| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Konsolenregistrierungsprog. popup alle 2secWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
20.04.2015, 20:49
| #1 |
| |  Konsolenregistrierungsprog. popup alle 2sec Hallo zusammen, auf der Suche nach der Lösung meines Problems bin ich hier auf euer Board gestoßen und denke dass ich sicherlich Hilfe finden werde, da ich selbst sehr überfordert bin. Zum Problem: Ein Konsolenregistrierungsprogramm öffnet sich und verlangt Admin-Rechte. Da meine Kids am Rechner waren, kam mir das ganze spanisch vor und ich habe diese natürlich abgelehnt. Seitdem öffnet sich dieses Fenster alle paar Sekunden. Ich habe mein System mit Malwarebytes Antimalware gecheckt und den Trojaner (wenn es denn einer ist) Vawtrak gefunden. Hab ihn in die Quarantäne verschoben und dann gelöscht aber das Problem besteht immer noch. Eine Systemwiederherstellung funktioniert nicht. Das Popup Problem bekommt man in den Griff, wenn man die regdll32.dll über den Taskmanager beendet; ansonsten kann man den PC gar nicht mehr nutzen. AV hab ich gerade durch eine Kaspersky Testversion ersetzt und lass es gerade drüber laufen. Denke aber nicht dass das das Problem beheben wird, daher wende ich mich an euch. Die FRST wollte ich starten aber Windows zeigt mir dass die App von Smartscreen blockiert wird  Jetzt steh ich aufm Schlauch Schönen Abend, der Ben |
|
20.04.2015, 20:54
| #2 |
| /// the machine /// TB-Ausbilder    | Konsolenregistrierungsprog. popup alle 2sec Hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
20.04.2015, 21:00
| #3 |
| | Konsolenregistrierungsprog. popup alle 2sec Doch geschafft
__________________ Also die Log: Code:
ATTFilter Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2848464214-261913587-2447519130-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-2848464214-261913587-2447519130-1001\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2015-01-14] (Samsung)
HKU\S-1-5-21-2848464214-261913587-2447519130-1001\...\RunOnce: [Adobe Speed Launcher] => 1429557209
HKU\S-1-5-21-2848464214-261913587-2447519130-1001\...\MountPoints2: {0f55a9b7-9585-11e2-be8d-4c72b99069f3} - "F:\SETUP.EXE"
HKU\S-1-5-21-2848464214-261913587-2447519130-1001\...\MountPoints2: {6034ae00-02a5-11e4-bfde-4c72b99069f3} - "G:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-2848464214-261913587-2447519130-1001\...\MountPoints2: {ab7b6372-f20e-11e1-be6a-806e6f6e6963} - "D:\o2Start.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\aiStarter.lnk [2014-08-19]
ShortcutTarget: aiStarter.lnk -> C:\Program Files (x86)\AppInventor\aiStarter.exe ()
Startup: C:\Users\Benni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DF43737BC.lnk [2015-04-20]
ShortcutTarget: DF43737BC.lnk -> C:\ProgramData\CB73734FD.cpp ()
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2848464214-261913587-2447519130-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-2848464214-261913587-2447519130-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKU\S-1-5-21-2848464214-261913587-2447519130-1001 -> {41FA261C-F83B-448A-97B0-D3F24E76652B} URL =
BHO: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-07-31] (Qualcomm Atheros Commnucations)
BHO: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2015-02-19] (DVDVideoSoft Ltd.)
BHO-x32: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2015-02-19] (DVDVideoSoft Ltd.)
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://qtinstall.apple.com/qtactivex/qtplugin.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Benni\AppData\Roaming\Mozilla\Firefox\Profiles\ost5py32.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll [2013-11-23] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-14] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll [2013-11-23] ()
FF Plugin-x32: @gametap.com/npdd,version=1.0 -> C:\Program Files (x86)\Downloader\npdd.dll [2012-07-20] (Metaboli)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-04-20] ()
FF Plugin-x32: @kaspersky.com/online_banking_08806E753BE44495B44E90AA2513BDC5 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-04-20] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-04-20] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-12-13] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2013-02-19] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2848464214-261913587-2447519130-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Benni\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-05-13] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2848464214-261913587-2447519130-1001: tokbox.com/OpenTokIE -> C:\Users\Benni\AppData\Roaming\TokBox\otiePluginMain\0.4.0.8\npotiePluginMain_0.4.0.8.dll [2014-07-25] (TokBox)
FF Plugin HKU\S-1-5-21-2848464214-261913587-2447519130-1001: tokbox.com/otiePluginInstaller -> C:\Users\Benni\AppData\Roaming\TokBox\otiePluginMain\0.4.0.8\npotiePluginInstaller_0.4.0.8.dll [2014-07-25] (TokBox)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-09-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-09-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-09-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-09-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-09-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012-06-28] (Nullsoft, Inc.)
FF Extension: No Name - C:\Users\Benni\AppData\Roaming\Mozilla\Firefox\Profiles\ost5py32.default\Extensions\artur.dubovoy@gmail.com [2015-04-09]
FF Extension: DownloadHelper - C:\Users\Benni\AppData\Roaming\Mozilla\Firefox\Profiles\ost5py32.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-23]
FF Extension: Flash and Video Download - C:\Users\Benni\AppData\Roaming\Mozilla\Firefox\Profiles\ost5py32.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-04-09]
FF Extension: DjAmolGroup Inc File Search - C:\Users\Benni\AppData\Roaming\Mozilla\Firefox\Profiles\ost5py32.default\Extensions\admin@djamol.com.xpi [2014-03-08]
FF Extension: AudioTube - C:\Users\Benni\AppData\Roaming\Mozilla\Firefox\Profiles\ost5py32.default\Extensions\firefox@org.audiotube.xpi [2014-03-08]
FF Extension: No Name - C:\Users\Benni\AppData\Roaming\Mozilla\Firefox\Profiles\ost5py32.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-03-02]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_663BE84DBCC949E88C7600F63CA7F098@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-04-20]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_07402848C2F6470194F131B0F3DE025E@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-04-20]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_08806E753BE44495B44E90AA2513BDC5@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-04-20]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-04-20]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.)
