Trojaner: BackDoor.Generic_c.MYX

ALINHO · 12.11.2014, 15:51

Hallo Admins,

hab als AntiVirus Programm das AVG AntiVirus Free.

Nach einem Update heute den 12.11.2014 um 15:07 hat er den folgenden Trojaner
"BackDoor.Generic_c.MYX" gefunden. Und das gleich 4x.

1)Trojaner: BackDoor.Generic_c.MYX, c:\Users\alinho\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0006b8";"Gesichert";"12.11.2014, 15:13:31";"Datei oder Verzeichnis";"c:\Windows\System32\MRT.exe"

2)Trojaner: BackDoor.Generic_c.MYX, c:\Users\alinho\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0006ba";"Gesichert";"12.11.2014, 15:13:31";"Datei oder Verzeichnis";"c:\Windows\System32\MRT.exe"

3)Trojaner: BackDoor.Generic_c.MYX, c:\Users\alinho\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0006b9";"Gesichert";"12.11.2014, 15:13:31";"Datei oder Verzeichnis";"c:\Windows\System32\MRT.exe"

4)Trojaner: BackDoor.Generic_c.MYX, c:\Users\alinho\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0006bb";"Gesichert";"12.11.2014, 15:13:32";"Datei oder Verzeichnis";"c:\Windows\System32\MRT.exe"

Wie kann ich noch vorgehen? AVG hat mir angeboten alle 4 Trojanér zu entfernen das was ich natürlich auch gleich getan habe.

Mit freundlichen Grüßen

schrauber · 12.11.2014, 15:55

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

ALINHO · 12.11.2014, 17:38

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2014
Ran by alinho (administrator) on ALINHO-PC on 12-11-2014 15:58:45
Running from C:\Users\alinho\Downloads
Loaded Profile: alinho (Available profiles: alinho)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
() C:\Program Files\EslWire\service\WireHelperSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\loggingserver.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-19] (Intel Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5188112 2014-08-25] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [3060248 2014-11-06] ()
HKU\S-1-5-21-3313115351-3098599846-789828441-1000\...\Run: [ESL Wire] => C:\Program Files\EslWire\wire.exe [3772928 2014-10-15] (Turtle Entertainment GmbH)
HKU\S-1-5-21-3313115351-3098599846-789828441-1000\...\MountPoints2: {b0fedfc6-6768-11e3-9ddb-806e6f6e6963} - D:\Run.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.gophoto.it/?pl=2&ch=v1noadmin_1402
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x68C2B24779FBCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
SearchScopes: HKCU - {232B222E-A07D-4745-B404-BE415B5A14F3} URL = hxxp://search.gophoto.it/?pl=1&q={searchTerms}&ch=v1noadmin_1402
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={7FB659F3-CAAF-44AA-BC97-CF10B97243DD}&mid=93f9cc215c6747d3ac25416272ba3743-975e14e3df561c48b5621fd713da88094d1b6b4d&lang=de&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-11-06 17:48:02&v=4.0.0.19&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.0.0.19\AVG Web TuneUp.dll (AVG)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.10\ViProtocol.dll (AVG Secure Search)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.10\\npsitesafety.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)

