|
Plagegeister aller Art und deren Bekämpfung: ist mein Trojaner jetzt weg ?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
28.02.2015, 11:21 | #1 |
| ist mein Trojaner jetzt weg ? Moin, Ich bin neu in dieser Community und ich weiß nicht ganz, ob ich hier richtig bin oder ob schon andere die Frage hatte... Ich habe gestern dümmlicherweise eine Datei gedownloadet, die vermutlich einen Trojaner beinhaltet. Ich habe deswegen gestern einige Programme gedownloadet und die einmal angewendet: -Microsoft Security Essentials hat nichts gefunden -spyware terminator 2015 hat nichts gefunden -Microsoft Windows- Tools zum entfern bösartiger Software, hier stand während des Scans, dass er 2 infizierte Dateien gefunden hat und am Ende des Scans stand dann plötzlich "Keine bösartigen Softwares gefunden" -Malwarebytes Anti Malware- er hat gleich mehrere Dateien in die Quarantäne gesteckt, habe die dümmlicherweise einfach alle gleich gelöscht. Den Scan habe ich erneut gemacht. Er hat dann nichts mehr gefunden. Mein Frage ist es jetzt, kann ich mir sicher sein, dass ich zu 100% keine Trojaner mehr auf dem Rechner habe? Ich bin eigentlich immer sehr vorsichtigt...Ich habe immer den Microsoft security Essentials im Hintergrund laufen, ich downloade eigentlich nie Fremde Dateien oder "verdächtige Dateien". Gestern hatte ich eine DHL EMail bekommen, die sah so echt aus...später kam heraus, dass diese Email ne Fake-Email war...Ich habe leider aus dem Anhang eine PDF Datei gedownloadet und die dann anschließend geöffnet... Die Datei verschwand nach dem Öffnen... Ich habe jetzt 4 verschiedene Programme angewendet und wenn die jetzt keine Viren/Trojaner/Bedrohungen entdecken, kann ich davon ausgehen, dass mein Rechner diesen Trojaner nicht mehr hat? NOrmalerweise sind die Trojaner ja recht hartnäckig und ich habe immer meinen PC neuinstalliert, nach dem ich einen Trojaner hatte...aber diesmal kann ich leider dies nicht tun.. Ich hoffe, dass Ihr mir helfen könnt. Gruß |
28.02.2015, 12:03 | #2 |
/// the machine /// TB-Ausbilder | ist mein Trojaner jetzt weg ? hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
28.02.2015, 12:12 | #3 |
| ist mein Trojaner jetzt weg ? FRST Logfile:
__________________FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-02-2015 01 Ran by Baris (administrator) on BARIS-PC on 28-02-2015 12:09:02 Running from C:\Users\Baris\Downloads Loaded Profiles: Baris (Available profiles: Baris & DefaultAppPool) Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 8 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe (Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe () D:\Programme\EslWire\service\WireHelperSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Crawler Group) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe (Microsoft Corporation) C:\Windows\System32\mqtgsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe (BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe (BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Akamai Technologies, Inc.) C:\Users\Baris\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) C:\Users\Baris\AppData\Local\Akamai\netsession_win.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Recon3D PCIe\Sound Blaster Recon3D PCIe Control Panel v2\SBRnPCIe.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Users\Baris\Downloads\Windows-KB890830-x64-V5.21.exe (Microsoft Corporation) E:\66c095658c4aab4f7dcadd12f622db\mrtstub.exe (Microsoft Corporation) C:\Windows\System32\MRT.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13307496 2011-10-17] (Realtek Semiconductor) HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation) HKLM\...\Run: [MsmqIntCert] => regsvr32 /s mqrt.dll HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [3860304 2015-01-26] (Crawler Group) HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [5456720 2015-01-26] (Crawler Group) HKLM-x32\...\Run: [Sound Blaster Recon3D PCIe SBX Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Recon3D PCIe\Sound Blaster Recon3D PCIe Control Panel v2\SBRnPCIe.exe [977920 2012-12-19] (Creative Technology Ltd) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-21-3167427794-509818530-2873309150-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Baris\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.) HKU\S-1-5-21-3167427794-509818530-2873309150-1000\...