| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: CryptoApp.exe - .encrypted Files auf Desktop und persönlichen OrdnerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
14.11.2014, 08:28
| #1 |
 |  CryptoApp.exe - .encrypted Files auf Desktop und persönlichen Ordner hallo, da ich gestern das system neu aufgesetzt habe, und am mittwoch abend, um ehrlich zu sein andere sorgen hatte, habe ich das damals nicht gemacht. hat sich aber damit so oder so erledigt. die fotos sind weg, meine geliebten erinnerungen und ich danke dir für deine hilfe - du solltest dir aber nur mal vor augen halten welchen leuten du hier sozusagen die stange hältst, respektive du hier schützt. Fast alle Top 500 unternehmen darunter solche wie MS, Adobe, Apple und Co. machen mit linken Aktien Geschäften Milliarden auf Kosten vieler Menschen werden reicher und reicher - ich komme aus den Banken sektor und weiß hier sehr genau bescheid, was diese Firmen da so abziehen. Allein jedesmal wenn ein neues iphone kommt, machen da deren bosse millionen gewinnen, weil die den Kurs mehr oder weniger manipulieren und dann zusehen was passiert, oder glaubst du diese events haben nur marketing charakter. Da sind die meisten meist zu naiv um das wirklich erkennen zu können, um was es da eigentlich geht. aber zum beweis, hier das neue FRST64 - ich halte zu meinem wort. danke für deine Hilfe, auch wenn es leider nichts gebracht hat, sollte sich was ändern, die platte lasse ich ausgebaut mal im kasten liegen evtl. kann man das ja doch irgendwann mal retten. s FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-11-2014 02
Ran by Oliver (administrator) on OLIVER-WIN8PC on 14-11-2014 08:26:26
Running from C:\Users\Oliver\Downloads
Loaded Profile: Oliver (Available profiles: Oliver)
Platform: Windows 8 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Razer, Inc.) C:\Users\Oliver\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe
(Avid Technology, Inc.) C:\Windows\SysWOW64\MAFWTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Helper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(eM Client, Inc.) C:\Program Files (x86)\eM Client\MailClient.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.2.8516.0_x64__8wekyb3d8bbwe\glcnd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1796056 2014-08-19] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-10-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2014-11-03] (Razer Inc.)
HKLM-x32\...\Run: [StereoLinksInstall] => "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe" /install1
HKLM-x32\...\Run: [M-Audio Taskbar Icon] => C:\WINDOWS\SysWOW64\MAFWTray.exe [252424 2009-07-29] (Avid Technology, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [124208 2014-10-22] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\RunOnce: [CleanUp RzWizard] => C:\Program Files (x86)\Razer\RzWizard\RzInstallerDeletion.vbs [1446 2014-10-07] ()
HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [eM Client] => C:\Program Files (x86)\eM Client\MailClient.exe [15558952 2014-10-16] (eM Client, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.golfballs.at/
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Oliver\AppData\Roaming\Mozilla\Firefox\Profiles\owg1vJwo.default
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Extension: Avira Browser Safety - C:\Users\Oliver\AppData\Roaming\Mozilla\Firefox\Profiles\owg1vJwo.default\Extensions\abs@avira.com [2014-11-13]
Chrome:
=======
CHR HomePage: Default -> hxxp://search.conduit.com/?ctid=CT3324790&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP98A922D2-6296-4A87-9487-1DF1C0EDC6B7&SSPV=
CHR StartupUrls: Default -> ""
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Oliver\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Oliver\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-13]
CHR Extension: (Google Docs) - C:\Users\Oliver\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-13]
CHR Extension: (Google Drive) - C:\Users\Oliver\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-13]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Oliver\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-13]
CHR Extension: (YouTube) - C:\Users\Oliver\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-13]
CHR Extension: (Google-Suche) - C:\Users\Oliver\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-13]
CHR Extension: (CleverReach) - C:\Users\Oliver\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbadlmeappiakggijlcgjapjaoledehg [2014-11-13]
CHR Extension: (WGT Golf Challenge) - C:\Users\Oliver\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcilimldmomiaihcfkmaldanopfejefg [2014-11-13]
CHR Extension: (Google Tabellen) - C:\Users\Oliver\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-13]
CHR Extension: (Avira Browser Safety) - C:\Users\Oliver\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-11-13]
CHR Extension: (PageSpeed Insights (by Google)) - C:\Users\Oliver\AppData\Local\Google\Chrome\User Data\Default\Extensions\gplegfbjlmmehdoakndmohflojccocli [2014-11-13]
CHR Extension: (jsFiddle) - C:\Users\Oliver\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiigmadmngbpbmacbkfngpkjfmmpagfk [2014-11-13]
CHR Extension: (SEO & Website Analysen) - C:\Users\Oliver\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlngmmdolgbdnnimbmblfhhndibdipaf [2014-11-13]
CHR Extension: (VNC® Viewer for Google Chrome™) - C:\Users\Oliver\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabmpiboiopbgfabjmgeedhcmjenhbla [2014-11-13]
CHR Extension: (Knok | Family Travel) - C:\Users\Oliver\AppData\Local\Google\Chrome\User Data\Default\Extensions\iehdddmijbgofffjjmhkodckmnombhmf [2014-11-13]
CHR Extension: (Google Wallet) - C:\Users\Oliver\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-13]
CHR Extension: (Google Mail) - C:\Users\Oliver\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-13]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2014-10-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2014-10-23] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [164656 2014-10-22] (Avira Operations GmbH & Co. KG)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [43520 2012-07-26] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [634368 2012-07-26] (Microsoft Corporation)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [183488 2014-10-31] ()
R2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [32960 2014-04-18] (Razer, Inc.)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18432 2012-07-26] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [15440 2012-07-26] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AU8168; C:\Windows\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek )
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-23] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131608 2014-10-23] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-10-23] (Avira Operations GmbH & Co. KG)
R3 MAFW; C:\Windows\system32\DRIVERS\mafw.sys [231944 2009-07-29] (Avid Technology, Inc.)