Chrome: 
=======
CHR Profile: C:\Users\alinho\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\alinho\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-23]
CHR Extension: (Google Wallet) - C:\Users\alinho\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3242000 2014-08-25] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-25] (AVG Technologies CZ, s.r.o.)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [107040 2014-05-19] (EasyAntiCheat Ltd)
R2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [663056 2014-01-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-05] (Intel Corporation)
R2 vToolbarUpdater18.1.10; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe [1849368 2014-11-06] (AVG Secure Search)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-08-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-11-06] (AVG Technologies)
S3 busenum; C:\Windows\System32\DRIVERS\SteelBus64.sys [145408 2014-01-08] (SteelSeries Corporation) [File not signed]
R0 ESLWireAC; C:\Windows\System32\drivers\ESLWireACD.sys [110216 2014-09-07] (<Turtle Entertainment>)
S3 hidkmdf; C:\Windows\System32\DRIVERS\hidkmdf.sys [8704 2014-08-13] (Windows (R) Win 7 DDK provider) [File not signed]
S3 SAlphamHid; C:\Windows\System32\DRIVERS\SAlpham64.sys [38016 2013-05-31] (SteelSeries Corporation) [File not signed]
S3 sshid; C:\Windows\System32\DRIVERS\sshid.sys [38400 2014-08-13] (SteelSeries ApS) [File not signed]
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
R2 WinI2C-DDC; C:\Windows\system32\drivers\DDCDrv.sys [20832 2013-12-18] (Nicomsoft Ltd.)
S2 avnetflt; system32\DRIVERS\avnetflt.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-12 15:58 - 2014-11-12 15:59 - 00011115 _____ () C:\Users\alinho\Downloads\FRST.txt
2014-11-12 15:58 - 2014-11-12 15:58 - 02116096 _____ (Farbar) C:\Users\alinho\Downloads\FRST64.exe
2014-11-12 15:58 - 2014-11-12 15:58 - 00000000 ____D () C:\FRST
2014-11-11 16:03 - 2014-11-11 16:03 - 00034802 _____ () C:\Users\alinho\Downloads\linesman-archive.zip
2014-11-07 00:15 - 2014-11-07 00:15 - 00303890 _____ () C:\Users\alinho\Downloads\FRITZ.Box Fon WLAN 7360 111.06.20_07.11.14_0015.export
2014-11-06 17:48 - 2014-11-07 22:58 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2014-11-06 17:48 - 2014-11-06 21:48 - 00000000 ____D () C:\Users\alinho\AppData\Local\AVG Web TuneUp
2014-11-06 17:48 - 2014-11-06 17:47 - 00050976 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-11-06 17:47 - 2014-11-06 17:48 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp
2014-11-06 17:47 - 2014-11-06 17:47 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-11-06 17:47 - 2014-11-06 17:47 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp
2014-11-05 17:04 - 2014-11-05 17:04 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-11-05 17:03 - 2014-11-05 17:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-11-05 17:03 - 2014-10-30 01:56 - 00614728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-11-05 16:59 - 2014-10-30 09:56 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-11-05 16:59 - 2014-10-30 09:56 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-11-05 16:59 - 2014-10-30 05:53 - 31890064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-11-05 16:59 - 2014-10-30 05:53 - 24554824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-11-05 16:59 - 2014-10-30 05:53 - 20922696 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-11-05 16:59 - 2014-10-30 05:53 - 19966856 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-11-05 16:59 - 2014-10-30 05:53 - 18497600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-11-05 16:59 - 2014-10-30 05:53 - 17258696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-11-05 16:59 - 2014-10-30 05:53 - 16886168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-11-05 16:59 - 2014-10-30 05:53 - 14029400 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-11-05 16:59 - 2014-10-30 05:53 - 13942368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-11-05 16:59 - 2014-10-30 05:53 - 13189832 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-11-05 16:59 - 2014-10-30 05:53 - 11395672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-11-05 16:59 - 2014-10-30 05:53 - 11333848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-11-05 16:59 - 2014-10-30 05:53 - 04289856 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-11-05 16:59 - 2014-10-30 05:53 - 04011840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-11-05 16:59 - 2014-10-30 05:53 - 02849224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-11-05 16:59 - 2014-10-30 05:53 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434460.dll
2014-11-05 16:59 - 2014-10-30 05:53 - 01539272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434460.dll
2014-11-05 16:59 - 2014-10-30 05:53 - 00961224 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-11-05 16:59 - 2014-10-30 05:53 - 00932168 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-11-05 16:59 - 2014-10-30 05:53 - 00922944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-11-05 16:59 - 2014-10-30 05:53 - 00896144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-11-05 16:59 - 2014-10-30 05:53 - 00870112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-11-05 16:59 - 2014-10-30 05:53 - 00502080 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-11-05 16:59 - 2014-10-30 05:53 - 00416912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-11-05 16:59 - 2014-10-30 05:53 - 00391824 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-11-05 16:59 - 2014-10-30 05:53 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-11-05 16:59 - 2014-10-30 05:53 - 00349504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-11-05 16:59 - 2014-10-30 05:53 - 00303600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-11-05 16:59 - 2014-10-30 05:53 - 00174856 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-11-05 16:59 - 2014-10-30 05:53 - 00156840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-11-05 16:57 - 2014-11-05 16:57 - 00000000 ____D () C:\NVIDIA