CHR Plugin: (Downloader Detector) - C:\Program Files (x86)\Downloader\npdd.dll (Metaboli)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (WildTangent Games App V2 Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Unity Player) - C:\Users\Benni\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Profile: C:\Users\Benni\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Sky map) - C:\Users\Benni\AppData\Local\Google\Chrome\User Data\Default\Extensions\acnecepeneiomaebkkagcfbbakcfljdc [2013-11-30]
CHR Extension: (My World) - C:\Users\Benni\AppData\Local\Google\Chrome\User Data\Default\Extensions\aemeppengemohiobmmjhfddbhcgkomhm [2013-11-30]
CHR Extension: (Angry Birds) - C:\Users\Benni\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2013-11-30]
CHR Extension: (Google Docs) - C:\Users\Benni\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-12]
CHR Extension: (Google Drive) - C:\Users\Benni\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-12]
CHR Extension: (HeapNote Teacher) - C:\Users\Benni\AppData\Local\Google\Chrome\User Data\Default\Extensions\bllhchpefpppioobbgcpjffahfogcaid [2013-11-30]
CHR Extension: (YouTube) - C:\Users\Benni\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-12]
CHR Extension: (Sprachsuche auf Google.de) - C:\Users\Benni\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckjohpibkidafdmnkjbohgadpbjdohbm [2013-11-30]
CHR Extension: (Google Search) - C:\Users\Benni\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-12]
CHR Extension: (Logitech SetPoint) - C:\Users\Benni\AppData\Local\Google\Chrome\User Data\Default\Extensions\edaibbiobngpbmeonadpbfafbkimjbdd [2013-06-12]
CHR Extension: (Alternative Geography) - C:\Users\Benni\AppData\Local\Google\Chrome\User Data\Default\Extensions\elagclpjajganhgbkmkpfjjpolgfnghm [2013-11-30]
CHR Extension: (TimeMaps: World History Atlas) - C:\Users\Benni\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcknipbpempcbnncdekkeimmpjggfaem [2013-11-30]
CHR Extension: (Planetarium) - C:\Users\Benni\AppData\Local\Google\Chrome\User Data\Default\Extensions\gheikhdfflhlbemfmhcfpeblehemeklp [2013-11-30]
CHR Extension: (Personal Trainer - Yoga) - C:\Users\Benni\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjigbeknhpeholihfbnpmofgfnobdllk [2013-12-06]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Benni\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-11]
CHR Extension: (FVD Video Downloader) - C:\Users\Benni\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2013-11-14]
CHR Extension: (3D Solar System Web) - C:\Users\Benni\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdaaepplopehigjgkolniddiadbbkphd [2013-11-30]
CHR Extension: (World Map) - C:\Users\Benni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nipmhcphldahmaffcapambikpnmdpbka [2013-11-30]
CHR Extension: (Google Wallet) - C:\Users\Benni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-30]
CHR Extension: (Atlas des Universums) - C:\Users\Benni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfgmioaomjkppbfbdgjgaclchhhjfamf [2013-11-30]
CHR Extension: (Gmail) - C:\Users\Benni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-12]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-04-2015
Ran by Benni at 2015-04-20 21:55:00
Running from C:\Users\Benni\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Total Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Total Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Kaspersky Total Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
1&1 Surf-Stick (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.2 - )
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0053 - NTI Corporation)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3003 - Acer Incorporated)
Acer Instant Update Service (HKLM\...\{D32367AC-8FCA-4DE8-A2C6-037AE14B4001}) (Version: 1.00.3012 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3003 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3006 - Acer Incorporated)
Acer System Information (HKLM-x32\...\{72199E33-4F2A-4B7F-8E25-95DDDD50A678}) (Version: 1.0.0 - Acer)
Adobe Creative Suite 3 Master Collection hinzufügen oder entfernen (HKLM-x32\...\Adobe_67a7fb1e97aa14ee9ef0950eb6fd757) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.9.900.152 - Adobe Systems Incorporated)
Adobe Flash Player 9 ActiveX (HKLM-x32\...\{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}) (Version: 9.0.45.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
AHV content for Acrobat and Flash (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AppInventor Setup (HKLM-x32\...\AppInventor Setup) (Version: 2.2 - Massachusetts Institute of Technology)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.4 - Atheros Communications Inc.)
Backup Manager v4 (x32 Version: 4.0.0.0053 - NTI Corporation) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Benutzerhandbuch anzeigen (HKLM-x32\...\View User Guide) (Version: 3.60.02.0 - )
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Company of Heroes 2 - Beta (HKLM-x32\...\Steam App 317170) (Version: - )
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version: - Relic Entertainment)
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3103_44819 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Delicious: Emily's True Love Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.16 - Dolby Laboratories Inc)
Downloader (HKLM-x32\...\Downloader) (Version: - )
Easy Poster Printer (HKLM-x32\...\{1B5979B5-FE79-405A-A023-592DCE48C522}) (Version: 6.0.0 - GD Software)
EclipseCrossword (HKLM-x32\...\{F389DB8F-0716-4FC6-82B2-02B2FA2B4F24}) (Version: 1.2.61 - Green Eclipse)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.3.14949 - Landesfinanzdirektion Thüringen)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ETDWare PS/2-X64 11.6.11.002_WHQL (HKLM\...\Elantech) (Version: 11.6.11.002 - ELAN Microelectronic Corp.)
