Windows 7 / Avira, MBAM finden Trojaner
Hallo liebes Trojaner Board Team,
zunächst einmal: mein Rechner wird auch für mein Kleinstunternehmen genutzt. Ich hoffe, dass ich trotzdem hier Hilfe bekommen kann.
Vor 11 Tagen hat mir Avira einen Trojaner gemeldet. Hier der Log: Code:
Free Antivirus
Report file date: Freitag, 5. Juni 2015 17:23
The program is running as an unrestricted full version.
Online services are available.
Licensee : Free
Serial number : 0000149996-AVHOE-0000001
Platform : Windows 7 Home Premium
Windows version : (Service Pack 1) [6.1.7601]
Boot mode : Normally booted
Username : SYSTEM
Computer name : BAHTE-HP
Version information:
BUILD.DAT : 15.0.10.434 109882 Bytes 16.04.2015 15:24:00
AVSCAN.EXE : 15.0.10.430 1028856 Bytes 16.04.2015 13:23:55
AVSCANRC.DLL : 15.0.10.236 55032 Bytes 16.04.2015 13:23:55
LUKE.DLL : 15.0.10.414 59696 Bytes 16.04.2015 13:23:56
AVSCPLR.DLL : 15.0.10.414 97736 Bytes 16.04.2015 13:23:55
REPAIR.DLL : 15.0.10.414 375088 Bytes 16.04.2015 13:23:55
REPAIR.RDF : 1.0.8.26 917354 Bytes 05.06.2015 14:04:50
AVREG.DLL : 15.0.10.414 275248 Bytes 16.04.2015 13:23:55
AVLODE.DLL : 15.0.10.414 597240 Bytes 16.04.2015 13:23:55
AVLODE.RDF : 14.0.4.70 79227 Bytes 03.06.2015 22:04:25
XBV00021.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00022.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00023.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00024.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00025.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00026.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00027.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00028.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00029.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00030.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00031.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00032.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00033.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00034.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00035.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00036.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00037.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00038.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00039.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00040.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00041.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00076.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:44
XBV00077.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:44
XBV00078.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:44
XBV00079.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:44
XBV00080.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:44
XBV00081.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:44
XBV00082.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:44
XBV00083.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:44
XBV00084.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:44
XBV00085.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:44
XBV00086.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:44
XBV00087.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:44
XBV00088.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:45
XBV00089.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:45
XBV00090.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:45
XBV00091.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:45
XBV00092.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:45
XBV00093.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:45
XBV00094.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:45
XBV00095.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:45
XBV00096.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:45
XBV00097.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:45
XBV00098.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:45
XBV00099.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:45
XBV00100.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:45
XBV00101.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:45
XBV00102.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:45
XBV00103.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:45
XBV00104.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:45
XBV00105.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:45
XBV00106.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:45
XBV00107.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:46
XBV00108.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:46
XBV00109.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:46
XBV00110.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:46
XBV00111.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:46
XBV00112.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:46
XBV00113.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:46
XBV00114.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:46
XBV00115.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:46
XBV00116.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:46
XBV00117.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:46
XBV00118.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:46
XBV00119.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:46
XBV00120.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:46
XBV00121.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:46
XBV00122.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:46
XBV00123.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:46
XBV00124.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:46
XBV00125.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:46
XBV00126.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:47
XBV00127.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:47
XBV00128.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:47
XBV00129.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:47
XBV00130.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:47
XBV00131.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:47
XBV00132.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:47
XBV00133.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:47
XBV00134.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:47
XBV00135.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:47
XBV00136.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:47
XBV00137.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:47
XBV00138.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:47
XBV00139.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:47
XBV00140.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:47
XBV00141.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:47
XBV00142.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:47
XBV00143.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:47
XBV00144.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:47
XBV00145.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:48
XBV00146.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:48
XBV00147.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:48
XBV00148.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:48
XBV00149.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:48
XBV00150.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:48
XBV00151.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:48
XBV00152.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:48
XBV00153.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:48
XBV00154.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:48
XBV00155.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:48
XBV00156.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:48
XBV00157.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:48
XBV00158.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:48
XBV00159.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:48
XBV00160.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:48
XBV00161.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:48
XBV00162.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:48
XBV00163.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:48
XBV00164.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:49
XBV00165.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:49
XBV00166.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:49
XBV00167.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:49
XBV00168.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:49
XBV00169.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:49
XBV00170.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:49
XBV00171.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:49
XBV00172.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:49
XBV00173.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:49
XBV00174.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:49
XBV00175.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:49
XBV00176.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:49
XBV00177.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:49
XBV00178.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:49
XBV00179.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:49
XBV00180.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:49
XBV00181.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:49
XBV00182.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:49
XBV00183.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:50
XBV00184.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:50
XBV00185.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:50
XBV00186.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:50
XBV00187.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:50
XBV00188.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:50
XBV00189.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:50
XBV00190.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:50
XBV00191.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:50
XBV00192.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:50
XBV00193.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:50
XBV00194.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:50
XBV00195.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:50