\Run: [msdbfd1d91e.exe] => "C:\Users\Baris\AppData\Roaming\Microsoft\msdbfd1d91e.exe" ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-3167427794-509818530-2873309150-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/?pc=UP97&ocid=UP97DHP&dt=062113 HKU\S-1-5-21-3167427794-509818530-2873309150-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Baris\AppData\Roaming\Mozilla\Firefox\Profiles\mu2fignb.default FF SearchEngineOrder.1: Ask Search FF SearchEngineOrder.3: Bing FF Homepage: hxxp://www.google.de/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll () FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB) FF Plugin: @videolan.org/vlc,version=2.0.6 -> D:\Programme\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.4 -> D:\Programme\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll () FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF user.js: detected! => C:\Users\Baris\AppData\Roaming\Mozilla\Firefox\Profiles\mu2fignb.default\user.js FF SearchPlugin: C:\Users\Baris\AppData\Roaming\Mozilla\Firefox\Profiles\mu2fignb.default\searchplugins\ask-search.xml FF SearchPlugin: C:\Users\Baris\AppData\Roaming\Mozilla\Firefox\Profiles\mu2fignb.default\searchplugins\bingp.xml FF Extension: Adblock Plus - C:\Users\Baris\AppData\Roaming\Mozilla\Firefox\Profiles\mu2fignb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-02] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-12-24] () [File not signed] R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2014-10-07] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2014-10-07] (BlueStack Systems, Inc.) R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [782040 2014-10-07] (BlueStack Systems, Inc.) S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2014-05-31] (Creative Labs) [File not signed] S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-05-31] (Creative Labs) [File not signed] R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2012-10-08] (Creative Technology Ltd) [File not signed] R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [103936 2013-07-30] (Creative Technology Ltd) R2 EslWireHelper; D:\Programme\EslWire\service\WireHelperSvc.exe [663056 2014-01-28] () R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation) S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed] S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed] R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-21] (Microsoft Corporation) S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] () S2 MBAMScheduler; D:\Programme\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation) S2 MBAMService; D:\Programme\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation) R2 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-14] (Microsoft Corporation) R2 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [189440 2010-11-21] (Microsoft Corporation) R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation) S3 Origin Client Service; D:\Programme\OriginBattle\Origin\OriginClientService.exe [1910128 2015-01-21] (Electronic Arts) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-07-14] () R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [3037520 2015-01-26] (Crawler Group) R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-10-07] (BlueStack Systems) R3 cthda; C:\Windows\System32\drivers\cthda.sys [1049880 2013-07-30] (Creative Technology Ltd) R3 cthdb; C:\Windows\System32\DRIVERS\cthdb.sys [28440 2013-07-30] (Creative Technology Ltd) R0 ESLWireAC; C:\Windows\System32\drivers\ESLWireACD.sys [104224 2015-02-24] (<Turtle Entertainment>) S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-05-23] () S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation) R3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-14] (Microsoft Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation) S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited) R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2011-08-24] (Windows (R) Win 7 DDK provider) S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-28 12:09 - 2015-02-28 12:09 - 00015216 _____ () C:\Users\Baris\Downloads\FRST.txt 2015-02-28 12:08 - 2015-02-28 12:09 - 00000000 ____D () C:\FRST 2015-02-28 12:08 - 2015-02-28 12:08 - 02087936 _____ (Farbar) C:\Users\Baris\Downloads\FRST64.exe 2015-02-28 10:29 - 2015-02-28 10:57 - 00000504 _____ () C:\Windows\setupact.log 2015-02-28 10:29 - 2015-02-28 10:56 - 00003178 _____ () C:\Windows\PFRO.log 2015-02-28 10:29 - 2015-02-28 10:29 - 00000000 _____ () C:\Windows\setuperr.log 2015-02-27 20:46 - 2015-02-28 10:58 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-02-27 20:45 - 2015-02-27 20:45 - 00000731 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-02-27 20:45 - 2015-02-27 20:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-02-27 20:45 - 2015-02-27 20:45 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-02-27 20:45 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-02-27 20:45 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-02-27 20:45 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-02-27 20:43 - 2015-02-27 20:43 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Baris\Downloads\mbam-setup-2.0.4.1028.exe 2015-02-27 20:37 - 2015-02-27 21:13 - 00000000 ____D () C:\ProgramData\Spyware Terminator 2015-02-27 20:37 - 2015-02-27 20:37 - 00001038 _____ () C:\Users\Public\Desktop\Spyware Terminator 2012.lnk 2015-02-27 20:37 - 2015-02-27 20:37 - 00000000 ____D () C:\Users\Baris\AppData\Roaming\Spyware Terminator 2015-02-27 20:37 - 2015-02-27 20:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012 2015-02-27 20:36 - 2015-02-27 20:37 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator 2015-02-27 20:36 - 2015-02-27 20:36 - 00937232 _____ (Crawler.com ) C:\Users\Baris\Downloads\spyware-terminator_21118.exe 2015-02-27 20:33 - 2015-02-28 10:33 - 00000000 ____D () C:\Windows\system32\MpEngineStore 2015-02-27 20:31 - 2015-02-27 20:32 - 39739064 _____ (Microsoft Corporation) C:\Users\Baris\Downloads\Windows-KB890830-x64-V5.21.exe 2015-02-27 20:27 - 2015-02-27 20:27 - 00000000 ____D () C:\ProgramData\TEMP 2015-02-27 20:27 - 2015-02-27 20:27 - 00000000 ____D () C:\ProgramData\Licenses 2015-02-25 14:53 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls 2015-02-25 14:53 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls 2015-02-24 19:49 - 2015-02-24 19:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-02-21 11:15 - 2015-02-28 12:00 - 00779646 _____ () C:\Windows\WindowsUpdate.log 2015-02-19 15:17 - 2015-02-19 15:17 - 00000000 ____D () C:\Users\Baris\AppData\Local\Steam 2015-02-14 21:13 - 2015-02-22 19:05 - 00000239 _____ () C:\Users\Baris\Desktop\Neues Textdokument.txt 2015-02-11 15:02 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-02-11 15:02 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-02-11 15:02 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-02-11 15:02 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-02-11 15:02 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-02-11 15:02 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2015-02-11 15:02 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-02-11 15:02 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2015-02-11 15:02 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-02-11 15:02 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-02-11 15:02 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-02-11 15:02 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-02-11 15:02 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-02-11 15:02 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-02-11 15:02 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-02-11 15:02 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-02-11 15:02 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-02-11 15:02 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-02-11 15:02 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-02-11 15:02 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-02-11 15:02 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-02-11 15:02 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-02-11 15:02 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-02-11 15:02 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-02-11 15:02 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-02-11 15:02 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-02-11 15:02 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-02-11 15:02 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-02-11 15:02 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-02-11 15:02 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-02-11 15:02 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-02-11 15:02 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-02-11 15:02 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-02-11 15:02 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2015-02-11 15:02 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2015-02-11 15:02 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-02-11 15:02 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2015-02-11 15:02 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2015-02-11 15:02 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll 2015-02-11 15:02 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll 2015-02-11 15:02 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2015-02-11 15:02 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2015-02-10 22:12 - 2015-02-10 22:12 - 00000000 _____ () C:\Users\Baris\Desktop\03.03.2015 um 16 Uhr Hautarzt.txt 2015-01-30 22:25 - 2015-01-30 22:25 - 00055774 _____ () C:\Users\Baris\Documents\ts3_clientui-win64-1407159763-2015-01-30 22_25_15.194661.dmp ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-28 12:06 - 2014-07-10 10:14 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-02-28 11:04 - 2009-07-14 05:45 - 00035936 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-02-28 11:04 - 2009-07-14 05:45 - 00035936 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-02-28 11:03 - 2013-05-24 04:04 - 00779092 _____ () C:\Windows\system32\perfh007.dat 2015-02-28 11:03 - 2013-05-24 04:04 - 00177560 _____ () C:\Windows\system32\perfc007.dat 2015-02-28 11:03 - 2009-07-14 06:13 - 01821138 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-02-28 10:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\inetsrv 2015-02-28 10:57 - 2014-05-29 15:02 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-02-28 10:57 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-02-28 10:56 - 2013-11-09 14:35 - 00000000 ____D () C:\Users\Baris\AppData\Roaming\FoxTab 2015-02-28 10:56 - 2013-07-29 20:49 - 00000000 ____D () C:\Program Files (x86)\Homepage 2015-02-28 10:56 - 2009-07-14 06:37 - 00000000 ____D () C:\Windows\DigitalLocker 2015-02-27 17:50 - 2014-12-15 17:25 - 00000000 ____D () C:\Users\Baris\AppData\Local\ESL Wire Game Client 2015-02-27 