R3 RzDxgk; C:\WINDOWS\system32\drivers\RzDxgk.sys [129472 2014-04-18] (Razer, Inc.)
R1 RzFilter; C:\WINDOWS\system32\drivers\RzFilter.sys [74432 2014-04-18] (Razer, Inc.)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2014-10-31] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [129600 2014-10-23] (Razer, Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-14 08:26 - 2014-11-14 08:26 - 00014563 _____ () C:\Users\Oliver\Downloads\FRST.txt
2014-11-14 08:26 - 2014-11-14 08:26 - 00000000 ____D () C:\FRST
2014-11-14 08:25 - 2014-11-14 08:25 - 02116608 _____ (Farbar) C:\Users\Oliver\Downloads\FRST64.exe
2014-11-14 08:16 - 2014-11-14 08:17 - 00000000 ____D () C:\Users\Oliver\Desktop\golfballs.at
2014-11-14 08:13 - 2014-11-14 08:13 - 00000117 _____ () C:\WINDOWS\system32\netcfg-33348218.txt
2014-11-14 00:48 - 2014-11-14 00:48 - 00000117 _____ () C:\WINDOWS\system32\netcfg-6633468.txt
2014-11-14 00:08 - 2014-11-14 00:09 - 00004084 _____ () C:\WINDOWS\System32\Tasks\eM Client Database Backup
2014-11-14 00:01 - 2014-11-14 00:02 - 00000000 ____D () C:\Users\Oliver\AppData\Roaming\eM Client
2014-11-14 00:01 - 2014-11-14 00:01 - 15216640 _____ () C:\Users\Oliver\Downloads\setup.msi
2014-11-14 00:01 - 2014-11-14 00:01 - 00000966 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eM Client.lnk
2014-11-14 00:01 - 2014-11-14 00:01 - 00000000 ____D () C:\Program Files (x86)\eM Client
2014-11-13 23:57 - 2014-11-13 23:57 - 00003514 _____ () C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-or@newbreeze.at
2014-11-13 23:57 - 2014-11-13 23:57 - 00000000 ____D () C:\Users\Oliver\AppData\Roaming\PDAppFlex
2014-11-13 23:52 - 2014-11-13 23:57 - 00000138 _____ () C:\Users\Oliver\Documents\DesignLibrary_Photoshop.log
2014-11-13 23:52 - 2014-11-13 23:52 - 00000000 ____D () C:\Users\Oliver\AppData\Roaming\NVIDIA
2014-11-13 23:52 - 2014-11-13 23:52 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-11-13 23:48 - 2014-11-13 23:50 - 00000000 ____D () C:\Program Files\Adobe
2014-11-13 23:48 - 2014-11-13 23:48 - 00001040 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2014.lnk
2014-11-13 23:47 - 2014-11-13 23:51 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-11-13 23:46 - 2014-11-13 23:46 - 00000000 ____D () C:\Users\Oliver\AppData\Roaming\Avira
2014-11-13 23:46 - 2014-10-23 14:02 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2014-11-13 23:46 - 2014-10-23 14:02 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2014-11-13 23:46 - 2014-10-23 14:01 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2014-11-13 23:45 - 2014-11-13 23:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-11-13 23:45 - 2014-11-13 23:46 - 00000000 ____D () C:\ProgramData\Avira
2014-11-13 23:45 - 2014-11-13 23:46 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-11-13 23:45 - 2014-11-13 23:45 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-11-13 23:45 - 2014-11-13 23:45 - 00000000 ____D () C:\Users\Oliver\AppData\Roaming\Mozilla
2014-11-13 23:44 - 2014-11-13 23:44 - 04583464 _____ (Avira Operations GmbH & Co. KG) C:\Users\Oliver\Downloads\avira_de_av___ws.exe
2014-11-13 23:44 - 2014-11-13 23:44 - 00000000 ____D () C:\WINDOWS\system32\appmgmt
2014-11-13 23:41 - 2014-11-13 23:41 - 00000000 ___RD () C:\Users\Oliver\Creative Cloud Files
2014-11-13 23:39 - 2014-11-13 23:39 - 00000000 ____D () C:\Users\Oliver\AppData\Roaming\Brackets
2014-11-13 23:37 - 2014-11-13 23:48 - 00000000 ____D () C:\ProgramData\Adobe
2014-11-13 23:37 - 2014-11-13 23:45 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-13 23:37 - 2014-11-13 23:37 - 00001313 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2014-11-13 23:37 - 2014-11-13 23:37 - 00001301 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2014-11-13 23:36 - 2014-11-13 23:51 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-11-13 23:36 - 2014-11-13 23:37 - 43081728 _____ () C:\Users\Oliver\Downloads\Brackets.1.0.Extract.msi
2014-11-13 23:35 - 2014-11-14 08:16 - 00000000 ____D () C:\Users\Oliver\AppData\Local\Adobe
2014-11-13 23:35 - 2014-11-13 23:35 - 00672432 _____ (Adobe Systems Incorporated) C:\Users\Oliver\Downloads\CreativeCloudSet-Up.exe
