|
Plagegeister aller Art und deren Bekämpfung: Trojan.Generic 12056736 / Bitdefender Scan / flv converter von chip.deWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
01.03.2015, 22:15 | #1 |
| Trojan.Generic 12056736 / Bitdefender Scan / flv converter von chip.de Liebes Forum, Wenn ich die Anweisungen hier so lese, habe ich wohl ziemlich viel falsch gemacht waehrend der letzten 24 Stunden. Gestern habe ich von chip.de den free flv converter runtergeladen. Noch waehrend des Speichervorganges hat Bitdefender Total Security 2014 folgendes gemeldet: Die Datei C:\\Windows\System32\is-5VMQM.tmp ist infiziert kann aber nicht gereinigt werden. Virusname: Trojan.Generic 12056736 (Das Oeffnen des Converters habe ich mit strg ent alf abgebrochen. Alle Zusatzanwendungen hatte ich vorher schon abgewaehlt) Ich sollte den Computer im Safe Mode hochfahren und nachdem ich die "unsichtbaren" Datein sichtbar gemacht hatte, die obige Datei loeschen. Da war aber keine Datei diesen Namens. Ich habe dann einen Systemscan mit Bitdefender durchgefuehrt. Folgende Nachricht kam: Das Infizierte Objekt C:\user\nina\appdata\local\temp\nsgC047.tmp\nsm7E3Etmp\pack.exe wurde geloescht. Der naechste Systemscan war ohne Befund. Da ich das ganze komisch fand habe ich noch Spybot Search and destroy drueber laufen lassen. War auch ohne Fund. Bin ich diesen Trojaner jetzt los nicht? Bisher habe ich mich immer voll auf das Antivirusprogramm verlassen und keine Gedanken gemacht, aber jetzt? Vielen Dank schonmal fuers Lesen meiner Frage |
01.03.2015, 22:46 | #2 | |
Ruhe in Frieden † 2019 | Trojan.Generic 12056736 / Bitdefender Scan / flv converter von chip.deMein Name ist Sandra und ich werde Dir bei Deinem Problem behilflich sein.
Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der schnellere und bei einem Befall durch Malware immer der sicherste Weg. Adware lässt sich in den allermeisten Fällen problemlos entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Dir jemand vom Team sagt, dass Du clean bist. Posten in Code Tags Bitte füge die Logs immer in Code-Tags ein. Wenn Du das nicht machst, erschwert es mir sehr das Auswerten. Danke. Dazu:
Zitat:
Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
01.03.2015, 23:43 | #3 |
| Trojan.Generic 12056736 / Bitdefender Scan / flv converter von chip.de [CODE]
__________________FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-02-2015 Ran by Nina (administrator) on NINA-PC on 01-03-2015 23:37:24 Running from C:\Users\Nina\Desktop Loaded Profiles: Nina (Available profiles: Nina) Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe (IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b8f542503f95f21b\stacsv.exe (Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b8f542503f95f21b\AEstSrv.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Nero AG) C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe (SafeNet Inc.) C:\Windows\System32\hasplms.exe () C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Dell Inc.) C:\Program Files\Dell\Ambient Light Sensor\AlsSvc.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe () C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe (SoftPerfect Research) C:\Program Files\NetWorx\networx.exe (Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcMon.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (ZTE) C:\Program Files\congstar\Internetmanager\Bin\mcserver.exe (Microsoft Corporation) C:\Windows\System32\cmd.exe () C:\Program Files\congstar\Internetmanager\Bin\dbus-daemon.exe () C:\Program Files\congstar\Internetmanager\Bin\gconfd-2.exe () C:\Program Files\congstar\Internetmanager\Bin\db_daemon.exe (Microsoft Corporation) C:\Windows\System32\dinotify.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [278528 2010-02-17] (Alps Electric Co., Ltd.) HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-02-12] (Intel Corporation) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [458844 2009-06-29] (IDT, Inc.) HKLM\...\Run: [PDVDDXSrv] => C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [140520 2010-01-07] (CyberLink Corp.) HKLM\...\Run: [ApplyEsf-eDocPrintPro] => C:\Program Files\Common Files\MAYComputer\eDocPrintPro\\ApplyEsf.exe [315392 2009-11-30] (May Software) HKLM\...\Run: [BrMfcWnd] => C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.) HKLM\...\Run: [ControlCenter3] => C:\Program Files\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [3825176 2012-11-13] (Safer-Networking Ltd.) HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe [1618488 2013-10-24] (Bitdefender) HKLM\...\Run: [NetWorx] => C:\Program Files\NetWorx\networx.exe [3430096 2013-10-23] (SoftPerfect Research) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation) Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X] HKU\S-1-5-21-3657568479-3030905945-1415747749-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [3713032 2012-11-13] (Safer-Networking Ltd.) HKU\S-1-5-21-3657568479-3030905945-1415747749-1000\...\MountPoints2: {90ba51e1-b5bf-11e1-81f5-904ce5f5ec24} - F:\setup.exe -a Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MCtlSvc.lnk ShortcutTarget: MCtlSvc.lnk -> C:\Program Files\congstar\Internetmanager\Bin\mcserver.exe (ZTE) ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender) ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender) ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender) ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender) BootExecute: autocheck autochk /p \??\F:autocheck autochk * ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm HKU\S-1-5-21-3657568479-3030905945-1415747749-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www1.euro.dell.com/content/default.aspx?c=uk&l=en&s=gen HKU\S-1-5-21-3657568479-3030905945-1415747749-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www1.euro.dell.com/content/default.aspx?c=uk&l=en&s=gen HKU\S-1-5-21-3657568479-3030905945-1415747749-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) DPF: {01FEB79E-A2DE-4F96-AB6A-B8A039826963} https://dw1.orhro.com/dicomWeb/viewer/ORDcmView.ocx Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 109.196.48.2 8.8.4.4 FireFox: ======== FF ProfilePath: C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default FF Homepage: hxxp://www.google.pl/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll () FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.) FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @virtools.com/3DviaPlayer -> C:\Program Files\Virtools\3D Life Player\npvirtools.dll (Dassault Systèmes) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF user.js: detected! => C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\user.js FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Extension: Blur (Formerly DoNotTrackMe) - C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\Extensions\donottrackplus@abine.com [2014-11-22] FF Extension: Pocket - C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\Extensions\isreaditlater@ideashower.com [2015-01-12] FF Extension: Microsoft .NET Framework Assistant - C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-07-20] FF Extension: Adblock Plus Pop-up Addon - C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\Extensions\adblockpopups@jessehakanen.net.xpi [2013-04-09] FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\Extensions\elemhidehelper@adblockplus.org.xpi [2013-04-09] FF Extension: Webmail Ad Blocker - C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\Extensions\gmailnoads@mywebber.com.xpi [2013-04-09] FF Extension: YouTube to MP3 - C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\Extensions\youtube2mp3@mondayx.de.xpi [2013-04-09] FF Extension: All-in-One Sidebar - C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi [2012-08-07] FF Extension: Session Manager - C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2012-08-07] FF Extension: Capture & Print - C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\Extensions\{146f1820-2b0d-49ef-acbf-d85a6986e10c}.xpi [2013-04-09] FF Extension: Abduction! - C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\Extensions\{b0e1b4a6-2c6f-4e99-94f2-8e625d7ae255}.xpi [2012-08-07] FF Extension: RightToClick - C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\Extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi [2013-04-09] FF Extension: Adblock Plus - C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-08-22] FF Extension: Download Statusbar - C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2013-04-09] FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011-07-29] FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-08-18] FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-04-11] FF HKLM\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\congstar\Internetmanager\Bin\addon FF Extension: Bytemobile Optimization Client - C:\Program Files\congstar\Internetmanager\Bin\addon [2011-04-22] FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext [2013-06-13] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 alssvc; C:\Program Files\Dell\Ambient Light Sensor\AlsSvc.exe [382232 2008-06-03] (Dell Inc.) S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe [62688 2013-10-24] (Bitdefender) R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) R2 DeviceMonitorService; C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe [87368 2011-09-19] (Nero AG) R2 hasplms; C:\Windows\system32\hasplms.exe [4180576 2010-09-27] (SafeNet Inc.) R2 MotoHelper; C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe [214896 2011-12-06] () R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [82824 2012-06-25] (Bitdefender) R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.) R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b8f542503f95f21b\STacSV.exe [221266 2009-06-29] (IDT, Inc.) R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe [54960 2013-10-24] (Bitdefender) R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe [1343472 2013-10-24] (Bitdefender) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aksfridge; C:\Windows\System32\DRIVERS\aksfridge.sys [356864 2009-08-20] (Aladdin Knowledge Systems Ltd.) S3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [238208 2010-09-27] (Aladdin Knowledge Systems Ltd.) S3 akshhl; C:\Windows\System32\DRIVERS\akshhl.sys [46336 2010-09-27] (Aladdin Knowledge Systems Ltd.) S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [16384 2010-09-27] (Aladdin Knowledge Systems Ltd.) R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [640560 2013-10-24] (BitDefender) R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [242504 2012-11-02] (BitDefender) R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [490144 2013-10-24] (BitDefender) R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [78144 2013-02-22] (BitDefender LLC) R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [90704 2011-11-14] (BitDefender LLC) S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [66832 2013-10-24] (BitDefender SRL) R1 bdselfpr; C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys [135600 2013-10-24] (BitDefender LLC) R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [72704 2012-04-17] (BitDefender) S3 Blfp; C:\Windows\System32\DRIVERS\basp.sys [82432 2008-10-31] (Broadcom Corporation) R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [13184 2009-12-15] (Bytemobile, Inc.) [File not signed] S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [77808 2014-01-27] (FTDI Ltd.) R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [165744 2013-10-24] (BitDefender LLC) R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [588800 2009-12-09] (SafeNet Inc.) S3 HSPADataCardusbmdm; C:\Windows\System32\DRIVERS\HSPADataCardusbmdm.sys [106880 2010-02-11] (HSPADataCard Incorporated) S3 HSPADataCardusbnmea; C:\Windows\System32\DRIVERS\HSPADataCardusbnmea.sys [106880 2010-02-11] (HSPADataCard Incorporated) S3 HSPADataCardusbser; C:\Windows\System32\DRIVERS\HSPADataCardusbser.sys [106880 2010-02-11] (HSPADataCard Incorporated) S3 KMWDFILTERx86; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [25088 2009-04-29] (Windows (R) Codename Longhorn DDK provider) S4 risdpcie; C:\Windows\system32\drivers\risdpe86.sys [48640 2009-04-03] (REDC) S4 rixdpcie; C:\Windows\system32\drivers\rixdpe86.sys [38400 2009-04-03] (REDC) S3 Ser2at; C:\Windows\System32\DRIVERS\ser2at.sys [76288 2007-06-08] (Prolific Technology Inc.) R1 tcpipBM; C:\Windows\system32\drivers\tcpipBM.sys [24192 2009-12-15] (Bytemobile, Inc.) [File not signed] R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [360376 2013-10-24] (BitDefender S.R.L.) S3 V0490Vid; C:\Windows\System32\DRIVERS\V0490Vid.sys [287328 2009-06-15] (Creative Technology Ltd.) R2 {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7}; C:\Program Files\CyberLink\PowerDVD DX\000.fcl [87536 2010-01-07] (CyberLink Corp.) U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-01 23:37 - 2015-03-01 23:38 - 00019665 _____ () C:\Users\Nina\Desktop\FRST.txt 2015-03-01 23:37 - 2015-03-01 23:37 - 00000000 ____D () C:\FRST 2015-03-01 23:34 - 2015-03-01 23:34 - 01132032 _____ (Farbar) C:\Users\Nina\Desktop\FRST.exe 2015-03-01 20:26 - 2015-03-01 20:34 - 00000000 ____D () C:\ProgramData\Dumps 2015-03-01 19:36 - 2015-03-01 23:28 - 00007916 _____ () C:\Windows\setupact.log 2015-03-01 12:42 - 2015-03-01 12:42 - 00000000 ____D () C:\Users\Nina\Documents\ProcAlyzer Dumps 2015-03-01 08:31 - 2015-03-01 01:38 - 00051805 _____ () C:\Users\Nina\Desktop\1425159886_1_01.xml 2015-02-28 22:40 - 2015-02-28 22:39 - 00052394 _____ () C:\Users\Nina\Desktop\1425148342_1_02.xml 2015-02-28 18:23 - 2011-09-22 11:05 - 00364544 _____ () C:\Windows\system32\PropertyGrid.ocx 2015-02-28 18:23 - 2011-09-22 11:05 - 00208500 _____ () C:\Windows\system32\ReyXpBasics.tlb 2015-02-28 18:23 - 2011-09-22 11:05 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\MSCMCFR.DLL 2015-02-28 