| |
| |||||||
Mülltonne: Malware Trojaner Windows 10Windows 7 Beiträge, die gegen unsere Regeln verstoßen haben, solche, die die Welt nicht braucht oder sonstiger Müll landet hier in der Mülltonne... |
20.07.2019, 18:43
| #1 |
| |  Malware Trojaner Windows 10 hallo meine lieben ich hab warscheinlich einen Trojaner auf dem laptop anbei der scan von malwarebytes Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 20.07.19
Scan-Zeit: 18:56
Protokolldatei: 5f225b5a-ab0f-11e9-b07a-9829a64251ff.json
-Softwaredaten-
Version: 3.8.3.2965
Komponentenversion: 1.0.613
Version des Aktualisierungspakets: 1.0.11644
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 10 (Build 18362.239)
CPU: x64
Dateisystem: NTFS
Benutzer: DESKTOP-M826EE6\baris
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 324020
Erkannte Bedrohungen: 319
In die Quarantäne verschobene Bedrohungen: 319
Abgelaufene Zeit: 4 Min., 15 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 1
Trojan.Agent, C:\PROGRAMDATA\MICROSOFT\WINDOWS\POWER\POWERSVC.EXE, In Quarantäne, [442], [537387],1.0.11644
Modul: 2
Trojan.Agent, C:\PROGRAMDATA\MICROSOFT\WINDOWS\POWER\POWERSVC.EXE, In Quarantäne, [442], [537387],1.0.11644
Adware.Neoreklami.TskLnk, C:\PROGRAM FILES (X86)\OXBKZRKCYRI\OXBKZRKCYRI.DLL, In Quarantäne, [918], [664066],1.0.11644
Registrierungsschlüssel: 28
Trojan.Clicker, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\csrss, In Quarantäne, [3202], [431499],1.0.11644
Trojan.Clicker, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{5B25669B-DAB0-4B47-A7B7-137B55D66882}, In Quarantäne, [3202], [431499],1.0.11644
Trojan.Clicker, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{5B25669B-DAB0-4B47-A7B7-137B55D66882}, In Quarantäne, [3202], [431499],1.0.11644
Trojan.Agent, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PowerSvc, In Quarantäne, [442], [537387],1.0.11644
PUP.Optional.1Bbot, HKU\S-1-5-21-3126919406-1894036365-1143836582-1001\SOFTWARE\1BTC Software, In Quarantäne, [3478], [584329],1.0.11644
PUP.Optional.Reimage, HKU\S-1-5-21-3126919406-1894036365-1143836582-1001\SOFTWARE\LOCAL APPWIZARD-GENERATED APPLICATIONS\Fixer - Windows Problem Relief., In Quarantäne, [354], [709541],1.0.11644
Trojan.CrthRazy, HKLM\SOFTWARE\WOW6432NODE\Machiner, In Quarantäne, [3134], [676882],1.0.11644
Adware.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\Polygen.exe, In Quarantäne, [822], [568551],1.0.11644
PUP.Optional.InlogOptimizer, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Inlog Optimizer 3.1, In Quarantäne, [3075], [698978],1.0.11644
Trojan.MalPack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\RubusFund 2.0, In Quarantäne, [553], [631644],1.0.11644
Adware.Neoreklami.TskLnk, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\oxbKZRKcyri, In Quarantäne, [918], [664066],1.0.11644
Adware.Neoreklami.TskLnk, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{BD9CD269-9019-4C06-B3BB-5EA453013F0D}, In Quarantäne, [918], [664066],1.0.11644
Adware.Neoreklami.TskLnk, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\BOOT\{BD9CD269-9019-4C06-B3BB-5EA453013F0D}, In Quarantäne, [918], [664066],1.0.11644
Adware.Neoreklami.TskLnk, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\oxbKZRKcyri, In Quarantäne, [918], [-1],0.0.0
Adware.Neoreklami.TskLnk, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BD9CD269-9019-4C06-B3BB-5EA453013F0D}, In Quarantäne, [918], [-1],0.0.0
Adware.Neoreklami.TskLnk, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{BD9CD269-9019-4C06-B3BB-5EA453013F0D}, In Quarantäne, [918], [-1],0.0.0
Adware.DotDo.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\haddock-herediahaddock-heredia, In Quarantäne, [5886], [512320],1.0.11644
Adware.DotDo.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{09C8858E-B2D6-4A17-A9B5-C1AD161CE56B}, In Quarantäne, [5886], [512320],1.0.11644
Adware.DotDo.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{09C8858E-B2D6-4A17-A9B5-C1AD161CE56B}, In Quarantäne, [5886], [512320],1.0.11644
Adware.DotDo.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\resetsresets, In Quarantäne, [5886], [702079],1.0.11644
Adware.DotDo.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{20530CE3-BFE1-4E75-A363-6D18FACA3A66}, In Quarantäne, [5886], [702079],1.0.11644
Adware.DotDo.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{20530CE3-BFE1-4E75-A363-6D18FACA3A66}, In Quarantäne, [5886], [702079],1.0.11644
Adware.DotDo.Generic.TskLnk, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\jacobsjacobs, In Quarantäne, [11732], [694457],1.0.11644
Adware.DotDo.Generic.TskLnk, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{38B94FF0-D692-4934-9DAE-B019E448036E}, In Quarantäne, [11732], [694457],1.0.11644
Adware.DotDo.Generic.TskLnk, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{38B94FF0-D692-4934-9DAE-B019E448036E}, In Quarantäne, [11732], [694457],1.0.11644
Adware.DotDo.Generic.TskLnk, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\jacobsjacobs, In Quarantäne, [11732], [-1],0.0.0
Adware.DotDo.Generic.TskLnk, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{38B94FF0-D692-4934-9DAE-B019E448036E}, In Quarantäne, [11732], [-1],0.0.0
Adware.DotDo.Generic.TskLnk, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{38B94FF0-D692-4934-9DAE-B019E448036E}, In Quarantäne, [11732], [-1],0.0.0
Registrierungswert: 20
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, In Quarantäne, [840], [-1],0.0.0
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, In Quarantäne, [840], [-1],0.0.0
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3126919406-1894036365-1143836582-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|DEFAULT, In Quarantäne, [840], [259988],1.0.11644
Trojan.BitCoinMiner, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{A197FA80-D42F-4ED5-9863-A4B6DD4F8093}, In Quarantäne, [564], [446017],1.0.11644
Trojan.ProxyAgent.Generic, HKU\S-1-5-21-3126919406-1894036365-1143836582-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|PRIJOX, In Quarantäne, [6430], [519676],1.0.11644
PUP.Optional.CloudNet, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{897E2280-E7CE-4A8D-A469-FD64C3C1906E}, In Quarantäne, [6054], [446028],1.0.11644
Trojan.Agent, HKU\S-1-5-21-3126919406-1894036365-1143836582-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|COLDTREE, In Quarantäne, [442], [196479],1.0.11644
Trojan.Clicker, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{5B25669B-DAB0-4B47-A7B7-137B55D66882}|PATH, In Quarantäne, [3202], [431497],1.0.11644
PUP.Optional.DownloadProtectExtension, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|{794EEA08-C150-41AE-8353-330834D42588}, In Quarantäne, [7109], [237883],1.0.11644
PUP.Optional.DownloadProtectExtension, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|{794EEA08-C150-41AE-8353-330834D42588}, In Quarantäne, [7109], [237883],1.0.11644
Trojan.Agent, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\POWERSVC|IMAGEPATH, In Quarantäne, [442], [537386],1.0.11644
Adware.DotDo.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Dilorenzo, In Quarantäne, [5886], [512320],1.0.11644