17:22 - 2013-05-23 20:13 - 00000000 ____D () C:\Users\Baris\AppData\Roaming\TS3Client 2015-02-26 19:13 - 2013-05-26 15:22 - 00000000 ____D () C:\Users\Baris\AppData\Roaming\vlc 2015-02-25 12:18 - 2013-05-23 19:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-02-24 16:57 - 2014-12-15 18:31 - 00104224 _____ (<Turtle Entertainment>) C:\Windows\system32\Drivers\ESLWireACD.sys 2015-02-17 13:38 - 2014-05-29 20:41 - 00000000 ____D () C:\ProgramData\Origin 2015-02-16 22:07 - 2014-08-25 16:01 - 00000000 ____D () C:\Windows\rescache 2015-02-11 19:48 - 2014-09-13 11:08 - 00434896 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-02-11 19:47 - 2014-12-10 18:56 - 00000000 ____D () C:\Windows\system32\appraiser 2015-02-11 19:47 - 2014-05-06 16:27 - 00000000 ___SD () C:\Windows\system32\CompatTel 2015-02-11 19:47 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2015-02-11 19:45 - 2013-05-25 21:36 - 00000000 ____D () C:\ProgramData\Package Cache 2015-02-11 19:43 - 2014-06-07 13:54 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-02-11 19:41 - 2013-05-23 19:18 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk 2015-02-11 19:41 - 2013-05-23 19:18 - 00001912 _____ () C:\Windows\epplauncher.mif 2015-02-11 19:41 - 2013-05-23 19:18 - 00000000 ____D () C:\Program Files\Microsoft Security Client 2015-02-11 19:41 - 2013-05-23 19:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client 2015-02-11 19:40 - 2013-08-14 22:35 - 00000000 ____D () C:\Windows\system32\MRT 2015-02-04 21:06 - 2014-07-10 10:14 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-02-04 21:06 - 2014-07-10 10:14 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-02-04 21:06 - 2014-07-10 10:14 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-01-29 17:49 - 2013-05-23 20:20 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-02-27 17:41 ==================== End Of Log ============================ --- --- --- FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-02-2015 01 Ran by Baris at 2015-02-28 12:09:39 Running from C:\Users\Baris\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A} AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) Akamai NetSession Interface (HKU\S-1-5-21-3167427794-509818530-2873309150-1000\...\Akamai) (Version: - Akamai Technologies, Inc) Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.) AutoGreen B12.0206.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE) AutoGreen B12.0206.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts) BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.4.4078 - BlueStack Systems, Inc.) BlueStacks Notification Center (HKLM-x32\...\{152E0B21-19D5-4772-9EF8-8E76074B0C0A}) (Version: 0.9.4.4078 - BlueStack Systems, Inc.) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software) Bundled software uninstaller (HKLM-x32\...\bi_uninstaller) (Version: - ) <==== ATTENTION CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform) Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve) Creative Music Server (HKLM-x32\...\Music Server) (Version: 1.01 - Creative Technology Limited) Creative Systeminformationen (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited) Crysis 2 Maximum Edition (HKLM-x32\...\Steam App 108800) (Version: - Crytek Studios) Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.03 - Creative Technology Limited) Easy Tune 6 B12.0509.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE) Easy Tune 6 B12.0509.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden ESL Wire 1.18.0 (HKLM\...\ESL Wire_is1) (Version: - Turtle Entertainment GmbH) Etron USB3.0 Host Controller (x32 Version: 0.104 - Etron Technology) Hidden Firefall (HKLM-x32\...\{CFEF8DB5-B45E-4b05-90BE-D02AA6F45354}) (Version: - Red 5 Studios) Free YouTube to MP3 Converter version 3.12.2.430 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.2.430 - DVDVideoSoft Ltd.) Gameforge Live 2.0.5 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.5 - Gameforge) Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version: - Rockstar North) Grand Theft Auto: Episodes from Liberty City (HKLM-x32\...\Steam App 12220) (Version: - Rockstar North / Toronto) Gwyddion (HKLM\...\Gwyddion) (Version: 2.39.win64 - Gwyddion developers) Infestation: Survivor Stories (HKLM-x32\...\Steam App 226700) (Version: - Hammerpoint Interactive) Insurgency (HKLM-x32\...\Steam App 222880) (Version: - New World Interactive) Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation) Intel® SSD Toolbox (HKLM-x32\...\{06D085C8-1F00-11B2-96A7-8f0CE39193ED}) (Version: 3.2.3.400 - Intel Corporation) Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve) Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation) MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org) Mozilla Firefox 36.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0 (x86 de)) (Version: 36.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.09 - NVIDIA Corporation) NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation) NVIDIA Grafiktreiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation) Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.) PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version: - Sony Online Entertainment) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.) QtiPlot 0.9.8.6 (HKLM-x32\...