18:23 - 2011-09-22 11:05 - 00119568 _____ (Microsoft Corporation) C:\Windows\system32\VB6FR.DLL 2015-02-28 18:23 - 2011-09-22 11:05 - 00084512 _____ (Microsoft Corporation) C:\Windows\system32\PICCLP32.OCX 2015-02-28 18:23 - 2011-09-22 11:05 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\CMDLGFR.DLL 2015-02-28 18:23 - 2011-09-22 11:05 - 00024576 _____ () C:\Windows\system32\ControlSubX.ocx 2015-02-28 18:23 - 2011-09-22 11:05 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\PCCLPFR.DLL 2015-02-28 18:22 - 2015-02-28 18:26 - 00000000 ____D () C:\Program Files\Free FLV Converter 2015-02-28 18:06 - 2015-02-28 18:08 - 26567296 _____ () C:\Users\Nina\Desktop\Mein Film1.mp4 2015-02-27 11:32 - 2015-02-27 11:32 - 00781979 _____ () C:\Users\Nina\Desktop\Re Temporary Agreement Letter.eml 2015-02-27 11:28 - 2015-02-27 11:28 - 00144290 _____ () C:\Users\Nina\Desktop\Re Contract.eml 2015-02-26 11:08 - 2015-02-26 11:16 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird 2015-02-26 03:01 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\system32\locale.nls 2015-02-17 18:53 - 2015-01-09 03:48 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll 2015-02-17 18:53 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll 2015-02-17 18:53 - 2015-01-09 03:48 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll 2015-02-16 14:37 - 2015-02-16 14:37 - 00043400 _____ () C:\Users\Nina\.recently-used.xbel 2015-02-15 19:26 - 2015-02-15 19:26 - 00000000 ____D () C:\Users\Nina\Desktop\Kuejlschrank 2015-02-12 09:13 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-02-12 09:13 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-02-11 09:28 - 2015-01-15 08:46 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-02-11 09:28 - 2015-01-15 08:46 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-02-11 09:28 - 2015-01-15 08:43 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-02-11 09:28 - 2015-01-15 08:43 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-02-11 09:28 - 2015-01-15 08:42 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-02-11 09:28 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-02-11 09:28 - 2015-01-15 08:42 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-02-11 09:28 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-02-11 09:28 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-02-11 09:28 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-02-11 09:28 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-02-11 09:28 - 2015-01-15 05:21 - 00369968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-02-11 09:28 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2015-02-11 09:28 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-02-11 09:28 - 2015-01-09 02:45 - 02380288 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-02-11 09:27 - 2015-02-04 03:54 - 00482304 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-02-11 09:27 - 2015-02-04 03:53 - 00767488 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-02-11 09:27 - 2015-02-04 03:53 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-02-11 09:27 - 2015-02-04 03:53 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-02-11 09:27 - 2015-02-04 03:53 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-02-11 09:27 - 2015-02-04 03:53 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2015-02-11 09:27 - 2015-02-04 03:49 - 00886784 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-02-11 09:27 - 2015-01-28 00:36 - 01167520 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2015-02-11 09:27 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-02-11 09:27 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-02-11 09:27 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-02-11 09:27 - 2015-01-12 03:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-02-11 09:27 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-02-11 09:27 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-02-11 09:27 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-02-11 09:27 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-02-11 09:27 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-02-11 09:27 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-02-11 09:27 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-02-11 09:27 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-02-11 09:27 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-02-11 09:27 - 2015-01-12 02:55 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-02-11 09:27 - 2015-01-12 02:48 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-02-11 09:27 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-02-11 09:27 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-02-11 09:27 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-02-11 09:27 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-02-11 09:27 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-02-11 09:27 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-02-11 09:27 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-02-11 09:27 - 2015-01-12 02:23 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-02-11 09:27 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-02-11 09:27 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-02-11 09:27 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-02-11 09:27 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-02-11 09:27 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-02-11 09:27 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-02-11 09:27 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-02-11 09:27 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-02-11 09:27 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-02-11 09:27 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-02-11 09:27 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-02-11 09:27 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-02-11 09:27 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2015-02-11 09:27 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2015-02-11 09:27 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2015-02-11 09:27 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2015-02-11 09:26 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2015-02-11 09:26 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll 2015-01-31 08:03 - 2015-01-31 08:03 - 00000000 ____D () C:\Users\Nina\Desktop\Liegnitz ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-01 23:38 - 2010-07-13 11:32 - 00022304 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-03-01 23:38 - 2010-07-13 11:32 - 00022304 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-03-01 23:35 - 2010-07-13 11:48 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-03-01 23:35 - 2010-07-13 11:44 - 01171722 _____ () C:\Windows\WindowsUpdate.log 2015-03-01 23:34 - 2012-11-25 20:26 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-03-01 23:29 - 2010-07-20 