Adware.DotDo.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Invisibly, In Quarantäne, [5886], [512320],1.0.11644
Adware.DotDo.Generic, HKU\S-1-5-21-3126919406-1894036365-1143836582-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Generic, In Quarantäne, [5886], [512320],1.0.11644
Adware.DotDo.Generic, HKU\S-1-5-21-3126919406-1894036365-1143836582-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Interrelation, In Quarantäne, [5886], [512320],1.0.11644
Adware.DotDo.Generic.TskLnk, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Seelye, In Quarantäne, [11732], [694457],1.0.11644
Adware.DotDo.Generic.TskLnk, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Override, In Quarantäne, [11732], [694457],1.0.11644
Adware.DotDo.Generic.TskLnk, HKU\S-1-5-21-3126919406-1894036365-1143836582-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Chanel, In Quarantäne, [11732], [694457],1.0.11644
Adware.DotDo.Generic.TskLnk, HKU\S-1-5-21-3126919406-1894036365-1143836582-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Penman, In Quarantäne, [11732], [694457],1.0.11644
Adware.DotDo.Generic.TskLnk, HKU\S-1-5-21-3126919406-1894036365-1143836582-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|pinup, In Quarantäne, [11732], [694457],1.0.11644
Registrierungsdaten: 5
Adware.SonicSearch, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|DEFAULT, Ersetzt, [13295], [693611],1.0.11644
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3126919406-1894036365-1143836582-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH PAGE, Ersetzt, [840], [293485],1.0.11644
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3126919406-1894036365-1143836582-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH BAR, Ersetzt, [840], [293485],1.0.11644
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3126919406-1894036365-1143836582-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCHASSISTANT, Ersetzt, [840], [293485],1.0.11644
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3126919406-1894036365-1143836582-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|DEFAULT_SEARCH_URL, Ersetzt, [840], [293486],1.0.11644
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 177
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{4F7F1A23-967D-4EAB-B7FF-50AE5DFCDE10}, In Quarantäne, [64], [237878],1.0.11644
PUP.Optional.CloudNet, C:\USERS\BARIS\APPDATA\LOCAL\TEMP\CSRSS, In Quarantäne, [6054], [448845],1.0.11644
Adware.Csdimonetize.E, C:\PROGRAM FILES\Windows Portable Devices\44UZCIM1KQ2OOWDQ6ZN5ZT3OWZLIZH, In Quarantäne, [5098], [650310],1.0.11644
Spyware.StolenData.E, C:\ProgramData\71NZUCOK9D7L14GUSGZDB7E8T\files\Wallets\ElectronCash, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\71NZUCOK9D7L14GUSGZDB7E8T\files\Wallets\InfiniteCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\71NZUCOK9D7L14GUSGZDB7E8T\files\Wallets\DigitalCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\71NZUCOK9D7L14GUSGZDB7E8T\files\Wallets\ElectrumLTC, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\71NZUCOK9D7L14GUSGZDB7E8T\files\Wallets\GoldCoinGLD, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\71NZUCOK9D7L14GUSGZDB7E8T\files\Wallets\FlorinCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\71NZUCOK9D7L14GUSGZDB7E8T\files\Wallets\MultiDoge, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\71NZUCOK9D7L14GUSGZDB7E8T\files\Wallets\PrimeCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\71NZUCOK9D7L14GUSGZDB7E8T\files\Wallets\TerraCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\71NZUCOK9D7L14GUSGZDB7E8T\files\Wallets\Anoncoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\71NZUCOK9D7L14GUSGZDB7E8T\files\Wallets\DashCore, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\71NZUCOK9D7L14GUSGZDB7E8T\files\Wallets\Electrum, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\71NZUCOK9D7L14GUSGZDB7E8T\files\Wallets\Ethereum, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\71NZUCOK9D7L14GUSGZDB7E8T\files\Wallets\FreiCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\71NZUCOK9D7L14GUSGZDB7E8T\files\Wallets\Litecoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\71NZUCOK9D7L14GUSGZDB7E8T\files\Wallets\MegaCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\71NZUCOK9D7L14GUSGZDB7E8T\files\Wallets\NameCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\71NZUCOK9D7L14GUSGZDB7E8T\files\Wallets\BBQCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\71NZUCOK9D7L14GUSGZDB7E8T\files\Wallets\Bitcoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\71NZUCOK9D7L14GUSGZDB7E8T\files\Wallets\DevCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\71NZUCOK9D7L14GUSGZDB7E8T\files\Wallets\MinCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\71NZUCOK9D7L14GUSGZDB7E8T\files\Wallets\Exodus, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\71NZUCOK9D7L14GUSGZDB7E8T\files\Wallets\Franko, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\71NZUCOK9D7L14GUSGZDB7E8T\files\Wallets\IOCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\71NZUCOK9D7L14GUSGZDB7E8T\files\Wallets\IxCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\71NZUCOK9D7L14GUSGZDB7E8T\files\Wallets\YACoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\71NZUCOK9D7L14GUSGZDB7E8T\files\Wallets\Zcash, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\71NZUCOK9D7L14GUSGZDB7E8T\files\Wallets\JAXX, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\PROGRAMDATA\71NZUCOK9D7L14GUSGZDB7E8T\FILES\Wallets, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\895ZYPHM73Q2SS1YP4PPPQCKQ\files\Wallets\ElectronCash, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\895ZYPHM73Q2SS1YP4PPPQCKQ\files\Wallets\InfiniteCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\895ZYPHM73Q2SS1YP4PPPQCKQ\files\Wallets\DigitalCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\895ZYPHM73Q2SS1YP4PPPQCKQ\files\Wallets\ElectrumLTC, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\895ZYPHM73Q2SS1YP4PPPQCKQ\files\Wallets\GoldCoinGLD, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\895ZYPHM73Q2SS1YP4PPPQCKQ\files\Wallets\FlorinCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\895ZYPHM73Q2SS1YP4PPPQCKQ\files\Wallets\MultiDoge, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\895ZYPHM73Q2SS1YP4PPPQCKQ\files\Wallets\PrimeCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\895ZYPHM73Q2SS1YP4PPPQCKQ\files\Wallets\TerraCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\895ZYPHM73Q2SS1YP4PPPQCKQ\files\Wallets\Anoncoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\895ZYPHM73Q2SS1YP4PPPQCKQ\files\Wallets\DashCore, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\895ZYPHM73Q2SS1YP4PPPQCKQ\files\Wallets\Electrum, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\895ZYPHM73Q2SS1YP4PPPQCKQ\files\Wallets\Ethereum, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\895ZYPHM73Q2SS1YP4PPPQCKQ\files\Wallets\FreiCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\895ZYPHM73Q2SS1YP4PPPQCKQ\files