System32\Drivers\SysPlant.sys [147632 2013-09-16] (Symantec Corporation)
R1 Teefer2; C:\Windows\System32\DRIVERS\Teefer.sys [62136 2011-05-26] (Symantec Corporation)
R3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [117040 2011-12-19] (Oracle Corporation)
R3 AIDA64Driver; \??\c:\Temp\AIDA64Driver.sys [x]
S3 aswArKrn; \??\c:\Temp\aswArKrn.sys [x]
S3 cpuz136; \??\c:\Temp\cpuz136\cpuz136_x64.sys [x]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-10 13:58 - 2014-01-10 13:58 - 00022134 _____ C:\Users\silversurfer\Desktop\FRST.txt
2014-01-10 13:58 - 2014-01-10 13:58 - 00000000 ____D C:\FRST
2014-01-10 13:57 - 2014-01-04 20:18 - 01931368 _____ (Farbar) C:\Users\silversurfer\Desktop\FRST64.exe
2014-01-06 13:14 - 2014-01-06 13:14 - 00000842 _____ C:\Users\silversurfer\Desktop\Trojaner.lnk
2014-01-05 18:20 - 2014-01-05 18:20 - 00000000 ____D C:\Windows\ERUNT
2014-01-05 15:34 - 2014-01-05 15:34 - 00000000 ____D C:\Users\silversurfer\Documents\Benutzerdefinierte Office-Vorlagen
2014-01-05 14:51 - 2014-01-05 14:51 - 00000000 _____ C:\Users\silversurfer\defogger_reenable
2014-01-04 16:27 - 2014-01-04 16:27 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-01-04 16:25 - 2014-01-04 16:25 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2014-01-04 16:24 - 2014-01-04 16:24 - 00000000 ____D C:\Windows\PCHEALTH
2014-01-04 16:24 - 2014-01-04 16:24 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2014-01-04 16:24 - 2014-01-04 16:24 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2014-01-04 16:22 - 2014-01-04 16:24 - 00000000 ____D C:\Program Files\Microsoft Office
2014-01-04 16:22 - 2014-01-04 16:22 - 00000000 __RHD C:\MSOCache
2014-01-04 16:22 - 2014-01-04 16:22 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2014-01-04 16:22 - 2014-01-04 16:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-12-31 10:36 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-31 10:36 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-31 10:36 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-31 10:36 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-31 10:36 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-31 10:36 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-31 10:36 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-31 10:36 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-31 10:36 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-31 10:36 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-31 10:36 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-31 10:36 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-31 10:36 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-31 10:36 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-31 10:36 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-31 10:36 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-31 10:36 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-31 10:36 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-31 10:36 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-31 10:36 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-31 10:36 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-31 10:36 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-31 10:36 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-31 10:36 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-31 10:36 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-31 10:36 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-31 10:36 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-31 10:36 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-31 10:36 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-31 10:36 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-31 10:36 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-30 12:43 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-30 12:43 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-30 12:43 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-30 12:43 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-30 12:37 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-12-30 12:33 - 2013-12-30 12:33 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-30 12:33 - 2013-12-30 12:33 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-30 12:33 - 2013-12-30 12:33 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-30 12:33 - 2013-12-30 12:33 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-30 12:33 - 2013-12-30 12:33 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-30 12:33 - 2013-12-30 12:33 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-30 12:33 - 2013-12-30 12:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-30 12:25 - 2013-09-04 13:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-12-30 12:25 - 2013-09-04 13:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-12-30 12:25 - 2013-09-04 13:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-12-30 12:25 - 2013-09-04 13:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-12-30 12:25 - 2013-09-04 13:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-12-30 12:25 - 2013-09-04 13:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-12-30 12:25 - 2013-09-04 13:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-12-30 11:09 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-30 11:09 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-30 11:09 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-30 11:09 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-30 11:09 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-30 11:08 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-30 11:08 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-30 11:08 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-30 11:08 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-30 11:08 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-30 11:08 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-30 11:08 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-12-30 11:08 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-12-30 11:08 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-12-30 11:08 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-30 11:08 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-12-30 11:08 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-30 11:08 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-12-30 11:08 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-30 11:08 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-30 11:08 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-30 11:08 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-30 11:08 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-12-30 11:08 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-12-30 11:08 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-12-30 11:08 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-12-30 11:08 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-12-30 11:08 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-30 11:08 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-12-30 11:08 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-12-30 11:08 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-12-30 11:08 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-30 11:08 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-12-30 11:08 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-12-30 11:08 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-12-30 11:08 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-12-30 11:08 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-12-30 11:08 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-12-30 11:08 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-12-30 11:08 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-12-30 11:08 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-12-30 11:08 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-12-30 11:08 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-12-30 11:08 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-12-30 11:08 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-12-30 11:08 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-12-30 11:08 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-12-30 11:08 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-12-30 11:08 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-12-29 20:32 - 2013-11-24 18:48 - 00001374 _____ C:\Users\silversurfer\Desktop\Windows 8.1 Pro x64.lnk
2013-12-29 20:19 - 2013-12-29 20:19 - 00000000 ____D C:\Users\silversurfer\Documents\mobackups
2013-12-14 13:57 - 2013-12-14 13:57 - 00000000 ____D C:\Users\silversurfer\AppData\Roaming\Mozilla
==================== One Month Modified Files and Folders =======
2014-01-10 13:58 - 2014-01-10 13:58 - 00022134 _____ C:\Users\silversurfer\Desktop\FRST.txt
2014-01-10 13:58 - 2014-01-10 13:58 - 00000000 ____D C:\FRST
2014-01-10 13:36 - 2013-10-03 10:41 - 00000000 ____D C:\Program Files (x86)\Image-Line
2014-01-10 13:36 - 2013-10-02 20:21 - 00000000 ____D C:\Users\silversurfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2014-01-10 13:28 - 2011-12-12 16:15 - 00000000 ____D C:\Users\silversurfer\AppData\Roaming\Notepad++
2014-01-10 13:06 - 2013-07-25 20:41 - 00000000 ____D C:\Program Files (x86)\Abloadtool
2014-01-10 12:32 - 2012-07-09 13:54 - 02005172 ____N C:\Windows\WindowsUpdate.log
2014-01-10 12:29 - 2009-07-14 05:45 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-10 12:29 - 2009-07-14 05:45 - 00021248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-10 12:15 - 2013-06-25 21:24 - 00003246 _____ C:\Windows\System32\Tasks\AIDA64 AutoStart
2014-01-10 12:15 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-10 12:14 - 2011-12-21 09:46 - 01571194 _____ C:\Windows\system32\oodbs.lor
2014-01-10 11:17 - 2011-11-25 21:59 - 00000000 ____D C:\Users\silversurfer\AppData\Roaming\AIMP
2014-01-09 22:50 - 2011-12-01 11:14 - 00000000 ____D C:\Program Files (x86)\PC Tools Registry Mechanic
2014-01-09 17:42 - 2011-04-12 08:43 - 00699432 _____ C:\Windows\system32\perfh007.dat
2014-01-09 17:42 - 2011-04-12 08:43 - 00149572 _____ C:\Windows\system32\perfc007.dat
2014-01-09 17:42 - 2009-07-14 06:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-09 12:11 - 2013-01-06 11:52 - 00000000 ____D C:\Users\silversurfer\.rs