2014-11-13 23:35 - 2014-11-13 23:35 - 00672432 _____ (Adobe Systems Incorporated) C:\Users\Oliver\Downloads\CreativeCloudSet-Up (1).exe
2014-11-13 23:35 - 2014-11-13 23:35 - 00000000 ____D () C:\Users\Oliver\AppData\Roaming\TeamViewer
2014-11-13 23:23 - 2014-11-13 23:23 - 06626832 _____ (TeamViewer GmbH) C:\Users\Oliver\Downloads\TeamViewer_Setup_de.exe
2014-11-13 23:23 - 2014-11-13 23:23 - 00001186 _____ () C:\WINDOWS\system32\netcfg-1560968.txt
2014-11-13 23:23 - 2014-11-13 23:23 - 00001178 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-11-13 23:23 - 2014-11-13 23:23 - 00001166 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-11-13 23:23 - 2014-11-13 23:23 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-11-13 23:23 - 2013-10-17 16:32 - 00035112 _____ (TeamViewer GmbH) C:\WINDOWS\system32\Drivers\teamviewervpn.sys
2014-11-13 23:19 - 2014-11-13 23:22 - 00000000 ____D () C:\Users\Oliver\AppData\Roaming\vlc
2014-11-13 23:19 - 2014-11-13 23:19 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-11-13 23:19 - 2014-11-13 23:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-11-13 23:19 - 2014-11-13 23:19 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-11-13 23:12 - 2014-11-14 00:00 - 00000000 ____D () C:\Users\Oliver\AppData\Roaming\UseNeXT
2014-11-13 23:12 - 2014-11-13 23:12 - 00001861 _____ () C:\Users\Oliver\Desktop\UseNeXT by Tangysoft.lnk
2014-11-13 23:12 - 2014-11-13 23:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2014-11-13 23:12 - 2014-11-13 23:12 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2014-11-13 23:09 - 2014-11-13 23:09 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2014-11-13 23:09 - 2014-11-13 23:09 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-11-13 23:09 - 2014-11-13 23:09 - 00000000 ____D () C:\Program Files\MSBuild
2014-11-13 23:09 - 2014-11-13 23:09 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-11-13 23:09 - 2014-11-13 23:09 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-11-13 23:08 - 2012-07-06 03:02 - 01166440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2014-11-13 23:08 - 2012-07-06 03:02 - 00778856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2014-11-13 23:08 - 2012-07-06 03:02 - 00124040 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-11-13 23:08 - 2012-07-06 03:02 - 00102528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-11-13 23:08 - 2012-07-06 03:02 - 00035400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-11-13 23:08 - 2012-07-06 03:02 - 00035400 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-11-13 23:01 - 2014-11-13 23:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\M-Audio
2014-11-13 23:01 - 2014-11-13 23:01 - 00000000 ____D () C:\Program Files\M-Audio
2014-11-13 22:58 - 2014-11-13 22:58 - 00000000 ____D () C:\Users\Oliver\AppData\Local\Razer_Inc
2014-11-13 22:58 - 2014-11-13 22:58 - 00000000 ____D () C:\Users\Oliver\AppData\Local\Razer
2014-11-13 22:57 - 2014-11-13 22:57 - 00000000 ____D () C:\Users\Oliver\AppData\Local\NVIDIA
2014-11-13 22:53 - 2014-05-15 02:02 - 00059424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-11-13 22:53 - 2014-05-14 23:43 - 03286528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-11-13 22:53 - 2014-05-14 23:43 - 01623040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-11-13 22:53 - 2014-05-14 23:43 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-11-13 22:53 - 2014-05-14 23:42 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-11-13 22:52 - 2014-11-13 22:57 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-13 22:52 - 2014-11-13 22:53 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-11-13 22:52 - 2014-11-13 22:52 - 00000000 ____D () C:\NVIDIA
2014-11-13 22:52 - 2013-08-16 06:21 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-11-13 22:52 - 2012-11-06 05:20 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2014-11-13 22:52 - 2012-11-06 05:00 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wushareduxresources.dll