\Wallets\Litecoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\895ZYPHM73Q2SS1YP4PPPQCKQ\files\Wallets\MegaCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\895ZYPHM73Q2SS1YP4PPPQCKQ\files\Wallets\NameCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\895ZYPHM73Q2SS1YP4PPPQCKQ\files\Wallets\BBQCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\895ZYPHM73Q2SS1YP4PPPQCKQ\files\Wallets\Bitcoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\895ZYPHM73Q2SS1YP4PPPQCKQ\files\Wallets\DevCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\895ZYPHM73Q2SS1YP4PPPQCKQ\files\Wallets\MinCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\895ZYPHM73Q2SS1YP4PPPQCKQ\files\Wallets\Exodus, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\895ZYPHM73Q2SS1YP4PPPQCKQ\files\Wallets\Franko, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\895ZYPHM73Q2SS1YP4PPPQCKQ\files\Wallets\IOCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\895ZYPHM73Q2SS1YP4PPPQCKQ\files\Wallets\IxCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\895ZYPHM73Q2SS1YP4PPPQCKQ\files\Wallets\YACoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\895ZYPHM73Q2SS1YP4PPPQCKQ\files\Wallets\Zcash, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\895ZYPHM73Q2SS1YP4PPPQCKQ\files\Wallets\JAXX, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\PROGRAMDATA\895ZYPHM73Q2SS1YP4PPPQCKQ\FILES\Wallets, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\CXIWU89V7AABU63ZJMUVYMHUE\files\Wallets\ElectronCash, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\CXIWU89V7AABU63ZJMUVYMHUE\files\Wallets\InfiniteCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\CXIWU89V7AABU63ZJMUVYMHUE\files\Wallets\DigitalCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\CXIWU89V7AABU63ZJMUVYMHUE\files\Wallets\ElectrumLTC, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\CXIWU89V7AABU63ZJMUVYMHUE\files\Wallets\GoldCoinGLD, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\CXIWU89V7AABU63ZJMUVYMHUE\files\Wallets\FlorinCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\CXIWU89V7AABU63ZJMUVYMHUE\files\Wallets\MultiDoge, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\CXIWU89V7AABU63ZJMUVYMHUE\files\Wallets\PrimeCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\CXIWU89V7AABU63ZJMUVYMHUE\files\Wallets\TerraCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\CXIWU89V7AABU63ZJMUVYMHUE\files\Wallets\Anoncoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\CXIWU89V7AABU63ZJMUVYMHUE\files\Wallets\DashCore, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\CXIWU89V7AABU63ZJMUVYMHUE\files\Wallets\Electrum, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\CXIWU89V7AABU63ZJMUVYMHUE\files\Wallets\Ethereum, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\CXIWU89V7AABU63ZJMUVYMHUE\files\Wallets\FreiCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\CXIWU89V7AABU63ZJMUVYMHUE\files\Wallets\Litecoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\CXIWU89V7AABU63ZJMUVYMHUE\files\Wallets\MegaCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\CXIWU89V7AABU63ZJMUVYMHUE\files\Wallets\NameCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\CXIWU89V7AABU63ZJMUVYMHUE\files\Wallets\BBQCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\CXIWU89V7AABU63ZJMUVYMHUE\files\Wallets\Bitcoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\CXIWU89V7AABU63ZJMUVYMHUE\files\Wallets\DevCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\CXIWU89V7AABU63ZJMUVYMHUE\files\Wallets\MinCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\CXIWU89V7AABU63ZJMUVYMHUE\files\Wallets\Exodus, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\CXIWU89V7AABU63ZJMUVYMHUE\files\Wallets\Franko, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\CXIWU89V7AABU63ZJMUVYMHUE\files\Wallets\IOCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\CXIWU89V7AABU63ZJMUVYMHUE\files\Wallets\IxCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\CXIWU89V7AABU63ZJMUVYMHUE\files\Wallets\YACoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\CXIWU89V7AABU63ZJMUVYMHUE\files\Wallets\Zcash, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\CXIWU89V7AABU63ZJMUVYMHUE\files\Wallets\JAXX, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\PROGRAMDATA\CXIWU89V7AABU63ZJMUVYMHUE\FILES\Wallets, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\INUHADDO3YDLG3LE2ZQJGA2O5\files\Wallets\ElectronCash, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\INUHADDO3YDLG3LE2ZQJGA2O5\files\Wallets\InfiniteCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\INUHADDO3YDLG3LE2ZQJGA2O5\files\Wallets\DigitalCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\INUHADDO3YDLG3LE2ZQJGA2O5\files\Wallets\ElectrumLTC, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\INUHADDO3YDLG3LE2ZQJGA2O5\files\Wallets\GoldCoinGLD, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\INUHADDO3YDLG3LE2ZQJGA2O5\files\Wallets\FlorinCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\INUHADDO3YDLG3LE2ZQJGA2O5\files\Wallets\MultiDoge, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\INUHADDO3YDLG3LE2ZQJGA2O5\files\Wallets\PrimeCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\INUHADDO3YDLG3LE2ZQJGA2O5\files\Wallets\TerraCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\INUHADDO3YDLG3LE2ZQJGA2O5\files\Wallets\Anoncoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\INUHADDO3YDLG3LE2ZQJGA2O5\files\Wallets\DashCore, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\INUHADDO3YDLG3LE2ZQJGA2O5\files\Wallets\Electrum, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\INUHADDO3YDLG3LE2ZQJGA2O5\files\Wallets\Ethereum, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\INUHADDO3YDLG3LE2ZQJGA2O5\files\Wallets\FreiCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\INUHADDO3YDLG3LE2ZQJGA2O5\files\Wallets\Litecoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\INUHADDO3YDLG3LE2ZQJGA2O5\files\Wallets\MegaCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\INUHADDO3YDLG3LE2ZQJGA2O5\files\Wallets\NameCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\INUHADDO3YDLG3LE2ZQJGA2O5\files\Wallets\BBQCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\INUHADDO3YDLG3LE2ZQJGA2O5\files\Wallets\Bitcoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\INUHADDO3YDLG3LE2ZQJGA2O5\files\Wallets\DevCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\INUHADDO3YDLG3LE2ZQJGA2O5\files\Wallets\MinCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\INUHADDO3YDLG3LE2ZQJGA2O5\files\Wallets\Exodus, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\INUHADDO3YDLG3LE2ZQJGA2O5\files\Wallets\Franko, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\INUHADDO3YDLG3LE2ZQJGA2O5\files\Wallets\IOCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\INUHADDO3YDLG3LE2ZQJGA2O5\files\Wallets\IxCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\INUHADDO3YDLG3LE2ZQJGA2O5\files\Wallets\YACoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\INUHADDO3YDLG3LE2ZQJGA2O5\files\Wallets\Zcash, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\INUHADDO3YDLG3LE2ZQJGA2O5\files\Wallets\JAXX, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\PROGRAMDATA\INUHADDO3YDLG3LE2ZQJGA2O5\FILES\Wallets, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\KN8UGEFKI133YV59JE3TMSU2J\files\Wallets\ElectronCash, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\KN8UGEFKI133YV59JE3TMSU2J\files\Wallets\InfiniteCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\KN8UGEFKI133YV59JE3TMSU2J\files\Wallets\DigitalCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\KN8UGEFKI133YV59JE3TMSU2J\files\Wallets\ElectrumLTC, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\KN8UGEFKI133YV59JE3TMSU2J\files\Wallets\GoldCoinGLD, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\KN8UGEFKI133YV59JE3TMSU2J\files\Wallets\FlorinCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\KN8UGEFKI133YV59JE3TMSU2J\files\Wallets\MultiDoge, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\KN8UGEFKI133YV59JE3TMSU2J\files\Wallets\PrimeCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\KN8UGEFKI133YV59JE3TMSU2J\files\Wallets\TerraCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\KN8UGEFKI133YV59JE3TMSU2J\files\Wallets\Anoncoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\KN8UGEFKI133YV59JE3TMSU2J\files\Wallets\DashCore, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\KN8UGEFKI133YV59JE3TMSU2J\files\Wallets\Electrum, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\KN8UGEFKI133YV59JE3TMSU2J\files\Wallets\Ethereum, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\KN8UGEFKI133YV59JE3TMSU2J\files\Wallets\FreiCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\KN8UGEFKI133YV59JE3TMSU2J\files\Wallets\Litecoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\KN8UGEFKI133YV59JE3TMSU2J\files\Wallets\MegaCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\KN8UGEFKI133YV59JE3TMSU2J\files\Wallets\NameCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\KN8UGEFKI133YV59JE3TMSU2J\files\Wallets\BBQCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\KN8UGEFKI133YV59JE3TMSU2J\files\Wallets\Bitcoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\KN8UGEFKI133YV59JE3TMSU2J\files\Wallets\DevCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\KN8UGEFKI133YV59JE3TMSU2J\files\Wallets\MinCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\KN8UGEFKI133YV59JE3TMSU2J\files\Wallets\Exodus, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\KN8UGEFKI133YV59JE3TMSU2J\files\Wallets\Franko, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\KN8UGEFKI133YV59JE3TMSU2J\files\Wallets\IOCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\KN8UGEFKI133YV59JE3TMSU2J\files\Wallets\IxCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\KN8UGEFKI133YV59JE3TMSU2J\files\Wallets\YACoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\KN8UGEFKI133YV59JE3TMSU2J\files\Wallets\Zcash, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\KN8UGEFKI133YV59JE3TMSU2J\files\Wallets\JAXX, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\PROGRAMDATA\KN8UGEFKI133YV59JE3TMSU2J\FILES\Wallets, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\SOA2T50ZSLZ7H9GWAHF6GEJ6W\files\Wallets\ElectronCash, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\SOA2T50ZSLZ7H9GWAHF6GEJ6W\files\Wallets\InfiniteCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\SOA2T50ZSLZ7H9GWAHF6GEJ6W\files\Wallets\DigitalCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\SOA2T50ZSLZ7H9GWAHF6GEJ6W\files\Wallets\ElectrumLTC, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\SOA2T50ZSLZ7H9GWAHF6GEJ6W\files\Wallets\GoldCoinGLD, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\SOA2T50ZSLZ7H9GWAHF6GEJ6W\files\Wallets\FlorinCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\SOA2T50ZSLZ7H9GWAHF6GEJ6W\files\Wallets\MultiDoge, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\SOA2T50ZSLZ7H9GWAHF6GEJ6W\files\Wallets\PrimeCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\SOA2T50ZSLZ7H9GWAHF6GEJ6W\files\Wallets\TerraCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\SOA2T50ZSLZ7H9GWAHF6GEJ6W\files\Wallets\Anoncoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\SOA2T50ZSLZ7H9GWAHF6GEJ6W\files\Wallets\DashCore, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\SOA2T50ZSLZ7H9GWAHF6GEJ6W\files\Wallets\Electrum, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\SOA2T50ZSLZ7H9GWAHF6GEJ6W\files\Wallets\Ethereum, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\SOA2T50ZSLZ7H9GWAHF6GEJ6W\files\Wallets\FreiCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\SOA2T50ZSLZ7H9GWAHF6GEJ6W\files\Wallets\Litecoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\SOA2T50ZSLZ7H9GWAHF6GEJ6W\files\Wallets\MegaCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\SOA2T50ZSLZ7H9GWAHF6GEJ6W\files\Wallets\NameCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\SOA2T50ZSLZ7H9GWAHF6GEJ6W\files\Wallets\BBQCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\SOA2T50ZSLZ7H9GWAHF6GEJ6W\files\Wallets\Bitcoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\SOA2T50ZSLZ7H9GWAHF6GEJ6W\files\Wallets\DevCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\SOA2T50ZSLZ7H9GWAHF6GEJ6W\files\Wallets\MinCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\SOA2T50ZSLZ7H9GWAHF6GEJ6W\files\Wallets\Exodus, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\SOA2T50ZSLZ7H9GWAHF6GEJ6W\files\Wallets\Franko, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\SOA2T50ZSLZ7H9GWAHF6GEJ6W\files\Wallets\IOCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\SOA2T50ZSLZ7H9GWAHF6GEJ6W\files\Wallets\IxCoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\SOA2T50ZSLZ7H9GWAHF6GEJ6W\files\Wallets\YACoin, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\SOA2T50ZSLZ7H9GWAHF6GEJ6W\files\Wallets\Zcash, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\ProgramData\SOA2T50ZSLZ7H9GWAHF6GEJ6W\files\Wallets\JAXX, In Quarantäne, [818], [697276],1.0.11644
Spyware.StolenData.E, C:\PROGRAMDATA\SOA2T50ZSLZ7H9GWAHF6GEJ6W\FILES\Wallets, In Quarantäne, [818], [697276],1.0.11644
Datei: 86
PUP.Optional.DownloadProtect, C:\WINDOWS\INSTALLER\{4F7F1A23-967D-4EAB-B7FF-50AE5DFCDE10}\cdfnlpccmemgemfcacccobilkoibkiddorx, In Quarantäne, [64], [237878],1.0.11644
PUP.Optional.DownloadProtect, C:\Windows\Installer\{4F7F1A23-967D-4EAB-B7FF-50AE5DFCDE10}\xdfnlpccmemgemfcacccobilkoibkiddoml, In Quarantäne, [64], [237878],1.0.11644
Adware.Linkury.Generic, C:\USERS\BARIS\APPDATA\LOCAL\NOAH.DAT, In Quarantäne, [3737], [404865],1.0.11644
Adware.Linkury.Generic, C:\USERS\BARIS\APPDATA\ROAMING\Microsoft\Windows\Recent\uninstall_temp.lnk, In Quarantäne, [3737], [404862],1.0.11644
Adware.Linkury.Generic, C:\USERS\BARIS\APPDATA\LOCAL\UNINSTALL_TEMP.ICO, In Quarantäne, [3737], [404862],1.0.11644
Adware.Linkury.Generic, C:\USERS\BARIS\APPDATA\LOCAL\MD.XML, In Quarantäne, [3737], [404866],1.0.11644
Adware.Linkury.Generic, C:\USERS\BARIS\APPDATA\LOCAL\Lighting.tst, In Quarantäne, [3737], [404871],1.0.11644