20:20 - 00000000 ____D () C:\temp 2015-03-01 23:28 - 2013-11-20 13:24 - 00000384 _____ () C:\Windows\Tasks\Final Media Player Update Checker.job 2015-03-01 23:28 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-03-01 23:27 - 2010-07-13 11:37 - 00084090 _____ () C:\Windows\PFRO.log 2015-03-01 20:57 - 2013-09-17 13:10 - 00000483 _____ () C:\Windows\system32\checkdnsid.xml 2015-03-01 12:42 - 2012-12-20 13:25 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2015-03-01 09:31 - 2014-07-21 19:26 - 00000182 _____ () C:\Users\Nina\AppData\Roaming\Safer-Networking.log 2015-03-01 09:01 - 2012-12-20 13:25 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2 2015-02-27 09:51 - 2012-05-14 12:22 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2015-02-26 22:04 - 2013-07-02 12:59 - 00000000 ____D () C:\Users\Nina\Downloads\Bitdefender Safepay 2015-02-18 03:57 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache 2015-02-18 03:17 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\tracing 2015-02-16 14:37 - 2011-01-15 10:46 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\gtk-2.0 2015-02-16 14:37 - 2011-01-15 10:43 - 00000000 ____D () C:\Users\Nina\.gimp-2.6 2015-02-16 14:37 - 2010-07-13 11:32 - 00000000 ____D () C:\Users\Nina 2015-02-15 19:27 - 2013-06-10 14:30 - 00000000 ____D () C:\Users\Nina\Desktop\Laser 2015-02-15 19:12 - 2015-01-19 09:39 - 00000000 ____D () C:\Users\Nina\Desktop\Software Update 2015-02-13 03:01 - 2010-12-19 19:02 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\Skype 2015-02-12 03:36 - 2009-07-14 05:33 - 00301336 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-02-12 03:33 - 2014-12-11 21:28 - 00000000 ____D () C:\Windows\system32\appraiser 2015-02-12 03:33 - 2014-05-07 02:02 - 00000000 ___SD () C:\Windows\system32\CompatTel 2015-02-12 03:33 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE 2015-02-12 03:16 - 2013-07-22 12:11 - 00000000 ____D () C:\Windows\system32\MRT 2015-02-12 03:07 - 2010-07-14 09:07 - 113756392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-02-08 20:45 - 2010-12-19 19:02 - 00000000 ___RD () C:\Program Files\Skype 2015-02-08 20:45 - 2010-12-19 19:02 - 00000000 ____D () C:\ProgramData\Skype 2015-02-08 13:29 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF 2015-02-06 19:34 - 2012-06-17 14:29 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2015-02-06 19:34 - 2012-01-25 17:44 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl ==================== Files in the root of some directories ======= 2014-07-21 19:26 - 2015-03-01 09:31 - 0000182 _____ () C:\Users\Nina\AppData\Roaming\Safer-Networking.log 2010-07-13 12:03 - 2010-07-13 12:17 - 0001531 _____ () C:\Users\Nina\AppData\Local\Win7_tmp1.htm 2013-06-13 16:31 - 2013-06-13 16:31 - 1611100 _____ () C:\ProgramData\1371133435.bdinstall.bin 2010-12-19 19:04 - 2011-07-06 09:47 - 0000056 ____H () C:\ProgramData\ezsidmv.dat ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-02-23 10:31 ==================== End Of Log ============================ --- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 29-02-2015 Ran by Nina at 2015-03-01 23:39:13 Running from C:\Users\Nina\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Bitdefender Virenschutz (Enabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09} FW: Bitdefender Firewall (Enabled) {A364D236-8096-DCCF-EF3F-4E4DBCD170CF} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 3DVIA player 5.0 (HKLM\...\{4E868D3D-6EEB-4273-926C-2287236B5B79}) (Version: 5.0.0.15 - 3DVIA) Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.3.133 - Adobe Systems, Inc.) Ambient Light Sensor (HKLM\...\{5AF4F4C5-C71C-418F-B0B1-3903A345BD71}) (Version: 1.0.7 - Dell Inc.) Bitdefender Total Security 2013 (HKLM\...\Bitdefender) (Version: 16.30.0.1843 - Bitdefender) Broadcom NetXtreme-I Netlink Driver and Management Installer (HKLM\...\{75729BD7-F978-4C18-AF98-C0A682BF17D0}) (Version: 11.12.02 - Broadcom Corporation) Brother MFL-Pro Suite DCP-585CW (HKLM\...\{48D082B9-18F6-4426-AFAC-8B6A3E7021B1}) (Version: 1.0.1.0 - Brother Industries, Ltd.) congstar Internet-Manager (HKLM\...\{27D28586-BEF1-4E06-8787-3B1FC3A41489}) (Version: 1.0.0.4 - ) Creative Live! Cam Notebook Ultra (VF0490) Driver (1.02.04.00) (HKLM\...\Creative VF0490) (Version: - ) D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden Dell Driver Download Manager (HKU\S-1-5-21-3657568479-3030905945-1415747749-1000\...\f031ef6ac137efc5) (Version: 2.1.0.0 - Dell Inc.) Dell Edoc Viewer (HKLM\...\{3138EAD3-700B-4A10-B617-B3F8096EE30D}) (Version: 1.0.0 - Dell Inc) Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1002.101.102 - ALPS ELECTRIC CO., LTD.) DICOMViewer 1.7.0 (HKLM\...\DICOMViewer) (Version: 1.7.0 - COREWARE) eDocPrintPro v3.15.5 (HKLM\...\{B4007B15-35A1-44B2-A591-BCF387720BC4}) (Version: 3.15.5 - MAY-Computer) Extended Asian Language font pack for Adobe Reader XI (HKLM\...\{AC76BA86-7AD7-2530-0000-A00000000004}) (Version: 11.0.0 - Adobe Systems Incorporated) FastStone Photo Resizer 3.0 (HKLM\...\FastStone Photo Resizer) (Version: 3.0 - FastStone Soft.) Final Media Player 2012 (HKLM\...\FinalMediaPlayer_is1) (Version: 2012.10.9.0 - Bitberry Software) <==== ATTENTION Fotogalerie (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Gimnazjum klasa 1 - Planeta Nowa (HKLM\...\Gimnazjum klasa 1 - Planeta Nowa) (Version: - ) GIMP 2.6.11 (HKLM\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team) gs_x86 (HKLM\...\{E93FA0AE-24E0-4D5B-A6FF-1C46B4829776}) (Version: 8.71 - MAY-Computer) HeartScreen 60G-VET (HKLM\...\HeartScreen 60G-VET) (Version: - ) IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6217.0 - IDT) Innobase-Vet (HKLM\...\Innobase-Vet) (Version: - ) Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation) Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation) Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation) Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle) Language Editor (HKLM\...\Language Editor) (Version: - ) Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) MotoHelper 2.1.32 Driver 5.4.0 (HKLM\...\MotoHelper) (Version: 2.1.32 - Motorola) MotoHelper MergeModules (Version: 1.2.0 - Motorola) Hidden MOTOROLA MEDIA LINK (HKLM\...\{378397D6-FD32-4092-A854-6A75CB7EDA46}) (Version: 1.5.4090.2 - Motorola) Motorola Mobile Drivers Installation 5.4.0 (Version: 5.4.0 - Motorola Inc.) Hidden Movie Maker (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Mozilla Firefox 35.0.1 (x86 de) (HKLM\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) Mozilla Thunderbird 31.5.0 (x86 de) (HKLM\...\Mozilla Thunderbird 31.5.0 (x86 de)) (Version: 31.5.0 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) NetSpeedMonitor 2.5.4.0 x86 (HKLM\...\{86501894-E722-4385-A792-B7C2F28FAE7B}) (Version: 2.5.4.0 - Florian Gilles) OpenOffice 4.1.0 (HKLM\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation) Poedit (HKLM\...