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free Video Dub version 2.0.17.320 (HKLM-x32\...\Free Video Dub_is1) (Version: 2.0.17.320 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.55.219 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.55.219 - DVDVideoSoft Ltd.)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Gothic (SCREENFUN-DVD November 2005) (HKLM-x32\...\Gothic_Screenfun) (Version: - )
Gothic II (HKLM-x32\...\Gothic II) (Version: - )
Gothic-Patch 1.08h (HKLM-x32\...\{302AC480-43D2-11D5-A818-00500435FC18}) (Version: - )
GothicW8 (HKLM\...\{9084b1e7-83b4-406a-8705-374300ee2d84}.sdb) (Version: - )
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3002 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{02FECEE0-16B2-43DB-BC3B-C844477FC142}) (Version: 15.0.2.361 - Kaspersky Lab)
Kaspersky Total Security (x32 Version: 15.0.2.361 - Kaspersky Lab) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.4 - Acer Inc.)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3002 - Acer Incorporated)
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.10.10 - Magical Jelly Bean)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
ManiaPlanet (HKLM-x32\...\ManiaPlanet_is1) (Version: - Nadeo)
Microsoft Application Compatibility Toolkit 5.6 (HKLM-x32\...\{0F5AEBB0-43F3-4571-ACE7-A7942E8AA179}) (Version: 5.6.7324.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Standard 2007 (HKLM-x32\...\STANDARD) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-2848464214-261913587-2447519130-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MyFreeCodec (HKU\S-1-5-21-2848464214-261913587-2447519130-1001\...\MyFreeCodec) (Version: - )
MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.) Hidden
No23 Recorder (HKLM-x32\...\No23 Recorder) (Version: 2.1.0.3 - No23)
No23 Recorder (x32 Version: 2.1.0.3 - No23) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.45 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.10 - Symantec Corporation) Hidden
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9008 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9008 - NTI Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3102 - Acer)
OpenTok for IE (HKLM-x32\...\{D43D0D48-771A-4DC4-9B12-8EBA1A4D32B6}) (Version: 0.4.0.8 - TokBox)
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Pelikan Schulschriften (HKLM-x32\...\Vereinfachte Ausgangsschrift VA_is1) (Version: - Will Software)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.204 - Ihr Firmenname)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.31 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.37 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6695 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Roads of Rome (HKLM-x32\...\BFG-Roads of Rome) (Version: - )
Roads of Rome II (HKLM-x32\...\BFG-Roads of Rome II) (Version: - )
Roads of Rome III (HKLM-x32\...\BFG-Roads of Rome III) (Version: - )
Samsung C410 Series (HKLM-x32\...\Samsung C410 Series) (Version: 1.01 (20.05.2013) - Samsung Electronics Co., Ltd.)
Samsung C410 Series XPS (Windows 8) (HKLM-x32\...\Samsung C410 Series XPS (Windows 8)) (Version: 3.03.06.00:03 - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.03.66.00(19.08.2013) - Samsung Electronics Co., Ltd.)
Samsung Easy Wireless Setup (HKLM-x32\...\Easy Wireless Setup) (Version: 3.60.40.03 - Samsung Electronics Co., Ltd.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.1.13105_5 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.1.13105_5 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15013.17 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15013.17 - Samsung Electronics Co., Ltd.) Hidden
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
Samsung Universal Print Driver (HKLM-x32\...\Samsung Universal Print Driver) (Version: 2.03.09.00 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
SL-6555-SBK (HKLM-x32\...\{7AB86D35-DF3B-407F-B43E-468345DABF29}) (Version: 1.00.0000 - GASIA)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version: - Nadeo)
Unity Web Player (HKU\S-1-5-21-2848464214-261913587-2447519130-1001\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_STANDARD_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_STANDARD_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_STANDARD_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_STANDARD_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Wartung Samsung CLP-320 Series (HKLM-x32\...\Samsung CLP-320 Series) (Version: - Samsung Electronics Co., Ltd.)
Westermann Interaktive Wandkarten (HKLM-x32\...\Westermann Interaktive Wandkarten) (Version: 1.0.336.18055 - Imagon GmbH)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-2848464214-261913587-2447519130-1001\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WINZD 2014-08 (HKLM-x32\...\WINZD_is1) (Version: - R. Aquila, F. Ostermeier)
WIWK Registry Fix (HKLM-x32\...\WIWK Registry Fix) (Version: 1.00 - Imagon GmbH2)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2848464214-261913587-2447519130-1001_Classes\CLSID\{2D349E57-23E4-4A67-9624-F1DC6B65AABF}\InprocServer32 -> C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll No File
CustomCLSID: HKU\S-1-5-21-2848464214-261913587-2447519130-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2848464214-261913587-2447519130-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Benni\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2848464214-261913587-2447519130-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Benni\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2848464214-261913587-2447519130-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Benni\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2848464214-261913587-2447519130-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Benni\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
04-04-2015 21:52:50 Geplanter Prüfpunkt
14-04-2015 19:17:26 Geplanter Prüfpunkt
20-04-2015 19:48:31 Wiederherstellungsvorgang
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0A44C2EE-8E21-46D9-BE0F-006D6B773CEA} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-07-13] ()
Task: {0BDEEE43-E7A9-47E8-A84E-69CC5F352B6A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-12] (Google Inc.)
Task: {297DBE1B-88CF-4F40-BCFB-56A604225698} - System32\Tasks\{287025C1-9018-482F-8CFA-307FA39E7DE2} => pcalua.exe -a "C:\Program Files\McAfee\MSC\mcuihost.exe" -c /body:misp://MSCJsRes.dll::uninstall.html /id:uninstall
Task: {478FA25E-1494-4827-81A2-5C86B79FF891} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {68BE2CE6-CF48-47A3-8D32-21BCCDB675E4} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2013-09-20] (Safer-Networking Ltd.)