Adware.Linkury.Generic, C:\USERS\BARIS\APPDATA\LOCAL\Sing-Ing.tst, In Quarantäne, [3737], [404871],1.0.11644
Adware.Linkury.Generic, C:\USERS\BARIS\APPDATA\LOCAL\AGENT.DAT, In Quarantäne, [3737], [404872],1.0.11644
Trojan.Clicker, C:\WINDOWS\SYSTEM32\TASKS\CSRSS, In Quarantäne, [3202], [431499],1.0.11644
Adware.Linkury.Generic, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\SHA.DB, In Quarantäne, [3737], [709582],1.0.11644
Adware.Linkury.Generic, C:\USERS\BARIS\APPDATA\LOCAL\SHA.DB, In Quarantäne, [3737], [709581],1.0.11644
PUP.Optional.CloudNet, C:\USERS\BARIS\APPDATA\LOCAL\TEMP\CSRSS\CLOUDNET.EXE, In Quarantäne, [6054], [448845],1.0.11644
PUP.Optional.CloudNet, C:\Users\baris\AppData\Local\Temp\csrss\mikrotikapiscan.exe, In Quarantäne, [6054], [448845],1.0.11644
PUP.Optional.CloudNet, C:\Users\baris\AppData\Local\Temp\csrss\scheduled.exe, In Quarantäne, [6054], [448845],1.0.11644
PUP.Optional.CloudNet, C:\Users\baris\AppData\Local\Temp\csrss\updateprofile-0321.exe, In Quarantäne, [6054], [448845],1.0.11644
Adware.Csdimonetize.E, C:\PROGRAM FILES\Windows Portable Devices\44UZCIM1KQ2OOWDQ6ZN5ZT3OWZLIZH\Kenessey.txt, In Quarantäne, [5098], [650310],1.0.11644
Adware.Csdimonetize.E, C:\Program Files\Windows Portable Devices\44UZCIM1KQ2OOWDQ6ZN5ZT3OWZLIZH\3Np26MLhXa.exe.config, In Quarantäne, [5098], [650310],1.0.11644
Adware.Csdimonetize.E, C:\Program Files\Windows Portable Devices\44UZCIM1KQ2OOWDQ6ZN5ZT3OWZLIZH\hDç95_tsRf.exe.config, In Quarantäne, [5098], [650310],1.0.11644
Adware.Csdimonetize.E, C:\Program Files\Windows Portable Devices\44UZCIM1KQ2OOWDQ6ZN5ZT3OWZLIZH\ljZ+f8mçz#.exe.config, In Quarantäne, [5098], [650310],1.0.11644
Adware.Csdimonetize.E, C:\Program Files\Windows Portable Devices\44UZCIM1KQ2OOWDQ6ZN5ZT3OWZLIZH\UpdateInstall.exe.config, In Quarantäne, [5098], [650310],1.0.11644
Trojan.Agent, C:\PROGRAMDATA\MICROSOFT\WINDOWS\POWER\POWERSVC.EXE, In Quarantäne, [442], [537387],1.0.11644
PUP.Optional.Conduit, C:\USERS\BARIS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EEAXLM7T.DEFAULT\PREFS.JS, Ersetzt, [207], [301520],1.0.11644
PUP.Optional.Conduit, C:\USERS\BARIS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EEAXLM7T.DEFAULT\PREFS.JS, Ersetzt, [207], [303091],1.0.11644
Adware.Linkury.Generic, C:\USERS\BARIS\APPDATA\LOCAL\CONFIG.XML, In Quarantäne, [3737], [404859],1.0.11644
PUP.Optional.Conduit, C:\USERS\BARIS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LBYULARE.DEFAULT-RELEASE-1\PREFS.JS, Ersetzt, [207], [301520],1.0.11644
PUP.Optional.Conduit, C:\USERS\BARIS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LBYULARE.DEFAULT-RELEASE-1\PREFS.JS, Ersetzt, [207], [303091],1.0.11644
Adware.Neoreklami.TskLnk, C:\WINDOWS\SYSTEM32\TASKS\oxbKZRKcyri, In Quarantäne, [918], [664066],1.0.11644
Adware.Neoreklami.TskLnk, C:\PROGRAM FILES (X86)\OXBKZRKCYRI\OXBKZRKCYRI.DLL, In Quarantäne, [918], [664066],1.0.11644
Adware.Neoreklami.TskLnk, C:\WINDOWS\SYSTEM32\TASKS\oxbKZRKcyri, In Quarantäne, [918], [-1],0.0.0
PUP.Optional.Conduit, C:\USERS\BARIS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2ONNNRKV.DEFAULT-RELEASE\PREFS.JS, Ersetzt, [207], [301520],1.0.11644
Adware.Linkury.TskLnk, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\INSTALLATIONCONFIGURATION.XML, In Quarantäne, [14615], [444922],1.0.11644
Adware.DotDo.Generic, C:\WINDOWS\SYSTEM32\TASKS\haddock-herediahaddock-heredia, In Quarantäne, [5886], [512320],1.0.11644
Adware.DotDo.Generic, C:\USERS\BARIS\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\STARTUP\brounbroun.lnk, In Quarantäne, [5886], [512320],1.0.11644
Adware.DotDo.Generic, C:\PROGRAM FILES (X86)\OVERHYPED\PATERNO.EXE, In Quarantäne, [5886], [512320],1.0.11644
Adware.DotDo.Generic, C:\WINDOWS\SYSTEM32\TASKS\resetsresets, In Quarantäne, [5886], [702079],1.0.11644
Adware.DotDo.Generic, C:\PROGRAM FILES (X86)\MUSIAL\PINERO.EXE, In Quarantäne, [5886], [702079],1.0.11644
Adware.DotDo.Generic.TskLnk, C:\WINDOWS\SYSTEM32\TASKS\jacobsjacobs, In Quarantäne, [11732], [694457],1.0.11644
Adware.DotDo.Generic.TskLnk, C:\USERS\BARIS\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\STARTUP\broun.lnk, In Quarantäne, [11732], [694457],1.0.11644
Adware.DotDo.Generic.TskLnk, C:\PROGRAM FILES (X86)\SURREALISTS\THROUGHPUT.EXE, In Quarantäne, [11732], [694457],1.0.11644
Adware.DotDo.Generic.TskLnk, C:\WINDOWS\SYSTEM32\TASKS\jacobsjacobs, In Quarantäne, [11732], [-1],0.0.0
Trojan.MalPack.GS, C:\USERS\BARIS\APPDATA\ROAMING\UYKSFVVVIG.EXE, In Quarantäne, [7899], [710255],1.0.11644
Trojan.MalPack.GS, C:\USERS\BARIS\APPDATA\ROAMING\MPXGNMYVUO.EXE, In Quarantäne, [7899], [710255],1.0.11644
Adware.DotDo.Generic, C:\DOCUMENTS AND SETTINGS\PUBLIC\Desktop\Firefox.lnk, Löschen bei Neustart, [5886], [702092],1.0.11644
Adware.DotDo.Generic, C:\PROGRAMDATA\Microsoft\Windows\Start Menu\Programs\Firefox.lnk, In Quarantäne, [5886], [702092],1.0.11644
Adware.DotDo.Generic, C:\USERS\PUBLIC\Desktop\Firefox.lnk, Löschen bei Neustart, [5886], [702092],1.0.11644
Adware.DotDo.Generic, C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE, Löschen bei Neustart, [5886], [702092],1.0.11644
Trojan.MalPack.GS, C:\USERS\BARIS\APPDATA\ROAMING\CJSTHTG, In Quarantäne, [7899], [710255],1.0.11644
Generic.Malware/Suspicious, C:\USERS\BARIS\APPDATA\LOCAL\TEMP\2OOB1XB0.4MV\WCINSTALLER.EXE, In Quarantäne, [0], [392686],1.0.11644
Trojan.MalPack.GS, C:\USERS\BARIS\APPDATA\LOCAL\TEMP\XEO2WRVK.VS4\KOSKOS.EXE, In Quarantäne, [7899], [710255],1.0.11644
Trojan.MalPack.GS, C:\USERS\BARIS\APPDATA\LOCAL\TEMP\YAS0L1DK.0JD\TASKHS.EXE, In Quarantäne, [7899], [710255],1.0.11644
Trojan.MalPack.VB, C:\USERS\BARIS\APPDATA\LOCAL\TEMP\EHIFJ.EXE, In Quarantäne, [757], [709787],1.0.11644
Trojan.MalPack.VB, C:\USERS\BARIS\APPDATA\LOCAL\TEMP\JLDWK.EXE, In Quarantäne, [757], [709787],1.0.11644
Trojan.MalPack.VB, C:\USERS\BARIS\APPDATA\LOCAL\TEMP\POZ.EXE, In Quarantäne, [757], [709787],1.0.11644
Adware.ProxyGate, C:\USERS\BARIS\APPDATA\LOCAL\TEMP\0QPPVO3W.B0D\01.EXE.EXE, In Quarantäne, [7947], [707446],1.0.11644
Adware.ProxyGate, C:\USERS\BARIS\APPDATA\LOCAL\TEMP\CHWEFW0W.TYY\01.EXE.EXE, In Quarantäne, [7947], [707446],1.0.11644
Trojan.MalPack.GS, C:\USERS\BARIS\APPDATA\LOCAL\TEMP\KDFOHWGF.BPT\PRIVACYTOOLS.EXE, In Quarantäne, [7899], [710255],1.0.11644
Adware.ProxyGate, C:\USERS\BARIS\APPDATA\LOCAL\TEMP\M5LNVHH5.ISC\01.EXE.EXE, In Quarantäne, [7947], [707446],1.0.11644
Trojan.MalPack.GS, C:\USERS\BARIS\APPDATA\LOCAL\TEMP\AUWYIXU2.SWL\PRIVACYTOOLS.EXE, In Quarantäne, [7899], [710255],1.0.11644
Trojan.MalPack.GS, C:\USERS\BARIS\APPDATA\LOCAL\TEMP\JAZT1DRR.QCZ\TASKHS.EXE, In Quarantäne, [7899], [710255],1.0.11644
Trojan.MalPack.GS, C:\USERS\BARIS\APPDATA\LOCAL\TEMP\TM4PQLUN.1RL\PRIVACYTOOLS.EXE, In Quarantäne, [7899], [710255],1.0.11644
Trojan.MalPack.VB, C:\USERS\BARIS\APPDATA\LOCAL\TEMP\K8GCDK.EXE, In Quarantäne, [757], [709787],1.0.11644
Trojan.MalPack.GS, C:\USERS\BARIS\APPDATA\LOCAL\TEMP\ALNDRPKQ.KOZ\PRIVACYTOOLS.EXE, In Quarantäne, [7899], [710255],1.0.11644
Adware.ProxyGate, C:\USERS\BARIS\APPDATA\LOCAL\TEMP\0JF4ESLY.JPC\01.EXE.EXE, In Quarantäne, [7947], [707446],1.0.11644