XBV00196.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:50
XBV00197.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:50
XBV00198.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:50
XBV00199.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:50
XBV00200.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:50
XBV00201.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:50
XBV00202.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:51
XBV00203.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:51
XBV00204.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:51
XBV00205.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:51
XBV00206.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:51
XBV00207.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:51
XBV00208.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:51
XBV00209.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:51
XBV00210.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:51
XBV00211.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:51
XBV00212.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:51
XBV00213.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:51
XBV00214.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:51
XBV00215.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:51
XBV00216.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:51
XBV00217.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:51
XBV00218.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:51
XBV00219.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:51
XBV00220.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:51
XBV00221.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:52
XBV00222.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:52
XBV00223.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:52
XBV00224.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:52
XBV00225.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:52
XBV00226.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:52
XBV00227.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:52
XBV00228.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:52
XBV00229.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:52
XBV00230.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:52
XBV00231.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:52
XBV00232.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:52
XBV00233.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:52
XBV00234.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:52
XBV00235.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:52
XBV00236.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:52
XBV00237.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:52
XBV00238.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:52
XBV00239.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:52
XBV00240.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:53
XBV00241.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:53
XBV00242.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:53
XBV00243.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:53
XBV00244.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:53
XBV00245.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:53
XBV00246.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:53
XBV00247.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:53
XBV00248.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:53
XBV00249.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:53
XBV00250.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:53
XBV00251.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:53
XBV00252.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:53
XBV00253.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:53
XBV00254.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:53
XBV00255.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:53
XBV00000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 13:23:57
XBV00001.VDF : 7.11.74.226 2201600 Bytes 30.04.2013 13:23:57
XBV00002.VDF : 7.11.80.60 2751488 Bytes 28.05.2013 13:23:57
XBV00003.VDF : 7.11.85.214 2162688 Bytes 21.06.2013 13:23:57
XBV00004.VDF : 7.11.91.176 3903488 Bytes 23.07.2013 13:23:57
XBV00005.VDF : 7.11.98.186 6822912 Bytes 29.08.2013 13:23:57
XBV00006.VDF : 7.11.139.38 15708672 Bytes 27.03.2014 13:23:57
XBV00007.VDF : 7.11.152.100 4193792 Bytes 02.06.2014 13:23:57
XBV00008.VDF : 8.11.165.192 4251136 Bytes 07.08.2014 13:23:57
XBV00009.VDF : 8.11.172.30 2094080 Bytes 15.09.2014 13:23:57
XBV00010.VDF : 8.11.178.32 1581056 Bytes 14.10.2014 13:23:57
XBV00011.VDF : 8.11.184.50 2178560 Bytes 11.11.2014 13:23:57
XBV00012.VDF : 8.11.190.32 1876992 Bytes 03.12.2014 13:23:57
XBV00013.VDF : 8.11.201.28 2973696 Bytes 14.01.2015 13:23:57
XBV00014.VDF : 8.11.206.252 2695680 Bytes 04.02.2015 13:23:57
XBV00015.VDF : 8.11.213.84 3175936 Bytes 03.03.2015 13:23:57
XBV00016.VDF : 8.11.213.176 212480 Bytes 05.03.2015 13:23:57
XBV00017.VDF : 8.11.219.166 2033664 Bytes 25.03.2015 13:23:57
XBV00018.VDF : 8.11.225.88 2367488 Bytes 22.04.2015 22:04:29
XBV00019.VDF : 8.11.230.186 1674752 Bytes 13.05.2015 22:04:32
XBV00020.VDF : 8.11.237.30 4711936 Bytes 02.06.2015 22:04:42
XBV00042.VDF : 8.11.237.62 34816 Bytes 02.06.2015 22:04:42
XBV00043.VDF : 8.11.237.64 14848 Bytes 02.06.2015 22:04:42
XBV00044.VDF : 8.11.237.96 44032 Bytes 02.06.2015 22:04:42
XBV00045.VDF : 8.11.237.128 4096 Bytes 02.06.2015 22:04:42
XBV00046.VDF : 8.11.237.130 12800 Bytes 02.06.2015 22:04:42
XBV00047.VDF : 8.11.237.132 23552 Bytes 03.06.2015 22:04:42
XBV00048.VDF : 8.11.237.134 4608 Bytes 03.06.2015 22:04:42
XBV00049.VDF : 8.11.237.136 4096 Bytes 03.06.2015 22:04:42
XBV00050.VDF : 8.11.237.138 6144 Bytes 03.06.2015 22:04:42
XBV00051.VDF : 8.11.237.160 7680 Bytes 03.06.2015 22:04:42
XBV00052.VDF : 8.11.237.182 17408 Bytes 03.06.2015 22:04:43
XBV00053.VDF : 8.11.237.204 10240 Bytes 03.06.2015 22:04:43
XBV00054.VDF : 8.11.237.224 7168 Bytes 03.06.2015 22:04:43
XBV00055.VDF : 8.11.237.226 10752 Bytes 03.06.2015 22:04:43
XBV00056.VDF : 8.11.237.228 11264 Bytes 03.06.2015 22:04:43
XBV00057.VDF : 8.11.237.230 6144 Bytes 03.06.2015 09:07:32
XBV00058.VDF : 8.11.237.234 10240 Bytes 04.06.2015 09:07:32
XBV00059.VDF : 8.11.237.236 2048 Bytes 04.06.2015 09:07:32
XBV00060.VDF : 8.11.237.238 14848 Bytes 04.06.2015 19:30:09
XBV00061.VDF : 8.11.237.240 6144 Bytes 04.06.2015 19:30:09
XBV00062.VDF : 8.11.237.242 2560 Bytes 04.06.2015 19:30:09
XBV00063.VDF : 8.11.237.244 17408 Bytes 04.06.2015 21:30:19
XBV00064.VDF : 8.11.237.246 2048 Bytes 04.06.2015 21:30:19
XBV00065.VDF : 8.11.237.248 2048 Bytes 04.06.2015 21:30:19
XBV00066.VDF : 8.11.237.250 2048 Bytes 04.06.2015 21:30:19
XBV00067.VDF : 8.11.237.252 2048 Bytes 04.06.2015 21:30:20
XBV00068.VDF : 8.11.237.254 2048 Bytes 04.06.2015 21:30:20
XBV00069.VDF : 8.11.238.0 2048 Bytes 04.06.2015 21:30:20
XBV00070.VDF : 8.11.238.4 26624 Bytes 04.06.2015 05:48:32
XBV00071.VDF : 8.11.238.6 8192 Bytes 05.06.2015 05:48:32
XBV00072.VDF : 8.11.238.8 5632 Bytes 05.06.2015 05:48:32
XBV00073.VDF : 8.11.238.10 3072 Bytes 05.06.2015 14:04:48
XBV00074.VDF : 8.11.238.12 43520 Bytes 05.06.2015 14:04:49
XBV00075.VDF : 8.11.238.32 6656 Bytes 05.06.2015 14:04:49
LOCAL001.VDF : 8.11.238.32 126773760 Bytes 05.06.2015 14:05:11
Engine version : 8.3.30.40
AEVDF.DLL : 8.3.1.6 133992 Bytes 16.04.2015 13:23:54
AESCRIPT.DLL : 8.2.2.68 524352 Bytes 03.06.2015 22:04:24
AESCN.DLL : 8.3.2.10 142456 Bytes 03.06.2015 22:04:23
AESBX.DLL : 8.2.21.0 1622072 Bytes 03.06.2015 22:04:25
AERDL.DLL : 8.2.1.20 731040 Bytes 16.04.2015 13:23:54
AEPACK.DLL : 8.4.0.80 793728 Bytes 03.06.2015 22:04:23
AEOFFICE.DLL : 8.3.1.22 363376 Bytes 03.06.2015 22:04:22
AEMOBILE.DLL : 8.1.7.2 281720 Bytes 03.06.2015 22:04:25
AEHEUR.DLL : 8.1.4.1714 8440688 Bytes 03.06.2015 22:04:22
AEHELP.DLL : 8.3.2.0 281456 Bytes 16.04.2015 13:23:54
AEGEN.DLL : 8.1.7.40 456608 Bytes 16.04.2015 13:23:54
AEEXP.DLL : 8.4.2.88 266296 Bytes 03.06.2015 22:04:25
AEEMU.DLL : 8.1.3.4 399264 Bytes 16.04.2015 13:23:54
AEDROID.DLL : 8.4.3.116 1050536 Bytes 16.04.2015 13:23:54
AECORE.DLL : 8.3.6.2 243624 Bytes 03.06.2015 22:04:17
AEBB.DLL : 8.1.2.0 60448 Bytes 16.04.2015 13:23:54
AVWINLL.DLL : 15.0.10.236 25904 Bytes 16.04.2015 13:23:55
AVPREF.DLL : 15.0.10.236 52984 Bytes 16.04.2015 13:23:55
AVREP.DLL : 15.0.10.236 220464 Bytes 16.04.2015 13:23:55
AVARKT.DLL : 15.0.10.296 228088 Bytes 16.04.2015 13:23:54
AVEVTLOG.DLL : 15.0.10.296 194296 Bytes 16.04.2015 13:23:54
SQLITE3.DLL : 15.0.10.236 456440 Bytes 16.04.2015 13:23:56
AVSMTP.DLL : 15.0.10.236 78128 Bytes 16.04.2015 13:23:55
NETNT.DLL : 15.0.10.236 16120 Bytes 16.04.2015 13:23:56
CommonImageRc.dll: 15.0.10.236 4355376 Bytes 16.04.2015 13:23:56
CommonTextRc.DLL: 15.0.10.270 70392 Bytes 16.04.2015 13:23:56
Configuration settings for the scan:
Jobname.............................: AVGuardAsyncScan
Configuration file..................: C:\ProgramData\Avira\Antivirus\TEMP\AVGUARD_5571a232\guard_slideup.avp
Reporting...........................: default
Primary action......................: Repair
Secondary action....................: Quarantine
Scan master boot sector.............: on
Scan boot sector....................: off
Process scan........................: on
Scan registry.......................: off
Search for rootkits.................: off
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Limit recursion depth...............: 20
Smart extensions....................: on
Macrovirus heuristic................: on
File heuristic......................: Complete
Start of the scan: Freitag, 5. Juni 2015 17:23
The scan of running processes will be started:
Scan process 'svchost.exe' - '52' Module(s) have been scanned
Scan process 'HPFSService.exe' - '25' Module(s) have been scanned
Scan process 'svchost.exe' - '36' Module(s) have been scanned
Scan process 'svchost.exe' - '94' Module(s) have been scanned
Scan process 'svchost.exe' - '127' Module(s) have been scanned
Scan process 'svchost.exe' - '90' Module(s) have been scanned
Scan process 'svchost.exe' - '160' Module(s) have been scanned
Scan process 'STacSV64.exe' - '38' Module(s) have been scanned
Scan process 'svchost.exe' - '28' Module(s) have been scanned
Scan process 'Hpservice.exe' - '28' Module(s) have been scanned
Scan process 'vcsFPService.exe' - '36' Module(s) have been scanned