\{68EB2C37-083A-4303-B5D8-41FA67E50B8F}_is1) (Version: 1.4.6 - Vaclav Slavik) PowerDVD DX (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.3.6107 - CyberLink Corp.) QuantorVet 1.0.90.266 (HKLM\...\QuantorVet) (Version: 1.0.90.266 - 3DISC) QuantorVetDemo 1.0.33.201 (HKLM\...\QuantorVetDemo) (Version: 1.0.33.201 - 3DISC) Roxio Creator DE 10.3 (HKLM\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.3 - Roxio) Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation) Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.0.12 - Safer-Networking Ltd.) swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Twinson Terrace Professional (HKLM\...\TTP_is1) (Version: 3.1.2 - OrbanSoft SRL) WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.100 - Broadcom Corporation) WinCASH 2.0 (HKLM\...\ST6UNST #1) (Version: - ) Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (01/18/2013 2.08.28) (HKLM\...\9E24492CE9279512BD465F61DB8523641BB7BBFC) (Version: 01/18/2013 2.08.28 - FTDI) Windows Driver Package - FTDI CDM Driver Package - VCP Driver (01/18/2013 2.08.28) (HKLM\...\E61B77ECE57113AE1CA028BC7A8AD6C137BD13DD) (Version: 01/18/2013 2.08.28 - FTDI) Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation) Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - ) YTD Video Downloader 4.7.2 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.7.2 - GreenTree Applications SRL) <==== ATTENTION ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-3657568479-3030905945-1415747749-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-3657568479-3030905945-1415747749-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-3657568479-3030905945-1415747749-1000_Classes\CLSID\{cc5bbec3-db4a-4bed-828d-08d78ee3e1ed}\InprocServer32 -> C:\Windows\system32\jscript.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3657568479-3030905945-1415747749-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-3657568479-3030905945-1415747749-1000_Classes\CLSID\{f414c261-6ac0-11cf-b6d1-00aa00bbbb58}\InprocServer32 -> C:\Windows\system32\jscript.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3657568479-3030905945-1415747749-1000_Classes\CLSID\{f414c262-6ac0-11cf-b6d1-00aa00bbbb58}\InprocServer32 -> C:\Windows\system32\jscript.dll (Microsoft Corporation) ==================== Restore Points ========================= 12-02-2015 03:00:46 Windows Update 13-02-2015 03:00:41 Windows Update 17-02-2015 12:02:32 Windows Update 18-02-2015 03:00:27 Windows Update 24-02-2015 09:59:08 Windows Update 26-02-2015 03:00:27 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {155723BA-60E2-4354-93AF-84EAC8D3C2D8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs Task: {1F9DD11E-C05E-49DE-8F62-1C7CA614BC6D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {2AFCE0EC-28B1-4DC6-9714-A4055F72E0A9} - System32\Tasks\{4764FA9A-F73F-4A91-94E5-060631CD5D58} => C:\Program Files\Skype\\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.) Task: {3C23ED5B-3DFA-4FDB-A6D7-1B110591B19A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe Task: {3F2EC1E5-5717-4BF1-BEF6-651CC65FCB2B} - System32\Tasks\MotoHelper Routing => C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] () Task: {4BB46668-3F6B-409D-8DB3-94333546E251} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs Task: {5B6103E3-3BAB-4359-AAF1-F4F81C627AC4} - System32\Tasks\{3124C81E-BEE4-46D7-A3C4-DC8B3EFE2A76} => pcalua.exe -a E:\setup.txt.exe -d E:\ Task: {6038447E-9C64-4F25-BA06-3DF404DDA251} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-06] (Adobe Systems Incorporated) Task: {897D6FAE-7505-4A44-A965-3132810C9E75} - System32\Tasks\MotoHelper Update => C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] () Task: {9A2F47E7-B1F5-484D-8149-FE57AB014429} - System32\Tasks\MotoHelper Initial Update => C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] () Task: {AE050069-222E-45A7-9B44-02FC63A7EA0B} - System32\Tasks\Final Media Player Update Checker => C:\Program Files\FinalMediaPlayer\FMPCheckForUpdates.exe [2013-03-25] (Bitberry Software) Task: {AF8B0C29-6CF1-4389-96A2-12D8956F437B} - System32\Tasks\{B6D4A164-507A-44C8-9F77-85A5891B4956} => pcalua.exe -a F:\Install_Nokia_Ovi_Suite.exe -d F:\ Task: {BCE1FBEC-6227-4C04-97CA-390AA5D40EB5} - System32\Tasks\{1175BA3D-ACD2-4386-AB19-AA4D59133894} => pcalua.exe -a "C:\Users\Nina\Desktop\OpenOffice 4.1.0 (de) Installation Files\setup.exe" -d "C:\Users\Nina\Desktop\OpenOffice 4.1.0 (de) Installation Files" Task: {E2A2DBFD-60D1-436F-BF2B-C927F8C8D359} - System32\Tasks\{2C27DB0D-54A6-4B27-A5EB-DDB43A843808} => pcalua.exe -a C:\Windows\IsUn0415.exe -c -f"C:\Program Files\Gimnazjum klasa 1 - Planeta Nowa\Uninst.isu" -c"C:\Program Files\Gimnazjum klasa 1 - Planeta Nowa\UninstallProject.dll" Task: {E663D2C6-CA51-4990-99C9-73AB49489835} - System32\Tasks\MotoHelper MUM => C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] () Task: {EBEA2279-F3F6-4671-80D2-BC2204377DE9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe Task: {F7E3211C-32AE-41E1-ADA1-6F7CE2CA719D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\Final Media Player Update Checker.job => C:\Program Files\FinalMediaPlayer\FMPCheckForUpdates.exe ==================== Loaded Modules (whitelisted) ============== 2013-06-13 16:28 - 2013-10-24 15:59 - 00204280 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\txmlutil.dll 2013-06-13 16:29 - 2013-10-24 16:01 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\UI\accessl.ui 2013-06-13 16:29 - 2011-11-14 19:17 - 00132176 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\bdfwcore.dll 2013-10-24 16:26 - 2013-10-24 16:26 - 00005120 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\UI\IMSecurityAL.ui 2015-02-06 19:10 - 2015-02-06 19:10 - 00678616 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\otengines_00042_022\ashttpbr.mdl 2015-02-06 19:10 - 2015-02-06 19:10 - 00493216 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\otengines_00042_022\ashttpdsp.mdl 2015-02-06 19:10 - 2015-02-06 19:10 - 02187048 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\otengines_00042_022\ashttpph.mdl 2015-02-06 19:10 - 2015-02-06 19:10 - 01135424 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\otengines_00042_022\ashttprbl.mdl 2011-03-20 17:10 - 2008-09-16 20:18 - 00132608 _____ () C:\Program Files\WinRAR\rarext.dll 2012-12-20 13:25 - 2012-11-13 14:06 - 00108960 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2012-12-20 13:25 - 2012-11-13 14:06 - 00416160 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl 2012-12-20 13:25 - 2012-11-13 14:06 - 00528288 _____ () C:\Program Files\Spybot - Search & Destroy 2\JSDialogPack150.bpl 2012-12-20 13:25 - 2012-11-13 14:06 - 00158624 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2012-12-20 13:25 - 2012-11-13 14:06 - 00554400 _____ () C:\Program Files\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl 2011-09-19 14:57 - 2011-09-19 14:57 - 00128336 _____ () C:\Program Files\Motorola Media Link\Lite\liveupdatetactics.dll 2011-09-19 14:57 - 2011-09-19 14:57 - 