2014-11-13 22:51 - 2014-11-13 22:52 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-11-13 22:51 - 2014-11-13 22:52 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-11-13 22:51 - 2014-08-19 22:15 - 00075040 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2014-11-13 22:51 - 2014-08-19 22:15 - 00061912 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2014-11-13 22:51 - 2014-07-02 19:55 - 06783776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2014-11-13 22:51 - 2014-07-02 19:55 - 03522392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2014-11-13 22:51 - 2014-07-02 19:55 - 02559960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2014-11-13 22:51 - 2014-07-02 19:55 - 00935368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2014-11-13 22:51 - 2014-07-02 19:55 - 00386520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2014-11-13 22:51 - 2014-07-02 19:55 - 00062808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2014-11-13 22:51 - 2014-07-02 11:14 - 03826628 _____ () C:\WINDOWS\system32\nvcoproc.bin
2014-11-13 22:49 - 2014-11-13 22:49 - 00068518 _____ () C:\WINDOWS\DPINST.LOG
2014-11-13 22:49 - 2014-10-31 23:27 - 00037184 _____ (Razer, Inc.) C:\WINDOWS\system32\Drivers\rzpmgrk.sys
2014-11-13 22:49 - 2014-10-23 21:05 - 00129600 _____ (Razer, Inc.) C:\WINDOWS\system32\Drivers\rzpnk.sys
2014-11-13 22:48 - 2014-11-14 00:21 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3463171804-1537994893-3906066650-1001
2014-11-13 22:48 - 2014-11-13 22:48 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_RzFilter_01009.Wdf
2014-11-13 22:48 - 2014-11-13 22:48 - 00000000 ____D () C:\WINDOWS\Razer Core
2014-11-13 22:48 - 2014-11-13 22:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2014-11-13 22:48 - 2014-04-18 17:02 - 00129472 _____ (Razer, Inc.) C:\WINDOWS\system32\Drivers\RzDxgk.sys
2014-11-13 22:48 - 2014-04-18 17:02 - 00074432 _____ (Razer, Inc.) C:\WINDOWS\system32\Drivers\RzFilter.sys
2014-11-13 22:45 - 2014-11-13 22:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-13 22:44 - 2014-11-13 23:49 - 00001138 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-13 22:44 - 2014-11-13 22:57 - 00001134 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-13 22:44 - 2014-11-13 22:49 - 00000000 ____D () C:\ProgramData\Razer
2014-11-13 22:44 - 2014-11-13 22:49 - 00000000 ____D () C:\Program Files (x86)\Razer
2014-11-13 22:44 - 2014-11-13 22:45 - 00000000 ____D () C:\Users\Oliver\AppData\Local\Google
2014-11-13 22:44 - 2014-11-13 22:45 - 00000000 ____D () C:\Program Files (x86)\Google
2014-11-13 22:44 - 2014-11-13 22:44 - 00004110 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-13 22:44 - 2014-11-13 22:44 - 00003874 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-13 22:44 - 2014-11-13 22:44 - 00000321 _____ () C:\WINDOWS\system32\netcfg-93109.txt
2014-11-13 22:44 - 2014-11-13 22:44 - 00000117 _____ () C:\WINDOWS\system32\netcfg-94687.txt
2014-11-13 22:44 - 2014-11-13 22:44 - 00000117 _____ () C:\WINDOWS\system32\netcfg-92906.txt
2014-11-13 22:44 - 2014-11-13 22:44 - 00000000 ____D () C:\Program Files\ASUS
2014-11-13 22:43 - 2014-11-13 22:43 - 00000117 _____ () C:\WINDOWS\system32\netcfg-7796.txt
2014-11-13 22:43 - 2014-11-13 22:43 - 00000117 _____ () C:\WINDOWS\system32\netcfg-7718.txt
2014-11-13 22:39 - 2014-11-13 23:52 - 00000000 ____D () C:\Users\Oliver\AppData\Roaming\Adobe
2014-11-13 22:39 - 2014-11-13 22:39 - 00001442 _____ () C:\Users\Oliver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-11-13 22:39 - 2014-11-13 22:39 - 00000000 ____D () C:\WINDOWS\CSC
2014-11-13 22:39 - 2014-11-13 22:39 - 00000000 ____D () C:\Users\Oliver\AppData\Local\VirtualStore
2014-11-13 22:39 - 2014-11-13 22:39 - 00000000 ____D () C:\Users\Oliver\AppData\Local\Packages
2014-11-13 22:39 - 2014-11-13 22:39 - 00000000 ____D () C:\ProgramData\PRICache
2014-11-13 22:38 - 2014-11-13 23:57 - 00764446 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-13 22:38 - 2014-11-13 23:41 - 00000000 ____D () C:\Users\Oliver
2014-11-13 22:38 - 2014-11-13 22:38 - 00000020 ___SH () C:\Users\Oliver\ntuser.ini
2014-11-13 22:38 - 2014-11-13 22:38 - 00000000 _SHDL () C:\Users\Oliver\Vorlagen
2014-11-13 22:38 - 2014-11-13 22:38 - 00000000 _SHDL () C:\Users\Oliver\Startmenü
2014-11-13 22:38 - 2014-11-13 22:38 - 00000000 _SHDL () C:\Users\Oliver\Netzwerkumgebung
2014-11-13 22:38 - 2014-11-13 22:38 - 00000000 _SHDL () C:\Users\Oliver\Lokale Einstellungen
2014-11-13 22:38 - 2014-11-13 22:38 - 00000000 _SHDL () C:\Users\Oliver\Eigene Dateien