Scan process 'svchost.exe' - '86' Module(s) have been scanned
Scan process 'spoolsv.exe' - '84' Module(s) have been scanned
Scan process 'DpHostW.exe' - '145' Module(s) have been scanned
Scan process 'sched.exe' - '77' Module(s) have been scanned
Scan process 'svchost.exe' - '61' Module(s) have been scanned
Scan process 'ACService.exe' - '28' Module(s) have been scanned
Scan process 'armsvc.exe' - '28' Module(s) have been scanned
Scan process 'AESTSr64.exe' - '8' Module(s) have been scanned
Scan process 'avguard.exe' - '132' Module(s) have been scanned
Scan process 'devmgrsrv.exe' - '72' Module(s) have been scanned
Scan process 'OfficeClickToRun.exe' - '99' Module(s) have been scanned
Scan process 'svchost.exe' - '60' Module(s) have been scanned
Scan process 'svchost.exe' - '59' Module(s) have been scanned
Scan process 'HPDayStarterService.exe' - '39' Module(s) have been scanned
Scan process 'HPDrvMntSvc.exe' - '23' Module(s) have been scanned
Scan process 'HpHotkeyMonitor.exe' - '50' Module(s) have been scanned
Scan process 'jhi_service.exe' - '30' Module(s) have been scanned
Scan process 'ServiceManager.exe' - '21' Module(s) have been scanned
Scan process 'MfeEpeHost.exe' - '38' Module(s) have been scanned
Scan process 'sftvsa.exe' - '32' Module(s) have been scanned
Scan process 'svchost.exe' - '32' Module(s) have been scanned
Scan process 'uArcCapture.exe' - '53' Module(s) have been scanned
Scan process 'WLIDSVC.EXE' - '55' Module(s) have been scanned
Scan process 'Avira.ServiceHost.exe' - '132' Module(s) have been scanned
Scan process 'WLIDSvcM.exe' - '17' Module(s) have been scanned
Scan process 'obexsrv.exe' - '32' Module(s) have been scanned
Scan process 'sftlist.exe' - '86' Module(s) have been scanned
Scan process 'avshadow.exe' - '20' Module(s) have been scanned
Scan process 'unsecapp.exe' - '27' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '33' Module(s) have been scanned
Scan process 'CVHSVC.EXE' - '83' Module(s) have been scanned
Scan process 'hpqWmiEx.exe' - '48' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '54' Module(s) have been scanned
Scan process 'FNPLicensingService64.exe' - '19' Module(s) have been scanned
Scan process 'taskhost.exe' - '69' Module(s) have been scanned
Scan process 'Dwm.exe' - '31' Module(s) have been scanned
Scan process 'Explorer.EXE' - '174' Module(s) have been scanned
Scan process 'rundll32.exe' - '49' Module(s) have been scanned
Scan process 'hkcmd.exe' - '28' Module(s) have been scanned
Scan process 'igfxpers.exe' - '38' Module(s) have been scanned
Scan process 'sttray64.exe' - '41' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '45' Module(s) have been scanned
Scan process 'CVH.EXE' - '80' Module(s) have been scanned
Scan process 'coreshredder.exe' - '41' Module(s) have been scanned
Scan process 'IAStorIcon.exe' - '56' Module(s) have been scanned
Scan process 'nusb3mon.exe' - '36' Module(s) have been scanned
Scan process 'hpqwutils.exe' - '62' Module(s) have been scanned
Scan process 'QLBController.exe' - '85' Module(s) have been scanned
Scan process 'unsecapp.exe' - '28' Module(s) have been scanned
Scan process 'audiosrv.exe' - '33' Module(s) have been scanned
Scan process 'AudibleDownloadHelper.exe' - '83' Module(s) have been scanned
Scan process 'acrotray.exe' - '32' Module(s) have been scanned
Scan process 'ModemListener.exe' - '33' Module(s) have been scanned
Scan process 'avgnt.exe' - '128' Module(s) have been scanned
Scan process 'mcserver.exe' - '52' Module(s) have been scanned
Scan process 'btplayerctrl.exe' - '33' Module(s) have been scanned
Scan process 'SYNTPHELPER.EXE' - '17' Module(s) have been scanned
Scan process 'cmd.exe' - '22' Module(s) have been scanned
Scan process 'conhost.exe' - '15' Module(s) have been scanned
Scan process 'dbus-daemon.exe' - '35' Module(s) have been scanned
Scan process 'gconfd-2.exe' - '35' Module(s) have been scanned
Scan process 'db_daemon.exe' - '32' Module(s) have been scanned
Scan process 'TMMonitor.exe' - '89' Module(s) have been scanned
Scan process 'Avira.Systray.exe' - '129' Module(s) have been scanned
Scan process 'MSOSYNC.EXE' - '56' Module(s) have been scanned
Scan process 'OfficeVirt.exe' - '32' Module(s) have been scanned
Scan process 'hpsa_service.exe' - '56' Module(s) have been scanned
Scan process 'IAStorDataMgrSvc.exe' - '53' Module(s) have been scanned
Scan process 'LMS.exe' - '33' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '120' Module(s) have been scanned
Scan process 'UNS.exe' - '45' Module(s) have been scanned
Scan process 'firefox.exe' - '132' Module(s) have been scanned
Scan process 'svchost.exe' - '59' Module(s) have been scanned
Scan process 'svchost.exe' - '37' Module(s) have been scanned
Scan process 'svchost.exe' - '67' Module(s) have been scanned
Scan process 'svchost.exe' - '46' Module(s) have been scanned
Scan process 'DllHost.exe' - '45' Module(s) have been scanned
Scan process 'ctfmon.exe' - '27' Module(s) have been scanned
Scan process 'explorer.exe' - '136' Module(s) have been scanned
Scan process 'explorer.exe' - '132' Module(s) have been scanned
Scan process 'explorer.exe' - '125' Module(s) have been scanned
Scan process 'explorer.exe' - '144' Module(s) have been scanned
Scan process 'explorer.exe' - '108' Module(s) have been scanned
Scan process 'cmd.exe' - '46' Module(s) have been scanned
Scan process 'conhost.exe' - '15' Module(s) have been scanned
Scan process 'avscan.exe' - '116' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned
Scan process 'csrss.exe' - '18' Module(s) have been scanned
Scan process 'wininit.exe' - '26' Module(s) have been scanned
Scan process 'csrss.exe' - '18' Module(s) have been scanned
Scan process 'services.exe' - '33' Module(s) have been scanned
Scan process 'lsass.exe' - '75' Module(s) have been scanned
Scan process 'lsm.exe' - '16' Module(s) have been scanned
Scan process 'winlogon.exe' - '31' Module(s) have been scanned
Starting the file scan:
Begin scan in 'C:\Users\xxxxx\AppData\Local\Temp\FE7C.tmp'
C:\Users\xxxxx\AppData\Local\Temp\FE7C.tmp
[DETECTION] Is the TR/Crowti.A.138 Trojan
[NOTE] The file was moved to the quarantine directory under the name '50212a3d.qua'!
End of the scan: Freitag, 5. Juni 2015 17:23
Used time: 00:31 Minute(s)
The scan has been done completely.
0 Scanned directories
1139 Files were scanned
1 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 Files were deleted
0 Viruses and unwanted programs were repaired
1 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
1138 Files not concerned
1 Archives were scanned
0 Warnings
1 Notes
Der Trojaner wurde in Quarantäne verschoben.
Ein paar Tage später wurde mein Computer immer langsamer. Der Taskmanager zeigte, dass die explorer.exe teilweise über 1 GB des Arbeitsspeichers verbrauchte.
Daraufhin habe ich erneut mit Avira gescannt und es wurden weitere Trojaner gefunden: Code:
Free Antivirus
Report file date: Sonntag, 14. Juni 2015 13:05
The program is running as an unrestricted full version.
Online services are available.
Licensee : Free
Serial number : 0000149996-AVHOE-0000001
Platform : Windows 7 Home Premium
Windows version : (Service Pack 1) [6.1.7601]
Boot mode : Safe mode
Username : xxxxx
Computer name : xxxxx-HP
Version information:
BUILD.DAT : 15.0.11.574 109728 Bytes 27.05.2015 13:08:00
AVSCAN.EXE : 15.0.11.574 1040688 Bytes 09.06.2015 09:15:39
AVSCANRC.DLL : 15.0.11.478 55032 Bytes 09.06.2015 09:15:39
LUKE.DLL : 15.0.11.550 59696 Bytes 09.06.2015 09:16:03
AVSCPLR.DLL : 15.0.11.550 95024 Bytes 09.06.2015 09:15:39
REPAIR.DLL : 15.0.11.572 463608 Bytes 09.06.2015 09:15:38
REPAIR.RDF : 1.0.8.42 927512 Bytes 11.06.2015 09:08:07
AVREG.DLL : 15.0.11.550 276784 Bytes 09.06.2015 09:15:37
AVLODE.DLL : 15.0.11.572 611632 Bytes 09.06.2015 09:15:35
AVLODE.RDF : 14.0.4.70 79227 Bytes 03.06.2015 22:04:25
XBV00021.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00022.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00023.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00024.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00025.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00026.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00027.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00028.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00029.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00030.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00031.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00032.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00033.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00034.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00035.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00036.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00037.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00038.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00039.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00040.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00041.VDF : 8.11.165.190 2048 Bytes 07.08.2014 13:23:57
XBV00118.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:46
XBV00119.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:46
XBV00120.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:46
XBV00121.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:46
XBV00122.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:46
XBV00123.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:46
XBV00124.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:46
XBV00125.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:46
XBV00126.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:47
XBV00127.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:47
XBV00128.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:47
XBV00129.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:47
XBV00130.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:47
XBV00131.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:47
XBV00132.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:47
XBV00133.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:47
XBV00134.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:47
XBV00135.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:47
XBV00136.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:47
XBV00137.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:47