2014-01-07 20:45 - 2013-08-18 19:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-07 17:52 - 2013-04-21 10:49 - 00000000 ____D C:\Program Files (x86)\JDownloader 2
2014-01-07 12:59 - 2011-11-25 22:51 - 00000000 ____D C:\Users\silversurfer\.VirtualBox
2014-01-06 13:14 - 2014-01-06 13:14 - 00000842 _____ C:\Users\silversurfer\Desktop\Trojaner.lnk
2014-01-06 12:45 - 2013-04-09 12:06 - 00000000 ____D C:\Users\silversurfer\Desktop\Ablage
2014-01-06 12:25 - 2013-04-17 12:36 - 00000000 ____D C:\Program Files (x86)\Steinberg
2014-01-06 12:25 - 2011-11-26 19:59 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2014-01-06 12:24 - 2011-12-19 14:22 - 00000000 ____D C:\Program Files (x86)\Sophos
2014-01-06 12:22 - 2011-12-24 10:54 - 00000000 ____D C:\Program Files (x86)\MAGIX
2014-01-05 20:38 - 2011-11-28 18:28 - 00000000 ____D C:\Program Files (x86)\Adobe
2014-01-05 18:20 - 2014-01-05 18:20 - 00000000 ____D C:\Windows\ERUNT
2014-01-05 15:34 - 2014-01-05 15:34 - 00000000 ____D C:\Users\silversurfer\Documents\Benutzerdefinierte Office-Vorlagen
2014-01-05 14:51 - 2014-01-05 14:51 - 00000000 _____ C:\Users\silversurfer\defogger_reenable
2014-01-05 14:51 - 2011-11-25 17:15 - 00000000 ____D C:\Users\silversurfer
2014-01-05 13:58 - 2011-11-26 17:59 - 00000000 ____D C:\Users\silversurfer\AppData\Roaming\vlc
2014-01-04 20:18 - 2014-01-10 13:57 - 01931368 _____ (Farbar) C:\Users\silversurfer\Desktop\FRST64.exe
2014-01-04 18:05 - 2011-11-25 21:56 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-04 18:05 - 2009-07-14 03:34 - 00000478 _____ C:\Windows\win.ini
2014-01-04 16:27 - 2014-01-04 16:27 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-01-04 16:25 - 2014-01-04 16:25 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2014-01-04 16:25 - 2011-04-12 08:54 - 00000000 ____D C:\Windows\ShellNew
2014-01-04 16:25 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2014-01-04 16:24 - 2014-01-04 16:24 - 00000000 ____D C:\Windows\PCHEALTH
2014-01-04 16:24 - 2014-01-04 16:24 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2014-01-04 16:24 - 2014-01-04 16:24 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2014-01-04 16:24 - 2014-01-04 16:22 - 00000000 ____D C:\Program Files\Microsoft Office
2014-01-04 16:23 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\System
2014-01-04 16:22 - 2014-01-04 16:22 - 00000000 __RHD C:\MSOCache
2014-01-04 16:22 - 2014-01-04 16:22 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2014-01-04 16:22 - 2014-01-04 16:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2014-01-04 16:22 - 2011-11-25 21:56 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2014-01-04 16:18 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2014-01-03 22:12 - 2013-08-27 17:17 - 00000000 ____D C:\Users\silversurfer\AppData\Roaming\Media Player Classic
2014-01-03 22:12 - 2011-11-25 17:09 - 00000000 ____D C:\Windows\Panther
2013-12-31 13:23 - 2011-11-29 16:54 - 00000000 ____D C:\Users\silversurfer\Documents\Snagit
2013-12-31 10:36 - 2011-11-25 18:37 - 01594028 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-12-30 16:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-30 12:50 - 2011-11-25 17:16 - 00001425 _____ C:\Users\silversurfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-30 12:45 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-30 12:33 - 2013-12-30 12:33 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-30 12:33 - 2013-12-30 12:33 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-30 12:33 - 2013-12-30 12:33 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-30 12:33 - 2013-12-30 12:33 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-30 12:33 - 2013-12-30 12:33 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-30 12:33 - 2013-12-30 12:33 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-30 12:33 - 2013-12-30 12:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-30 12:33 - 2013-12-30 12:33 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-30 12:33 - 2013-12-30 12:33 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-30 12:29 - 2013-07-27 20:34 - 00000000 ____D C:\Windows\system32\MRT
2013-12-30 10:59 - 2013-04-28 22:31 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-12-30 10:56 - 2012-04-05 08:37 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-30 10:56 - 2011-11-28 21:12 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-29 20:27 - 2011-11-25 18:39 - 00000000 ____D C:\Program Files\CCleaner
2013-12-29 20:19 - 2013-12-29 20:19 - 00000000 ____D C:\Users\silversurfer\Documents\mobackups
2013-12-29 20:03 - 2011-04-12 08:54 - 00000000 ____D C:\Windows\CSC
2013-12-29 20:00 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Msdtc
2013-12-14 13:57 - 2013-12-14 13:57 - 00000000 ____D C:\Users\silversurfer\AppData\Roaming\Mozilla
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-30 12:15
==================== End Of Log ============================
--- --- --- --- --- --- Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-01-2014
Ran by silversurfer at 2014-01-10 13:58:57
Running from C:\Users\silversurfer\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Symantec Endpoint Protection (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Symantec Endpoint Protection (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Symantec Endpoint Protection (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
==================== Installed Programs ======================
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0 - Igor Pavlov)
888poker (x32 Version: - )
abylon EXIF-CLEANER 2013 (x32 Version: 2013 - abylonsoft)
Adobe Acrobat X Pro - English, Français, Deutsch (x32 Version: 10.1.8 - Adobe Systems)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.149 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Photoshop CS5.1 (x32 Version: 12.1 - Adobe Systems Incorporated)
AIDA64 Extreme Edition v2.00 (x32 Version: 2.00 - FinalWire Ltd.)
AIMP2 (x32 Version: - AIMP DevTeam)
AIMP2: Audio Tools (x32 Version: - AIMP DevTeam)
AMD Accelerated Video Transcoding (Version: 12.5.100.21116 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1016.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (Version: 8.0.891.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.71116.1554 - Advanced Micro Devices, Inc.) Hidden
ANNO 1404 - Venedig (x32 Version: 2.0.5008.0 - Ubisoft)
Anno 1404 (x32 Version: 1.00.0000 - Ubisoft) Hidden
ANNO 1404 (x32 Version: 1.02.0000 - Ubisoft)
AnVir Task Manager (x32 Version: 6.3.1 - AnVir Software)
Battlefield 4™ (x32 Version: 1.0.0.0 - Electronic Arts)
BioShock 2 (x32 Version: 1.00.0000 - 2K Games)
CamStudio OSS Desktop Recorder (x32 Version: 2.6 Beta r294 - CamStudio Open Source Dev Team)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2012.1116.1515.27190 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
CCleaner (Version: 4.08 - Piriform)
CheshireCat's One Click Thumbnailer (x32 Version: 1.00.0000 - CheshireCat)
dBpoweramp [Calculate Audio CRC] Codec (x32 Version: - )
dBpoweramp Dalet Codec (x32 Version: - )
dBpoweramp DSP Effects (x32 Version: Release 6 - Illustrate)
dBpoweramp FLAC Codec (x32 Version: Release 12 (FLAC 1.2.1) - Illustrate)
dBpoweramp Monkeys Audio Codec (x32 Version: - )
dBpoweramp Mp2 and BwfMp2 codec (x32 Version: - )
dBpoweramp mp3 (Fraunhofer IIS) Codec (x32 Version: Release 2a (v4.0.3) - Illustrate)
dBpoweramp Music Converter (x32 Version: Release 14 - Illustrate)
dBpoweramp Ogg Vorbis Codec (x32 Version: Release 19 (Vorbis v1.2.0) - Illustrate)
dBpoweramp Real Audio (Helix) Encoder (x32 Version: - )
dBPoweramp tooLame MP2 codec (x32 Version: - )
dBpoweramp Wave64 Codec (x32 Version: - )
dBpoweramp WavPack Codec (x32 Version: - )
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (Version: - Microsoft)
DivX-Setup (x32 Version: 2.6.1.44 - DivX, LLC)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
F1 2013 German (x32 Version: 1 - )
FIFA 14 Ultimate Edition MULTI-14 1.2.0 (x32 Version: - )
Filters Unlimited 2.0 (x32 Version: - )
Full Tilt Poker.Eu (x32 Version: 4.55.4.WIN.FullTilt.EU - )
GEAR driver installer for AMD64 and Intel EM64T (Version: 2.003.1 - GEAR Software, Inc.)
Google Update Helper (x32 Version: 1.3.21.79 - Google Inc.) Hidden
ID3-TagIT 3 (x32 Version: 3 - Michael Pluemper)
Index.dat Analyzer v2.5 (x32 Version: 2.5 - Systenance Software)
Java 7 Update 25 (x32 Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
JDownloader 2 (x32 Version: 2 - AppWork GmbH)
K-Lite Codec Pack 10.0.0 Full (x32 Version: 10.0.0 - )
Logitech SetPoint 6.32 (Version: 6.32.20 - Logitech)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
MediaInfo 0.7.64 (Version: 0.7.64 - MediaArea.net)
MegaTrainer eXperience V1.0.0.5 (x32 Version: - )
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Baseline Security Analyzer 2.2 (Version: 2.2.2170 - Microsoft Corporation)
Microsoft DCF MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Groove MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Word MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
MixMeister Fusion Demo 7.4.4 (x32 Version: - MixMeister Technology LLC)
Mozilla Firefox 15.0.1 (x86 de) (x32 Version: 15.0.1 - Mozilla)
MSU Screen Capture Lossless Codec v1.2 (Remove Only) (x32 Version: - )
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0 - Microsoft Corporation)
MyPhoneExplorer (x32 Version: 1.8.5 - F.J. Wechselberger)
Nero 7 Ultra Edition (x32 Version: 7.02.9753 - Nero AG)
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
NetSpeedMonitor 2.5.4.0 x64 (Version: 2.5.4.0 - Florian Gilles)
Netzmanager (Version: 1.071 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
Notepad++ (x32 Version: 5.9.6.2 - )
O&O Defrag Professional (Version: 15.0.73 - O&O Software GmbH)
OpenAL (x32 Version: - )
Opera 12.16 (x32 Version: 12.16.1860 - Opera Software ASA)
Oracle VM VirtualBox 4.2.16 (Version: 4.2.16 - Oracle Corporation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PC Tools Registry Mechanic 11.0 (x32 Version: 11.0 - PC Tools)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
QuickSFV (Remove only) (Version: - )
RapidShare Manager 2 (x32 Version: 2 - RapidShare AG)
Samsung Kies (x32 Version: 2.1.0.11095_121 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.1.0.11095_121 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
Snagit 10.0.1 (x32 Version: 10.0.1 - TechSmith Corporation)
SpeedCommander 14 (x64) (Version: 14.61.7350 - SWE Sven Ritter)
Spybot - Search & Destroy (x32 Version: 2.0.12 - Safer-Networking Ltd.)