2014-11-02 21:36 - 2014-11-02 21:36 - 00000347 _____ () C:\DelFix.txt
2014-11-02 20:18 - 2014-11-02 21:26 - 00001608 _____ () C:\Windows\PFRO.log
2014-11-02 20:15 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-10-25 23:48 - 2014-11-11 18:55 - 00000000 ____D () C:\Users\alinho\AppData\Roaming\OBS
2014-10-25 23:48 - 2014-10-25 23:48 - 00000935 _____ () C:\Users\alinho\Desktop\Open Broadcaster Software.lnk
2014-10-25 23:48 - 2014-10-25 23:48 - 00000000 ____D () C:\Users\alinho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2014-10-22 14:54 - 2014-11-11 16:05 - 00036062 _____ () C:\Windows\DirectX.log
2014-10-16 11:37 - 2014-11-12 15:01 - 00002567 _____ () C:\Windows\setupact.log
2014-10-16 11:37 - 2014-10-16 11:37 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-16 00:42 - 2014-10-10 03:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-16 00:42 - 2014-10-10 03:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-16 00:42 - 2014-10-10 03:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-16 00:42 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-16 00:42 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-16 00:42 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 00:42 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 00:42 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-16 00:42 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-16 00:42 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-16 00:42 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-16 00:42 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-16 00:42 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 00:42 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 00:42 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-16 00:42 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-16 00:42 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-16 00:42 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 00:42 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-16 00:42 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-16 00:42 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-16 00:42 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-16 00:42 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 00:42 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-16 00:42 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-16 00:42 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-16 00:42 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-16 00:42 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-16 00:42 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-16 00:42 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-16 00:42 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-16 00:42 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-16 00:42 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-16 00:42 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 00:42 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-16 00:42 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-16 00:42 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-16 00:42 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-16 00:42 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 00:42 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-16 00:42 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 00:42 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-16 00:42 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-16 00:42 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-16 00:42 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-16 00:42 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-16 00:42 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-16 00:42 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 00:42 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-16 00:42 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-16 00:42 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-16 00:42 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 00:42 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-16 00:42 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-16 00:42 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-16 00:42 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 00:42 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-16 00:42 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-16 00:42 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-16 00:42 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-16 00:42 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-16 00:42 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 00:42 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-16 00:42 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-16 00:42 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 