Trojan.MalPack.GS, C:\USERS\BARIS\APPDATA\LOCAL\TEMP\2QDU1GQG.AET\PRIVACYTOOLS.EXE, In Quarantäne, [7899], [710255],1.0.11644
Adware.ProxyGate, C:\USERS\BARIS\APPDATA\LOCAL\TEMP\JS3OU5QG.XJ1\01.EXE.EXE, In Quarantäne, [7947], [707446],1.0.11644
RiskWare.VMProtect, C:\USERS\BARIS\DOWNLOADS\OCTOSNIFF_INSTALL.EXE, In Quarantäne, [7739], [702821],1.0.11644
Generic.Malware/Suspicious, C:\USERS\BARIS\APPDATA\LOCAL\TEMP\YZANY5SU.CM5\WCINSTALLER.EXE, In Quarantäne, [0], [392686],1.0.11644
Generic.Malware/Suspicious, C:\USERS\BARIS\APPDATA\LOCAL\TEMP\1AG0G0EB.Q3K\WCINSTALLER.EXE, In Quarantäne, [0], [392686],1.0.11644
Generic.Malware/Suspicious, C:\USERS\BARIS\APPDATA\LOCAL\TEMP\5BANIGUC.YDY\WCINSTALLER.EXE, In Quarantäne, [0], [392686],1.0.11644
Generic.Malware/Suspicious, C:\USERS\BARIS\APPDATA\LOCAL\TEMP\0ZRLTLTS.BSW\WCINSTALLER.EXE, In Quarantäne, [0], [392686],1.0.11644
Trojan.MalPack.GS, C:\USERS\BARIS\APPDATA\LOCAL\TEMP\QBP332KH.RX1\TASKHS.EXE, In Quarantäne, [7899], [710255],1.0.11644
Adware.ProxyGate, C:\USERS\BARIS\APPDATA\LOCAL\TEMP\Y0NNSYLE.XF5\01.EXE.EXE, In Quarantäne, [7947], [707446],1.0.11644
Trojan.MalPack.VB, C:\USERS\BARIS\APPDATA\LOCAL\TEMP\BENS.EXE, In Quarantäne, [757], [709787],1.0.11644
Spyware.Agent.AutoIt, C:\USERS\BARIS\APPDATA\LOCAL\TEMP\E470.TMP.EXE, In Quarantäne, [10091], [708869],1.0.11644
Trojan.MalPack.VB, C:\USERS\BARIS\APPDATA\LOCAL\TEMP\1AL.EXE, In Quarantäne, [757], [709787],1.0.11644
Trojan.MalPack.VB, C:\USERS\BARIS\APPDATA\LOCAL\TEMP\JZ9H.EXE, In Quarantäne, [757], [709787],1.0.11644
Trojan.MalPack.VB, C:\USERS\BARIS\APPDATA\LOCAL\TEMP\PPN99S.EXE, In Quarantäne, [757], [709787],1.0.11644
Generic.Malware/Suspicious, C:\USERS\BARIS\APPDATA\LOCAL\TEMP\WEBCOMPANION.ZIP.OLD.132078655781877249, In Quarantäne, [0], [392686],1.0.11644
Generic.Malware/Suspicious, C:\USERS\BARIS\APPDATA\LOCAL\TEMP\GIKULBOJ.AVK\WCINSTALLER.EXE, In Quarantäne, [0], [392686],1.0.11644
Generic.Malware/Suspicious, C:\USERS\BARIS\APPDATA\LOCAL\TEMP\LWOLW50N.W5J\WCINSTALLER.EXE, In Quarantäne, [0], [392686],1.0.11644
Generic.Malware/Suspicious, C:\USERS\BARIS\APPDATA\LOCAL\TEMP\QKTKO32X.I4X\WCINSTALLER.EXE, In Quarantäne, [0], [392686],1.0.11644
Generic.Malware/Suspicious, C:\USERS\BARIS\APPDATA\LOCAL\TEMP\WJB0BJPJ.TZF\WCINSTALLER.EXE, In Quarantäne, [0], [392686],1.0.11644
Generic.Malware/Suspicious, C:\USERS\BARIS\APPDATA\ROAMING\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\User Pinned\TaskBar\OctoSniff.lnk, In Quarantäne, [0], [392686],1.0.11644
Generic.Malware/Suspicious, C:\USERS\BARIS\DOWNLOADS\OCTOSNIFF.EXE, In Quarantäne, [0], [392686],1.0.11644
Generic.Malware/Suspicious, C:\USERS\BARIS\APPDATA\LOCAL\TEMP\WEBCOMPANION.ZIP.OLD.132078670564872394, In Quarantäne, [0], [392686],1.0.11644
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
WMI: 0
(keine bösartigen Elemente erkannt)
(end)
Geändert von cosinus (22.07.2019 um 08:12 Uhr) Grund: code tags |
|
20.07.2019, 21:05
| #2 | |
| /// TB-Ausbilder   | Malware Trojaner Windows 10 Mein Name ist Matthias und ich werde dir bei der Analyse und der eventuell notwendigen Bereinigung deines Computers helfen.  Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten? Zitat:
|
|
20.07.2019, 22:52
| #3 |
| | Malware Trojaner Windows 10 Hallo Matthias !
__________________Du kannst mich auch gerne Baris nennen es freut mich sehr sehr sehr doll von dir zu hören ! Ich danke dir bereits im Voraus  Wenn notwendig erreichst mich per WhatsApp auch unter der Nummer 0176 218 388 01 Lg Baris |
|
21.07.2019, 19:18
| #4 |
| /// TB-Ausbilder | Malware Trojaner Windows 10 Servus Baris, sobald du die benötigten Informationen gepostet hast (mehr dazu siehe meine letzte Antwort), können wir starten. |
|
21.07.2019, 20:54
| #5 |
| | Malware Trojaner Windows 10 Hallo Die ganzen 6 Punkte ? Lg Baris |
|
22.07.2019, 13:50
| #6 |
| /// TB-Ausbilder | Malware Trojaner Windows 10 Einfach alles aufmerksam lesen und die entsprechenden Informationen bereitstellen. Sonst kann dir hier niemand helfen. |
|
23.07.2019, 11:59
| #7 |
| | Malware Trojaner Windows 10 Ja hey Also durchgelesen hab ich mir alles. Lg Baris |
|
23.07.2019, 21:06
| #8 | |
| /// TB-Ausbilder | Malware Trojaner Windows 10Zitat:
|
|
25.07.2019, 07:21
| #9 |
| | Malware Trojaner Windows 10Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01
durchgeführt von baris (25-07-2019 08:15:02)
Gestartet von C:\Users\baris\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads
Windows 10 Home Version 1903 18362.239 (X64) (2019-07-16 11:18:38)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3126919406-1894036365-1143836582-500 - Administrator - Disabled)
baris (S-1-5-21-3126919406-1894036365-1143836582-1001 - Administrator - Enabled) => C:\Users\baris
DefaultAccount (S-1-5-21-3126919406-1894036365-1143836582-503 - Limited - Disabled)
Gast (S-1-5-21-3126919406-1894036365-1143836582-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3126919406-1894036365-1143836582-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
6b264507-ba91-4d85-86c9-1e827315cbe0 (HKU\S-1-5-21-3126919406-1894036365-1143836582-1001\...\6b264507-ba91-4d85-86c9-1e827315cbe0) (Version: - ÀltîÑIîud)
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 5.1.2 - philandro Software GmbH)
Apple Application Support (32-Bit) (HKLM-x32\...\{9F7041CB-8398-4691-B8CB-0D52273BB3D9}) (Version: 7.4 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{6E7DF4EE-1976-4215-9D81-755AFC95687D}) (Version: 7.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BA2A6DBB-B09A-43D8-84F3-21C1537B47D9}) (Version: 12.2.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
ASTRO Command Center (HKLM-x32\...\{2ECCE840-C4B1-4538-8A19-48DC2ADD010B}) (Version: 1.0.195 - Astro Gaming)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Cronus PRO 1.21 (HKLM-x32\...\Cronus PRO) (Version: 1.21 - CronusMAX Team)
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.94.416 - Digital Wave Ltd)
iTunes (HKLM\...\{D2C7871C-C4D8-45AC-89FD-D7F304B87277}) (Version: 12.9.4.102 - Apple Inc.)
Logitech Gaming Software 9.02 (HKLM\...\Logitech Gaming Software) (Version: 9.02.65 - Logitech Inc.)
Malwarebytes Version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-3126919406-1894036365-1143836582-1001\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Mozilla Firefox 68.0 (x64 de) (HKLM\...\Mozilla Firefox 68.0 (x64 de)) (Version: 68.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 67.0 - Mozilla)
OctoSniff (HKLM-x32\...\{5432F4CF-9B16-4A35-B2CE-771668F0706E}_is1) (Version: 3.0.5.0 - Octolus)
OctoVPN 1.4.2.0 (HKLM-x32\...\{FED0E425-C72A-4FC3-B897-C184457D3F11}_is1) (Version: 1.4.2.0 - OctoVPN)
OctoVPN 1.4.4.1 (HKLM-x32\...\{FED0E425-C72A-4FC3-B897-C184457D3F11}}_is1) (Version: 1.4.4.1 - OctoVPN)
OpenVPN 2.4.7-I603 (HKLM\...\OpenVPN) (Version: 2.4.7-I603 - OpenVPN Technologies, Inc.)
PuTTY release 0.71 (64-bit) (HKLM\...\{B27534DB-4F72-4F49-A3AD-5EC1B6901E5E}) (Version: 0.71.0.0 - Simon Tatham)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.21299 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8555 - Realtek Semiconductor Corp.)