Stardock Software (x32 Version: 1.00 - Stardock Corporation) Hidden
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
SurfMusik 3.1a (x32 Version: 3.1a - Marcus Schmitt)
Symantec Endpoint Protection (Version: 12.1.671.4971 - Symantec Corporation)
Theatron Agrippa (Version: - )
UltraEdit (x32 Version: 17.10.1010 - IDM Computer Solutions, Inc.)
UltraEdit (x32 Version: 17.10.1010 - IDM Computer Solutions, Inc.) Hidden
UltraISO Premium V9.52 (x32 Version: - )
Universal Adb Driver (x32 Version: 1.0.0 - ClockworkMod)
Unlocker 1.9.1-x64 (Version: 1.9.1 - Cedrick Collomb)
Update for Microsoft Access 2013 (KB2768008) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Access 2013 (KB2827233) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft InfoPath 2013 (KB2837648) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2817678) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2738038) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760242) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760267) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760539) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760553) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817314) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817626) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2826004) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827225) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827230) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837626) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837637) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837638) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2850066) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2767850) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Project 2013 (KB2727085) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2837635) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft SkyDrive Pro (KB2817495) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft SkyDrive Pro (KB2837652) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Visio 2013 (KB2817306) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2850060) 64-Bit Edition (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.0.6 (x32 Version: 2.0.6 - VideoLAN)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0 - Microsoft Corporation)
WinPcap 4.1.3 (x32 Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.00 (64-Bit) (Version: 5.00.0 - win.rar GmbH)
Wireshark 1.10.2 (64-bit) (x32 Version: 1.10.2 - The Wireshark developer community, hxxp://www.wireshark.org)
Xvid Video Codec (x32 Version: 1.3.2 - Xvid Team)
ZoneAlarm Firewall (x32 Version: 11.0.000.057 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Security (x32 Version: 11.0.000.504 - Check Point Software Technologies Ltd.) Hidden
==================== Restore Points =========================
==================== Hosts content: ==========================
2013-04-18 11:18 - 2014-01-10 13:28 - 00000791 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {239DFFB1-C095-431C-A56A-A32D753967B1} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {2F219821-3EFD-46F2-B2F1-EF3C8F9DA243} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: {301B41BB-6EDA-439E-AB42-21E53825839A} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12] (Oracle Corporation)
Task: {3DA2EAB6-3FC4-4FC1-B4C3-F1234CB10806} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {6C15BA14-B28B-4A72-9AA8-B3F8DA262C67} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {859DF0C7-B0E0-46EB-B33A-4FD7E4A6E688} - System32\Tasks\RMSmartUpdate => C:\Program Files (x86)\PC Tools Registry Mechanic\Update.exe [2011-10-25] (PC Tools)
Task: {9AD9E316-3CFD-4D30-A8C2-3D8B57F94B60} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {A978F501-9BDA-49BB-8742-D033DA5ADD13} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {AE98D1D1-EB09-4A5B-B62E-B9CB67C6EAF8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {B4DC2474-F865-4FB3-8018-AF8BCDE045C2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {B5DE482C-65DA-4B03-B070-C62F531D9457} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {B6A272BA-0A0F-4CD1-A924-8135C83670DB} - System32\Tasks\AIDA64 AutoStart => C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.exe [2011-10-25] (FinalWire Ltd.)
Task: {BE60BFCF-1F31-42D7-840C-9D5F600A1C73} - System32\Tasks\AdobeAAMUpdater-1.0-marcel-silversurfer => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2012-09-20] (Adobe Systems Incorporated)
==================== Loaded Modules (whitelisted) =============
2011-12-01 11:28 - 2010-09-22 21:20 - 00776704 _____ () C:\Program Files (x86)\Stardock\ObjectDockPlus2\Dock64.dll
2010-07-15 05:44 - 2010-07-15 05:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2011-06-14 17:10 - 2011-06-14 17:10 - 00115200 _____ () C:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ue64ctmn.dll
2011-07-18 22:04 - 2011-07-18 22:04 - 00301568 _____ () C:\Program Files (x86)\Notepad++\NppShell_04.dll
2011-10-07 10:39 - 2011-10-07 10:39 - 01304856 _____ () C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
2013-06-18 14:49 - 2013-06-18 14:49 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2012-11-16 15:09 - 2012-11-16 15:09 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-04-28 22:31 - 2012-11-13 13:06 - 00108960 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-04-28 22:31 - 2012-11-13 13:06 - 00416160 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-04-28 22:31 - 2012-11-13 13:06 - 00158624 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-04-28 22:31 - 2012-08-23 08:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-04-28 22:31 - 2012-11-13 13:06 - 00528288 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl
2011-12-01 11:28 - 2010-10-01 02:50 - 00675840 _____ () C:\Program Files (x86)\Stardock\ObjectDockPlus2\DockShellHook.dll
2013-04-28 22:31 - 2012-11-13 13:06 - 00554400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl
2011-12-01 11:28 - 2011-12-01 11:31 - 00807936 _____ () C:\Program Files (x86)\Stardock\ObjectDockPlus2\CrashRpt.dll
2011-12-01 11:28 - 2010-03-09 22:58 - 00053760 _____ () C:\Program Files (x86)\Stardock\ObjectDockPlus2\zlib.dll
2013-12-29 20:11 - 2012-09-06 02:25 - 02244064 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-12-30 10:56 - 2013-12-30 10:56 - 16242056 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SepMasterService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmcService => ""="Service"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/10/2014 01:57:15 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
System errors:
=============
Microsoft Office Sessions:
=========================
Error: (01/10/2014 01:57:15 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestE:\Private Sachen\Trojaner\esetsmartinstaller_deu.exe
CodeIntegrity Errors:
===================================
Date: 2014-01-10 12:51:02.913
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sysfer.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-10 12:15:02.566
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sysfer.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-10 11:00:26.332
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sysfer.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-09 10:12:21.054
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sysfer.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-09 10:03:33.713
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sysfer.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-08 17:20:04.056
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sysfer.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-08 11:57:46.874
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sysfer.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-07 12:19:44.738
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sysfer.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-07 00:12:00.622
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sysfer.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-06 13:18:37.434
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sysfer.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 61%
Total physical RAM: 4095.05 MB
Available physical RAM: 1586.05 MB
Total Pagefile: 8188.29 MB
Available Pagefile: 5101.74 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:186.21 GB) (Free:126.72 GB) NTFS
Drive e: (Laufwerk) (Fixed) (Total:931.51 GB) (Free:228.68 GB) NTFS
Drive k: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 68666768)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 186 GB) (Disk ID: 5906C79D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=186 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Danke schonmal jetzt für deine Hilfe. Hoffe wir kriegen das wieder hin... |
|
10.01.2014, 14:45
| #7 |
| /// TB-Ausbilder | Windows 7 - Temp-Ordner verdächtiges Verhalten ok. Scan mit Combofix
__________________ cheers, Leo |
|
10.01.2014, 16:21
| #8 |
| | Windows 7 - Temp-Ordner verdächtiges Verhalten Hi Leo  ComboFix ausgeführt, hat etwas gedauert. Ich hatte heute Mittag mal beobachtet mit Speedcommander und geöffnetetm Temp Verzeichnis und dem geöffneten Anvir TaskManager was die routine macht. Ich glaube das die Datei rundll32.exe damit was zu tun hat und sich tarnt mit dem Virus. Achso und bei ComboFix hat er gemeckert das SpyBot nicht geschlossen ist habs aber beendet gehabt. ComboFix: Code:
ATTFilter ComboFix 14-01-08.03 - silversurfer 10.01.2014 15:57:15.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.49.1031.18.4095.1342 [GMT 1:00]
ausgeführt von:: c:\users\silversurfer\Desktop\ComboFix.exe
AV: Symantec Endpoint Protection *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Symantec Endpoint Protection *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Symantec Endpoint Protection *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\System32\MASetupCleaner.exe
c:\windows\SysWow64\System32\muzapp.exe
c:\windows\wininit.ini
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-12-10 bis 2014-01-10 ))))))))))))))))))))))))))))))
.