XBV00138.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:47
XBV00139.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:47
XBV00140.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:47
XBV00141.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:47
XBV00142.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:47
XBV00143.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:47
XBV00144.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:47
XBV00145.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:48
XBV00146.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:48
XBV00147.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:48
XBV00148.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:48
XBV00149.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:48
XBV00150.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:48
XBV00151.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:48
XBV00152.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:48
XBV00153.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:48
XBV00154.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:48
XBV00155.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:48
XBV00156.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:48
XBV00157.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:48
XBV00158.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:48
XBV00159.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:48
XBV00160.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:48
XBV00161.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:48
XBV00162.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:48
XBV00163.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:48
XBV00164.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:49
XBV00165.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:49
XBV00166.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:49
XBV00167.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:49
XBV00168.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:49
XBV00169.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:49
XBV00170.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:49
XBV00171.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:49
XBV00172.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:49
XBV00173.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:49
XBV00174.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:49
XBV00175.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:49
XBV00176.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:49
XBV00177.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:49
XBV00178.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:49
XBV00179.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:49
XBV00180.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:49
XBV00181.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:49
XBV00182.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:49
XBV00183.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:50
XBV00184.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:50
XBV00185.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:50
XBV00186.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:50
XBV00187.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:50
XBV00188.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:50
XBV00189.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:50
XBV00190.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:50
XBV00191.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:50
XBV00192.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:50
XBV00193.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:50
XBV00194.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:50
XBV00195.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:50
XBV00196.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:50
XBV00197.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:50
XBV00198.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:50
XBV00199.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:50
XBV00200.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:50
XBV00201.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:50
XBV00202.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:51
XBV00203.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:51
XBV00204.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:51
XBV00205.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:51
XBV00206.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:51
XBV00207.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:51
XBV00208.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:51
XBV00209.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:51
XBV00210.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:51
XBV00211.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:51
XBV00212.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:51
XBV00213.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:51
XBV00214.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:51
XBV00215.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:51
XBV00216.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:51
XBV00217.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:51
XBV00218.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:51
XBV00219.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:51
XBV00220.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:51
XBV00221.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:52
XBV00222.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:52
XBV00223.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:52
XBV00224.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:52
XBV00225.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:52
XBV00226.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:52
XBV00227.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:52
XBV00228.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:52
XBV00229.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:52
XBV00230.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:52
XBV00231.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:52
XBV00232.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:52
XBV00233.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:52
XBV00234.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:52
XBV00235.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:52
XBV00236.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:52
XBV00237.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:52
XBV00238.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:52
XBV00239.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:52
XBV00240.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:53
XBV00241.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:53
XBV00242.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:53
XBV00243.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:53
XBV00244.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:53
XBV00245.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:53
XBV00246.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:53
XBV00247.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:53
XBV00248.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:53
XBV00249.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:53
XBV00250.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:53
XBV00251.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:53
XBV00252.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:53
XBV00253.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:53
XBV00254.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:53
XBV00255.VDF : 8.11.237.30 2048 Bytes 02.06.2015 22:04:53
XBV00000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 13:23:57
XBV00001.VDF : 7.11.74.226 2201600 Bytes 30.04.2013 13:23:57
XBV00002.VDF : 7.11.80.60 2751488 Bytes 28.05.2013 13:23:57
XBV00003.VDF : 7.11.85.214 2162688 Bytes 21.06.2013 13:23:57
XBV00004.VDF : 7.11.91.176 3903488 Bytes 23.07.2013 13:23:57
XBV00005.VDF : 7.11.98.186 6822912 Bytes 29.08.2013 13:23:57
XBV00006.VDF : 7.11.139.38 15708672 Bytes 27.03.2014 13:23:57
XBV00007.VDF : 7.11.152.100 4193792 Bytes 02.06.2014 13:23:57
XBV00008.VDF : 8.11.165.192 4251136 Bytes 07.08.2014 13:23:57
XBV00009.VDF : 8.11.172.30 2094080 Bytes 15.09.2014 13:23:57
XBV00010.VDF : 8.11.178.32 1581056 Bytes 14.10.2014 13:23:57
XBV00011.VDF : 8.11.184.50 2178560 Bytes 11.11.2014 13:23:57
XBV00012.VDF : 8.11.190.32 1876992 Bytes 03.12.2014 13:23:57
XBV00013.VDF : 8.11.201.28 2973696 Bytes 14.01.2015 13:23:57
XBV00014.VDF : 8.11.206.252 2695680 Bytes 04.02.2015 13:23:57
XBV00015.VDF : 8.11.213.84 3175936 Bytes 03.03.2015 13:23:57
XBV00016.VDF : 8.11.213.176 212480 Bytes 05.03.2015 13:23:57
XBV00017.VDF : 8.11.219.166 2033664 Bytes 25.03.2015 13:23:57
XBV00018.VDF : 8.11.225.88 2367488 Bytes 22.04.2015 22:04:29
XBV00019.VDF : 8.11.230.186 1674752 Bytes 13.05.2015 22:04:32
XBV00020.VDF : 8.11.237.30 4711936 Bytes 02.06.2015 22:04:42
XBV00042.VDF : 8.11.237.62 34816 Bytes 02.06.2015 22:04:42
XBV00043.VDF : 8.11.237.64 14848 Bytes 02.06.2015 22:04:42
XBV00044.VDF : 8.11.237.96 44032 Bytes 02.06.2015 22:04:42
XBV00045.VDF : 8.11.237.128 4096 Bytes 02.06.2015 22:04:42
XBV00046.VDF : 8.11.237.130 12800 Bytes 02.06.2015 22:04:42
XBV00047.VDF : 8.11.237.132 23552 Bytes 03.06.2015 22:04:42
XBV00048.VDF : 8.11.237.134 4608 Bytes 03.06.2015 22:04:42
XBV00049.VDF : 8.11.237.136 4096 Bytes 03.06.2015 22:04:42
XBV00050.VDF : 8.11.237.138 6144 Bytes 03.06.2015 22:04:42
XBV00051.VDF : 8.11.237.160 7680 Bytes 03.06.2015 22:04:42
XBV00052.VDF : 8.11.237.182 17408 Bytes 03.06.2015 22:04:43
XBV00053.VDF : 8.11.237.204 10240 Bytes 03.06.2015 22:04:43
XBV00054.VDF : 8.11.237.224 7168 Bytes 03.06.2015 22:04:43
XBV00055.VDF : 8.11.237.226 10752 Bytes 03.06.2015 22:04:43
XBV00056.VDF : 8.11.237.228 11264 Bytes 03.06.2015 22:04:43
XBV00057.VDF : 8.11.237.230 6144 Bytes 03.06.2015 09:07:32
XBV00058.VDF : 8.11.237.234 10240 Bytes 04.06.2015 09:07:32
XBV00059.VDF : 8.11.237.236 2048 Bytes 04.06.2015 09:07:32
XBV00060.VDF : 8.11.237.238 14848 Bytes 04.06.2015 19:30:09
XBV00061.VDF : 8.11.237.240 6144 Bytes 04.06.2015 19:30:09
XBV00062.VDF : 8.11.237.242 2560 Bytes 04.06.2015 19:30:09