Task: {6E78774F-007C-4DE5-839C-F71E634BF475} - System32\Tasks\{82891488-DFA1-4D96-A84A-F0B07DD84F24} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.3.0.105/de/go/help.faq.installer?source=lightinstaller&LastError=1618
Task: {72FD463B-6A97-432D-84E1-08CE7DD1E30E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {73A0AE8D-26E5-4EBC-A1FA-D8091F29BF4D} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {7CD5FFF9-DD8F-4B60-83DA-DAEDD826AEA1} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {9F8A4BBA-C7D9-4B7A-886D-7271DD5B8641} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2012-07-13] ()
Task: {A50D1D10-63AC-43CA-8899-93B17F7D05FA} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-07-31] (Acer Incorporated)
Task: {A72083A4-EC26-4FE0-B9FE-645E5102CD1A} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink)
Task: {B8591DDB-0263-4797-950A-52F81FA34945} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-12] (Google Inc.)
Task: {CC57DF7F-DEFC-44CA-BC40-1BD6818C992D} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2012-07-13] ()
Task: {D7FFB9CF-48A3-4DA0-B367-11581087FF13} - System32\Tasks\{331180F2-C1CD-4093-B447-B151B3C0BB64} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.3.0.105/de/go/help.faq.installer?source=lightinstaller&LastError=1618
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2013-02-18 20:47 - 2011-04-11 07:26 - 00034304 _____ () C:\WINDOWS\System32\spd__l.dll
2013-02-20 17:15 - 2011-06-21 09:42 - 00034304 _____ () C:\WINDOWS\System32\sst3cl6.dll
2014-02-01 20:06 - 2013-05-06 08:07 - 00034304 _____ () C:\WINDOWS\System32\sst8clm.dll
2014-03-09 19:24 - 2010-09-30 15:00 - 00253264 _____ () C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
2012-06-22 03:12 - 2012-06-22 03:12 - 01407568 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2012-07-31 17:45 - 2012-07-31 17:45 - 00384128 _____ () c:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2012-07-31 17:40 - 2012-07-31 17:40 - 00020992 _____ () c:\Program Files (x86)\Bluetooth Suite\L10n\de-DE\BtTray.de-DE.dll
2012-03-09 09:58 - 2012-03-09 09:58 - 00462712 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2012-03-09 09:58 - 2012-03-09 09:58 - 00057208 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2014-03-09 19:24 - 2010-09-30 15:00 - 00139088 _____ () C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe
2012-07-13 01:01 - 2012-07-13 01:01 - 00025232 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
2012-07-13 01:01 - 2012-07-13 01:01 - 00044176 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
2013-12-15 23:09 - 2012-08-23 11:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-12-15 23:09 - 2013-05-16 11:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-12-15 23:09 - 2013-05-16 11:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-12-15 23:09 - 2013-05-16 11:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-12-15 23:09 - 2012-04-03 18:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2012-03-09 09:58 - 2012-03-09 09:58 - 00056696 _____ () C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrvPS.dll
2012-07-31 01:04 - 2012-07-31 01:04 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-08-29 21:36 - 2012-06-25 04:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-12-23 16:54 - 2014-12-23 16:54 - 01272616 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\kpcengine.2.3.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F
AlternateDataStreams: C:\ProgramData\Temp:99AC3203
AlternateDataStreams: C:\Users\Benni\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2848464214-261913587-2447519130-1001\...\samsungsetup.com -> hxxp://www.samsungsetup.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2848464214-261913587-2447519130-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\acer04.jpg
DNS Servers: 192.168.1.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\StartupFolder: => "aiStarter.lnk"
HKLM\...\StartupApproved\Run32: => "Norton Online Backup"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKU\S-1-5-21-2848464214-261913587-2447519130-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-2848464214-261913587-2447519130-1001\...\StartupApproved\Run: => "KiesPreload"
HKU\S-1-5-21-2848464214-261913587-2447519130-1001\...\StartupApproved\Run: => ""
==================== Accounts: =============================
Administrator (S-1-5-21-2848464214-261913587-2447519130-500 - Administrator - Disabled)
Benni (S-1-5-21-2848464214-261913587-2447519130-1001 - Administrator - Enabled) => C:\Users\Benni
Gast (S-1-5-21-2848464214-261913587-2447519130-501 - Limited - Disabled)
==================== Faulty Device Manager Devices =============
Name: Bluetooth USB Module
Description: Bluetooth USB Module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/20/2015 09:44:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ACERPT)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (04/20/2015 09:10:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm backgroundTaskHost.exe, Version 6.3.9600.16384 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 19c8
Startzeit: 01d07b9ca1d758e3
Endzeit: 4294967295
Anwendungspfad: C:\WINDOWS\system32\backgroundTaskHost.exe
Berichts-ID: 950df92a-e790-11e4-8056-4c72b99069f3
Vollständiger Name des fehlerhaften Pakets: Microsoft.BingFinance_3.0.1.174_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AppexFinance
Error: (04/20/2015 09:08:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17031 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1bfc
Startzeit: 01d07b9ca1c90b37
Endzeit: 4294967295
Anwendungspfad: C:\WINDOWS\syswow64\wwahost.exe
Berichts-ID: 9568938e-e790-11e4-8056-4c72b99069f3
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_2.0.0.5011_x86__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (04/20/2015 08:28:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.4.9600.16384 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: f9c
Startzeit: 01d07b969e2eb4b9
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe\LiveComm.exe
Berichts-ID: 14c2759d-e78b-11e4-8056-4c72b99069f3
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (04/20/2015 07:58:34 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: Unbekannter Fehler bei der Systemwiederherstellung: (Geplanter Prüfpunkt). Zusätzliche Informationen: 0x80070570.
Error: (04/20/2015 07:54:35 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: Unbekannter Fehler bei der Systemwiederherstellung: (Geplanter Prüfpunkt). Zusätzliche Informationen: 0x80070570.