Sky Go 1.4.10.0 (HKU\S-1-5-21-3126919406-1894036365-1143836582-1001\...\com.bskyb.skygoplayer_is1) (Version: 1.4.10.0 - Sky)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.7.64.0 - Safer-Networking Ltd.)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.3.4730 - TeamViewer)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-2) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Web Companion (HKLM-x32\...\{b1a61e92-38f6-4d61-85bb-d46689133937}) (Version: 4.7.1987.3881 - Lavasoft)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Packages:
=========
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.15.13.0_x86__kgqvnymyfvs32 [2019-06-27] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1550.4.0_x86__kgqvnymyfvs32 [2019-07-15] (king.com)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_41.1788.50991.0_x86__8xx8rvfyw5nnt [2019-05-30] (Instagram)
Mail und Kalender -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2019-07-09] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-05-30] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-05-30] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-17] (Microsoft Studios) [MS Ad]
MSN Wetter -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-05-30] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.93.478.0_x64__mcm4njqhnhss8 [2019-06-27] (Netflix, Inc.)
Player for YouTube 4k HD -> C:\Program Files\WindowsApps\14733AzonaMedia.TubePlayforYouTube_1.1.9.0_x64__qvfagqdtyz68p [2019-06-24] (Azona Media) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2019-07-11] (Twitter Inc.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ab736fe7f232ee1e\igfxDTCM.dll [2017-11-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-19] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2018-04-06 20:29 - 2018-04-06 20:29 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files\Logitech Gaming Software\LIBEAY32.dll
2018-04-06 20:29 - 2018-04-06 20:29 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Datei ist nicht signiert] C:\Program Files\Logitech Gaming Software\ssleay32.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Windows:{4B9A1497-0817-47C4-9612-D6A1C53ACF57} [26]
AlternateDataStreams: C:\Windows:{DA6227CB-326B-4B4D-9A81-04B61F1538DD} [26]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-3126919406-1894036365-1143836582-1001\...\localhost -> localhost
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2019-05-30 00:58 - 2019-07-17 21:31 - 000000000 _____ C:\WINDOWS\system32\drivers\etc\hosts
2019-06-16 00:41 - 2019-07-24 22:26 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.1 DESKTOP-M826EE6.mshome.net # 2024 7 1 22 20 26 58 671
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3126919406-1894036365-1143836582-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\baris\OneDrive\Bilder\_CHH7854.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.
HKLM\...\StartupApproved\StartupFolder: => "AnyDesk.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "Dilorenzo"
HKLM\...\StartupApproved\Run: => "Shudders"
HKLM\...\StartupApproved\Run: => "Seelye"
HKLM\...\StartupApproved\Run: => "Reimage"
HKLM\...\StartupApproved\Run32: => "Invisibly"
HKLM\...\StartupApproved\Run32: => "Lawrence"
HKLM\...\StartupApproved\Run32: => "Override"
HKU\S-1-5-21-3126919406-1894036365-1143836582-1001\...\StartupApproved\StartupFolder: => "brounbroun.lnk"
HKU\S-1-5-21-3126919406-1894036365-1143836582-1001\...\StartupApproved\StartupFolder: => "broun.lnk"
HKU\S-1-5-21-3126919406-1894036365-1143836582-1001\...\StartupApproved\StartupFolder: => "kntd.exe"
HKU\S-1-5-21-3126919406-1894036365-1143836582-1001\...\StartupApproved\Run: => "Interrelation"
HKU\S-1-5-21-3126919406-1894036365-1143836582-1001\...\StartupApproved\Run: => "Generic"
HKU\S-1-5-21-3126919406-1894036365-1143836582-1001\...\StartupApproved\Run: => "prijox"
HKU\S-1-5-21-3126919406-1894036365-1143836582-1001\...\StartupApproved\Run: => "pinup"
HKU\S-1-5-21-3126919406-1894036365-1143836582-1001\...\StartupApproved\Run: => "Snowplow"
HKU\S-1-5-21-3126919406-1894036365-1143836582-1001\...\StartupApproved\Run: => "Penman"
HKU\S-1-5-21-3126919406-1894036365-1143836582-1001\...\StartupApproved\Run: => "Cavour"
HKU\S-1-5-21-3126919406-1894036365-1143836582-1001\...\StartupApproved\Run: => "Chanel"
HKU\S-1-5-21-3126919406-1894036365-1143836582-1001\...\StartupApproved\Run: => "ColdTree"
HKU\S-1-5-21-3126919406-1894036365-1143836582-1001\...\StartupApproved\Run: => "hDç95_tsRf.exe"
HKU\S-1-5-21-3126919406-1894036365-1143836582-1001\...\StartupApproved\Run: => "territorially"
HKU\S-1-5-21-3126919406-1894036365-1143836582-1001\...\StartupApproved\Run: => "vidnotifier.exe"
HKU\S-1-5-21-3126919406-1894036365-1143836582-1001\...\StartupApproved\Run: => "OctoVPN"
HKU\S-1-5-21-3126919406-1894036365-1143836582-1001\...\StartupApproved\Run: => "OPENVPN-GUI"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{50E2E24F-F230-4691-ACFA-47C40ADE5DFD}] => (Allow) C:\WINDOWS\system32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{A8091B85-FE88-4B3E-8AAA-E06950DC88EF}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{49BBA7F2-4A6D-48FF-B7D0-6455BF093A7C}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [{F8C5BC74-7D7A-4641-B4D4-EC4FD85C23B0}] => (Block) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [{55A0F899-B147-4399-9D3D-DC0D0F88BBA0}] => (Block) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [{CB1ACA4D-D924-4233-802D-8661D8F8C714}] => (Allow) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{49F2D001-EDCD-4C16-9E24-CADE15FD5C3D}] => (Allow) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{F227BAB6-47DC-4DDC-8BDF-EB03C44E439C}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{F5FCDAB1-1A25-4BB4-A944-9FE105B34687}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{2FA9D21B-ABD4-42E0-91F0-78123AD1FD16}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{32FBD849-0629-4E79-B112-981EB4830750}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{DC5F3745-102F-4A87-90A0-72EFAA3565D2}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{7D1A2229-CA1E-4BE0-A55E-E34C94CD96A5}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{1D1E8A14-7148-4178-8311-D48317A4BC39}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{B3D4CC51-6CB7-44AA-A161-5E7D2135E4A9}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{0303F0A7-08B7-424F-8AC0-04A851A4558B}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{2BCAB901-C515-4C37-BED4-5BCE1902E320}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{3C8AE815-1B74-48A6-A4A6-16A332EBA3AF}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{408D1D41-4C45-4AB4-9030-DE88CE5F8AF6}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{1E6E5BF6-A1FE-4551-A366-A4401AE9DA6F}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Wiederherstellungspunkte =========================
17-07-2019 00:31:25 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (07/24/2019 11:05:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 740: DNSServiceBrowse 467b0543._sub._apple-mobdev2._tcp.local.
Error: (07/24/2019 11:05:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 740: Could not write data to client because of error - aborting connection
Error: (07/24/2019 11:05:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: send_msg ERROR: failed to write 112 of 112 bytes to fd 740 errno 10053 (Eine bestehende Verbindung wurde softwaregesteuert
durch den Hostcomputer abgebrochen.)