XBV00063.VDF : 8.11.237.244 17408 Bytes 04.06.2015 21:30:19
XBV00064.VDF : 8.11.237.246 2048 Bytes 04.06.2015 21:30:19
XBV00065.VDF : 8.11.237.248 2048 Bytes 04.06.2015 21:30:19
XBV00066.VDF : 8.11.237.250 2048 Bytes 04.06.2015 21:30:19
XBV00067.VDF : 8.11.237.252 2048 Bytes 04.06.2015 21:30:20
XBV00068.VDF : 8.11.237.254 2048 Bytes 04.06.2015 21:30:20
XBV00069.VDF : 8.11.238.0 2048 Bytes 04.06.2015 21:30:20
XBV00070.VDF : 8.11.238.4 26624 Bytes 04.06.2015 05:48:32
XBV00071.VDF : 8.11.238.6 8192 Bytes 05.06.2015 05:48:32
XBV00072.VDF : 8.11.238.8 5632 Bytes 05.06.2015 05:48:32
XBV00073.VDF : 8.11.238.10 3072 Bytes 05.06.2015 14:04:48
XBV00074.VDF : 8.11.238.12 43520 Bytes 05.06.2015 14:04:49
XBV00075.VDF : 8.11.238.32 6656 Bytes 05.06.2015 14:04:49
XBV00076.VDF : 8.11.238.52 9728 Bytes 05.06.2015 16:58:36
XBV00077.VDF : 8.11.238.72 20992 Bytes 05.06.2015 14:51:58
XBV00078.VDF : 8.11.238.94 58368 Bytes 05.06.2015 14:51:59
XBV00079.VDF : 8.11.238.96 45056 Bytes 05.06.2015 14:51:59
XBV00080.VDF : 8.11.238.98 37376 Bytes 05.06.2015 14:51:59
XBV00081.VDF : 8.11.238.102 52736 Bytes 06.06.2015 14:51:59
XBV00082.VDF : 8.11.238.122 9216 Bytes 06.06.2015 14:51:59
XBV00083.VDF : 8.11.238.140 41984 Bytes 07.06.2015 09:37:01
XBV00084.VDF : 8.11.238.178 31744 Bytes 07.06.2015 19:14:05
XBV00085.VDF : 8.11.238.196 39424 Bytes 08.06.2015 11:49:23
XBV00086.VDF : 8.11.238.214 2560 Bytes 08.06.2015 11:49:23
XBV00087.VDF : 8.11.238.232 2560 Bytes 08.06.2015 11:49:23
XBV00088.VDF : 8.11.238.250 29696 Bytes 08.06.2015 11:49:23
XBV00089.VDF : 8.11.239.12 17408 Bytes 08.06.2015 17:34:53
XBV00090.VDF : 8.11.239.16 27136 Bytes 08.06.2015 19:34:55
XBV00091.VDF : 8.11.239.18 2048 Bytes 08.06.2015 19:34:55
XBV00092.VDF : 8.11.239.20 33280 Bytes 09.06.2015 05:15:22
XBV00093.VDF : 8.11.239.22 13312 Bytes 09.06.2015 09:16:12
XBV00094.VDF : 8.11.239.24 4096 Bytes 09.06.2015 09:16:13
XBV00095.VDF : 8.11.239.42 28672 Bytes 09.06.2015 09:16:13
XBV00096.VDF : 8.11.239.44 3072 Bytes 09.06.2015 09:16:13
XBV00097.VDF : 8.11.239.60 24064 Bytes 09.06.2015 11:15:25
XBV00098.VDF : 8.11.239.76 6656 Bytes 09.06.2015 11:15:25
XBV00099.VDF : 8.11.239.92 2560 Bytes 09.06.2015 11:15:26
XBV00100.VDF : 8.11.239.124 60416 Bytes 09.06.2015 19:15:40
XBV00101.VDF : 8.11.239.140 19456 Bytes 09.06.2015 21:15:47
XBV00102.VDF : 8.11.239.142 4096 Bytes 09.06.2015 05:50:10
XBV00103.VDF : 8.11.239.144 21504 Bytes 09.06.2015 05:50:10
XBV00104.VDF : 8.11.239.160 3584 Bytes 09.06.2015 05:50:10
XBV00105.VDF : 8.11.239.176 16896 Bytes 10.06.2015 05:50:10
XBV00106.VDF : 8.11.239.192 8704 Bytes 10.06.2015 05:50:10
XBV00107.VDF : 8.11.239.208 6656 Bytes 10.06.2015 07:49:07
XBV00108.VDF : 8.11.239.210 2560 Bytes 10.06.2015 09:49:10
XBV00109.VDF : 8.11.239.212 7680 Bytes 10.06.2015 11:49:03
XBV00110.VDF : 8.11.239.216 60416 Bytes 10.06.2015 19:27:58
XBV00111.VDF : 8.11.239.218 2048 Bytes 10.06.2015 19:27:58
XBV00112.VDF : 8.11.239.220 2048 Bytes 10.06.2015 19:27:58
XBV00113.VDF : 8.11.239.222 2048 Bytes 10.06.2015 19:27:58
XBV00114.VDF : 8.11.239.224 29696 Bytes 10.06.2015 07:08:04
XBV00115.VDF : 8.11.239.240 7168 Bytes 10.06.2015 07:08:04
XBV00116.VDF : 8.11.239.254 5632 Bytes 10.06.2015 07:08:04
XBV00117.VDF : 8.11.240.14 32768 Bytes 11.06.2015 07:08:04
LOCAL001.VDF : 8.11.240.14 127470080 Bytes 11.06.2015 07:08:27
Engine version : 8.3.30.46
AEVDF.DLL : 8.3.1.6 133992 Bytes 16.04.2015 13:23:54
AESCRIPT.DLL : 8.2.2.70 524352 Bytes 10.06.2015 13:49:42
AESCN.DLL : 8.3.2.10 142456 Bytes 03.06.2015 22:04:23
AESBX.DLL : 8.2.21.0 1622072 Bytes 03.06.2015 22:04:25
AERDL.DLL : 8.2.1.20 731040 Bytes 16.04.2015 13:23:54
AEPACK.DLL : 8.4.0.80 793728 Bytes 03.06.2015 22:04:23
AEOFFICE.DLL : 8.3.1.34 392320 Bytes 10.06.2015 13:49:42
AEMOBILE.DLL : 8.1.7.4 280488 Bytes 10.06.2015 13:49:43
AEHEUR.DLL : 8.1.4.1722 8424576 Bytes 10.06.2015 13:49:41
AEHELP.DLL : 8.3.2.0 281456 Bytes 16.04.2015 13:23:54
AEGEN.DLL : 8.1.7.40 456608 Bytes 16.04.2015 13:23:54
AEEXP.DLL : 8.4.2.88 266296 Bytes 03.06.2015 22:04:25
AEEMU.DLL : 8.1.3.4 399264 Bytes 16.04.2015 13:23:54
AEDROID.DLL : 8.4.3.238 1376320 Bytes 10.06.2015 13:49:43
AECORE.DLL : 8.3.6.2 243624 Bytes 03.06.2015 22:04:17
AEBB.DLL : 8.1.2.0 60448 Bytes 16.04.2015 13:23:54
AVWINLL.DLL : 15.0.11.478 25904 Bytes 09.06.2015 09:15:30
AVPREF.DLL : 15.0.11.478 54216 Bytes 09.06.2015 09:15:37
AVREP.DLL : 15.0.11.478 220464 Bytes 09.06.2015 09:15:38
AVARKT.DLL : 15.0.11.478 228088 Bytes 09.06.2015 09:15:31
AVEVTLOG.DLL : 15.0.11.550 195320 Bytes 09.06.2015 09:15:33
SQLITE3.DLL : 15.0.11.478 455472 Bytes 09.06.2015 09:16:08
AVSMTP.DLL : 15.0.11.478 79096 Bytes 09.06.2015 09:15:40
NETNT.DLL : 15.0.11.478 16384 Bytes 09.06.2015 09:16:04
CommonImageRc.dll: 15.0.11.478 4281800 Bytes 09.06.2015 09:15:30
CommonTextRc.dll: 15.0.11.478 70392 Bytes 09.06.2015 09:15:31
Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\Program Files (x86)\Avira\Antivirus\sysscan.avp
Reporting...........................: default
Primary action......................: Interactive
Secondary action....................: Ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, E:, F:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Limit recursion depth...............: 20
Smart extensions....................: on
Macrovirus heuristic................: on
File heuristic......................: extended
Start of the scan: Sonntag, 14. Juni 2015 13:05
Start scanning boot sectors:
Boot sector 'HDD0(C:, E:, F:)'
[INFO] No virus was found!
Starting search for hidden objects.
The driver could not be initialized.
The scan of running processes will be started:
Scan process 'svchost.exe' - '51' Module(s) have been scanned
Scan process 'svchost.exe' - '30' Module(s) have been scanned
Scan process 'svchost.exe' - '28' Module(s) have been scanned
Scan process 'svchost.exe' - '50' Module(s) have been scanned
Scan process 'svchost.exe' - '24' Module(s) have been scanned
Scan process 'Explorer.EXE' - '155' Module(s) have been scanned
Scan process 'ctfmon.exe' - '21' Module(s) have been scanned
Scan process 'DllHost.exe' - '39' Module(s) have been scanned
Scan process 'avcenter.exe' - '125' Module(s) have been scanned
Scan process 'avscan.exe' - '122' Module(s) have been scanned
Scan process 'avshadow.exe' - '20' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned
Scan process 'csrss.exe' - '18' Module(s) have been scanned
Scan process 'wininit.exe' - '21' Module(s) have been scanned
Scan process 'services.exe' - '31' Module(s) have been scanned
Scan process 'lsass.exe' - '72' Module(s) have been scanned
Scan process 'lsm.exe' - '16' Module(s) have been scanned
Scan process 'csrss.exe' - '16' Module(s) have been scanned
Scan process 'winlogon.exe' - '23' Module(s) have been scanned
Starting to scan executable files (registry):
The registry was scanned ( '3338' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\$Recycle.Bin\S-1-5-21-875667768-828838559-1996263334-1001\$R6MH24E.exe
[0] Archive type: ZIP SFX (self extracting)
--> install.jar
[1] Archive type: ZIP
--> UFBWindowsJex.tar.gz
[2] Archive type: GZ
--> UFBWindowsJex.tar
[3] Archive type: TAR (tape archiver)
--> UFBForWindowsObfuscated.jar
[4] Archive type: ZIP
--> chrriis/common/WebServer$WebServerConnectionThread$HTTPInputStream.class
[DETECTION] Contains recognition pattern of the EXP/JAVA.Jovab.Gen exploit
[WARNING] Infected files in archives cannot be repaired
C:\Beate\Acer\C\Dokumente und Eigenschaften\Beate\Eigene Dateien\Downloads\cnet_OpenOfficePortable_3_2_0_English_paf_exe.exe
[DETECTION] Contains patterns of software PUA/InstallCore.Gen
C:\Program Files (x86)\DKB-Cashback\DKB-Cashback.exe
[DETECTION] Contains virus patterns of Adware ADWARE/CrossRider.Gen2
C:\swsetup\HPQWB31\qwfiles\data.1
[WARNING] Possible archive bomb: the maximum compression ratio has been exceeded.
C:\swsetup\HPQWB31\qwfiles\home.1
[WARNING] Possible archive bomb: the maximum compression ratio has been exceeded.
C:\Users\xxxxx\AppData\Local\Temp\1196.tmp
[DETECTION] Is the TR/Crypt.Xpack.3556 Trojan
C:\Users\xxxxx\AppData\Local\Temp\7F7D.tmp
[DETECTION] Is the TR/Crowti.A.358 Trojan
C:\Users\xxxxx\AppData\Local\Temp\88B4.tmp
[DETECTION] Is the TR/Nytimen.A.53 Trojan
C:\Users\xxxxx\AppData\Local\Temp\8DE7.tmp
[DETECTION] Is the TR/Crypt.Xpack.21772 Trojan
C:\Users\xxxxx\AppData\Local\Temp\9C22.tmp
[DETECTION] Is the TR/Crowti.A.358 Trojan
C:\Users\xxxxx\AppData\Local\Temp\9C23.tmp
[DETECTION] Is the TR/Crowti.A.357 Trojan
C:\Users\xxxxx\AppData\Local\Temp\B2AC.tmp
[DETECTION] Is the TR/Crowti.A.358 Trojan
C:\Users\xxxxx\AppData\Local\Temp\CACE.tmp
[DETECTION] Is the TR/Dropper.MSIL.7128 Trojan
C:\Users\xxxxx\AppData\Local\Temp\CDEC.tmp
[DETECTION] Is the TR/Dropper.A.1682 Trojan
C:\Users\xxxxx\AppData\Local\Temp\FE7D.tmp
[DETECTION] Is the TR/Crowti.A.168 Trojan
C:\Users\xxxxx\AppData\Local\Temp\{9F7E8348-4B67-4E63-9F82-FE3806C67156}\TMP5FC3.tmp
[DETECTION] Is the TR/Dropper.Gen Trojan
Begin scan in 'E:\' <HP_RECOVERY>
Begin scan in 'F:\' <HP_TOOLS>
Beginning disinfection:
C:\Users\xxxxx\AppData\Local\Temp\{9F7E8348-4B67-4E63-9F82-FE3806C67156}\TMP5FC3.tmp
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to the quarantine directory under the name '50a82500.qua'!
C:\Users\xxxxx\AppData\Local\Temp\FE7D.tmp
[DETECTION] Is the TR/Crowti.A.168 Trojan
[NOTE] The file was moved to the quarantine directory under the name '48460aa0.qua'!
C:\Users\xxxxx\AppData\Local\Temp\CDEC.tmp
[DETECTION] Is the TR/Dropper.A.1682 Trojan
[NOTE] The file was moved to the quarantine directory under the name '1a6f5047.qua'!
C:\Users\xxxxx\AppData\Local\Temp\CACE.tmp
[DETECTION] Is the TR/Dropper.MSIL.7128 Trojan
[NOTE] The file was moved to the quarantine directory under the name '7c5a1f86.qua'!
C:\Users\xxxxx\AppData\Local\Temp\B2AC.tmp
[DETECTION] Is the TR/Crowti.A.358 Trojan
[NOTE] The file was moved to the quarantine directory under the name '39a032a9.qua'!
C:\Users\xxxxx\AppData\Local\Temp\9C23.tmp
[DETECTION] Is the TR/Crowti.A.357 Trojan
[NOTE] The file was moved to the quarantine directory under the name '46aa00db.qua'!
C:\Users\xxxxx\AppData\Local\Temp\9C22.tmp
[DETECTION] Is the TR/Crowti.A.358 Trojan
[NOTE] The file was moved to the quarantine directory under the name '0a122c91.qua'!
C:\Users\xxxxx\AppData\Local\Temp\8DE7.tmp
[DETECTION] Is the TR/Crypt.Xpack.21772 Trojan
[NOTE] The file was moved to the quarantine directory under the name '76676cc0.qua'!