Error: (04/20/2015 07:42:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm backgroundTaskHost.exe, Version 6.3.9600.16384 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: b6c
Startzeit: 01d07b8252d6ed04
Endzeit: 4294967295
Anwendungspfad: C:\WINDOWS\system32\backgroundTaskHost.exe
Berichts-ID: 49e22898-e776-11e4-8054-4c72b99069f3
Vollständiger Name des fehlerhaften Pakets: Microsoft.BingSports_3.0.1.174_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AppexSports
Error: (04/20/2015 07:41:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SDScan.exe, Version 2.2.18.177 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 154c
Startzeit: 01d07b7a3154493f
Endzeit: 4294967295
Anwendungspfad: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Berichts-ID: 401e6b7b-e77a-11e4-8054-4c72b99069f3
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (04/20/2015 07:39:26 PM) (Source: System Restore) (EventID: 8200) (User: )
Description: Fehler beim Initiieren der Systemwiederherstellung (Geplanter Prüfpunkt).
Error: (04/20/2015 07:30:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.4.9600.16384 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1310
Startzeit: 01d07b8ee7a47af9
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe\LiveComm.exe
Berichts-ID: dc9d6dbd-e782-11e4-8054-4c72b99069f3
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
System errors:
=============
Error: (04/20/2015 09:44:27 PM) (Source: DCOM) (EventID: 10010) (User: ACERPT)
Description: App.AppX54xz6wnkhmw763c2y8tb018n7d71dtx7.wwa
Error: (04/20/2015 09:32:21 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows-Fehlerberichterstattungsdienst erreicht.
Error: (04/20/2015 09:25:16 PM) (Source: KLIF) (EventID: 0) (User: )
Description: Сonnection is not established
Error: (04/20/2015 09:25:16 PM) (Source: KLIF) (EventID: 0) (User: )
Description: Сonnection is not established
Error: (04/20/2015 09:25:10 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet:
%%1
Error: (04/20/2015 09:15:13 PM) (Source: KLIF) (EventID: 0) (User: )
Description: Сonnection is not established
Error: (04/20/2015 09:15:13 PM) (Source: KLIF) (EventID: 0) (User: )
Description: Сonnection is not established
Error: (04/20/2015 09:13:41 PM) (Source: bowser) (EventID: 8016) (User: )
Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "O2" zum Namen "ACERPT" auf Transport "NetBT_Tcpip_{3F7A4C80-8A6C-4407-8430-1D521497ACE4}". Das Datagramm steht in den Daten.
Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist.
Error: (04/20/2015 09:10:36 PM) (Source: DCOM) (EventID: 10010) (User: ACERPT)
Description: {53362C32-A296-4F2D-A2F8-FD984D08340B}
Error: (04/20/2015 09:10:36 PM) (Source: DCOM) (EventID: 10010) (User: ACERPT)
Description: {53362C32-A296-4F2D-A2F8-FD984D08340B}
Microsoft Office Sessions:
=========================
Error: (07/06/2014 10:32:01 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6695.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 8 seconds with 0 seconds of active time. This session ended with a crash.
Error: (03/12/2014 06:07:24 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 5060 seconds with 3900 seconds of active time. This session ended with a crash.
Error: (01/23/2014 02:35:16 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 143733 seconds with 2820 seconds of active time. This session ended with a crash.
Error: (06/28/2013 07:03:27 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 7 seconds with 0 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2014-02-18 19:34:12.218
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-02-18 19:34:11.905
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-02-18 19:33:19.981
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-02-18 19:33:19.762
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-02-18 19:33:19.544
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-02-18 19:32:47.855
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-02-18 19:32:47.573
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-02-18 19:32:17.181
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-02-18 19:32:16.744
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-02-18 19:32:16.494
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 66%
Total physical RAM: 3914.27 MB
Available physical RAM: 1298.81 MB
Total Pagefile: 5130.27 MB
Available Pagefile: 2136.16 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:677.98 GB) (Free:403.24 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: A156891E)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
|
20.04.2015, 21:33
| #4 |
| | Konsolenregistrierungsprog. popup alle 2sec vielleicht hilft das hier ja noch ????  Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Protection, 20.04.2015 17:12:24, SYSTEM, ACERPT, Protection, Malware Protection, Starting, Protection, 20.04.2015 17:12:24, SYSTEM, ACERPT, Protection, Malware Protection, Started, Protection, 20.04.2015 17:12:24, SYSTEM, ACERPT, Protection, Malicious Website Protection, Starting, Protection, 20.04.2015 17:12:26, SYSTEM, ACERPT, Protection, Malicious Website Protection, Started, Update, 20.04.2015 17:14:08, SYSTEM, ACERPT, Manual, Remediation Database, 2013.10.16.1, 2015.4.6.2, Update, 20.04.2015 17:14:08, SYSTEM, ACERPT, Manual, Rootkit Database, 2014.11.18.1, 2015.3.31.1, Update, 20.04.2015 17:14:11, SYSTEM, ACERPT, Manual, Malware Database, 2014.11.20.6, 2015.4.20.3, Protection, 20.04.2015 17:14:11, SYSTEM, ACERPT, Protection, Refresh, Starting, Protection, 20.04.2015 17:14:11, SYSTEM, ACERPT, Protection, Malicious Website Protection, Stopping, Protection, 20.04.2015 17:14:11, SYSTEM, ACERPT, Protection, Malicious Website Protection, Stopped, Protection, 20.04.2015 17:14:16, SYSTEM, ACERPT, Protection, Refresh, Success, Protection, 20.04.2015 17:14:16, SYSTEM, ACERPT, Protection, Malicious Website Protection, Starting, Protection, 20.04.2015 17:14:17, SYSTEM, ACERPT, Protection, Malicious Website Protection, Started, Detection, 20.04.2015 17:15:33, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:15:38, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 51058, Outbound, C:\Windows\System32\conhost.exe, Detection, 20.04.2015 17:15:38, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 51058, Outbound, C:\Windows\System32\conhost.exe, Detection, 20.04.2015 17:15:43, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 51068, Outbound, C:\Windows\System32\conhost.exe, Detection, 20.04.2015 17:15:46, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:15:51, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 51077, Outbound, C:\Windows\System32\cmd.exe, Detection, 20.04.2015 17:15:56, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:16:11, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:16:25, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 216.172.61.83, girlslifenews.com, 51463, Outbound, C:\Windows\System32\PresentationHost.exe, Detection, 20.04.2015 17:16:25, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:16:25, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 216.172.61.83, girlslifenews.com, 51463, Outbound, C:\Windows\System32\PresentationHost.exe, Detection, 20.04.2015 17:16:27, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 51473, Outbound, C:\Windows\System32\conhost.exe, Detection, 20.04.2015 17:16:37, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:17:00, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:17:07, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 51955, Outbound, C:\Windows\System32\conhost.exe, Detection, 20.04.2015 17:17:10, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:17:23, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:17:34, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:17:40, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:18:56, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:19:07, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:23:49, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:24:35, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 