Antivirenprogramm lässt sich nicht starten, andere Programme auch nicht

Titanyus · 07.10.2016, 11:10

Der Scan hat keine Bedrohungen entdeckt. Nur verdächtige Dateien.

Code:

ATTFilter

HitmanPro 3.7.14.280
www.hitmanpro.com

   Computer name . . . . : VOLKER-PC
   Windows . . . . . . . : 6.1.1.7601.X64/2
   User name . . . . . . : Volker-PC\Volker
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2016-10-07 12:00:27
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 8m 16s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 6

   Objects scanned . . . : 1.691.477
   Files scanned . . . . : 24.641
   Remnants scanned  . . : 408.337 files / 1.258.499 keys

Suspicious files ____________________________________________________________

   C:\Users\Volker\AppData\Local\Amazon Music\Amazon Music Helper.exe
      Size . . . . . . . : 5.908.968 bytes
      Age  . . . . . . . : 4.0 days (2016-10-03 12:46:54)
      Entropy  . . . . . : 6.7
      SHA-256  . . . . . : 017D06196BFE0B1D71D4BAA5BDD716E8320C8F64882B512540DA8739B4CD0C4A
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 26.0
         The file is completely hidden from view and most antivirus products. It may belong to a rootkit.
         Uses the Windows Registry to run each time the user logs on.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program starts automatically without user intervention.
         Time indicates that the file appeared recently on this computer.
         Program is code signed with a valid Authenticode certificate.
      Startup
         HKU\S-1-5-21-2510256225-3993287635-535040168-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Amazon Music
      Forensic Cluster
         -4.6s C:\Users\Volker\AppData\Local\Temp\bitrock_installer_4628.log
         -3.8s C:\Users\Volker\AppData\Local\Temp\BR480D.tmp
         -2.8s C:\Users\Volker\AppData\Local\Temp\.bitrock\.tmp_4628_5562905\
         -2.8s C:\Users\Volker\AppData\Local\Temp\.bitrock\.tmp_4628_5562905\file-16px.png
         -2.7s C:\Users\Volker\AppData\Local\Temp\.bitrock\.tmp_4628_5562905\folder-16px.png
         -2.7s C:\Users\Volker\AppData\Local\Temp\.bitrock\.tmp_4628_5562905\leftImage.png
         -2.7s C:\Users\Volker\AppData\Local\Temp\.bitrock\.tmp_4628_5562905\logoImage.png
         -2.6s C:\Users\Volker\AppData\Local\Temp\.bitrock\.tmp_4628_5562905\msgbox-error.png
         -2.6s C:\Users\Volker\AppData\Local\Temp\.bitrock\.tmp_4628_5562905\msgbox-info.png
         -2.6s C:\Users\Volker\AppData\Local\Temp\.bitrock\.tmp_4628_5562905\msgbox-question.png
         -2.6s C:\Users\Volker\AppData\Local\Temp\.bitrock\.tmp_4628_5562905\msgbox-warning.png
         -2.6s C:\Users\Volker\AppData\Local\Temp\.bitrock\.tmp_4628_5562905\open_directory-16px.png
         -2.6s C:\Users\Volker\AppData\Local\Temp\.bitrock\.tmp_4628_5562905\open_directory-16px_disabled.png
         -2.6s C:\Users\Volker\AppData\Local\Temp\.bitrock\.tmp_4628_5562905\open_directory-16px_selected.png
         -2.6s C:\Users\Volker\AppData\Local\Temp\.bitrock\.tmp_4628_5562905\open_project-16px.png
         -2.6s C:\Users\Volker\AppData\Local\Temp\.bitrock\.tmp_4628_5562905\open_project-16px_disabled.png
         -2.5s C:\Users\Volker\AppData\Local\Temp\.bitrock\.tmp_4628_5562905\open_project-16px_selected.png
         -2.5s C:\Users\Volker\AppData\Local\Temp\.bitrock\.tmp_4628_5562905\splashImage.png
         -2.5s C:\Users\Volker\AppData\Local\Temp\.bitrock\.tmp_4628_5562905\updir.png
         -2.4s C:\Users\Volker\AppData\Local\Temp\.bitrock\.tmp_4628_5562905\wmImage.png
         -2.4s C:\Users\Volker\AppData\Local\Temp\.bitrock\.tmp_4628_5562905\x01image_small.png
          0.0s C:\Users\Volker\AppData\Local\Amazon Music\Amazon Music Helper.exe