2014-11-13 22:38 - 2014-11-13 22:38 - 00000000 _SHDL () C:\Users\Oliver\Druckumgebung
2014-11-13 22:38 - 2014-11-13 22:38 - 00000000 _SHDL () C:\Users\Oliver\Documents\Eigene Musik
2014-11-13 22:38 - 2014-11-13 22:38 - 00000000 _SHDL () C:\Users\Oliver\Documents\Eigene Bilder
2014-11-13 22:38 - 2014-11-13 22:38 - 00000000 _SHDL () C:\Users\Oliver\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-11-13 22:38 - 2014-11-13 22:38 - 00000000 _SHDL () C:\Users\Oliver\AppData\Local\Verlauf
2014-11-13 22:38 - 2014-11-13 22:38 - 00000000 _SHDL () C:\Users\Oliver\AppData\Local\Anwendungsdaten
2014-11-13 22:38 - 2014-11-13 22:38 - 00000000 _SHDL () C:\Users\Oliver\Anwendungsdaten
2014-11-13 22:38 - 2012-07-26 09:13 - 00000000 ___RD () C:\Users\Oliver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-13 22:38 - 2012-07-26 09:13 - 00000000 ___RD () C:\Users\Oliver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-13 22:38 - 2012-07-26 09:13 - 00000000 ___RD () C:\Users\Oliver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-11-13 22:38 - 2012-07-26 09:13 - 00000000 ____D () C:\Users\Oliver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-11-13 22:37 - 2014-11-13 22:37 - 00000117 _____ () C:\WINDOWS\system32\netcfg-45312.txt
2014-11-13 22:37 - 2014-11-13 22:37 - 00000117 _____ () C:\WINDOWS\system32\netcfg-42375.txt
2014-11-13 22:37 - 2014-11-13 22:37 - 00000117 _____ () C:\WINDOWS\system32\netcfg-42343.txt
2014-11-13 22:37 - 2014-11-13 22:37 - 00000117 _____ () C:\WINDOWS\system32\netcfg-39531.txt
2014-11-13 22:37 - 2014-11-13 22:37 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-11-13 22:37 - 2014-11-13 22:37 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-11-13 22:37 - 2014-11-13 22:37 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-11-13 22:37 - 2014-11-13 22:37 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-11-13 22:37 - 2014-11-13 22:37 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-11-13 22:37 - 2014-11-13 22:37 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-11-13 22:37 - 2014-11-13 22:37 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-11-13 22:37 - 2014-11-13 22:37 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-11-13 22:37 - 2014-11-13 22:37 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-11-13 22:37 - 2014-11-13 22:37 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-11-13 22:37 - 2014-11-13 22:37 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-11-13 22:37 - 2014-11-13 22:37 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-11-13 22:37 - 2014-11-13 22:37 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-11-13 22:37 - 2014-11-13 22:37 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-11-13 22:37 - 2014-11-13 22:37 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-11-13 22:37 - 2014-11-13 22:37 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-11-13 22:37 - 2014-11-13 22:37 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-11-13 22:37 - 2014-11-13 22:37 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-11-13 22:37 - 2014-11-13 22:37 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-11-13 22:37 - 2014-11-13 22:37 - 00000000 _SHDL () C:\Programme
2014-11-13 22:37 - 2014-11-13 22:37 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-11-13 22:37 - 2014-11-13 22:37 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-11-13 22:37 - 2014-11-13 22:37 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-11-13 22:37 - 2014-11-13 22:37 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-11-13 22:37 - 2014-11-13 22:37 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-11-13 22:37 - 2014-11-13 22:37 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-11-13 22:37 - 2014-11-13 22:37 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-11-13 22:37 - 2014-11-13 22:37 - 00000000 __SHD () C:\Recovery
2014-11-13 22:36 - 2014-11-13 22:36 - 00001136 _____ () C:\WINDOWS\system32\netcfg-47203.txt
2014-11-13 22:36 - 2014-11-13 22:36 - 00000185 _____ () C:\WINDOWS\system32\netcfg-51296.txt
2014-11-13 22:36 - 2014-11-13 22:36 - 00000164 _____ () C:\WINDOWS\system32\netcfg-46875.txt