184.164.143.90, 53418, Outbound, C:\Windows\System32\conhost.exe, Detection, 20.04.2015 17:24:44, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 184.164.143.90, 53418, Outbound, C:\Windows\System32\conhost.exe, Detection, 20.04.2015 17:24:45, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 53477, Outbound, C:\Windows\explorer.exe, Detection, 20.04.2015 17:24:47, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:24:52, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:25:09, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:25:15, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:25:30, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:25:34, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 53692, Outbound, C:\Windows\System32\cmd.exe, Detection, 20.04.2015 17:25:37, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 184.164.143.90, 53703, Outbound, C:\Windows\System32\msdtc.exe, Detection, 20.04.2015 17:26:07, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 53792, Outbound, C:\Windows\System32\PresentationHost.exe, Detection, 20.04.2015 17:26:13, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:26:17, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:26:26, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 184.164.143.90, 53834, Outbound, C:\Windows\System32\cmd.exe, Detection, 20.04.2015 17:26:32, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:26:35, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 53897, Outbound, C:\Windows\System32\cmd.exe, Detection, 20.04.2015 17:26:41, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:26:48, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 53945, Outbound, C:\Windows\System32\conhost.exe, Detection, 20.04.2015 17:26:54, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:28:14, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:28:46, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:30:11, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:30:35, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:31:19, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:31:23, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:32:02, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:32:02, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:32:12, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:32:23, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:32:42, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 184.164.143.90, 55253, Outbound, C:\Windows\System32\msiexec.exe, Detection, 20.04.2015 17:32:43, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:32:54, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 55264, Outbound, C:\Windows\System32\conhost.exe, Detection, 20.04.2015 17:33:08, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:33:08, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:33:18, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:33:36, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:33:51, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 56040, Outbound, C:\Windows\System32\conhost.exe, Detection, 20.04.2015 17:33:57, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:34:47, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 56366, Outbound, C:\Windows\System32\msiexec.exe, Detection, 20.04.2015 17:35:21, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:35:23, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:35:44, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:35:58, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:35:59, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 184.164.143.90, 56574, Outbound, C:\Windows\System32\msdtc.exe, Detection, 20.04.2015 17:36:05, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:36:55, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:37:06, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:38:54, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 56788, Outbound, C:\Windows\System32\msiexec.exe, Detection, 20.04.2015 17:39:10, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:39:24, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:39:34, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:40:18, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 56945, Outbound, C:\Windows\System32\msiexec.exe, Detection, 20.04.2015 17:40:24, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:40:59, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:41:12, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 57025, Outbound, C:\Windows\System32\conhost.exe, Detection, 20.04.2015 17:42:01, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:42:12, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:42:16, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:42:24, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 57281, Outbound, C:\Windows\System32\ctfmon.exe, Detection, 20.04.2015 17:43:27, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:42:53, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:43:49, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 57412, Outbound, C:\Windows\System32\msiexec.exe, Detection, 20.04.2015 17:43:52, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 57428, Outbound, C:\Windows\System32\conhost.exe, Detection, 20.04.2015 17:43:52, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:43:58, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:44:06, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 184.164.143.90, 57511, Outbound, C:\Windows\System32\conhost.exe, Detection, 20.04.2015 17:44:15, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 72.55.140.184, journeyfeast.com, 57555, Outbound, C:\Windows\System32\cmd.exe, Detection, 20.04.2015 17:44:15, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 72.55.140.184, journeyfeast.com, 57555, Outbound, C:\Windows\System32\cmd.exe, Detection, 20.04.2015 17:44:17, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:44:25, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:44:26, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 57573, Outbound, C:\Windows\explorer.exe, Detection, 20.04.2015 17:44:31, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:44:52, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:45:02, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:45:34, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:46:34, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:47:10, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:47:27, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 57914, Outbound, C:\Windows\System32\notepad.exe, Detection, 20.04.2015 17:47:43, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:48:41, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 57930, Outbound, C:\Windows\System32\msdtc.exe, Detection, 20.04.2015 17:48:52, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:50:24, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 58141, Outbound, C:\Windows\System32\conhost.exe, Detection, 20.04.2015 17:50:36, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 58184, Outbound, C:\Windows\System32\conhost.exe, Detection, 20.04.2015 17:50:36, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:50:40, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:51:07, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 184.164.143.90, 58233, Outbound, C:\Windows\System32\msiexec.exe, Detection, 20.04.2015 17:51:24, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:51:27, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:52:11, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 58361, Outbound, C:\Windows\System32\conhost.exe, Detection, 20.04.2015 17:52:15, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 58370, Outbound, C:\Windows\System32\ctfmon.exe, Detection, 20.04.2015 17:52:40, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:52:40, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:53:03, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 