.
2014-01-10 15:05 . 2014-01-10 15:05 8646 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TILEBOX.JS
2014-01-10 15:05 . 2014-01-10 15:05 6429 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UICORE.JS
2014-01-10 15:05 . 2014-01-10 15:05 63115 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\USERTILE.JS
2014-01-10 15:05 . 2014-01-10 15:05 4599 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UIRESOURCE.JS
2014-01-10 15:05 . 2014-01-10 15:05 9310 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXTBOX.JS
2014-01-10 15:05 . 2014-01-10 15:05 8613 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\SAVEDUSER.JS
2014-01-10 15:05 . 2014-01-10 15:05 8288 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\IMAGE.JS
2014-01-10 15:05 . 2014-01-10 15:05 6910 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\NEWUSERCOMM.JS
2014-01-10 15:05 . 2014-01-10 15:05 6208 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LINK.JS
2014-01-10 15:05 . 2014-01-10 15:05 5927 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXT.JS
2014-01-10 15:05 . 2014-01-10 15:05 18541 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LOCALIZATION.JS
2014-01-10 15:05 . 2014-01-10 15:05 1651 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\QUERYSTRING.JS
2014-01-10 15:04 . 2014-01-10 15:04 8782 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\BUTTON.JS
2014-01-10 15:04 . 2014-01-10 15:04 7271 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\CHECKBOX.JS
2014-01-10 15:04 . 2014-01-10 15:04 51852 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\EXTERNALWRAPPER.JS
2014-01-10 15:04 . 2014-01-10 15:04 23327 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\COMBOBOX.JS
2014-01-10 15:04 . 2014-01-10 15:04 20719 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\DIVWRAPPER.JS
2014-01-10 15:02 . 2014-01-10 15:02 -------- d-----w- c:\users\silversurfer\AppData\Local\temp
2014-01-10 15:02 . 2014-01-10 15:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-10 12:58 . 2014-01-10 12:58 -------- d-----w- C:\FRST
2014-01-07 12:28 . 2012-09-06 01:26 266720 ----a-w- c:\program files (x86)\Mozilla Firefox\components\browsercomps.dll
2014-01-07 12:28 . 2012-09-06 01:24 770384 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr100.dll
2014-01-07 12:28 . 2012-09-06 01:24 421200 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp100.dll
2014-01-07 12:28 . 2012-09-06 01:24 73696 ----a-w- c:\program files (x86)\Mozilla Firefox\breakpadinjector.dll
2014-01-06 11:22 . 2014-01-06 11:22 -------- d-----w- c:\users\silversurfer\AppData\Local\Xara
2014-01-05 17:20 . 2014-01-05 17:20 -------- d-----w- c:\windows\ERUNT
2014-01-04 17:07 . 2014-01-04 17:07 -------- d-----w- c:\program files\Microsoft.NET
2014-01-04 15:25 . 2014-01-04 15:25 -------- d-----w- c:\program files\Common Files\DESIGNER
2014-01-04 15:24 . 2014-01-04 15:24 -------- d-----w- c:\program files (x86)\Microsoft SQL Server
2014-01-04 15:24 . 2014-01-04 15:24 -------- d-----w- c:\programdata\regid.1991-06.com.microsoft
2014-01-04 15:24 . 2014-01-04 15:24 -------- d-----w- c:\program files\Microsoft SQL Server
2014-01-04 15:24 . 2014-01-04 15:24 -------- d-----w- c:\windows\PCHEALTH
2014-01-04 15:22 . 2014-01-04 15:22 -------- d-----w- c:\program files\Microsoft Analysis Services
2014-01-04 15:22 . 2014-01-04 15:22 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2014-01-04 15:22 . 2014-01-04 15:24 -------- d-----w- c:\program files\Microsoft Office
2014-01-04 15:22 . 2014-01-04 15:22 -------- d-----r- C:\MSOCache
2013-12-30 11:43 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2013-12-30 11:43 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2013-12-30 11:43 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2013-12-30 11:43 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2013-12-30 11:43 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2013-12-30 11:38 . 2013-12-30 11:38 -------- d-----w- c:\windows\Migration
2013-12-30 11:37 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-12-30 11:25 . 2013-09-04 12:12 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-12-30 11:25 . 2013-09-04 12:11 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-12-30 11:25 . 2013-09-04 12:11 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-12-30 11:25 . 2013-09-04 12:11 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-12-30 11:25 . 2013-09-04 12:11 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-12-30 11:25 . 2013-09-04 12:11 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-12-30 11:25 . 2013-09-04 12:11 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-12-30 10:09 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll
2013-12-30 10:09 . 2013-10-30 02:19 301568 ----a-w- c:\windows\SysWow64\msieftp.dll
2013-12-30 10:09 . 2013-10-30 01:24 3155968 ----a-w- c:\windows\system32\win32k.sys
2013-12-30 10:09 . 2013-11-23 18:26 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-12-30 10:09 . 2013-11-23 17:47 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-12-29 19:20 . 2013-12-29 19:20 -------- d-----w- c:\users\silversurfer\AppData\Local\mobackups
2013-12-29 19:12 . 2012-09-06 01:25 68576 ----a-w- c:\program files (x86)\Mozilla Firefox\mozglue.dll
2013-12-29 19:12 . 2012-09-06 01:25 192600 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
2013-12-29 19:12 . 2012-09-06 01:25 114144 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice.exe
2013-12-29 19:12 . 2012-09-06 01:25 2288608 ----a-w- c:\program files (x86)\Mozilla Firefox\gkmedias.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-30 09:56 . 2012-04-05 07:37 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-30 09:56 . 2011-11-28 20:12 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-01 13:42 . 2011-11-25 17:14 90708896 ----a-w- c:\windows\system32\MRT.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-11-02 11:35 1727176 ----a-w- c:\progra~2\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-11-02 11:35 1727176 ----a-w- c:\progra~2\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-11-02 11:35 1727176 ----a-w- c:\progra~2\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spybot-S&D Cleaning"="c:\program files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" [2012-11-13 3713032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2012-11-13 3825176]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-11-16 641704]
.
c:\users\silversurfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Netzmanager.lnk - c:\program files\Netzmanager\netzmanager.exe /Autostart [2012-7-20 14134784]
Stardock ObjectDock.lnk - c:\program files (x86)\Stardock\ObjectDockPlus2\ObjectDock.exe [2011-12-1 4142448]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Snagit 10.lnk - c:\program files (x86)\TechSmith\Snagit 10\Snagit32.exe [2011-3-21 7067464]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys;c:\windows\SYSNATIVE\drivers\Apowersoft_AudioDevice.sys [x]
R3 aswArKrn;aswArKrn;c:\temp\aswArKrn.sys;c:\temp\aswArKrn.sys [x]
R3 cpuz136;cpuz136;c:\temp\cpuz136\cpuz136_x64.sys;c:\temp\cpuz136\cpuz136_x64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\SysWOW64\FsUsbExDisk.SYS;c:\windows\SysWOW64\FsUsbExDisk.SYS [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MEMSWEEP2;MEMSWEEP2;c:\windows\system32\F892.tmp;c:\windows\SYSNATIVE\F892.tmp [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RAMDiskVE;RAMDiskVE;c:\windows\system32\Drivers\RAMDiskVE.sys;c:\windows\SYSNATIVE\Drivers\RAMDiskVE.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtwlanu.sys;c:\windows\SYSNATIVE\DRIVERS\rtwlanu.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 SyDvCtrl;SyDvCtrl;c:\program files (x86)\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin64\SyDvCtrl64.sys;c:\program files (x86)\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin64\SyDvCtrl64.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TelekomNM6;Telekom Netzmanager Packet Filter Driver;c:\program files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys;c:\program files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys;c:\windows\SYSNATIVE\Drivers\VBoxUSB.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\Drivers\SEP\0C01029F\136B.105\x64\SYMDS64.SYS;c:\windows\SYSNATIVE\Drivers\SEP\0C01029F\136B.105\x64\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\Drivers\SEP\0C01029F\136B.105\x64\SYMEFA64.SYS;c:\windows\SYSNATIVE\Drivers\SEP\0C01029F\136B.105\x64\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Data\Definitions\BASHDefs\20131203.011\BHDrvx64.sys;c:\programdata\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Data\Definitions\BASHDefs\20131203.011\BHDrvx64.sys [x]
S1 IDSVia64;IDSVia64;c:\programdata\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Data\Definitions\IPSDefs\20140109.001\IDSvia64.sys;c:\programdata\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Data\Definitions\IPSDefs\20140109.001\IDSvia64.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\Drivers\SEP\0C01029F\136B.105\x64\Ironx64.SYS;c:\windows\SYSNATIVE\Drivers\SEP\0C01029F\136B.105\x64\Ironx64.SYS [x]
S1 SYMNETS;Symantec Network Security WFP Driver;c:\windows\system32\Drivers\SEP\0C01029F\136B.105\x64\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\SEP\0C01029F\136B.105\x64\SYMNETS.SYS [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 Netzmanager Service;Netzmanager Infrastruktur Informationssystem Dienst;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe ;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
S2 OODefragAgent;O&O Defrag;c:\program files\OO Software\Defrag\oodag.exe;c:\program files\OO Software\Defrag\oodag.exe [x]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [x]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
S2 SepMasterService;Symantec Endpoint Protection;c:\program files (x86)\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin\ccSvcHst.exe;c:\program files (x86)\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin\ccSvcHst.exe [x]
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;c:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64;c:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RTL8023x64;Realtek 10/100-Netzwerkkartenfamilie-NDIS-x64-Treiber;c:\windows\system32\DRIVERS\Rtnic64.sys;c:\windows\SYSNATIVE\DRIVERS\Rtnic64.sys [x]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-11-02 11:30 2331336 ----a-w- c:\progra~1\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-11-02 11:30 2331336 ----a-w- c:\progra~1\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-11-02 11:30 2331336 ----a-w- c:\progra~1\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CmPCIaudio"="c:\windows\Syswow64\CMICNFG3.dll" [2009-10-30 8151040]
"Cmaudio8768GX"="c:\windows\syswow64\HsMgr.exe" [2009-09-24 200704]
"Cmaudio8768GX64"="c:\windows\system\HsMgr64.exe" [2009-09-24 282112]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]
"OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2011-09-18 3993416]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984D045-52CF-49cd-DB77-08F378FEA4DB}"= "c:\program files (x86)\Stardock\ObjectDockPlus2\ODMenu64.dll" [2010-03-24 633200]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - c:\progra~1\Microsoft Office\Office15\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\Microsoft Office\Office15\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\
FF - ExtSQL: 2013-11-15 10:28; dnscache@dominik.jungowski; c:\users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\extensions\dnscache@dominik.jungowski.xpi
FF - ExtSQL: 2013-11-18 11:38; {b9db16a4-6edc-47ec-a1f4-b86292ed211d}; c:\users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - ExtSQL: 2013-12-14 14:31; {c45c406e-ab73-11d8-be73-000a95be3b12}; c:\users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
FF - ExtSQL: 2013-12-17 17:19; {fe272bd1-5f76-4ea4-8501-a05d35d823fc}; c:\users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi
FF - ExtSQL: 2013-12-22 09:01; firefox@ghostery.com; c:\users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\extensions\firefox@ghostery.com
FF - ExtSQL: 2013-12-22 09:06; donottrackplus@abine.com; c:\users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\extensions\donottrackplus@abine.com
FF - ExtSQL: 2013-12-28 11:49; smarterwiki@wikiatic.com; c:\users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\extensions\smarterwiki@wikiatic.com.xpi
FF - ExtSQL: 2013-12-28 15:37; web2pdfextension@web2pdf.adobedotcom; c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF - ExtSQL: 2014-01-03 14:52; {45d8ff86-d909-11db-9705-005056c00008}; c:\users\silversurfer\AppData\Roaming\Mozilla\Firefox\Profiles\jn3xafel.default\extensions\{45d8ff86-d909-11db-9705-005056c00008}.xpi
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Notify-SDWinLogon - SDWinLogon.dll
Notify-SEP - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-dBpoweramp Dalet Codec - c:\windows\system32\SpoonUninstall.exe
AddRemove-dBpoweramp DSP Effects - c:\windows\system32\SpoonUninstall.exe
AddRemove-dBpoweramp FLAC Codec - c:\windows\system32\SpoonUninstall.exe
AddRemove-dBpoweramp Monkeys Audio Codec - c:\windows\system32\SpoonUninstall.exe
AddRemove-dBpoweramp Mp2 and BwfMp2 codec - c:\windows\system32\SpoonUninstall.exe
AddRemove-dBpoweramp mp3 (Fraunhofer IIS) Codec - c:\windows\system32\SpoonUninstall.exe
AddRemove-dBpoweramp Music Converter - c:\windows\system32\SpoonUninstall.exe
AddRemove-dBpoweramp Ogg Vorbis Codec - c:\windows\system32\SpoonUninstall.exe
AddRemove-dBpoweramp Real Audio (Helix) Encoder - c:\windows\system32\SpoonUninstall.exe
AddRemove-dBPoweramp tooLame MP2 codec - c:\windows\system32\SpoonUninstall.exe
AddRemove-dBpoweramp Wave64 Codec - c:\windows\system32\SpoonUninstall.exe
AddRemove-dBpoweramp WavPack Codec - c:\windows\system32\SpoonUninstall.exe
AddRemove-dBpoweramp [Calculate Audio CRC] Codec - c:\windows\system32\SpoonUninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SepMasterService]
"ImagePath"="\"c:\program files (x86)\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin\ccSvcHst.exe\" /s \"Symantec Endpoint Protection\" /m \"c:\program files (x86)\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin\sms.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SmcService]
"ImagePath"="\"c:\program files (x86)\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin64\Smc.exe\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AIDA64Driver]
"ImagePath"="\??\c:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\F892.tmp"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aac\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="MAGIX_MP3DELUXEMX_D.aac"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.alb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FotoManager.10.alb"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cda\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="MAGIX_MP3DELUXEMX_D.cda"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="MAGIXviewer.eps"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flac\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="MAGIX_MP3DELUXEMX_D.flac"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="MAGIXviewer.gif"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="MAGIXviewer.iff"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="MAGIX_MP3DELUXEMX_D.m4a"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="MAGIX_MP3DELUXEMX_D.mp2"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="MAGIX_MP3DELUXEMX_D.mp3"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="MAGIX_MP3DELUXEMX_D.mp4"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ogg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="MAGIX_MP3DELUXEMX_D.ogg"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="MAGIXviewer.pcd"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="MAGIXviewer.png"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="MAGIXviewer.tga"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="MAGIXviewer.tif"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="MAGIXviewer.tiff"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="MAGIX_MP3DELUXEMX_D.wav"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="MAGIX_MP3DELUXEMX_D.wma"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.032"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.abr"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.ani"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.apd"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.arw"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.bay"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.bmp"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.bw"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.cr2"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.crw"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.cs1"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.cur"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.dcr"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.dcx"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.dib"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.djv"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.djvu"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.dng"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.emf"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.eps"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.erf"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.fff"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.gif"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.hdr"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.icl"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.icn"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.iff"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.ilbm"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.int"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.inta"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.iw4"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.j2c"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.j2k"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.jbr"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.jfif"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.jif"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.jp2"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.jpc"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.jpe"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.jpeg"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (S-1-5-21-3145602420-3651000640-3943583174-1000)
@Denied: (2) (LocalSystem)
"Progid"="PhotoViewer.FileAssoc.Jpeg"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.jpk"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.jpx"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.kdc"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.lbm"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.mef"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.mos"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.mrw"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.nef"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.nrw"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.orf"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.pbm"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.pbr"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.pcd"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.pct"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.pcx"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.pef"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.pgm"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.pic"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.pict"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (S-1-5-21-3145602420-3651000640-3943583174-1000)
@Denied: (2) (LocalSystem)
"Progid"="PhotoViewer.FileAssoc.Png"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.ppm"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (S-1-5-21-3145602420-3651000640-3943583174-1000)
@Denied: (2) (LocalSystem)
"Progid"="Photoshop.Image.55"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.psp"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.pspbrush"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.pspimage"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.raf"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.ras"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.raw"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.rgb"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.rgba"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.rle"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.rsb"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.rw2"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.rwl"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.sgi"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.sr2"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.srf"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.srw"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.tga"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.thm"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.tif"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.tiff"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.ttc"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.ttf"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.wbm"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.wbmp"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.wmf"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.xbm"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.xif"
.