C:\Users\xxxxx\AppData\Local\Temp\88B4.tmp
[DETECTION] Is the TR/Nytimen.A.53 Trojan
[NOTE] The file was moved to the quarantine directory under the name '5b404391.qua'!
C:\Users\xxxxx\AppData\Local\Temp\7F7D.tmp
[DETECTION] Is the TR/Crowti.A.358 Trojan
[NOTE] The file was moved to the quarantine directory under the name '42237819.qua'!
C:\Users\xxxxx\AppData\Local\Temp\1196.tmp
[DETECTION] Is the TR/Crypt.Xpack.3556 Trojan
[NOTE] The file was moved to the quarantine directory under the name '2e7d5434.qua'!
C:\Program Files (x86)\DKB-Cashback\DKB-Cashback.exe
[DETECTION] Contains virus patterns of Adware ADWARE/CrossRider.Gen2
[NOTE] The file was moved to the quarantine directory under the name '1df520be.qua'!
C:\Beate\Acer\C\Dokumente und Eigenschaften\Beate\Eigene Dateien\Downloads\cnet_OpenOfficePortable_3_2_0_English_paf_exe.exe
[DETECTION] Contains patterns of software PUA/InstallCore.Gen
[NOTE] The file was moved to the quarantine directory under the name '45e939bf.qua'!
C:\$Recycle.Bin\S-1-5-21-875667768-828838559-1996263334-1001\$R6MH24E.exe
[DETECTION] Contains recognition pattern of the EXP/JAVA.Jovab.Gen exploit
[NOTE] The file was moved to the quarantine directory under the name '694c406c.qua'!
End of the scan: Sonntag, 14. Juni 2015 15:45
Used time: 2:23:53 Hour(s)
The scan has been done completely.
51768 Scanned directories
1552903 Files were scanned
14 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 Files were deleted
0 Viruses and unwanted programs were repaired
14 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
1552889 Files not concerned
27665 Archives were scanned
3 Warnings
14 Notes
Auch diese habe ich in Quarantäne verschoben. Das Problem mit der explorer.exe und dem vollen Arbeitsspeicher bestand aber immer noch.
Dann habe ich mir Malwarebytes runtergeladen, das weitere Trojaner und diverse andere Dateien / Programme, u.a. SearchProtect gefunden hat. Hier der Log: Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 15.06.2015
Suchlauf-Zeit: 10:17:18
Logdatei: mbam.txt
Administrator: Ja
Version: 2.01.6.1022
Malware Datenbank: v2015.06.15.02
Rootkit Datenbank: v2015.06.02.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: bahte
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 396333
Verstrichene Zeit: 48 Min, 34 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(Keine schädliche Elemente gefunden)
Module: 0
(Keine schädliche Elemente gefunden)
Registrierungsschlüssel: 8
PUP.Optional.DKBCashback.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\DKB-Cashback, In Quarantäne, [6a945466830780b69893358138c9e818],
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32LDR , In Quarantäne, [7a84fdbd3852cd69aca654386c99e61a],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{21111111-1111-1111-1111-110111611150}, In Quarantäne, [01fdc5f57a105bdbf422e6a37095a65a],
PUP.Optional.DKBCashback.A, HKU\S-1-5-21-875667768-828838559-1996263334-1001\SOFTWARE\APPDATALOW\SOFTWARE\DKB-Cashback, In Quarantäne, [e7174e6c7713f93d69a5dd4b0df72bd5],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-875667768-828838559-1996263334-1001\SOFTWARE\CR_INSTALLER\16150, In Quarantäne, [01fd0bafbad01f171dd11d39fd086a96],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-875667768-828838559-1996263334-1001\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\dkbbrowserextension, In Quarantäne, [936bc0fa0585f83ea56a53d521e3847c],
Trojan.Clicker.FMS, HKLM\SOFTWARE\CLASSES\CLSID\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A}, In Quarantäne, [75897a40a8e293a3bad88063af5426da],
Trojan.Clicker.FMS, HKCU\SOFTWARE\CLASSES\CLSID\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A}, In Quarantäne, [75897a40a8e293a3bad88063af5426da],
Registrierungswerte: 8
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\chrome.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130604727783049179, In Quarantäne, [58a66d4db5d5270fe1702d5fd92c10f0]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\explorer.xxx|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130604727783049179, In Quarantäne, [dd21f5c5068439fd83ce236922e3f20e]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\firefox.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130604727783049179, In Quarantäne, [fa048139eaa0e452064b721a1beab050]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\iexplore.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130604727783049179, In Quarantäne, [fe009e1cd9b1290d9eb3642818ed33cd]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32Ldr |{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130604727783049179, In Quarantäne, [7a84fdbd3852cd69aca654386c99e61a]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{21111111-1111-1111-1111-110111611150}|AppName, DKB-Cashback-bg.exe, In Quarantäne, [01fdc5f57a105bdbf422e6a37095a65a]
Rootkit.Fileless.MTGen, HKU\S-1-5-21-875667768-828838559-1996263334-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|^c55244c5, In Quarantäne, [25d900ba3e4cc373feec22655fa651af],
Rootkit.Fileless.MTGen, HKU\S-1-5-21-875667768-828838559-1996263334-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|^9ba4dc30, In Quarantäne, [9569209a890172c44aa0b3d4739233cd],
Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)
Ordner: 39
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\Logs, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\Logs, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\rep, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\bin, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Consent, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\rep, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.CrossRider.A, C:\Users\xxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggmccnonmeooloobeejjmdjlneipfmna\1.20.32_0, In Quarantäne, [15e94476bdcd43f36e071a6902032ad6],
PUP.Optional.CrossRider.A, C:\Users\xxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggmccnonmeooloobeejjmdjlneipfmna\1.20.32_0\icons, In Quarantäne, [15e94476bdcd43f36e071a6902032ad6],
PUP.Optional.CrossRider.A, C:\Users\xxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggmccnonmeooloobeejjmdjlneipfmna\1.20.32_0\icons\actions, In Quarantäne, [15e94476bdcd43f36e071a6902032ad6],
PUP.Optional.CrossRider.A, C:\Users\xxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggmccnonmeooloobeejjmdjlneipfmna\1.20.32_0\js, In Quarantäne, [15e94476bdcd43f36e071a6902032ad6],
PUP.Optional.CrossRider.A, C:\Users\xxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggmccnonmeooloobeejjmdjlneipfmna\1.20.32_0\js\api, In Quarantäne, [15e94476bdcd43f36e071a6902032ad6],
PUP.Optional.CrossRider.A, C:\Users\xxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggmccnonmeooloobeejjmdjlneipfmna\1.20.32_0\js\lib, In Quarantäne, [15e94476bdcd43f36e071a6902032ad6],
PUP.Optional.CrossRider.A, C:\Users\xxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggmccnonmeooloobeejjmdjlneipfmna, In Quarantäne, [15e94476bdcd43f36e071a6902032ad6],
PUP.Optional.DKBCashback.A, C:\Program Files (x86)\DKB-Cashback, In Quarantäne, [d8265b5f890145f1abc7a722dd2660a0],
PUP.Optional.SearchProtect.A, C:\Users\xxxxx\AppData\Local\SearchProtect, In Quarantäne, [40be7d3d2b5fe650a2defdd0649fcc34],
PUP.Optional.SearchProtect.A, C:\Users\xxxxx\AppData\Local\SearchProtect\Logs, In Quarantäne, [40be7d3d2b5fe650a2defdd0649fcc34],
PUP.Optional.SearchProtect.A, C:\Users\xxxxx\AppData\Local\SearchProtect\SearchProtect, In Quarantäne, [40be7d3d2b5fe650a2defdd0649fcc34],
PUP.Optional.SearchProtect.A, C:\Users\xxxxx\AppData\Local\SearchProtect\SearchProtect\Logs, In Quarantäne, [40be7d3d2b5fe650a2defdd0649fcc34],
PUP.Optional.SearchProtect.A, C:\Users\xxxxx\AppData\Local\SearchProtect\SearchProtect\rep, In Quarantäne, [40be7d3d2b5fe650a2defdd0649fcc34],
PUP.Optional.SearchProtect.A, C:\Users\xxxxx\AppData\Local\SearchProtect\SearchProtect\STG, In Quarantäne, [40be7d3d2b5fe650a2defdd0649fcc34],
PUP.Optional.SearchProtect.A, C:\Users\xxxxx\AppData\Local\SearchProtect\UI, In Quarantäne, [40be7d3d2b5fe650a2defdd0649fcc34],
PUP.Optional.SearchProtect.A, C:\Users\xxxxx\AppData\Local\SearchProtect\UI\rep, In Quarantäne, [40be7d3d2b5fe650a2defdd0649fcc34],
PUP.Optional.Extutil.A, C:\Users\xxxxx\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B, In Quarantäne, [d32b1aa0e6a477bf1d25eae5a3607090],
PUP.Optional.Managera.A, C:\Users\xxxxx\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42, In Quarantäne, [65995169365473c33e051db2b54ef20e],
Trojan.Clicker.FMS, C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}, Löschen bei Neustart, [75897a40a8e293a3bad88063af5426da],
Dateien: 198
PUP.Optional.DKBCashback.A, C:\Program Files (x86)\DKB-Cashback\DKB-CashbackGui.exe, In Quarantäne, [25d9a7136327cb6b80abeec8b74aba46],
PUP.Optional.DKBCashback.A, C:\Program Files (x86)\DKB-Cashback\Uninstall.exe, In Quarantäne, [6a945466830780b69893358138c9e818],
PUP.Optional.Downloader, C:\$Recycle.Bin\S-1-5-21-875667768-828838559-1996263334-1001\$RBOGDYN.exe, In Quarantäne, [6f8fc7f3e5a5bc7a78f167064cb4b14f],
PUP.Optional.Conduit.A, C:\$Recycle.Bin\S-1-5-21-875667768-828838559-1996263334-1001\$RZZSY0S.exe, In Quarantäne, [47b72b8fdeac56e0d19b542e06fb03fd],
PUP.Optional.DKBCashback.A, C:\$Recycle.Bin\S-1-5-21-875667768-828838559-1996263334-1001\$RXP6CNI.exe, In Quarantäne, [7787f1c9d7b3e3530b205b5bbd44e11f],
PUP.Optional.Conduit.A, C:\Users\xxxxx\AppData\Local\Temp\SecondStepInstaller.exe, In Quarantäne, [8f6f5664b4d63204353391c57d84d12f],
Trojan.Inject, C:\Users\xxxxx\AppData\Local\Temp\B2CC.tmp, In Quarantäne, [38c6ceecf694c2748652b5b606fcbd43],
Trojan.Inject, C:\Users\xxxxx\AppData\Local\Temp\7FBC.tmp, In Quarantäne, [29d57e3c6b1f63d3edeb78f3cf3325db],
PUP.Optional.Conduit.A, C:\Users\xxxxx\AppData\Local\Temp\ct2546143\spff.exe, In Quarantäne, [76888d2dbdcdec4a5b494f0558a96d93],