58466, Outbound, C:\Windows\System32\PresentationHost.exe, Detection, 20.04.2015 17:53:08, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:53:13, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 72.55.140.184, latestechnews.net, 58477, Outbound, C:\Windows\System32\ctfmon.exe, Detection, 20.04.2015 17:53:13, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 72.55.140.184, latestechnews.net, 58477, Outbound, C:\Windows\System32\ctfmon.exe, Detection, 20.04.2015 17:53:14, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:54:09, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:55:35, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 58749, Outbound, C:\Windows\System32\conhost.exe, Detection, 20.04.2015 17:55:54, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:55:59, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:56:39, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:57:31, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:57:42, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:59:08, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:59:29, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:59:37, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 17:59:47, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 59290, Outbound, C:\Windows\System32\cmd.exe, Detection, 20.04.2015 17:59:54, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 59366, Outbound, C:\Windows\System32\msiexec.exe, Detection, 20.04.2015 17:59:55, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:00:00, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:00:19, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:00:43, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 59832, Outbound, C:\Windows\System32\notepad.exe, Detection, 20.04.2015 18:01:21, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:01:22, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 60023, Outbound, C:\Windows\System32\conhost.exe, Detection, 20.04.2015 18:01:22, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 60025, Outbound, C:\Windows\System32\conhost.exe, Detection, 20.04.2015 18:03:25, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:03:33, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:03:41, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:03:46, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:03:58, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:04:07, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:05:00, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:05:11, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:05:42, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:06:22, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:07:09, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:08:00, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:08:04, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 61382, Outbound, C:\Windows\System32\conhost.exe, Detection, 20.04.2015 18:08:26, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 61395, Outbound, C:\Windows\System32\conhost.exe, Detection, 20.04.2015 18:08:29, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:08:37, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:09:04, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:09:24, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:09:27, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:09:27, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:09:33, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 61591, Outbound, C:\Windows\explorer.exe, Detection, 20.04.2015 18:09:50, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:09:56, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 61756, Outbound, C:\Windows\System32\conhost.exe, Detection, 20.04.2015 18:10:04, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 61788, Outbound, C:\Windows\System32\msiexec.exe, Detection, 20.04.2015 18:10:13, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:10:33, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:10:33, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 61901, Outbound, C:\Windows\System32\conhost.exe, Detection, 20.04.2015 18:10:38, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:10:38, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:10:38, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:10:39, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:10:43, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:10:57, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:11:23, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 62314, Outbound, C:\Windows\System32\ctfmon.exe, Detection, 20.04.2015 18:11:38, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:11:39, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 62409, Outbound, C:\Windows\System32\msiexec.exe, Detection, 20.04.2015 18:12:37, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:13:20, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:14:01, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 62771, Outbound, C:\Windows\System32\cmd.exe, Detection, 20.04.2015 18:14:22, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:16:03, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:16:31, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 72.55.140.184, latestechnews.net, 63136, Outbound, C:\Windows\System32\cmd.exe, Detection, 20.04.2015 18:16:32, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 216.172.61.83, girlslifenews.com, 63143, Outbound, C:\Windows\System32\conhost.exe, Detection, 20.04.2015 18:16:33, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:16:37, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:17:15, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:17:34, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 63249, Outbound, C:\Windows\System32\conhost.exe, Detection, 20.04.2015 18:17:52, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:17:52, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 63268, Outbound, C:\Windows\notepad.exe, Detection, 20.04.2015 18:18:09, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:18:49, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:18:57, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:19:05, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:19:40, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 63680, Outbound, C:\Windows\System32\cmd.exe, Detection, 20.04.2015 18:19:47, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 216.172.61.83, girlslifenews.com, 63716, Outbound, C:\Windows\System32\msiexec.exe, Detection, 20.04.2015 18:19:49, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:19:55, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 63741, Outbound, C:\Windows\System32\msiexec.exe, Detection, 20.04.2015 18:20:12, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:20:19, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:20:23, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:20:36, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:20:53, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:21:05, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:21:22, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:21:45, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:22:16, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 64662, Outbound, C:\Windows\explorer.exe, Detection, 20.04.2015 18:22:31, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:22:47, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:23:28, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:23:48, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:23:53, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:24:37, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:24:44, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 174.137.155.139, xml.bluemediappc.com, 65401, Outbound, C:\Windows\System32\conhost.exe, Detection, 