2014-11-13 22:36 - 2014-11-13 22:36 - 00000161 _____ () C:\WINDOWS\system32\netcfg-51156.txt
2014-11-13 22:36 - 2014-11-13 22:36 - 00000160 _____ () C:\WINDOWS\system32\netcfg-51031.txt
2014-11-13 22:36 - 2014-11-13 22:36 - 00000160 _____ () C:\WINDOWS\system32\netcfg-50750.txt
2014-11-13 22:36 - 2014-11-13 22:36 - 00000160 _____ () C:\WINDOWS\system32\netcfg-47015.txt
2014-11-13 22:36 - 2014-11-13 22:36 - 00000159 _____ () C:\WINDOWS\system32\netcfg-50625.txt
2014-11-13 22:36 - 2014-11-13 22:36 - 00000157 _____ () C:\WINDOWS\system32\netcfg-50890.txt
2014-11-13 22:36 - 2014-11-13 22:36 - 00000157 _____ () C:\WINDOWS\system32\netcfg-50359.txt
2014-11-13 22:36 - 2014-11-13 22:36 - 00000150 _____ () C:\WINDOWS\system32\netcfg-50484.txt
2014-11-13 22:34 - 2014-11-13 22:57 - 00000960 _____ () C:\WINDOWS\PFRO.log
2014-11-13 22:33 - 2014-11-13 22:36 - 00000000 ____D () C:\WINDOWS\Panther
2014-11-11 05:27 - 2014-11-11 05:27 - 00080384 _____ (Razer Inc) C:\WINDOWS\system32\RazerCoinstaller.dll
2014-11-07 03:23 - 2014-11-07 03:23 - 00009728 _____ (Razer Inc.) C:\WINDOWS\SysWOW64\RzStats.IPC.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-14 08:15 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-11-14 00:31 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\rescache
2014-11-13 23:47 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-11-13 23:10 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-11-13 23:09 - 2012-07-26 11:27 - 00751892 _____ () C:\WINDOWS\system32\perfh007.dat
2014-11-13 23:09 - 2012-07-26 11:27 - 00155620 _____ () C:\WINDOWS\system32\perfc007.dat
2014-11-13 23:02 - 2012-07-26 08:28 - 01654648 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-13 23:01 - 2012-07-26 08:21 - 00014573 _____ () C:\WINDOWS\setupact.log
2014-11-13 22:57 - 2012-07-26 08:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-13 22:57 - 2012-07-26 08:19 - 00308480 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-11-13 22:53 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-11-13 22:51 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\Help
2014-11-13 22:48 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-11-13 22:42 - 2012-07-26 06:26 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-11-13 22:39 - 2012-07-26 09:12 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-11-13 22:39 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\WinStore
2014-11-13 22:37 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2014-11-13 22:37 - 2012-07-26 06:37 - 00000000 __RHD () C:\Users\Default
2014-11-13 22:36 - 2012-07-26 09:13 - 00001720 _____ () C:\WINDOWS\DtcInstall.log
2014-11-13 22:33 - 2012-07-26 09:13 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
Some content of TEMP:
====================
C:\Users\Oliver\AppData\Local\Temp\avgnt.exe
C:\Users\Oliver\AppData\Local\Temp\nvStInst.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-13 22:34
==================== End Of Log ============================
FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-11-2014 02
Ran by Oliver at 2014-11-14 08:26:45
Running from C:\Users\Oliver\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.8.1.451 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.2.1 - Adobe Systems Incorporated)
Avira (HKLM-x32\...\{9480d4af-12b9-4e56-8034-4031ef6ab39d}) (Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.342 - Avira)
eM Client (HKLM-x32\...\{8A33684C-A2EF-4A49-A4A9-BD6EF80EC12A}) (Version: 6.0.21040.0 - eM Client Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.122 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
M-Audio FireWire Driver 6.0.1 (x64) (HKLM\...\{3C33BA1B-D447-41CF-A228-84DD499F6F61}) (Version: 6.0.1 - M-Audio)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Razer Core (HKLM-x32\...\Razer Core) (Version: 1.0.1.66 - Razer Inc)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.18.23036 - Razer Inc.)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version: - Tangysoft Ltd.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
13-11-2014 21:48:49 Razer Drivers Install
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {20C7026B-CD0D-4AAA-90C1-B1EF8167EF4C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-13] (Google Inc.)