PUP.Optional.Conduit.A, C:\Users\xxxxx\AppData\Local\Temp\AU\SPSetup.exe, In Quarantäne, [7e80e7d3a9e1e15500684b0b9c6537c9],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsa3972.exe, In Quarantäne, [a05e6a50e5a5be781f71fabfec15fa06],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsb939B.exe, In Quarantäne, [28d626947b0fb77f78fa025fd928b44c],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsb964B.exe, In Quarantäne, [56a86e4cbecc9b9bcda51b468b7645bb],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsc54CE.exe, In Quarantäne, [ae50ecce6921bf77f7997346ba47ff01],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nscA7D5.exe, In Quarantäne, [ae5079416e1c00363e345c054bb617e9],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nscC90C.exe, In Quarantäne, [33cbdfdb90fa092d8ae8c39eb1508a76],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsm6137.exe, In Quarantäne, [827c7c3e4446aa8c6b072b3656ab0bf5],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsmAFF9.exe, In Quarantäne, [c03e3189aedcfa3c1c7418a18c75b24e],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsn8DD2.exe, In Quarantäne, [ec12b8023753003690e2bba6f50cc63a],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsnB187.exe, In Quarantäne, [47b7a614fa90b680621087dad52c6e92],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsnB79F.exe, In Quarantäne, [926cc0fa7c0e3204046e20414eb38b75],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsnBDB8.exe, In Quarantäne, [11ed4f6bf694ab8b0a683e23d62b16ea],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsnBE6A.exe, In Quarantäne, [ac524b6ff1991d19ace48138966bfb05],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsnD138.exe, In Quarantäne, [fa04f8c2127867cfff73a3bef40d7e82],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsnE75.exe, In Quarantäne, [8d714773503ad264046e73eef110a858],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsnEB1D.exe, In Quarantäne, [9e6018a2444688aecba7045dd0318779],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nso21EC.exe, In Quarantäne, [8579f3c7a7e360d65220f76a3fc24fb1],
PUP.Optional.Conduit.A, C:\Windows\Temp\nso5718.exe, In Quarantäne, [d32bd0ea711968cea3edfbbe46bb0000],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsoAEAB.exe, In Quarantäne, [17e79b1fb6d4f3433c3662ff1ee39e62],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsoD4D6.exe, In Quarantäne, [46b811a9dfab171f2052f26f0df47c84],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsuABE3.exe, In Quarantäne, [7d8182388bffdc5a432fe180e61b12ee],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsvA9F0.exe, In Quarantäne, [39c5ba009cee42f4a8e82b8ef20f08f8],
PUP.Optional.Conduit.A, C:\Windows\Temp\nswE9DC.exe, In Quarantäne, [a955ead0345611259000edcc4cb55ea2],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsx28F7.exe, In Quarantäne, [4db142789cee6fc7cda595cc679ad62a],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsx853A.exe, In Quarantäne, [3bc3c5f5f79351e5a1d11948946d8779],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsx91B8.exe, In Quarantäne, [9866a7136e1ce452244eda87f908f907],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsxC719.exe, In Quarantäne, [7688f9c11476b3835c16570a7889a060],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsxEB0D.exe, In Quarantäne, [7c823e7c7f0b95a1a3cf77eaee13a858],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nscD193.exe, In Quarantäne, [b7473585a3e7f640205295cc778aba46],
PUP.Optional.Conduit.A, C:\Windows\Temp\nscE7AA.exe, In Quarantäne, [e91513a72b5fee48afe1dedb41c0a55b],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsd3CB6.exe, In Quarantäne, [0fef71499eec2214434df9c0f30e4cb4],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsd9090.exe, In Quarantäne, [d72769511d6d3402d4bc83363dc440c0],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nseDDAD.exe, In Quarantäne, [34cad1e9dbaf6cca00722e334cb530d0],
PUP.Optional.Conduit.A, C:\Windows\Temp\nseF29C.exe, In Quarantäne, [4eb04b6fdeacd6600c846c4d2ed315eb],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsf5C8B.exe, In Quarantäne, [df1f13a7a4e63ef80a869b1e738e9e62],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsfA790.exe, In Quarantäne, [0bf3308a66241f175022e180ea176f91],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsfDF52.exe, In Quarantäne, [c6380ab03e4c3006860aa31615ec8a76],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsg2964.exe, In Quarantäne, [b648fdbde9a168ce8c04c9f037ca9967],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsoD4D7.exe, In Quarantäne, [3dc111a90585fb3b601284dd9968a45c],
PUP.Optional.Conduit.A, C:\Windows\Temp\nspC46C.exe, In Quarantäne, [78865367107a94a2efa161581ae78977],
PUP.Optional.Conduit.A, C:\Windows\Temp\nspC824.exe, In Quarantäne, [11ed9228484251e5e0b03683d1309070],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsr7B8A.exe, In Quarantäne, [e01ee8d2a1e9e155622ec0f92ed339c7],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nss20EC.exe, In Quarantäne, [a955f7c3cdbd48eee68ca6bbc43d57a9],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nss28D8.exe, In Quarantäne, [dc2278427515f04688ea055cb051dc24],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nss4A9B.exe, In Quarantäne, [53abefcb5436cf672c46560b5fa2f60a],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nss6E8F.exe, In Quarantäne, [c23c52683a505bdb3c36aeb39968d828],
PUP.Optional.Conduit.A, C:\Windows\Temp\nss7431.exe, In Quarantäne, [619d0fabfd8d3ef8c5cb883153aef907],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nssD379.exe, In Quarantäne, [f9052f8b38523006a1d19ec3e81911ef],
PUP.Optional.Conduit.A, C:\Windows\Temp\nst3CD5.exe, In Quarantäne, [27d7f7c3a8e20b2ba6ea7f3a5ba659a7],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsu2584.exe, In Quarantäne, [d925f4c6afdb1026432f77ea4db4857b],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsiBBC5.exe, In Quarantäne, [7985c0fa5c2eda5cabc7a8b9926f8977],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsiD0D.exe, In Quarantäne, [07f72e8c9ded8bab414f378241c08e72],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsiD7BA.exe, In Quarantäne, [5ba356643d4d0c2a464a8d2cb54c50b0],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsj4304.exe, In Quarantäne, [ab53f0ca800a03330b67abb6877a8c74],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsk2594.exe, In Quarantäne, [af4f5862cfbb8babfe7487da17ea3ac6],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsm211A.exe, In Quarantäne, [847a9e1c48422115beb4570aab56748c],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsm3EA6.exe, In Quarantäne, [f707ebcf4b3ff64022505908847d25db],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsm3EA7.exe, In Quarantäne, [51ad9e1c6f1bf3434d25a8b927da32ce],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsy630B.exe, In Quarantäne, [9a645f5b96f4b086e58db8a9e51c0000],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsyE2C4.exe, In Quarantäne, [e11d51695337ba7c1d7342774bb6ff01],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsz40E2.exe, In Quarantäne, [2ad405b50a80d66089e9a1c0e31e04fc],
PUP.Optional.Conduit.A, C:\Users\Public\AutoUpdate.exe, In Quarantäne, [45b9edcd8dfd2d0978f025318f72eb15],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\EULA.txt, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Install-20130219115835.791.log, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe_1415966791408, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin\SPtool.dll, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin\SPtool.dll_1389812152450, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin\SPtool.dll_1389812152576, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin\SPtool.dll_1390827221587, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin\SPtool.dll_1390827221657, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin\SPtool.dll_1391022351560, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin\SPtool.dll_1391407536737, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin\SPtool.dll_1391450894909, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin\SPtool.dll_1391450894925, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep\SystemRepository.dat, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPtool64.exe, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32.dll, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64.dll, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe_1415966791458, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings.html, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\style.css, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Consent\consent.css, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Consent\consent.html, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Consent\consent.js, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Consent\defaults.js, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgUninstall.png, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-def-grey.png, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-default.png, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-onclick.png, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-Rollover.png, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-dia.png, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-uninstall.png, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-with-logo.png, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg.png, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgNotif.png, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettings.png, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettingsDS.png, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnBlue.png, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnClose.png, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnSilver.png, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\button-bg.png, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox.png, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_checked.png, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_def.png, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-def.png, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