00023872 _____ () C:\Program Files\Motorola Media Link\Lite\DbAccess.dll 2011-09-19 14:59 - 2011-09-19 14:59 - 00465632 _____ () C:\Program Files\Motorola Media Link\Lite\sqlite3.dll 2011-09-19 14:57 - 2011-09-19 14:57 - 00045368 _____ () C:\Program Files\Motorola Media Link\Lite\NAdvLog.dll 2011-09-19 14:57 - 2011-09-19 14:57 - 00034128 _____ () C:\Program Files\Motorola Media Link\Lite\NFileCacheDBAccess.dll 2011-12-06 22:00 - 2011-12-06 22:00 - 00214896 _____ () C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe 2012-12-20 13:25 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll 2013-06-13 16:29 - 2012-06-21 13:01 - 00918696 _____ () C:\Program Files\Bitdefender\Bitdefender SafeBox\System.Data.SQLite.dll 2011-12-06 22:00 - 2011-12-06 22:00 - 00784240 _____ () C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe 2010-10-19 17:01 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files\Brother\BrUtilities\BrLogAPI.dll 2013-06-13 16:28 - 2013-10-24 15:53 - 00093040 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\bdmetrics.dll 2009-08-11 23:10 - 2009-08-11 23:10 - 00132384 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll 2014-01-07 11:41 - 2013-10-05 09:00 - 00547328 _____ () C:\Program Files\NetWorx\sqlite.dll 2011-04-22 10:02 - 2010-01-26 11:35 - 00594432 _____ () C:\Program Files\congstar\Internetmanager\Bin\dbus-1.dll 2011-04-22 10:02 - 2010-01-26 11:35 - 00157696 _____ () C:\Program Files\congstar\Internetmanager\Bin\libgconf-2.dll 2011-04-22 10:02 - 2010-02-28 08:28 - 00089600 _____ () C:\Program Files\congstar\Internetmanager\Bin\itapi.dll 2011-04-22 10:02 - 2008-05-06 12:50 - 00971776 _____ () C:\Program Files\congstar\Internetmanager\Bin\libxml2.dll 2011-04-22 10:02 - 2009-03-28 08:19 - 00080688 _____ () C:\Program Files\congstar\Internetmanager\Bin\zlib1.dll 2011-04-22 10:02 - 2010-02-28 08:28 - 00054272 _____ () C:\Program Files\congstar\Internetmanager\Bin\coder.dll 2011-04-22 10:02 - 2010-02-28 08:28 - 00025088 _____ () C:\Program Files\congstar\Internetmanager\Bin\log.dll 2011-04-22 10:02 - 2010-02-28 08:28 - 00043008 _____ () C:\Program Files\congstar\Internetmanager\Bin\audio.dll 2011-04-22 10:02 - 2010-02-24 11:41 - 00034304 _____ () C:\Program Files\congstar\Internetmanager\Bin\libctlsvr.dll 2011-04-22 10:02 - 2010-01-26 11:35 - 00215552 _____ () C:\Program Files\congstar\Internetmanager\Bin\dbus-daemon.exe 2011-04-22 10:02 - 2007-09-09 16:07 - 00151552 _____ () C:\Program Files\congstar\Internetmanager\Bin\libexpat.dll 2011-04-22 10:02 - 2010-01-26 11:35 - 00043008 _____ () C:\Program Files\congstar\Internetmanager\Bin\gconfd-2.exe 2011-04-22 10:02 - 2010-01-26 11:35 - 00055808 _____ () C:\Program Files\congstar\Internetmanager\Bin\libgconfbackend-xml.dll 2011-04-22 10:02 - 2010-01-26 11:35 - 00031232 _____ () C:\Program Files\congstar\Internetmanager\Bin\db_daemon.exe 2011-04-22 10:02 - 2010-01-26 11:34 - 00341504 _____ () C:\Program Files\congstar\Internetmanager\Bin\sqlite3.dll 2011-08-22 11:24 - 2015-01-27 11:01 - 03925104 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\Nina\Desktop\FRST.exe:BDU AlternateDataStreams: C:\Users\Nina\Desktop\Innobase_Pico_1_3_setup.exe:BDU AlternateDataStreams: C:\Users\Nina\Desktop\Re Contract.eml:OECustomProperty AlternateDataStreams: C:\Users\Nina\Desktop\Re Temporary Agreement Letter.eml:OECustomProperty AlternateDataStreams: C:\Users\Nina\Downloads\wmpfirefoxplugin.exe:BDU ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3657568479-3030905945-1415747749-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Nina\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 109.196.48.2 - 8.8.4.4 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== Accounts: ============================= Administrator (S-1-5-21-3657568479-3030905945-1415747749-500 - Administrator - Disabled) Guest (S-1-5-21-3657568479-3030905945-1415747749-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3657568479-3030905945-1415747749-1015 - Limited - Enabled) Nina (S-1-5-21-3657568479-3030905945-1415747749-1000 - Administrator - Enabled) => C:\Users\Nina ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (03/01/2015 11:29:00 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/01/2015 07:33:54 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm SDFiles.exe, Version 2.0.12.135 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: e78 Startzeit: 01d053fd11110772 Endzeit: 0 Anwendungspfad: C:\Program Files\Spybot - Search & Destroy 2\SDFiles.exe Berichts-ID: 7f0bbf58-c041-11e4-bdc8-904ce5f5ec24 Error: (03/01/2015 07:25:21 PM) (Source: Windows Backup) (EventID: 4103) (User: ) Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "F:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)" Error: (03/01/2015 01:06:49 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: SDTools.exe, Version: 2.0.12.150, Zeitstempel: 0x50a24631 Name des fehlerhaften Moduls: rtl150.bpl, Version: 15.0.3953.35171, Zeitstempel: 0x4cca139f Ausnahmecode: 0xc0000005 Fehleroffset: 0x00005ebb ID des fehlerhaften Prozesses: 0xd0c Startzeit der fehlerhaften Anwendung: 0xSDTools.exe0 Pfad der fehlerhaften Anwendung: SDTools.exe1 Pfad des fehlerhaften Moduls: SDTools.exe2 Berichtskennung: SDTools.exe3 Error: (02/28/2015 07:28:45 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/28/2015 06:47:18 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/28/2015 06:43:53 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: WDLMW BrtWDLMW: [2015/02/28 18:43:53.558]: [00004640]: lperrcode->api = 1 , lperrcode->code = 2 Error: (02/28/2015 06:43:52 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: WDLMW BrtWDLMW: [2015/02/28 18:43:52.014]: [00004640]: lperrcode->api = 1 , lperrcode->code = 2 Error: (02/28/2015 06:43:50 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: WDLMW BrtWDLMW: [2015/02/28 18:43:50.469]: [00004640]: lperrcode->api = 1 , lperrcode->code = 2 Error: (02/28/2015 06:43:48 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: WDLMW BrtWDLMW: [2015/02/28 18:43:48.925]: [00004640]: lperrcode->api = 1 , lperrcode->code = 2 System errors: ============= Error: (03/01/2015 08:23:52 AM) (Source: BTHUSB) (EventID: 17) (User: ) Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen. Error: (02/28/2015 10:37:55 PM) (Source: BTHUSB) (EventID: 17) (User: ) Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen. Error: (02/28/2015 06:46:02 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error: (02/28/2015 06:46:02 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error: (02/28/2015 06:46:02 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error: (02/28/2015 06:46:02 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error: (02/28/2015 06:46:02 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error: (02/28/2015 06:46:02 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error: (02/28/2015 06:46:01 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030} Error: (02/28/2015 