Error: (07/24/2019 07:38:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname DESKTOP-M826EE6.local already in use; will try DESKTOP-M826EE6-2.local instead
Error: (07/24/2019 07:38:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 DESKTOP-M826EE6.local. Addr 192.168.2.104
Error: (07/24/2019 07:38:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.104:5353 16 DESKTOP-M826EE6.local. AAAA 2003:00E4:1F18:B981:FD39:37FC:DD4E:486C
Error: (07/24/2019 07:38:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 DESKTOP-M826EE6.local. AAAA FE80:0000:0000:0000:FD39:37FC:DD4E:486C
Error: (07/24/2019 07:38:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.104:5353 16 DESKTOP-M826EE6.local. AAAA 2003:00E4:1F18:B981:FD39:37FC:DD4E:486C
Systemfehler:
=============
Error: (07/25/2019 12:45:35 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-M826EE6)
Description: Der Server "{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (07/25/2019 12:45:35 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-M826EE6)
Description: Der Server "{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (07/25/2019 12:45:35 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-M826EE6)
Description: Der Server "{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (07/25/2019 12:45:35 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-M826EE6)
Description: Der Server "{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (07/25/2019 12:45:35 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-M826EE6)
Description: Der Server "{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (07/24/2019 11:26:38 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-M826EE6)
Description: Der Server "{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (07/22/2019 06:02:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Zwischenablage-Benutzerdienst_778f24d" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 3000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/21/2019 12:56:54 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-M826EE6)
Description: Der Server "{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Windows Defender:
===================================
Date: 2019-07-17 21:36:46.037
Description:
Windows Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/Linkhortry&threatid=234930&enterprise=0
Name: BrowserModifier:Win32/Linkhortry
ID: 234930
Schweregrad: Hoch
Kategorie: Browserveränderer
Pfad: file:_C:\Users\baris\AppData\Local\Temp\6071156\ic-0.2bc239f60b226c.exe; file:_C:\Users\baris\AppData\Local\Temp\ehzinwo2.tpb\APSF360dev.exe; file:_C:\Users\baris\AppData\Local\Temp\lrj4ly4j.yin\APSF360dev.exe; folder:_c:\users\baris\appdata\local\temp\ehzinwo2.tpb\; folder:_c:\users\baris\appdata\local\temp\lrj4ly4j.yin\
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: DESKTOP-M826EE6\baris
Prozessname: C:\Users\baris\AppData\Local\Temp\W9TRU135TB\W9TR.exe
Sicherheitsversion: AV: 1.297.1248.0, AS: 1.297.1248.0, NIS: 0.0.0.0
Modulversion: AM: 1.1.16100.4, NIS: 0.0.0.0
Date: 2019-07-17 21:36:13.543
Description:
Windows Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/Linkhortry&threatid=234930&enterprise=0
Name: BrowserModifier:Win32/Linkhortry
ID: 234930
Schweregrad: Hoch
Kategorie: Browserveränderer
Pfad: file:_C:\Users\baris\AppData\Local\Temp\6071156\ic-0.2bc239f60b226c.exe; file:_C:\Users\baris\AppData\Local\Temp\ehzinwo2.tpb\APSF360dev.exe; file:_C:\Users\baris\AppData\Local\Temp\lrj4ly4j.yin\APSF360dev.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: DESKTOP-M826EE6\baris
Prozessname: C:\Users\baris\AppData\Local\Temp\W9TRU135TB\W9TR.exe
Sicherheitsversion: AV: 1.297.1248.0, AS: 1.297.1248.0, NIS: 0.0.0.0
Modulversion: AM: 1.1.16100.4, NIS: 0.0.0.0
Date: 2019-07-17 21:36:03.348
Description:
Windows Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/Linkhortry&threatid=234930&enterprise=0
Name: BrowserModifier:Win32/Linkhortry
ID: 234930
Schweregrad: Hoch
Kategorie: Browserveränderer
Pfad: file:_c:\users\baris\appdata\local\temp\6071156\Dgubwhumsh.exe; file:_c:\users\baris\appdata\local\temp\6071156\dlreport; file:_c:\users\baris\appdata\local\temp\6071156\ic-0.021ceb3557eb2c.exe; file:_C:\Users\baris\AppData\Local\Temp\6071156\ic-0.2bc239f60b226c.exe; file:_c:\users\baris\appdata\local\temp\6071156\ic-0.36b2c906097f98.exe; file:_c:\users\baris\appdata\local\temp\6071156\ic-0.43c67b9e4c6e88.exe; file:_c:\users\baris\appdata\local\temp\6071156\ic-0.4cdb2331bddb08.exe; file:_c:\users\baris\appdata\local\temp\6071156\ic-0.518f945d7444a.exe; file:_c:\users\baris\appdata\local\temp\6071156\ic-0.89c2f9fb6a056.exe; file:_c:\users\baris\appdata\local\temp\6071156\ic-0.cbb08622ff3df.exe; file:_c:\users\baris\appdata\local\temp\6071156\RunBoosterSetup64_3231.exe; folder:_c:\users\baris\appdata\local\temp\6071156\; process:_pid:7028,ProcessStart:132078655236685515
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: DESKTOP-M826EE6\baris
Prozessname: C:\Users\baris\AppData\Local\Temp\Rar$EXa3992.35187\CommView For WiFi Crack Updated Keys June 2019.exe
Sicherheitsversion: AV: 1.297.1248.0, AS: 1.297.1248.0, NIS: 0.0.0.0
Modulversion: AM: 1.1.16100.4, NIS: 0.0.0.0
Date: 2019-07-17 21:35:10.314
Description:
Windows Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Adware:Win64/RunBooster&threatid=245169&enterprise=0
Name: Adware:Win64/RunBooster
ID: 245169
Schweregrad: Hoch
Kategorie: Adware
Pfad: file:_C:\Users\baris\AppData\Local\Temp\6071156\RunBoosterSetup64_3231.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: DESKTOP-M826EE6\baris
Prozessname: C:\Users\baris\AppData\Local\Temp\Rar$EXa3992.35187\CommView For WiFi Crack Updated Keys June 2019.exe
Sicherheitsversion: AV: 1.297.1248.0, AS: 1.297.1248.0, NIS: 0.0.0.0
Modulversion: AM: 1.1.16100.4, NIS: 0.0.0.0
Date: 2019-07-17 21:34:48.139
Description:
Windows Defender Antivirus hat Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/MonClon&threatid=2147740260&enterprise=0
Name: Trojan:Win32/MonClon
ID: 2147740260
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Users\baris\AppData\Local\Temp\6071156\ic-0.36b2c906097f98.exe
Erkennungsursprung: Lokaler Computer
Erkennungstype: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: DESKTOP-M826EE6\baris
Prozessname: C:\Users\baris\AppData\Local\Temp\Rar$EXa3992.35187\CommView For WiFi Crack Updated Keys June 2019.exe
Sicherheitsversion: AV: 1.297.1248.0, AS: 1.297.1248.0, NIS: 0.0.0.0
Modulversion: AM: 1.1.16100.4, NIS: 0.0.0.0
CodeIntegrity:
===================================
Date: 2019-07-20 19:51:33.466
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-07-20 18:59:39.460
Description:
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-07-20 18:59:39.392
Description:
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-07-20 18:59:39.298
Description:
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-07-20 18:59:39.226
Description:
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-07-20 18:59:39.153
Description:
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-07-20 18:59:20.189
Description:
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
Date: 2019-07-20 18:59:12.679
Description:
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
==================== Speicherinformationen ===========================
BIOS: Insyde Corp. V1.10 08/22/2017
Motherboard: KBL Charmander_KL
Prozessor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 43%
Installierter physikalischer RAM: 8067.6 MB
Verfügbarer physikalischer RAM: 4556.29 MB
Summe virtueller Speicher: 9987.6 MB
Verfügbarer virtueller Speicher: 6384.92 MB
==================== Laufwerke ================================
Drive c: (Acer) (Fixed) (Total:237.35 GB) (Free:169.48 GB) NTFS
\\?\Volume{26817bcd-d999-4c2b-aea9-6cb726dfbdb3}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.52 GB) NTFS
\\?\Volume{bba47be7-a925-4e45-86e9-32beab07d274}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: CCC65ED7)
Partition: GPT.
==================== Ende von Addition.txt ============================
ich hab es hier hochgeladen https://workupload.com/file/7y9Pmpgb lg baris |
|
25.07.2019, 15:07
| #10 | ||
| /// TB-Ausbilder | Malware Trojaner Windows 10Zitat:
Das ist nicht ein Ort, von dem aus FRST gestartet werden sollte. Zitat:
|
|
28.07.2019, 08:47
| #11 |
| /// TB-Ausbilder | Malware Trojaner Windows 10 Fehlende Rückmeldung Dieses Thema wurde aus meinen Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten. Solltest Du das Thema erneut brauchen, schicke uns bitte eine Erinnerung inklusive Link zum Thema. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Jeder andere bitte hier klicken und ein eigenes Thema erstellen! |
| Themen zu Malware Trojaner Windows 10 |
| appdata, askbar, boot, c:\windows, csrss, explorer, firefox, gen, install, internet, internet explorer, löschen, malware, microsoft, mozilla, neustart, problem, quarantäne, roaming, scan, services, system32, temp, trojaner, windows, windows problem |
Linear-Darstellung