00:42 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-16 00:42 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 00:41 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-16 00:41 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-16 00:41 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-16 00:41 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 00:41 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-16 00:41 - 2014-07-17 03:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-16 00:41 - 2014-07-17 03:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-16 00:41 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-16 00:41 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-16 00:41 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-16 00:41 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-16 00:41 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-16 00:41 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-16 00:41 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-16 00:41 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-16 00:41 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-16 00:41 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-16 00:41 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-16 00:41 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-16 00:41 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-16 00:41 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-12 15:40 - 2013-12-17 23:19 - 02063186 _____ () C:\Windows\WindowsUpdate.log
2014-11-12 15:13 - 2013-12-19 14:57 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 15:12 - 2013-12-19 14:57 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-12 15:09 - 2009-07-14 05:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-12 15:09 - 2009-07-14 05:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-12 15:08 - 2011-04-12 08:43 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-11-12 15:08 - 2011-04-12 08:43 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-11-12 15:08 - 2009-07-14 06:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-12 15:07 - 2013-12-21 17:23 - 00000000 ____D () C:\ProgramData\MFAData
2014-11-12 15:07 - 2013-12-17 23:57 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-12 15:03 - 2014-06-01 17:31 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-11-12 15:02 - 2014-06-26 11:59 - 00000000 ____D () C:\Users\alinho\AppData\Local\ESL Wire Game Client
2014-11-12 15:02 - 2013-12-17 23:57 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-12 15:01 - 2013-12-17 23:52 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-12 15:01 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-11 19:00 - 2013-12-18 00:22 - 00000000 ____D () C:\Users\alinho\AppData\Roaming\TS3Client
2014-11-10 19:22 - 2013-12-25 02:08 - 00007602 _____ () C:\Users\alinho\AppData\Local\Resmon.ResmonCfg
2014-11-05 17:04 - 2013-12-17 23:51 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-11-05 16:59 - 2013-12-17 23:50 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-11-02 21:13 - 2009-07-14 04:20 - 00000000 __RSD () C:\Windows\Media
2014-11-02 19:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-30 22:48 - 2014-09-22 11:29 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-10-30 09:56 - 2014-08-19 21:14 - 01538880 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-10-30 05:53 - 2013-12-17 23:51 - 20966504 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-10-30 05:53 - 2013-12-17 23:51 - 03237528 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-10-30 05:53 - 2013-12-17 23:51 - 00987008 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-10-30 05:53 - 2013-12-17 23:51 - 00073872 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-10-30 05:53 - 2013-12-17 23:51 - 00060744 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-10-30 05:53 - 2013-12-17 23:51 - 00027024 _____ () C:\Windows\system32\nvinfo.pb
2014-10-30 03:10 - 2013-12-17 23:51 - 06880968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-10-30 03:10 - 2013-12-17 23:51 - 03533632 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-10-30 03:10 - 2013-12-17 23:51 - 02558792 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-10-30 03:10 - 2013-12-17 23:51 - 00935232 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-10-30 03:10 - 2013-12-17 23:51 - 00385352 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-10-30 03:10 - 2013-12-17 23:51 - 00061640 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-10-28 22:09 - 2013-12-17 23:57 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-27 01:34 - 2013-12-17 23:51 - 04066553 _____ () C:\Windows\system32\nvcoproc.bin
2014-10-25 23:48 - 2014-09-22 11:29 - 00000000 ____D () C:\Program Files\OBS
2014-10-22 15:02 - 2013-12-17 23:57 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-22 15:02 - 2013-12-17 23:57 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-19 20:34 - 2014-06-26 11:59 - 00000779 _____ () C:\Users\Public\Desktop\ESL Wire.lnk
2014-10-19 20:34 - 2014-06-26 11:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESL Wire
2014-10-19 20:34 - 2013-12-25 01:12 - 00000000 ____D () C:\Program Files\EslWire
2014-10-16 17:58 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-10-16 11:37 - 2009-07-14 05:45 - 00268536 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-16 03:02 - 2014-05-15 09:58 - 00000000 ___SD () C:\Windows\system32\CompatTel