06:46:01 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} Microsoft Office Sessions: ========================= Error: (03/01/2015 11:29:00 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/01/2015 07:33:54 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: SDFiles.exe2.0.12.135e7801d053fd111107720C:\Program Files\Spybot - Search & Destroy 2\SDFiles.exe7f0bbf58-c041-11e4-bdc8-904ce5f5ec24 Error: (03/01/2015 07:25:21 PM) (Source: Windows Backup) (EventID: 4103) (User: ) Description: F:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006) Error: (03/01/2015 01:06:49 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: SDTools.exe2.0.12.15050a24631rtl150.bpl15.0.3953.351714cca139fc000000500005ebbd0c01d054164f42d1acC:\Program Files\Spybot - Search & Destroy 2\SDTools.exeC:\Program Files\Spybot - Search & Destroy 2\rtl150.bpl70134b87-c00b-11e4-bdc8-904ce5f5ec24 Error: (02/28/2015 07:28:45 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/28/2015 06:47:18 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/28/2015 06:43:53 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: WDLMWBrtWDLMW: [2015/02/28 18:43:53.558]: [00004640]: lperrcode->api = 1 , lperrcode->code = 2 Error: (02/28/2015 06:43:52 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: WDLMWBrtWDLMW: [2015/02/28 18:43:52.014]: [00004640]: lperrcode->api = 1 , lperrcode->code = 2 Error: (02/28/2015 06:43:50 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: WDLMWBrtWDLMW: [2015/02/28 18:43:50.469]: [00004640]: lperrcode->api = 1 , lperrcode->code = 2 Error: (02/28/2015 06:43:48 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: WDLMWBrtWDLMW: [2015/02/28 18:43:48.925]: [00004640]: lperrcode->api = 1 , lperrcode->code = 2 ==================== Memory info =========================== Processor: Intel(R) Core(TM)2 Duo CPU P8800 @ 2.66GHz Percentage of memory in use: 49% Total physical RAM: 3539.17 MB Available physical RAM: 1784.93 MB Total Pagefile: 7076.63 MB Available Pagefile: 4911.61 MB Total Virtual: 2047.88 MB Available Virtual: 1876.69 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:220.88 GB) (Free:133.28 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:1.54 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: C73027D1) Partition 1: (Not Active) - (Size=2 GB) - (Type=DE) Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS) Partition 3: (Active) - (Size=220.9 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
02.03.2015, 21:59 | #4 | |
Ruhe in Frieden † 2019 | Trojan.Generic 12056736 / Bitdefender Scan / flv converter von chip.de Hallo, Zitat:
YTD Video Downloader Diese Software kommt schon von sich aus mit Adware. Du musst bei den Downloads von Chip aufpassen, wähle dort immer den manuellen Download und die benutzerdefinierte Installation. Hast du nach diesen Schritten noch Probleme Schritt 1 Bitte deinstalliere folgende Programme (falls vorhanden) : Java 7 Update 71 Final Media Player 2012 Dazu gehe auf: den Windowsbutton in der Taskleiste --> Systemsteuerung --> Programme (Unterpunkt Programme deinstallieren) --> Programm auswählen --> entfernen Falls du ein Programm nicht deinstallieren kannst, lade dir von hier den Revo-uninstaller herunter und deinstalliere es damit, wähle dabei den moderaten Modus. Schritt 2 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter emptytemp: Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 3 Downloade Dir bitte Malwarebytes Anti-Malware
Schritt 4 Da der Scan mit Eset sehr gründlich ist, kann er unter Umständen mehrere Stunden dauern ESET Online Scanner
Schritt 5 Starte noch einmal FRST.
|
03.03.2015, 18:42 | #5 |
| Trojan.Generic 12056736 / Bitdefender Scan / flv converter von chip.de Hallo Sandra, Erstmal vielen Dank fuer die ganzen Anweisungen. Der Computer lief heute schon ohne Probleme. Soll ich trotzdem alles abarbeiten? Welche Firewall wuerdest Du denn anlassen? Ich habe mir die Logfiles auch angeschaut, da ich einfach neugierig war und so was nochnichtgemacht habe. Da ist mir wieder eingefallen, dass ich den Flv converter um 18.23 am 28.02.15 runter geladen habe. Im Frst logfile sind ab 18.23 acht neue Datein im System32 angelegt worden. Hat das was mit dem flv converter download zu tun? Im Internet habe ichgelesen, dass die Datei system32\controlsubx.ocx von Koyote Inc (Entwickler von flv converter) angelegt wird. Wenn die Fragen bloed sind, verzeih das bitte einer Anfaengerin und vergiss sie einfach. Vielen Gruesse Nina Der Farbar Recovery Scan sagt ich soll den Computer restarten? Ja? Das ist der Fixlog.txt: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 29-02-2015 Ran by Nina at 2015-03-02 22:51:41 Run:1 Running from C:\Users\Nina\Desktop Loaded Profiles: Nina (Available profiles: Nina) Boot Mode: Normal ============================================== Content of fixlist: ***************** emptytemp: ***************** EmptyTemp: => Removed 702.2 MB temporary data. The system needed a reboot. ==== End of Fixlog 22:52:16 ==== Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 03.03.2015 Suchlauf-Zeit: 17:51:45 Logdatei: mbam.txt Administrator: Ja Version: 2.00.4.1028 Malware Datenbank: v2015.03.03.04 Rootkit Datenbank: v2015.02.25.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x86 Dateisystem: NTFS Benutzer: Nina Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 311767 Verstrichene Zeit: 26 Min, 27 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente erkannt) Module: 0 (Keine schädliche Elemente erkannt) Registrierungsschlüssel: 0 (Keine schädliche Elemente erkannt) Registrierungswerte: 0 (Keine schädliche Elemente erkannt) Registrierungsdaten: 0 (Keine schädliche Elemente erkannt) Ordner: 3 PUP.Optional.OpenCandy, C:\Users\Nina\AppData\Roaming\OpenCandy, In Quarantäne, [41df6ed3781278be51526201709340c0], PUP.Optional.OpenCandy, C:\Users\Nina\AppData\Roaming\OpenCandy\0E2C29CEC113486BB4590AF2B96C25E9, In Quarantäne, [41df6ed3781278be51526201709340c0], PUP.Optional.OpenCandy, C:\Users\Nina\AppData\Roaming\OpenCandy\19518CFDB67B4066B6027DF4C47BD841, In Quarantäne, [41df6ed3781278be51526201709340c0], Dateien: 21 PUP.Optional.OpenCandy, C:\Users\Nina\AppData\Roaming\OpenCandy\0E2C29CEC113486BB4590AF2B96C25E9\RealPlayer_de_p20v2.exe, In Quarantäne, [41df6ed3781278be51526201709340c0], PUP.Optional.OpenCandy, C:\Users\Nina\AppData\Roaming\OpenCandy\19518CFDB67B4066B6027DF4C47BD841\RegistryReviverSetup_AFF.exe, In Quarantäne, [41df6ed3781278be51526201709340c0], PUP.Optional.Softonic.A, C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.admin", false);), Ersetzt,[f927eb56ec9eec4a351774a123e32dd3] PUP.Optional.Softonic.A, C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\prefs.js, Gut: (), Schlecht: (ferences /* Do not edit this file. * * I), Ersetzt,[c35d053cfb8fe0563616060f5da9d030] PUP.Optional.Softonic.A, C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\prefs.js, Gut: (), Schlecht: (erences /* Do not edit this file. * * If