Task: {23B4C797-5986-4F07-86A3-73D420A73019} - System32\Tasks\eM Client Database Backup => C:\Program Files (x86)\eM Client\DbBackup.exe [2014-10-16] ()
Task: {7995DDC2-AC48-4951-83AD-68668F45F614} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-13] (Google Inc.)
Task: {BFABAC3A-E373-4705-B7AF-3BCCAB539F73} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-or@newbreeze.at => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-10-14] (Adobe Systems Incorporated)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-11-13 22:51 - 2014-07-02 19:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-10-31 23:27 - 2014-10-31 23:27 - 00183488 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2014-11-07 03:23 - 2014-11-07 03:23 - 00289792 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
2014-09-26 14:41 - 2014-09-26 14:41 - 01021088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2014-09-26 14:40 - 2014-09-26 14:40 - 06237856 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2014-11-13 22:58 - 2014-01-04 01:20 - 34755072 _____ () C:\Users\Oliver\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll
2014-11-07 03:21 - 2014-11-07 03:21 - 00193024 _____ () C:\ProgramData\Razer\Synapse\RzStats\RigWrapper.dll
2014-11-13 22:58 - 2014-01-04 01:20 - 00970240 _____ () C:\Users\Oliver\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\ffmpegsumo.dll
2014-11-13 22:45 - 2014-11-06 00:56 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.122\libglesv2.dll
2014-11-13 22:45 - 2014-11-06 00:56 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.122\libegl.dll
2014-11-13 22:45 - 2014-11-06 00:57 - 08911176 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.122\pdf.dll
2014-11-13 22:45 - 2014-11-06 00:56 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.122\ffmpegsumo.dll
2014-09-28 21:01 - 2014-09-28 21:01 - 36730032 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libcef.dll
2014-09-28 21:01 - 2014-09-28 21:01 - 00746160 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libglesv2.dll
2014-09-28 21:01 - 2014-09-28 21:01 - 00136368 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libegl.dll
2014-10-15 16:03 - 2014-10-15 16:03 - 00642016 _____ () C:\Program Files (x86)\eM Client\SQLite\x86\sqlite3.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-3463171804-1537994893-3906066650-500 - Administrator - Disabled)
Gast (S-1-5-21-3463171804-1537994893-3906066650-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3463171804-1537994893-3906066650-1003 - Limited - Enabled)
Oliver (S-1-5-21-3463171804-1537994893-3906066650-1001 - Administrator - Enabled) => C:\Users\Oliver
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/13/2014 11:40:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Brackets.exe, Version: 1.0.0.0, Zeitstempel: 0x5453feb3
Name des fehlerhaften Moduls: libcef.dll, Version: 3.1547.1459.0, Zeitstempel: 0x525cff02
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0111405c
ID des fehlerhaften Prozesses: 0x1f9c
Startzeit der fehlerhaften Anwendung: 0xBrackets.exe0
Pfad der fehlerhaften Anwendung: Brackets.exe1
Pfad des fehlerhaften Moduls: Brackets.exe2
Berichtskennung: Brackets.exe3
Vollständiger Name des fehlerhaften Pakets: Brackets.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Brackets.exe5
Error: (11/13/2014 11:37:41 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: OLIVER-WIN8PC)
Description: Die Anwendung oder der Dienst "Windows-Explorer" konnte nicht heruntergefahren werden.
Error: (11/13/2014 10:56:59 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: Der Desktopfenster-Manager hat einen schwerwiegenden Fehler (0x8898008d) festgestellt.
Error: (11/13/2014 10:56:57 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: Der Desktopfenster-Manager hat einen schwerwiegenden Fehler (0x8898008d) festgestellt.
Error: (11/13/2014 10:56:54 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: Der Desktopfenster-Manager hat einen schwerwiegenden Fehler (0x8898008d) festgestellt.
Error: (11/13/2014 10:56:51 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: Der Desktopfenster-Manager hat einen schwerwiegenden Fehler (0x8898008d) festgestellt.
Error: (11/13/2014 10:56:48 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: Der Desktopfenster-Manager hat einen schwerwiegenden Fehler (0x8898008d) festgestellt.
Error: (11/13/2014 10:56:45 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: Der Desktopfenster-Manager hat einen schwerwiegenden Fehler (0x8898008d) festgestellt.
Error: (11/13/2014 10:56:42 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: Der Desktopfenster-Manager hat einen schwerwiegenden Fehler (0x8898008d) festgestellt.