Some content of TEMP:
====================
C:\Users\alinho\AppData\Local\Temp\EslWireSetup-1.18.0.8085-x64.exe
C:\Users\alinho\AppData\Local\Temp\nvStInst.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-08 03:16

==================== End Of Log ============================

--- --- ---

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-11-2014
Ran by alinho at 2014-11-12 15:59:17
Running from C:\Users\alinho\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4765 - AVG Technologies)
AVG 2014 (Version: 14.0.4189 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4765 - AVG Technologies) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.0.0.19 - AVG Technologies)
CCleaner (HKLM\...\CCleaner) (Version: 4.08 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
ESL Wire 1.18.0 (HKLM\...\ESL Wire_is1) (Version:  - Turtle Entertainment GmbH)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
HLSW v1.4.0.2 (HKLM-x32\...\HLSW_is1) (Version:  - Stripf Software)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 344.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.46 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 344.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.60 - NVIDIA Corporation)
NVIDIA Grafiktreiber 344.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.60 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

22-10-2014 13:54:17 DirectX wurde installiert
10-11-2014 14:13:34 Geplanter Prüfpunkt
11-11-2014 15:04:56 DirectX wurde installiert
12-11-2014 14:11:22 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-01-07 21:11 - 00001297 ____A C:\Windows\system32\Drivers\etc\hosts
255.255.255.255    easyanticheat.se    # misleading site
255.255.255.255    www.easyanticheat.se    # misleading site
255.255.255.255    easyanticheat.com    # misleading site
255.255.255.255    www.easyanticheat.com    # misleading site
255.255.255.255    easyanticheat.info    # misleading site
255.255.255.255    www.easyanticheat.info    # misleading site
255.255.255.255    easyanticheat.org    # misleading site
255.255.255.255    www.easyanticheat.org    # misleading site


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {39A118DD-7123-43E1-A31E-FD30D0B2AA5A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-17] (Google Inc.)
Task: {45342D8D-88FC-41A0-B740-B76CED0DC2C2} - System32\Tasks\0814avUpdateInfo => C:\ProgramData\Avg_Update_0814av\0814av_AVG-Secure-Search-Update.exe [2014-08-12] ()
Task: {7D173521-44CE-4F4E-933C-A2B2B1A9B072} - System32\Tasks\0414bUpdateInfo => C:\ProgramData\Avg_Update_0414b\0414b_AVG-Secure-Search-Update.exe [2014-04-09] ()
Task: {7EFB77B2-93DF-4254-AF68-4E764BCA3FFC} - System32\Tasks\$dMM6KqyKu+JyN+{$ => C:\Users\alinho\AppData\Roaming\playnowradio\playnowradio\1.3.4.8\playnowradio.exe
Task: {9137C793-1029-4821-BC25-9332D4B25E59} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-17] (Google Inc.)
Task: {AD2EA805-BBA4-4A05-BAF9-794503740A71} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: C:\Windows\Tasks\0414bUpdateInfo.job => C:\ProgramData\Avg_Update_0414b\0414b_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\0814avUpdateInfo.job => C:\ProgramData\Avg_Update_0814av\0814av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-12-17 23:51 - 2014-10-30 03:10 - 00117064 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-12-25 01:12 - 2014-01-28 11:40 - 00663056 _____ () C:\Program Files\EslWire\service\WireHelperSvc.exe
2013-12-25 01:12 - 2014-10-09 15:22 - 00214016 _____ () C:\Program Files\EslWire\service\NocIPC64.dll
2014-11-06 17:47 - 2014-11-06 17:47 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\loggingserver.exe
2014-11-06 17:47 - 2014-11-06 17:47 - 03060248 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2014-11-06 17:47 - 2014-11-06 17:47 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\log4cplusU.dll
2014-08-29 14:27 - 2014-08-21 19:15 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 14:27 - 2014-08-21 19:15 - 00442368 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 14:27 - 2014-08-21 19:15 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-06-01 17:31 - 2014-10-02 00:16 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-06-01 17:31 - 2014-10-21 20:22 - 02226880 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-29 14:27 - 2014-08-21 19:15 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 14:27 - 2014-08-21 19:15 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-06-01 17:31 - 2014-10-21 20:22 - 00682176 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-06-01 17:31 - 2014-09-05 00:29 - 34589376 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-08-15 11:44 - 2014-09-05 00:29 - 00837824 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
2014-08-15 11:44 - 2014-09-05 00:29 - 00713408 _____ () C:\Program Files (x86)\Steam\bin\libglesv2.dll
2014-08-15 11:44 - 2014-09-05 00:29 - 00124608 _____ () C:\Program Files (x86)\Steam\bin\libegl.dll
2014-10-16 13:51 - 2014-10-16 13:51 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1eeea3ab8d69ec722bdcb28b8eb8dd75\IsdiInterop.ni.dll
2013-12-17 23:34 - 2012-02-01 16:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-12-17 23:32 - 2012-07-18 11:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-10-28 22:09 - 2014-10-22 05:04 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
2014-10-28 22:09 - 2014-10-22 05:04 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll
2014-10-28 22:09 - 2014-10-22 05:04 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
2014-10-28 22:09 - 2014-10-22 05:05 - 14902600 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll
2014-10-28 22:09 - 2014-10-22 05:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-3313115351-3098599846-789828441-500 - Administrator - Disabled)
alinho (S-1-5-21-3313115351-3098599846-789828441-1000 - Administrator - Enabled) => C:\Users\alinho
Gast (S-1-5-21-3313115351-3098599846-789828441-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3313115351-3098599846-789828441-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: avnetflt
Description: avnetflt
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: avnetflt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/12/2014 03:03:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/11/2014 03:39:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/10/2014 07:15:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/10/2014 06:20:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/10/2014 00:52:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/09/2014 10:40:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/08/2014 10:57:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/07/2014 10:56:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/06/2014 05:44:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/05/2014 07:24:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm OBS.exe, Version 0.6.3.7 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1764