   C:\Users\Volker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IF47T3T6\FRST64[1].exe
      Size . . . . . . . : 2.405.376 bytes
      Age  . . . . . . . : 1.0 days (2016-10-06 12:14:48)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 74A30ABB1EDB9EF68C38FD39E5DE9707B2B52BDC0B614B3F9AFC2602D3A718E5
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
         -0.8s C:\Users\Volker\AppData\Roaming\Microsoft\Windows\Cookies\6KVAY2XL.txt
         -0.8s C:\Users\Volker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R242YYZG\82[1].htm
         -0.3s C:\Users\Volker\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6AF4EE75E3A4ABA658C0087EB9A0BB5B_4F8D4D4F8A055DA96F5FDDC885E626A4
         -0.3s C:\Users\Volker\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6AF4EE75E3A4ABA658C0087EB9A0BB5B_4F8D4D4F8A055DA96F5FDDC885E626A4
         -0.3s C:\Users\Volker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WYG1TM75\FRST64[2].exe
          0.0s C:\Users\Volker\Desktop\FRST64.exe
          0.0s C:\Users\Volker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IF47T3T6\FRST64[1].exe
          7.5s C:\Users\Volker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9OSS622P\up64[1]
         15.6s C:\Users\Volker\Desktop\FRST.txt

   C:\Users\Volker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WYG1TM75\FRST64[1].exe
      Size . . . . . . . : 2.404.864 bytes
      Age  . . . . . . . : 3.0 days (2016-10-04 11:34:16)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 619A0964AE0899EBD470560C8B93914D73C2B183A75BD83686417A4ECB4A2655
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
         -0.4s C:\Users\Volker\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9EC3B71635F8BA3FC68DE181A104A0EF_F6C39EF89D8A3A72327D8412589658B2
         -0.4s C:\Users\Volker\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9EC3B71635F8BA3FC68DE181A104A0EF_F6C39EF89D8A3A72327D8412589658B2
         -0.2s C:\Users\Volker\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\64DCC9872C5635B1B7891B30665E0558_5552C20A2631357820903FD38A8C0F9F
         -0.2s C:\Users\Volker\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\64DCC9872C5635B1B7891B30665E0558_5552C20A2631357820903FD38A8C0F9F
         -0.2s C:\Users\Volker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9OSS622P\FRST64[1].exe
          0.0s C:\Users\Volker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WYG1TM75\FRST64[1].exe
          1.8s C:\Users\Volker\Desktop\FRST-OlderVersion\

   C:\Users\Volker\Desktop\FRST-OlderVersion\FRST64.exe
      Size . . . . . . . : 2.404.864 bytes
      Age  . . . . . . . : 3.9 days (2016-10-03 13:40:05)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 619A0964AE0899EBD470560C8B93914D73C2B183A75BD83686417A4ECB4A2655
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.

   C:\Users\Volker\Desktop\FRST64.exe
      Size . . . . . . . : 2.405.376 bytes
      Age  . . . . . . . : 1.0 days (2016-10-06 12:14:48)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 74A30ABB1EDB9EF68C38FD39E5DE9707B2B52BDC0B614B3F9AFC2602D3A718E5
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
         -0.8s C:\Users\Volker\AppData\Roaming\Microsoft\Windows\Cookies\6KVAY2XL.txt
         -0.8s C:\Users\Volker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R242YYZG\82[1].htm
         -0.3s C:\Users\Volker\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6AF4EE75E3A4ABA658C0087EB9A0BB5B_4F8D4D4F8A055DA96F5FDDC885E626A4
         -0.3s C:\Users\Volker\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6AF4EE75E3A4ABA658C0087EB9A0BB5B_4F8D4D4F8A055DA96F5FDDC885E626A4
         -0.3s C:\Users\Volker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WYG1TM75\FRST64[2].exe
          0.0s C:\Users\Volker\Desktop\FRST64.exe
          0.0s C:\Users\Volker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IF47T3T6\FRST64[1].exe
          7.5s C:\Users\Volker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9OSS622P\up64[1]
         15.6s C:\Users\Volker\Desktop\FRST.txt

Antivirenprogramm lässt sich nicht starten, andere Programme auch nicht

Plagegeister aller Art und deren Bekämpfung: Antivirenprogramm lässt sich nicht starten, andere Programme auch nicht

Antivirenprogramm lässt sich nicht starten, andere Programme auch nicht

Ähnliche Themen: Antivirenprogramm lässt sich nicht starten, andere Programme auch nicht