Error: (11/13/2014 10:56:39 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: Der Desktopfenster-Manager hat einen schwerwiegenden Fehler (0x8898008d) festgestellt.
System errors:
=============
Error: (11/14/2014 00:48:20 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (11/13/2014 11:39:08 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (11/13/2014 10:57:50 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 13.11.2014 um 22:43:28 unerwartet heruntergefahren.
Error: (11/13/2014 10:42:46 PM) (Source: DCOM) (EventID: 10010) (User: OLIVER-WIN8PC)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
Error: (11/13/2014 10:42:46 PM) (Source: DCOM) (EventID: 10010) (User: OLIVER-WIN8PC)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
Error: (11/13/2014 10:42:46 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (11/13/2014 10:36:04 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Netzwerklistendienst" wurde mit folgendem Fehler beendet:
%%21
Error: (11/13/2014 10:36:04 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "IP-Hilfsdienst" wurde mit folgendem Fehler beendet:
%%1058
Error: (11/13/2014 10:35:22 PM) (Source: Ntfs) (EventID: 55) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "D:" wurde eine Beschädigung erkannt.
Die genaue Art der Beschädigung ist unbekannt. Die Dateisystemstrukturen müssen offline überprüft und repariert werden.
Error: (11/13/2014 10:35:22 PM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT-AUTORITÄT)
Description: D:\Device\HarddiskVolume43
Microsoft Office Sessions:
=========================
Error: (11/13/2014 11:40:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Brackets.exe1.0.0.05453feb3libcef.dll3.1547.1459.0525cff02c00000050111405c1f9c01cfff92bcdfbba1C:\Program Files (x86)\Brackets\Brackets.exeC:\Program Files (x86)\Brackets\libcef.dll21c8b022-6b86-11e4-be69-3085a94095de
Error: (11/13/2014 11:37:41 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: OLIVER-WIN8PC)
Description: 1C:\Windows\explorer.exeWindows-Explorer041173000143003A005C00570049004E0044004F00570053005C006500780070006C006F007200650072002E006500780065000000
Error: (11/13/2014 10:56:59 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8898008d
Error: (11/13/2014 10:56:57 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8898008d
Error: (11/13/2014 10:56:54 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8898008d
Error: (11/13/2014 10:56:51 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8898008d
Error: (11/13/2014 10:56:48 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8898008d
Error: (11/13/2014 10:56:45 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8898008d
Error: (11/13/2014 10:56:42 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8898008d
Error: (11/13/2014 10:56:39 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8898008d
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3350P CPU @ 3.10GHz
Percentage of memory in use: 41%
Total physical RAM: 8145.97 MB
Available physical RAM: 4782.47 MB
Total Pagefile: 12753.97 MB
Available Pagefile: 7492.63 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:238.13 GB) (Free:204.89 GB) NTFS
Drive d: (Western 1TB HD) (Fixed) (Total:931.32 GB) (Free:584.77 GB) NTFS
Drive e: () (Fixed) (Total:931.51 GB) (Free:94.14 GB) NTFS
Drive g: (BUP Volume) (Fixed) (Total:931.51 GB) (Free:931.31 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 5D51BEF2)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: AB85628C)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238.1 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 876C0233)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
14.11.2014, 14:27
| #2 | ||||
| Ruhe in Frieden † 2019     | CryptoApp.exe - .encrypted Files auf Desktop und persönlichen Ordner Hallo,
__________________Zitat:
Zitat:
Was möchtest du mir mit deiner Aussage dass ich hier irgendwelche Leute schützen würde sagen? Zitat:
Falls du die cryptoapp.exe noch haben solltest, kannst du sie zu Virustotal zur Analyse hochladen. Das wäre auch sinnvoll, weil ich so eventuell mehr Informationen zu der Datei an sich bekomme. Schritt 1 Bitte lasse die Datei aus der Code-Box bei Virustotal überprüfen.
Alternativ kannst du sie mir auch in unseren Channel laden Lade bitte folgendermassen Dateien zur Analyse hoch:
Du hast da noch n bißchen was im Chromebrowser In deinem Chrome Browser ist conduit als Startseite eingetragen Stelle nach dieser Anleitung deine Startseite neu ein.
__________________ |
|
| Themen zu CryptoApp.exe - .encrypted Files auf Desktop und persönlichen Ordner |
| backup, dokument, erhalte, fehlercode 0x00000000, fehlercode 0xc0000005, fehlercode windows, files, firewall, jdownloader packages entfernen, jpg, meldung, nicht mehr, ordner, platte, rechner, spyhunter, spyhunter entfernen, start, trojaner, versucht, wichtige, win32/adware.ibryte.k.gen, win32/adware.multiplug.be, win32/injector.abgm, win32/installerex.l |
Hybrid-Darstellung