[HKEY_USERS\S-1-5-21-3145602420-3651000640-3943583174-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.xpm"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_149_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_149_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_149_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_149_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_149.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_149.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_149.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_149.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG15.00.00.01PROFESSIONAL"="640EBDFBA2EA77A943EAB8663814A66923D13AD3C8C132671E7F777071CEF7403D2D3BFE8F2539B52F7635D55CE71B2ACD4D2B62DBACF6B2EC77EDBD17C800338627A1DAA8A9AA8CA696D7B11DBF755C3943740F197971C996286A685B4DADE86D9444BD8652DBA0F20D76193EF0D8B26BC0900D9116F9C1FC862E4EBE802EF5D17445D933FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98085D575E7D6A3B98088EDD5E5BE2F6E667A2D97226D213B5552492318DA7076B50D4A37FC694E0B1516705954DBA789AAFA6E04A1EA1CB64778E61445B24F0D826155211F8815F72B985925B2D03859289E9D326B3A931C6F305A89864F44DA1DB5EE8E0983562A0755DDF205E69F4A16071CDEBFAB6AE6A16CBB9D9C3E8D13EA7AF0C1BBD858406C5C607B217ED6903230D81AE6791899C1BCDF97748B00B2C332AF6B0B32EB66FE3BAB6A3C0F5D775B630303F20E75EA9B39463A8F561586B9C95F758FC4DBFAEF759B4C879460ABAF1733434FEC71AE88453026305746F0175D8710B4CE4361BA366553F120C9E1A2212F86A9128FE30275FF7E26048D5F3C403D9850CDA898BF84685618F55865D876D7E809C5FA65AA82F7A29289CE75304C63BC7D6FBF7E07E86C3D4AD96875455875AD8942BF9C88962D17A2F18562F21F9B218FD7317F9AFD4A47CD7A73CD13309339BA42C37DE3FB8DC5DFCC4A41BFE95F37F87D44F3DFB83CD853041912B3DBE46332B65720333160C1F4D0EA8B072B8C4CBA917DE95468A7B5C8B86493C0517634FBBBE1222C00564CE8F46918C46A3000DD195D46EE4847DB27578F8E20D27EFE39C87D0AA3BB10042E7245CCEB83E9218A00C17BCA3B03601A9FE8B014DA66226C6ED3C91656D0C10ACBEDD1CFA110108EA1F5E7241F01D7E1BE5BD00326F49916A86B94EFA2C4895EA153E9D3349DEB838D3B60BEFCC3D2BEDDB23481C054266E84AFDDB26088CF2E087F7007C3B58CAC5160205D86FB5C8FB741F48DF8883A7599614390ABCBF0B82DCDC73635BAB24043373619427BA5ED2A86CF34343549B0729DAEBBA2C6086F7BD8E2DEA43AA6D18DC94A334E693B4B45198C104A0124E6F2806FAC05B7ED19A3706E408B1BA955A2BC25939C69AD9162F86AB5130AB8E469C9CF09AF1C11E7D3B0F58A687D64BD597AE0D1B0040A021666AAF5026A66F6FF0F6DE383D615EE09E494823CB0F84CC01DCD1C572069F347CCE53175A9AC808F6C5577FAF2CC93E1B27F7D0A7027BB22925BC17218430DEDE1299334A34B45E638BF2C75C02DE404E72B073E9692D313735676232E671E75B65902513B31273CD9E4DDFFCD75CC739473FC8030E5823B40E706F716CC34926CDC4DF796C86FE32AA8587ED39C565419275FA89CD85"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\CurrentVersion]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Symantec\Symantec Endpoint Protection\CurrentVersion]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-01-10 16:10:48 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2014-01-10 15:10
.
Vor Suchlauf: 8 Verzeichnis(se), 135.877.570.560 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 135.734.943.744 Bytes frei
.
- - End Of File - - 84DBA60970066459F1BED411D8BB1D36
A36C5E4F47E84449FF07ED3517B43A31
Geändert von Scotty7 (10.01.2014 um 16:53 Uhr) |
|
10.01.2014, 16:24
| #9 |
| /// TB-Ausbilder | Windows 7 - Temp-Ordner verdächtiges Verhalten ok. Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ cheers, Leo |
|
10.01.2014, 16:48
| #10 |
| | Windows 7 - Temp-Ordner verdächtiges Verhalten Hmmm, da hat er nichts gefunden... mbar-log-2014-01-10 (16-35-59) Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.07.0.1008
www.malwarebytes.org
Database version: v2014.01.10.05
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
silversurfer :: MARCEL [administrator]
10.01.2014 16:35:59
mbar-log-2014-01-10 (16-35-59).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 250354
Time elapsed: 9 minute(s), 18 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
10.01.2014, 17:03
| #11 |
| /// TB-Ausbilder | Windows 7 - Temp-Ordner verdächtiges Verhalten Ok. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter Folder: C:\Temp
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ cheers, Leo |
|
10.01.2014, 17:13
| #12 |
| | Windows 7 - Temp-Ordner verdächtiges Verhalten Fixlist.txt Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-01-2014
Ran by silversurfer at 2014-01-10 17:08:59 Run:1
Running from C:\Users\silversurfer\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Folder: C:\Temp
*****************
========================= Folder: C:\Temp ========================
2014-01-10 16:14 - 2014-01-10 16:14 - 0012100 ____T () C:\Temp\BCG316C.tmp
2014-01-04 10:14 - 2014-01-04 10:14 - 0000000 _____ () C:\Temp\FXSAPIDebugLogFile.txt
2014-01-10 17:08 - 2014-01-10 17:08 - 0000089 _____ () C:\Temp\log111
2014-01-10 17:08 - 2014-01-10 17:08 - 0000100 _____ () C:\Temp\users00
====== End of Folder: ======
==== End of Fixlog ====
Die Datei FXSAPIDebugLogFile.txt ist mit dem Explorer geöffnet, mehr Dateien hab ich dort nicht drinnen. |
|
10.01.2014, 17:33
| #13 |
| /// TB-Ausbilder | Windows 7 - Temp-Ordner verdächtiges Verhalten Und die anderen beiden Dateien wurden von FRST erstellt. Schritt 1
Schritt 2 ESET Online Scanner
__________________ cheers, Leo |
|
11.01.2014, 07:08
| #14 |
| | Windows 7 - Temp-Ordner verdächtiges Verhalten Gut OK. So der Malwarebytes Log, wie gewünscht. Code:
ATTFilter Malwarebytes Anti-Malware (PRO) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.01.10.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16476 silversurfer :: MARCEL [Administrator] Schutz: Aktiviert 10.01.2014 17:35:10 mbam-log-2014-01-10 (17-35-10).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM | P2P Deaktivierte Suchlaufeinstellungen: Durchsuchte Objekte: 228563 Laufzeit: 3 Minute(n), 36 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Hier das dazugehörige Log. Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=abbd0b592f5ef641acbae144d3983a38
# engine=16604
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-01-11 03:13:36
# local_time=2014-01-11 04:13:36 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776638 100 94 15794781 141039866 0 0
# scanned=359449
# found=16
# cleaned=0
# scan_time=37764
sh=8CD29509788AD45C57BCF27BE25C15BA46455E36 ft=0 fh=0000000000000000 vn="a variant of Win32/RemoteAdmin.RemoteExec.AA application" ac=I fn="E:\0001--- ISO-Images\Hiren's.BootCD.10.0.iso"
sh=717D2F58F5A4C07417C526E80A7373A972F164E4 ft=0 fh=0000000000000000 vn="a variant of Win32/RemoteAdmin.RemoteExec.AA application" ac=I fn="E:\0001--- ISO-Images\Hiren's.BootCD.9.9.iso"
sh=0A5C06EF09E667A07F09F00DEE57FB67A550998C ft=0 fh=0000000000000000 vn="Win32/PSWTool.KonBoot.A application" ac=I fn="E:\0001--- ISO-Images\HirensBootCDv10-4.iso"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="multiple threats" ac=I fn="E:\0001--- ISO-Images\MTDVD - Rescue and Troubleshooting Multi Tool DVD - 01012010.iso"
sh=43351822A5E2C05549DE6284A33DCFC2973F9081 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="E:\0001--- ISO-Images\Ultimate Recovery CD 2008.iso"
sh=F30A26EED411BF9E7D4953F32078AEA662E4E44A ft=0 fh=0000000000000000 vn="a variant of Win32/Sniffer.SniffPass.B application" ac=I fn="E:\0001--- ISO-Images\Desinfect_2011\Desinfect-2011.iso"
sh=0A5C06EF09E667A07F09F00DEE57FB67A550998C ft=0 fh=0000000000000000 vn="Win32/PSWTool.KonBoot.A application" ac=I fn="E:\0001--- ISO-Images\Windows\HirensBootCDv10-4.iso"
sh=39CBE0732ADA69A3D33EE0CF2D3D99CF103952CF ft=1 fh=c2f98b2cb92ce22d vn="Win32/Toolbar.AskSBar application" ac=I fn="E:\A - Z Tools\-1- Entpackte Programme\001--INST--- ALLES in N_E_R_O\Nero-7.10.1.0_deu_update.exe"
sh=071A54641FDFABDAA968995801697C8ECFAAA251 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="E:\A - Z Tools\CD-DVD-Tool´s\ALLESin_N_E_R_O.rar"
sh=39CBE0732ADA69A3D33EE0CF2D3D99CF103952CF ft=1 fh=c2f98b2cb92ce22d vn="Win32/Toolbar.AskSBar application" ac=I fn="E:\A - Z Tools\CD-DVD-Tool´s\ALLESin_N_E_R_O\ALLESin_N_E_R_O\ALLESin_N_E_R_O\Nero-7.10.1.0_deu_update.exe"
sh=2FEC2BB06C11B711B37E7D1BAC0004F8F25A4C7B ft=1 fh=9586b0754c97a9e0 vn="Win32/Bundled.Toolbar.Google.D application" ac=I fn="E:\A - Z Tools\Installierte Programme\ccsetup401.exe"
sh=5C3640349687BBC1E849512C8248CCF2D3A633BD ft=1 fh=2694d8c453c0ca24 vn="a variant of Win32/Bundled.Toolbar.Ask application" ac=I fn="E:\A - Z Tools\Installierte Programme\FoxitReader501.0523_enu_Setup.exe"
sh=0BFF84AA6CC4CCF580EAE2FBF4C129FA6EA612C4 ft=1 fh=9fe1a4845276fe8f vn="multiple threats" ac=I fn="E:\A - Z Tools\Installierte Programme\Unlocker1.9.1-x64.exe"
sh=73C98F1721958026BEB496BFCF15FB9A28B3B7A0 ft=1 fh=9a28cb911a364095 vn="Win32/DownWare.L application" ac=I fn="E:\A - Z Tools\Installierte Programme\Unlocker1.9.2.exe"
sh=E3245E1A04EECD543CD47518034CF1064AE12ED8 ft=1 fh=dcfa7acdf47a7270 vn="a variant of Win32/Adware.QUADRegClean application" ac=I fn="E:\A - Z Tools\Toolz\die Besten 66 Windowsprogramme\QUAD_Registry_Cleaner_Installer.exe"
sh=73C98F1721958026BEB496BFCF15FB9A28B3B7A0 ft=1 fh=9a28cb911a364095 vn="Win32/DownWare.L application" ac=I fn="E:\VirtualBox-FreigabeOrdner\Unlocker1.9.2.exe"
Hier nochmal ein neues Symantec Risikoprotokoll Code:
ATTFilter Dateiname,Risiko,Aktion,Risikotyp,Quelladresse,Computer,Benutzer,Status,Aktueller Ablageort,Primäre Aktion,Sekundäre Aktion,Protokolliert von,Aktionsbeschreibung,Datum und Uhrzeit
dwh7dff.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","11.01.2014 04:24:29"
dwhfeb1.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","11.01.2014 04:24:03"
dwhe354.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","11.01.2014 04:23:36"
dwhcf37.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","11.01.2014 04:23:08"
dwhbb58.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","11.01.2014 04:22:38"
dwha76a.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","11.01.2014 04:22:13"
dwh93c9.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","11.01.2014 04:21:48"
dwh801a.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","11.01.2014 04:21:23"
dwh6097.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","11.01.2014 04:20:57"
dwh4c5b.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","11.01.2014 04:20:32"
dwh387c.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","11.01.2014 04:19:57"
dwh2402.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","11.01.2014 04:19:23"
dwhd.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","11.01.2014 04:18:52"
dwhea2.dll,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:23:42"
dwh8ab.dll,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:23:28"
dwha0ba.dll,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:23:13"
dwh8db6.dll,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:22:59"
dwh89bc.dll,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:22:45"
dwh5373.dll,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:22:31"
dwha56b.dll,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:22:15"
dwhb870.dll,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:21:05"
dwh6e16.dll,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:20:51"
dwhf8bc.dll,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:20:36"
dwhcec2.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:20:23"
dwhd98.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:20:09"
dwhb70d.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:19:53"
dwh7c1d.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:19:40"
dwhf611.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:19:26"
dwh4280.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:19:12"
dwh72e5.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:18:58"
dwh291b.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:18:42"
dwh1175.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:18:23"
dwh412e.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:18:09"
dwh93a4.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:17:54"
dwh58a5.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:17:38"
dwh8a9a.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:17:23"
dwh72ca.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:35"
dwh8312.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:35"
dwhd916.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:33"
dwha48b.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:33"
dwha610.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:33"
dwh25ee.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:33"
dwhc161.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:32"
dwhc03f.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:32"