20.04.2015 18:24:44, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 174.137.155.139, xml.bluemediappc.com, 65401, Outbound, C:\Windows\System32\conhost.exe, Detection, 20.04.2015 18:25:48, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:26:31, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 49292, Outbound, C:\Windows\System32\conhost.exe, Detection, 20.04.2015 18:27:01, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 49349, Outbound, C:\Windows\System32\cmd.exe, Detection, 20.04.2015 18:27:05, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:27:47, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:27:49, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:27:56, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 49455, Outbound, C:\Windows\System32\msiexec.exe, Detection, 20.04.2015 18:28:04, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:28:05, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 49470, Outbound, C:\Windows\System32\conhost.exe, Detection, 20.04.2015 18:28:38, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:28:57, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 49599, Outbound, C:\Windows\System32\conhost.exe, Detection, 20.04.2015 18:29:10, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 49615, Outbound, C:\Windows\System32\ctfmon.exe, Detection, 20.04.2015 18:29:19, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:30:13, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:30:28, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 49917, Outbound, C:\Windows\explorer.exe, Detection, 20.04.2015 18:30:34, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:31:02, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:32:21, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:32:38, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 72.55.140.184, latestechnews.net, 50933, Outbound, C:\Windows\System32\PresentationHost.exe, Detection, 20.04.2015 18:32:40, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:34:22, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:36:14, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.251.52, searchtopdata.com, 51615, Outbound, C:\Windows\System32\msiexec.exe, Detection, 20.04.2015 18:36:15, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.251.52, searchtopdata.com, 51615, Outbound, C:\Windows\System32\msiexec.exe, Detection, 20.04.2015 18:36:47, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:36:57, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 72.55.140.184, journeyfeast.com, 51735, Outbound, C:\Windows\System32\msiexec.exe, Detection, 20.04.2015 18:36:58, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:37:33, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:37:51, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 51883, Outbound, C:\Windows\System32\msiexec.exe, Detection, 20.04.2015 18:38:05, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:38:21, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:39:17, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:39:41, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:40:11, SYSTEM, ACERPT, Protection, Malicious Website Protection, IP, 5.149.250.194, 52659, Outbound, C:\Windows\System32\msdtc.exe, Detection, 20.04.2015 18:40:18, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:40:21, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:40:27, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:41:15, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:41:18, Benni, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Detection, 20.04.2015 18:43:35, SYSTEM, ACERPT, Protection, Malware Protection, File, Trojan.Vawtrak, C:\ProgramData\{F66CB4EE-546F-4D54-9332-216DE189AAB0}\winbio.dll, Quarantine Failed, 303, Queued for removal on reboot, [daf9abc3b9d1ee48e422b3437e8707f9] Update, 20.04.2015 18:45:30, SYSTEM, ACERPT, Scheduler, Rootkit Database, 2015.3.31.1, 2015.4.20.1, Protection, 20.04.2015 18:46:14, SYSTEM, ACERPT, Protection, Refresh, Starting, Protection, 20.04.2015 18:46:14, SYSTEM, ACERPT, Protection, Malicious Website Protection, Stopping, Protection, 20.04.2015 18:46:32, SYSTEM, ACERPT, Protection, Malicious Website Protection, Stopped, Protection, 20.04.2015 19:42:48, SYSTEM, ACERPT, Protection, Refresh, Success, Protection, 20.04.2015 19:42:49, SYSTEM, ACERPT, Protection, Malicious Website Protection, Starting, Protection, 20.04.2015 19:42:49, SYSTEM, ACERPT, Protection, Malicious Website Protection, Started, Protection, 20.04.2015 19:44:51, SYSTEM, ACERPT, Protection, Malware Protection, Starting, Protection, 20.04.2015 19:44:51, SYSTEM, ACERPT, Protection, Malware Protection, Started, Protection, 20.04.2015 19:44:51, SYSTEM, ACERPT, Protection, Malicious Website Protection, Starting, Protection, 20.04.2015 19:46:14, SYSTEM, ACERPT, Protection, Malicious Website Protection, Started, Protection, 20.04.2015 19:52:22, SYSTEM, ACERPT, Protection, Malware Protection, Starting, Protection, 20.04.2015 19:52:22, SYSTEM, ACERPT, Protection, Malware Protection, Started, Protection, 20.04.2015 19:52:22, SYSTEM, ACERPT, Protection, Malicious Website Protection, Starting, Protection, 20.04.2015 19:53:38, SYSTEM, ACERPT, Protection, Malicious Website Protection, Started, Protection, 20.04.2015 19:56:42, SYSTEM, ACERPT, Protection, Malware Protection, Starting, Protection, 20.04.2015 19:56:42, SYSTEM, ACERPT, Protection, Malware Protection, Started, Protection, 20.04.2015 19:56:42, SYSTEM, ACERPT, Protection, Malicious Website Protection, Starting, Protection, 20.04.2015 19:57:53, SYSTEM, ACERPT, Protection, Malicious Website Protection, Started, Update, 20.04.2015 19:58:38, SYSTEM, ACERPT, Scheduler, Failed, Unable to access update server, Protection, 20.04.2015 20:18:23, SYSTEM, ACERPT, Protection, Malware Protection, Starting, Protection, 20.04.2015 20:18:23, SYSTEM, ACERPT, Protection, Malware Protection, Started, Protection, 20.04.2015 20:18:23, SYSTEM, ACERPT, Protection, Malicious Website Protection, Starting, Protection, 20.04.2015 20:19:39, SYSTEM, ACERPT, Protection, Malicious Website Protection, Started, Update, 20.04.2015 20:21:22, SYSTEM, ACERPT, Manual, Failed, Unable to access update server, Update, 20.04.2015 20:23:27, SYSTEM, ACERPT, Manual, Failed, Unable to access update server, Update, 20.04.2015 20:26:36, SYSTEM, ACERPT, Manual, Failed, Unable to access update server, Update, 20.04.2015 20:56:30, SYSTEM, ACERPT, Scheduler, Malware Database, 2015.4.20.3, 2015.4.20.5, Protection, 20.04.2015 20:56:42, SYSTEM, ACERPT, Protection, Refresh, Starting, Protection, 20.04.2015 20:56:42, SYSTEM, ACERPT, Protection, Malicious Website Protection, Stopping, Protection, 20.04.2015 20:56:44, SYSTEM, ACERPT, Protection, Malicious Website Protection, Stopped, Protection, 20.04.2015 21:08:30, SYSTEM, ACERPT, Protection, Refresh, Success, Protection, 20.04.2015 21:08:30, SYSTEM, ACERPT, Protection, Malicious Website Protection, Starting, Protection, 20.04.2015 21:08:31, SYSTEM, ACERPT, Protection, Malicious Website Protection, Started, Protection, 20.04.2015 21:12:38, SYSTEM, ACERPT, Protection, Malware Protection, Starting, Protection, 20.04.2015 21:12:38, SYSTEM, ACERPT, Protection, Malware Protection, Started, Protection, 20.04.2015 21:12:38, SYSTEM, ACERPT, Protection, Malicious Website Protection, Starting, Protection, 20.04.2015 21:12:45, SYSTEM, ACERPT, Protection, Malicious Website Protection, Started, (end) |
|
21.04.2015, 12:55
| #5 |
| /// the machine /// TB-Ausbilder | Konsolenregistrierungsprog. popup alle 2sec hi, Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Konsolenregistrierungsprog. popup alle 2sec |
| .dll, antimalware, beendet, blockiert, funktioniert, gelöscht, hallo zusammen, kaspersky, lösung, malwarebytes, malwarebytes antimalware, nicht mehr, popup, quarantäne, rechner, screen, spanisch, starten, suche, system, systemwiederherstellung, taskmanager, trojaner, vawtrak, windows, öffnet |
Linear-Darstellung