\QtiPlot_is1) (Version: - Ion Vasilief) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek) Rising Storm/Red Orchestra 2 Multiplayer (HKLM-x32\...\Steam App 35450) (Version: - Tripwire Interactive) SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden Sound Blaster Recon3D PCIe (HKLM-x32\...\{344F2565-8724-473A-9A4E-62A780AAE396}) (Version: 1.01.19 - Creative Technology Limited) Sound Blaster Recon3D PCIe Extras (HKLM-x32\...\{204FCF73-1450-407D-BCF9-1233EC5F5787}) (Version: 1.0 - Creative Technology Limited) South Park - The Stick of Truth (HKLM-x32\...\South Park - The Stick of Truth_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91) Spyware Terminator 2012 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.0.101 - Crawler Group) Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) TeamSpeak 3 Client (HKU\S-1-5-21-3167427794-509818530-2873309150-1000\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH) Tom Clancy's Splinter Cell® Blacklist™ (HKLM-x32\...\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}) (Version: 1.00 - Ubisoft) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft) Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft) Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft) Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft) VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN) War Thunder (HKLM-x32\...\Steam App 236390) (Version: - Gaijin Entertainment) Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc) Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation) WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= ATTENTION: System Restore is disabled. ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {04283DB0-CD61-4903-8F0B-B6B91B05EDC0} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {302B255C-69C3-42D1-A283-B539A1C476BB} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation) Task: {4E6D8BB6-2CF7-4734-8A99-8929173BF312} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] () Task: {5E32FBCB-F158-45EC-AB5E-03B2B1CA7D52} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated) Task: {633A50EC-8996-4878-AE30-0D164AB925FD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {75BFDB90-C9B0-43E2-BD26-4C1F700E77FC} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation) Task: {7AB487E5-85CD-4490-A02F-1CDF6BD770B2} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation) Task: {80267BF6-A5EF-4A8C-8748-BCC8D8AB44F7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd) Task: {81DEEA23-1C7B-4E77-979A-8F2BEE8EC7D5} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft) Task: {90BBCA1F-A5A0-46CD-BB87-DB5BAB3E098E} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation) Task: {CB15D506-4585-4CE0-B6F4-468E06D35FC3} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] () Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============== 2014-09-13 11:05 - 2014-12-13 09:03 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-12-15 17:25 - 2014-01-28 11:40 - 00663056 _____ () D:\Programme\EslWire\service\WireHelperSvc.exe 2014-12-15 17:25 - 2014-10-09 15:22 - 00214016 _____ () D:\Programme\EslWire\service\NocIPC64.dll 2014-03-17 15:35 - 2014-07-14 09:54 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2014-02-12 19:58 - 2014-02-12 19:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-02-12 19:58 - 2014-02-12 19:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2012-12-19 09:58 - 2012-12-19 09:58 - 00741376 _____ () C:\Program Files (x86)\Creative\Sound Blaster Recon3D PCIe\Sound Blaster Recon3D PCIe Control Panel v2\de-DE\SBRnPCIe.resources.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3167427794-509818530-2873309150-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Baris\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: Andy => C:\Program Files\Andy\HandyAndy.exe MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe MSCONFIG\startupreg: ESL Wire => "D:\Programme\EslWire\wire.exe" --tray MSCONFIG\startupreg: iTunesHelper => "D:\Programme\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime ==================== Accounts: ============================= Administrator (S-1-5-21-3167427794-509818530-2873309150-500 - Administrator - Disabled) Baris (S-1-5-21-3167427794-509818530-2873309150-1000 - Administrator - Enabled) => C:\Users\Baris Gast (S-1-5-21-3167427794-509818530-2873309150-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3167427794-509818530-2873309150-1003 - Limited - Enabled) ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (02/28/2015 10:58:51 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/28/2015 10:36:14 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/28/2015 10:31:26 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/27/2015 09:12:25 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm MBAM.EXE, Version 1.0.1.711 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 8d8 Startzeit: 01d052c883155f42 Endzeit: 