dwhdbf2.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:32"
dwhc5df.dll,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:32"
dwh1090.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:32"
dwh5ccf.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:31"
dwh74a3.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:31"
dwh3a06.dll,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:31"
dwha98c.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:29"
dwhbde5.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:29"
dwh4b65.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:29"
dwh2afe.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:29"
dwhb0e2.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:28"
dwh6f4.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:28"
dwh8167.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:27"
dwhca8f.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:27"
dwh440a.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:27"
dwhd2c8.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:27"
dwhc4ed.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:26"
dwh3e19.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:26"
dwh3297.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:26"
dwhec99.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:25"
dwh431c.exe,"Suspicious.Cloud.2","Isoliert","Datei Heuristikvirus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:25"
dwh6782.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:24"
dwh96fd.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:23"
dwh61a0.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:22"
dwh5a13.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:22"
dwh118a.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:22"
dwh6c60.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:21"
dwh33b0.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:20"
dwhdc74.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:20"
dwha05.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:20"
dwhc888.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:20"
dwh2051.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:20"
dwh5b05.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:19"
dwhfc27.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:19"
dwhf306.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:19"
dwh25e7.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:17"
dwha200.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:17"
dwh6b67.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:17"
dwh5e4b.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","SYSTEM","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:16"
dwhb2da.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:16"
dwhe414.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:15"
dwh98fe.exe,"Suspicious.Cloud.2","Isoliert","Datei Heuristikvirus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:15"
dwhf82f.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:15"
dwh8ca7.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:15"
dwh3cad.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:13"
dwh492f.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:12"
dwhedf7.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:12"
dwh5ac2.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:11"
dwhab7a.exe,"Suspicious.Cloud.2","Isoliert","Datei Heuristikvirus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:11"
dwhf4bd.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:10"
dwh7404.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:10"
dwh825a.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:10"
dwhd9ee.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:10"
dwh13ae.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:09"
dwh5872.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:08"
dwh1ab3.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:08"
dwh21be.exe,"Suspicious.Cloud.2","Isoliert","Datei Heuristikvirus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:08"
dwhd7f4.exe,"Suspicious.Cloud.2","Isoliert","Datei Heuristikvirus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:08"
dwhfb93.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:08"
dwh3bdd.exe,"Suspicious.Cloud.2","Isoliert","Datei Heuristikvirus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:08"
dwhb78d.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:07"
dwhe254.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:06"
dwhf0fa.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:06"
dwh4dd1.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:06"
dwh4529.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:05"
dwhba86.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:05"
dwh95ab.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:04"
dwh2568.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:03"
dwh93d4.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:02"
dwh8d0.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:02"
dwh63d6.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:02"
dwh827e.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:01"
dwh75c2.dll,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:01"
dwh3973.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:01"
dwhffdf.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:01"
dwh1bdb.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:01"
dwh8a7f.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:00"
dwh2875.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:00"
dwhfdf0.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:00"
dwha08.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:00"
dwh71d8.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:00"
dwh7f38.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:16:00"
dwhf220.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:15:59"
dwhf6be.dll,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:15:59"
dwh24d8.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:15:59"
dwha225.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:15:59"
dwhe15b.dll,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:15:59"
dwh5c3f.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:15:59"
dwhd044.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:15:59"
dwhc320.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:15:58"
dwh435f.exe,"Suspicious.Cloud.2","Isoliert","Datei Heuristikvirus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:15:58"
dwh6b3e.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:15:58"
dwh1349.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:15:58"
dwhb9c5.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:15:58"
dwh2b48.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:15:57"
dwhc44c.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:15:56"
dwh3a06.dll,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwhf6be.dll,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh5e4b.exe,"Trojan.Gen","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","SYSTEM","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh406f.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:07:51"
dwhe15b.dll,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwhc5df.dll,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh28b9.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:07:34"
dwh3297.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh1ab3.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh937.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:07:18"
dwh6f4.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwhf306.exe,"Trojan.Gen","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh1349.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh8ca7.exe,"Trojan.Gen","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwha48b.exe,"Trojan.Gen","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh2afe.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh435f.exe,"Suspicious.Cloud.2","Analyse ausstehend","Datei Heuristikvirus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh8a7f.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh5b05.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh72ca.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwha225.exe,"Trojan.Gen","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwhba86.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwhd2c8.exe,"Trojan.Gen","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwhc4ed.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwhdc74.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh2568.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwhf82f.exe,"Trojan.Gen","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh118a.exe,"Trojan.Gen","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh4529.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh5ccf.exe,"Trojan.Gen","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh74a3.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwhc44c.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwhdbf2.exe,"Trojan.Gen","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwhfb93.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh75c2.dll,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwhcdda.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:07:01"
dwhb606.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:06:46"
dwhf191.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:06:31"
dwh9a6a.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:06:17"
dwh5fc0.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:06:00"
dwh81de.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:05:44"
dwh2cdc.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:05:28"
dwh4462.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:05:12"
dwh86ab.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:04:56"
dwhb954.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:04:40"
dwh431c.exe,"Suspicious.Cloud.2","Analyse ausstehend","Datei Heuristikvirus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh5ac2.exe,"Trojan.Gen","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh6be.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:04:22"
dwh2b48.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwhca8f.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwhb2da.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwhe254.exe,"Trojan.Gen","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwhfdf0.exe,"Trojan.Gen","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh9726.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:04:03"
dwhef47.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:03:45"
dwhc161.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh8d0.exe,"Trojan.Gen","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh24d8.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwhf0fa.exe,"Trojan.Gen","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh5c3f.exe,"Trojan.Gen","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh3cad.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh7404.exe,"Trojan.Gen","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh93d4.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwhab7a.exe,"Suspicious.Cloud.2","Analyse ausstehend","Datei Heuristikvirus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh1bdb.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwhc320.exe,"Trojan.Gen","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwhedf7.exe,"Trojan.Gen","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh33b0.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh4b65.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwhb78d.exe,"Trojan.Gen","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwha200.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh827e.exe,"Trojan.Gen","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh63d6.exe,"Trojan.Gen","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwha08.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh21be.exe,"Suspicious.Cloud.2","Analyse ausstehend","Datei Heuristikvirus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwhec99.exe,"Trojan.Gen","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwhb9c5.exe,"Trojan.Gen","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh6b3e.exe,"Trojan.Gen","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh3973.exe,"Trojan.Gen","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh8312.exe,"Trojan.Gen","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh6b67.exe,"Trojan.Gen","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh1090.