Startzeit: 01cff9123ef4821e

Endzeit: 1

Anwendungspfad: C:\Program Files (x86)\OBS\OBS.exe

Berichts-ID: fa6a2f98-6518-11e4-b89a-902b345edeb0


System errors:
=============
Error: (11/12/2014 03:01:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avnetflt" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (11/11/2014 03:37:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avnetflt" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (11/10/2014 07:14:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avnetflt" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (11/10/2014 06:18:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avnetflt" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (11/10/2014 00:50:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avnetflt" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (11/09/2014 10:39:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avnetflt" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (11/08/2014 10:55:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avnetflt" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (11/07/2014 10:55:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avnetflt" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (11/06/2014 05:42:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avnetflt" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (11/05/2014 05:01:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avnetflt" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (11/12/2014 03:03:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/11/2014 03:39:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/10/2014 07:15:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/10/2014 06:20:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/10/2014 00:52:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/09/2014 10:40:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/08/2014 10:57:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/07/2014 10:56:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/06/2014 05:44:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/05/2014 07:24:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: OBS.exe0.6.3.7176401cff9123ef4821e1C:\Program Files (x86)\OBS\OBS.exefa6a2f98-6518-11e4-b89a-902b345edeb0


CodeIntegrity Errors:
===================================
  Date: 2014-09-16 19:55:15.883
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\sshid.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
Percentage of memory in use: 37%
Total physical RAM: 8138.11 MB
Available physical RAM: 5071.03 MB
Total Pagefile: 16274.4 MB
Available Pagefile: 13019.98 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.29 GB) (Free:870.21 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 148E0338)

Partition: GPT Partition Type.

==================== End Of Log ============================

Ist der Trojaner schon bekannt in der Community ? Wenn ja wie gefährlich?

MfG

schrauber · 13.11.2014, 09:58

Netter Fehlalarm von AVG

ALINHO · 13.11.2014, 11:39

Super, danke!!!

MfG

schrauber · 14.11.2014, 07:16

Gern Geschehen

13.11.2014, 09:58	#4
schrauber /// the machine /// TB-Ausbilder	Trojaner: BackDoor.Generic_c.MYX Netter Fehlalarm von AVG __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

14.11.2014, 07:16	#6
schrauber /// the machine /// TB-Ausbilder	Trojaner: BackDoor.Generic_c.MYX Gern Geschehen __________________ --> Trojaner: BackDoor.Generic_c.MYX

Trojaner: BackDoor.Generic_c.MYX

Plagegeister aller Art und deren Bekämpfung: Trojaner: BackDoor.Generic_c.MYX