-over-click.png, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\gray-bg.png, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-def.png, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-selected.png, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez.png, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\icon-win.png, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Icon.ico, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\info-icon.png, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-rollover.png, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-selected.png, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-def.png, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-selected.png, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button.png, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button2.png, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Settings-icon.png, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\SP_DialogBG.png, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\text-field.png, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\v.png, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\x.png, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\defaults.js, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\DialogAPI.js, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\dialogUtils.js, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\json2.min.js, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\main.js, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\defaults.js, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.css, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.html, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.js, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\defaults.js, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.css, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.html, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.js, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\defaults.js, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.css, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.html, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.js, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\defaults.js, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.css, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.html, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.js, In Quarantäne, [a35be6d4a3e748ee8e40df7f18ed02fe],
PUP.Optional.CrossRider.A, C:\Users\xxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggmccnonmeooloobeejjmdjlneipfmna\1.20.32_0\crossriderManifest.json, In Quarantäne, [15e94476bdcd43f36e071a6902032ad6],
PUP.Optional.CrossRider.A, C:\Users\xxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggmccnonmeooloobeejjmdjlneipfmna\1.20.32_0\background.html, In Quarantäne, [15e94476bdcd43f36e071a6902032ad6],
PUP.Optional.CrossRider.A, C:\Users\xxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggmccnonmeooloobeejjmdjlneipfmna\1.20.32_0\manifest.json, In Quarantäne, [15e94476bdcd43f36e071a6902032ad6],
PUP.Optional.CrossRider.A, C:\Users\xxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggmccnonmeooloobeejjmdjlneipfmna\1.20.32_0\popup.html, In Quarantäne, [15e94476bdcd43f36e071a6902032ad6],
PUP.Optional.CrossRider.A, C:\Users\xxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggmccnonmeooloobeejjmdjlneipfmna\1.20.32_0\icons\icon128.png, In Quarantäne, [15e94476bdcd43f36e071a6902032ad6],
PUP.Optional.CrossRider.A, C:\Users\xxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggmccnonmeooloobeejjmdjlneipfmna\1.20.32_0\icons\icon16.png, In Quarantäne, [15e94476bdcd43f36e071a6902032ad6],
PUP.Optional.CrossRider.A, C:\Users\xxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggmccnonmeooloobeejjmdjlneipfmna\1.20.32_0\icons\icon48.png, In Quarantäne, [15e94476bdcd43f36e071a6902032ad6],
PUP.Optional.CrossRider.A, C:\Users\xxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggmccnonmeooloobeejjmdjlneipfmna\1.20.32_0\icons\actions\1.png, In Quarantäne, [15e94476bdcd43f36e071a6902032ad6],
PUP.Optional.CrossRider.A, C:\Users\xxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggmccnonmeooloobeejjmdjlneipfmna\1.20.32_0\js\background.js, In Quarantäne, [15e94476bdcd43f36e071a6902032ad6],
PUP.Optional.CrossRider.A, C:\Users\xxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggmccnonmeooloobeejjmdjlneipfmna\1.20.32_0\js\api\chrome.js, In Quarantäne, [15e94476bdcd43f36e071a6902032ad6],
PUP.Optional.CrossRider.A, C:\Users\xxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggmccnonmeooloobeejjmdjlneipfmna\1.20.32_0\js\api\cookie.js, In Quarantäne, [15e94476bdcd43f36e071a6902032ad6],
PUP.Optional.CrossRider.A, C:\Users\xxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggmccnonmeooloobeejjmdjlneipfmna\1.20.32_0\js\api\message.js, In Quarantäne, [15e94476bdcd43f36e071a6902032ad6],
PUP.Optional.CrossRider.A, C:\Users\xxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggmccnonmeooloobeejjmdjlneipfmna\1.20.32_0\js\lib\app_api.js, In Quarantäne, [15e94476bdcd43f36e071a6902032ad6],
PUP.Optional.CrossRider.A, C:\Users\xxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggmccnonmeooloobeejjmdjlneipfmna\1.20.32_0\js\lib\async_api.js, In Quarantäne, [15e94476bdcd43f36e071a6902032ad6],
PUP.Optional.CrossRider.A, C:\Users\xxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggmccnonmeooloobeejjmdjlneipfmna\1.20.32_0\js\lib\bg_app_api.js, In Quarantäne, [15e94476bdcd43f36e071a6902032ad6],
PUP.Optional.CrossRider.A, C:\Users\xxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggmccnonmeooloobeejjmdjlneipfmna\1.20.32_0\js\lib\cookie_store.js, In Quarantäne, [15e94476bdcd43f36e071a6902032ad6],
PUP.Optional.CrossRider.A, C:\Users\xxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggmccnonmeooloobeejjmdjlneipfmna\1.20.32_0\js\lib\data_store.js, In Quarantäne, [15e94476bdcd43f36e071a6902032ad6],
PUP.Optional.CrossRider.A, C:\Users\xxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggmccnonmeooloobeejjmdjlneipfmna\1.20.32_0\js\lib\delegate.js, In Quarantäne, [15e94476bdcd43f36e071a6902032ad6],
PUP.Optional.CrossRider.A, C:\Users\xxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggmccnonmeooloobeejjmdjlneipfmna\1.20.32_0\js\lib\events.js, In Quarantäne, [15e94476bdcd43f36e071a6902032ad6],
PUP.Optional.CrossRider.A, C:\Users\xxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggmccnonmeooloobeejjmdjlneipfmna\1.20.32_0\js\lib\logging.js, In Quarantäne, [15e94476bdcd43f36e071a6902032ad6],
PUP.Optional.CrossRider.A, C:\Users\xxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggmccnonmeooloobeejjmdjlneipfmna\1.20.32_0\js\lib\onBGDocumentLoad.js, In Quarantäne, [15e94476bdcd43f36e071a6902032ad6],
PUP.Optional.CrossRider.A, C:\Users\xxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggmccnonmeooloobeejjmdjlneipfmna\1.20.32_0\js\lib\reports.js, In Quarantäne, [15e94476bdcd43f36e071a6902032ad6],
PUP.Optional.CrossRider.A, C:\Users\xxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggmccnonmeooloobeejjmdjlneipfmna\1.20.32_0\js\lib\util.js, In Quarantäne, [15e94476bdcd43f36e071a6902032ad6],
PUP.Optional.DKBCashback.A, C:\Program Files (x86)\DKB-Cashback\ButtonUtil.dll, In Quarantäne, [d8265b5f890145f1abc7a722dd2660a0],
PUP.Optional.DKBCashback.A, C:\Program Files (x86)\DKB-Cashback\DKB-Cashback.ico, In Quarantäne, [d8265b5f890145f1abc7a722dd2660a0],
PUP.Optional.DKBCashback.A, C:\Program Files (x86)\DKB-Cashback\DKB-Cashback.ini, In Quarantäne, [d8265b5f890145f1abc7a722dd2660a0],
PUP.Optional.DKBCashback.A, C:\Program Files (x86)\DKB-Cashback\DKB-CashbackInstaller.log, In Quarantäne, [d8265b5f890145f1abc7a722dd2660a0],
PUP.Optional.SearchProtect.A, C:\Users\xxxxx\AppData\Local\SearchProtect\SearchProtect\rep\Cvc.dat, In Quarantäne, [40be7d3d2b5fe650a2defdd0649fcc34],
PUP.Optional.SearchProtect.A, C:\Users\xxxxx\AppData\Local\SearchProtect\SearchProtect\rep\UserRepository.dat, In Quarantäne, [40be7d3d2b5fe650a2defdd0649fcc34],
PUP.Optional.SearchProtect.A, C:\Users\xxxxx\AppData\Local\SearchProtect\SearchProtect\rep\UserSettings.dat, In Quarantäne, [40be7d3d2b5fe650a2defdd0649fcc34],
PUP.Optional.SearchProtect.A, C:\Users\xxxxx\AppData\Local\SearchProtect\UI\rep\UIRepository.dat, In Quarantäne, [40be7d3d2b5fe650a2defdd0649fcc34],
PUP.Optional.Extutil.A, C:\Users\xxxxx\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\bk.js, In Quarantäne, [d32b1aa0e6a477bf1d25eae5a3607090],
PUP.Optional.Extutil.A, C:\Users\xxxxx\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\cs.js, In Quarantäne, [d32b1aa0e6a477bf1d25eae5a3607090],
PUP.Optional.Extutil.A, C:\Users\xxxxx\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\manifest.json, In Quarantäne, [d32b1aa0e6a477bf1d25eae5a3607090],
PUP.Optional.Managera.A, C:\Users\xxxxx\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\cs.js, In Quarantäne, [65995169365473c33e051db2b54ef20e],
PUP.Optional.Managera.A, C:\Users\xxxxx\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\manifest.json, In Quarantäne, [65995169365473c33e051db2b54ef20e],
Trojan.Clicker.FMS, C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\8afc49b02429a, Löschen bei Neustart, [75897a40a8e293a3bad88063af5426da],
Trojan.Clicker.FMS, C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\twain_32.dll, Löschen bei Neustart, [75897a40a8e293a3bad88063af5426da],
Physische Sektoren: 0
(Keine schädliche Elemente gefunden)
(end)
Nach Neustart läuft der Computer jetzt wieder gut, doch ich fürchte, richtig sauber ist er nicht. Also hoffe ich auf Eure Hilfe.
Als erste Schritte habe ich
- die Laufwerksemulationen mit Defogger abgeschaltet
- Systemscan mit FRST durchgeführt
- Scan mit GMER durchgeführt
Die Logs kann ich natürlich posten, wenn ich sie hier aber mit einfüge, wird der Post zu lang.
Vielen herzlichen Dank schon mal! :)
Beate |
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
WARNUNG an die MITLESER: 