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh2875.exe,"Trojan.Gen","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh492f.exe,"Trojan.Gen","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh61a0.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh825a.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwhd044.exe,"Trojan.Gen","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwha610.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwhf220.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwha05.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwhd9ee.exe,"Trojan.Gen","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh440a.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh6782.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh7f38.exe,"Trojan.Gen","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwhc03f.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh25ee.exe,"Trojan.Gen","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwhd7f4.exe,"Suspicious.Cloud.2","Analyse ausstehend","Datei Heuristikvirus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh96fd.exe,"Trojan.Gen","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwhbde5.exe,"Trojan.Gen","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh25e7.exe,"Trojan.Gen","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh3e19.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwhffdf.exe,"Trojan.Gen","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh5a13.exe,"Trojan.Gen","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh71d8.exe,"Trojan.Gen","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwha98c.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwhd916.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwhe414.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwhfc27.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwhb0e2.exe,"Trojan.Gen","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwhc888.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh13ae.exe,"Trojan.Gen","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh4dd1.exe,"Trojan.Gen","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwhf4bd.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh2051.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh95ab.exe,"Trojan.Gen","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh3bdd.exe,"Suspicious.Cloud.2","Analyse ausstehend","Datei Heuristikvirus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh6ee5.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:03:26"
dwhf9fe.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:03:10"
dwhb81f.exe,"Suspicious.Cloud.2","Isoliert","Datei Heuristikvirus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:02:54"
dwh9df7.exe,"Suspicious.Cloud.2","Isoliert","Datei Heuristikvirus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:02:37"
dwhcfa5.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:02:21"
dwhd695.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:02:05"
dwh4f34.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:01:47"
dwh6a48.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:01:28"
dwh7faf.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:01:12"
dwh52c1.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:00:57"
dwh3750.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:00:41"
dwh3aae.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:00:25"
dwhe8f.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 12:00:09"
dwhb1e3.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:59:49"
dwhe878.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:59:23"
dwh5087.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:59:05"
dwh3420.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:58:47"
dwhd101.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:58:31"
dwhb94b.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:58:15"
dwh9a07.exe,"Suspicious.Cloud.2","Isoliert","Datei Heuristikvirus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:57:51"
dwh8281.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:57:30"
dwh18a3.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:57:07"
dwhfd36.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:56:43"
dwh91a5.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:56:22"
dwhe5b0.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:56:01"
dwh6a56.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:55:37"
dwhdd98.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:55:16"
dwh512a.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:54:58"
dwh8167.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh98fe.exe,"Suspicious.Cloud.2","Analyse ausstehend","Datei Heuristikvirus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwheac.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:54:43"
dwh6c60.exe,"Trojan.Gen","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh5872.exe,"Trojan.Gen.2","Analyse ausstehend","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","C:\Temp\","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan",??????," "
dwh3d9a.exe,"Suspicious.Cloud.2","Isoliert","Datei Heuristikvirus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:54:27"
dwh2623.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:54:11"
dwhc837.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:53:56"
dwhf735.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:53:38"
dwh991a.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:53:22"
dwh1ed7.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:53:05"
dwh6952.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:52:49"
dwhb0c0.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:52:33"
dwh51cb.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:52:16"
dwhdfae.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:52:01"
dwh8117.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:51:45"
dwh366d.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:51:29"
dwh703c.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:51:13"
dwhe3c9.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:50:58"
dwhfaca.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:50:43"
dwhc81d.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:50:27"
dwhfb40.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:50:11"
dwh58c5.exe,"Suspicious.Cloud.2","Isoliert","Datei Heuristikvirus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:49:53"
dwh29c7.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:49:36"
dwh1250.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:49:20"
dwha486.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:49:01"
dwh413e.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:48:42"
dwhbe25.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:48:23"
dwh7f21.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:47:14"
dwha68f.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:46:59"
dwh677b.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:46:44"
dwh4ff4.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:46:27"
dwh20f7.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:46:11"
dwh387d.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:45:55"
dwh951.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:45:40"
dwhf1bb.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:45:24"
dwhda44.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:45:07"
dwhe56e.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:44:17"
dwhc678.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:44:01"
dwhb6af.exe,"Suspicious.Cloud.2","Isoliert","Datei Heuristikvirus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:43:45"
dwha697.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:43:28"
dwh96be.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:43:13"
dwh82a1.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:42:58"
dwh6c91.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:42:42"
dwh5cd7.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:42:26"
dwh5104.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:42:11"
dwh3d35.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:41:55"
dwh26a8.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:41:39"
dwh16bf.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:41:22"
dwhf8d2.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:41:05"
dwh776e.dll,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:40:49"
dwh497b.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:40:33"
dwhaa62.exe,"Suspicious.Cloud.2","Isoliert","Datei Heuristikvirus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:40:17"
dwh153.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:40:02"
dwh92dc.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:39:45"
dwh8406.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:39:29"
dwhce60.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:39:14"
dwh3d06.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:38:58"
dwhe9cd.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:38:41"
dwhb6ca.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:38:26"
dwh257f.exe,"Suspicious.Cloud.2","Isoliert","Datei Heuristikvirus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:38:11"
dwhf866.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:37:56"
dwh6c41.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:37:41"
dwhdcf9.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:37:26"
dwha5c1.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:37:10"
dwhc582.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:36:54"
dwh4f46.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:36:38"
dwh8a64.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:36:23"
dwh6ab3.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:36:07"
dwh357e.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:35:52"
dwh87c0.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:35:36"
dwh8f2c.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:35:20"
dwh623.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:35:04"
dwhea97.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:34:47"
dwh7271.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:34:32"
dwh7390.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:34:16"
dwhd301.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:34:00"
dwhaefc.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:33:45"
dwhccc4.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:33:25"
dwh5823.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:33:07"
dwhb157.exe,"Suspicious.Cloud.2","Isoliert","Datei Heuristikvirus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:32:48"
dwhe952.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:32:31"
dwh3c59.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:32:11"
dwh110e.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:31:55"
dwhcdb6.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:31:37"
dwh639d.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:31:15"
dwh2885.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","SYSTEM","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:30:59"
dwh4fbe.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:30:39"
dwh3bd0.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:30:20"
dwh27f1.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:30:01"
dwhffd.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:29:32"
dwhf838.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:28:58"
dwhe0a2.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:28:27"
dwhc88f.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:27:47"
dwhb4b0.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:27:18"
dwh6854.exe,"Trojan.Gen","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:26:38"
dwh4652.exe,"Trojan.Gen.2","Isoliert","Datei Virus","C:\Temp\","MARCEL","silversurfer","Infiziert","Isolieren","Von Sicherheitsrisiko bereinigen","Isolieren","Auto-Protect-Scan","Die Datei wurde erfolgreich isoliert.","10.01.2014 11:26:06"
 |
|
11.01.2014, 14:19
| #15 |
| /// TB-Ausbilder | Windows 7 - Temp-Ordner verdächtiges Verhalten Das ist wohl keine Malware, sondern ein Bug von Symantec: http://www.symantec.com/business/sup...&id=TECH102953
__________________ cheers, Leo |
|
| Themen zu Windows 7 - Temp-Ordner verdächtiges Verhalten |
| adblock, antivirus, branding, browser, computer, converter, excel, firefox, flash player, helper, launch, mozilla, mp3, newtab, nodrives, plug-in, problem, programm, prozess, realtek, refresh, registry, rundll, scan, secur, security, software, svchost.exe, symantec, system, trojaner, windows |
WARNUNG an die MITLESER: 
Linear-Darstellung