60000 Anwendungspfad: D:\PROGRAMME\ MALWAREBYTES ANTI-MALWARE \MBAM.EXE Berichts-ID: c01276f4-bebc-11e4-9377-902b349d532d Error: (02/27/2015 08:18:01 PM) (Source: Windows Search Service) (EventID: 1019) (User: ) Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-3167427794-509818530-2873309150-1000}/">. Error: (02/27/2015 08:17:49 PM) (Source: Windows Search Service) (EventID: 1019) (User: ) Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-3167427794-509818530-2873309150-1000}/">. Error: (02/27/2015 08:07:43 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/27/2015 04:53:57 PM) (Source: Windows Search Service) (EventID: 1019) (User: ) Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-3167427794-509818530-2873309150-1000}/">. Error: (02/27/2015 03:58:33 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/27/2015 03:36:46 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (02/27/2015 10:48:53 PM) (Source: NetBT) (EventID: 4321) (User: ) Description: Der Name "BARIS-PC :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.1.48 registriert werden. Der Computer mit IP-Adresse 192.168.1.59 hat nicht zugelassen, dass dieser Computer diesen Namen verwendet. Error: (02/27/2015 10:48:52 PM) (Source: NetBT) (EventID: 4321) (User: ) Description: Der Name "BARIS-PC :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.1.48 registriert werden. Der Computer mit IP-Adresse 192.168.1.59 hat nicht zugelassen, dass dieser Computer diesen Namen verwendet. Error: (02/27/2015 10:46:40 PM) (Source: NetBT) (EventID: 4321) (User: ) Description: Der Name "BARIS-PC :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.1.48 registriert werden. Der Computer mit IP-Adresse 192.168.1.59 hat nicht zugelassen, dass dieser Computer diesen Namen verwendet. Error: (02/27/2015 10:46:40 PM) (Source: NetBT) (EventID: 4321) (User: ) Description: Der Name "BARIS-PC :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.1.48 registriert werden. Der Computer mit IP-Adresse 192.168.1.59 hat nicht zugelassen, dass dieser Computer diesen Namen verwendet. Error: (02/27/2015 08:45:41 PM) (Source: NetBT) (EventID: 4321) (User: ) Description: Der Name "BARIS-PC :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.1.48 registriert werden. Der Computer mit IP-Adresse 192.168.1.59 hat nicht zugelassen, dass dieser Computer diesen Namen verwendet. Error: (02/27/2015 08:45:35 PM) (Source: NetBT) (EventID: 4321) (User: ) Description: Der Name "BARIS-PC :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.1.48 registriert werden. Der Computer mit IP-Adresse 192.168.1.59 hat nicht zugelassen, dass dieser Computer diesen Namen verwendet. Error: (02/27/2015 08:44:34 PM) (Source: NetBT) (EventID: 4321) (User: ) Description: Der Name "BARIS-PC :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.1.48 registriert werden. Der Computer mit IP-Adresse 192.168.1.59 hat nicht zugelassen, dass dieser Computer diesen Namen verwendet. Error: (02/27/2015 08:37:38 PM) (Source: NetBT) (EventID: 4321) (User: ) Description: Der Name "BARIS-PC :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.1.48 registriert werden. Der Computer mit IP-Adresse 192.168.1.59 hat nicht zugelassen, dass dieser Computer diesen Namen verwendet. Error: (02/27/2015 08:37:35 PM) (Source: NetBT) (EventID: 4321) (User: ) Description: Der Name "BARIS-PC :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.1.48 registriert werden. Der Computer mit IP-Adresse 192.168.1.59 hat nicht zugelassen, dass dieser Computer diesen Namen verwendet. Error: (02/27/2015 08:37:25 PM) (Source: NetBT) (EventID: 4321) (User: ) Description: Der Name "BARIS-PC :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.1.48 registriert werden. Der Computer mit IP-Adresse 192.168.1.59 hat nicht zugelassen, dass dieser Computer diesen Namen verwendet. Microsoft Office Sessions: ========================= ==================== Memory info =========================== Processor: AMD Phenom(tm) II X2 550 Processor Percentage of memory in use: 41% Total physical RAM: 8189.43 MB Available physical RAM: 4794.12 MB Total Pagefile: 16377.05 MB Available Pagefile: 13033.15 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:55.8 GB) (Free:6.13 GB) NTFS Drive d: () (Fixed) (Total:465.76 GB) (Free:262.74 GB) NTFS Drive e: () (Fixed) (Total:465.76 GB) (Free:421.84 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 55.9 GB) (Disk ID: 6F8E8C3A) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=55.8 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 6F8E8C37) Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 000F00BA) Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
28.02.2015, 15:49 | #4 |
/// the machine /// TB-Ausbilder | ist mein Trojaner jetzt weg ? Lade Dir bitte von hier Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
Themen zu ist mein Trojaner jetzt weg ? |
100%, anti, datei, dateien, dhl email, einfach, email, erneut, frage, hartnäckig, hintergrund, infizierte, mehrere dateien, neu, nicht mehr, nichts, pdf, plötzlich, programme, quarantäne, rechner, security, software, tools, trojaner, verschiedene |