you), Ersetzt,[7da376cb0b7f1f17f7555abb19ed926e] PUP.Optional.Softonic.A, C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\prefs.js, Gut: (), Schlecht: (ces /* Do not edit this file. * * If y), Ersetzt,[a977c47dc1c90f2735170b0af0160df3] PUP.Optional.Softonic.A, C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\prefs.js, Gut: (), Schlecht: (eferences /* Do not edit this file. * * I), Ersetzt,[d54bc97872188ea8a1abd44183832ed2] PUP.Optional.Softonic.A, C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\prefs.js, Gut: (), Schlecht: (rences /* Do not edit this file. * * If you make changes to this ), Ersetzt,[849cb190c7c3280e1e2eb0652cdab050] PUP.Optional.Softonic.A, C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\prefs.js, Gut: (), Schlecht: ( this file. * * If you make changes to this fil), Ersetzt,[958bd56cbad0fb3bad9f28edbf475da3] PUP.Optional.Softonic.A, C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\prefs.js, Gut: (), Schlecht: (ces /* Do not edit this file. * * If you make c), Ersetzt,[0d133809d4b65cda2d1f878edc2a1de3] PUP.Optional.Softonic.A, C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\prefs.js, Gut: (), Schlecht: ( /* Do not edit this file. * * If you make c), Ersetzt,[110fc27fc2c8201699b30a0bb650ed13] PUP.Optional.Softonic.A, C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\prefs.js, Gut: (), Schlecht: (ces /* Do not edit this file. * * If you make ), Ersetzt,[b66ace738ffba5915af21afbb35321df] PUP.Optional.Softonic.A, C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\prefs.js, Gut: (), Schlecht: (s /* Do not edit this file. * * If you make changes to this file while the application is running, * the changes will be overwritten when ), Ersetzt,[53cd0c35305ad95d420a2bea26e045bb] PUP.Optional.Softonic.A, C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\prefs.js, Gut: (), Schlecht: (is running, * the changes will be overwritten ), Ersetzt,[918fb58c7e0c6dc951fb4bca22e452ae] PUP.Optional.Softonic.A, C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\prefs.js, Gut: (), Schlecht: (rences /* Do not edit this file. * * If you make changes to this file while the application is running, ), Ersetzt,[b070a0a12763f64028242aebd72f20e0] PUP.Optional.Softonic.A, C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\prefs.js, Gut: (), Schlecht: (to this file while the application is running, *), Ersetzt,[8a96cc750783c67080cce62f759158a8] PUP.Optional.Softonic.A, C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\prefs.js, Gut: (), Schlecht: (nces /* Do not edit this file. * * If you ma), Ersetzt,[5bc5f051ed9d20169fadde37de28758b] PUP.Optional.Softonic.A, C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\prefs.js, Gut: (), Schlecht: (ces /* Do not edit this file. * * If you m), Ersetzt,[78a8de63dbafac8ac68639dc30d6857b] PUP.Optional.Softonic.A, C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\prefs.js, Gut: (), Schlecht: (ences /* Do not edit this file. * * If you m), Ersetzt,[27f9f150503ac76f89c342d31bebec14] PUP.Optional.Softonic.A, C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\prefs.js, Gut: (), Schlecht: (ces /* Do not edit this file. * * If you make changes t), Ersetzt,[25fb97aa7614c472c28aee275fa731cf] PUP.Optional.Softonic.A, C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MON00001/tb_v1?SearchSource=1&cc=&q=");), Ersetzt,[d050f34ec6c492a4dd779d78f70f05fb] Physische Sektoren: 0 (Keine schädliche Elemente erkannt) (end) |
03.03.2015, 22:51 | #6 |
Ruhe in Frieden † 2019 | Trojan.Generic 12056736 / Bitdefender Scan / flv converter von chip.de Hallo, flv ist ja an und für sich nicht schädlich, du hast da nur noch n bißchen Bonus zu bekommen. Was ist denn nun mit deinen drei Antispyprogrammen? Und mir fehlt noch ESET und ein neues FRST
__________________ --> Trojan.Generic 12056736 / Bitdefender Scan / flv converter von chip.de |
04.03.2015, 13:16 | #7 |
| Trojan.Generic 12056736 / Bitdefender Scan / flv converter von chip.de Hier kommt ESET Code:
ATTFilter ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7623 # api_version=3.0.2 # EOSSerial=f4a6c90b85d5cc41b7ba3d841f28a46b # engine=22746 # end=finished # remove_checked=true # archives_checked=false # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2015-03-04 11:45:50 # local_time=2015-03-04 12:45:50 (+0100, Mitteleuropäische Zeit ) # country="Germany" # lang=1031 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode_1='Bitdefender Antivirus' # compatibility_mode=2061 16777213 100 100 4368 104178530 0 0 # compatibility_mode_1='' # compatibility_mode=5893 16776573 100 94 77045 177100741 0 0 # scanned=181744 # found=3 # cleaned=3 # scan_time=4103 sh=C50487144178E0A7410D49A343165E8CD9FF1C11 ft=1 fh=802ebf415100c1cf vn="Variante von Win32/NetFilter.A potenziell unsichere Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files\NetWorx\nfapi.dll" sh=B5B41E946960F17050C00A4891CFF46B08486A4D ft=1 fh=79895fd74f1827db vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Windows\System32\Adobe\Shockwave 12\gt.exe" sh=807B4449DC15703408489571F83ED7EA514017D0 ft=1 fh=10b3fce32f91bcff vn="Variante von Win32/NetFilter.A potenziell unsichere Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Windows\System32\drivers\networx.sys" Frst FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-02-2015 Ran by Nina (administrator) on NINA-PC on 04-03-2015 13:11:46 Running from C:\Users\Nina\Desktop Loaded Profiles: Nina (Available profiles: Nina) Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe (IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b8f542503f95f21b\stacsv.exe (Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b8f542503f95f21b\AEstSrv.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Nero AG) C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe (SafeNet Inc.) C:\Windows\System32\hasplms.exe () C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE () C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe (Dell Inc.) C:\Program Files\Dell\Ambient Light Sensor\AlsSvc.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe (Microsoft Corporation) C:\Windows\System32\dinotify.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe (CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe (Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe (Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe (SoftPerfect Research) C:\Program Files\NetWorx\networx.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcMon.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (ZTE) C:\Program Files\congstar\Internetmanager\Bin\mcserver.exe (Microsoft Corporation) C:\Windows\System32\cmd.exe () C:\Program Files\congstar\Internetmanager\Bin\dbus-daemon.exe () C:\Program Files\congstar\Internetmanager\Bin\gconfd-2.exe () C:\Program Files\congstar\Internetmanager\Bin\db_daemon.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2013\seccenter.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [278528 2010-02-17] (Alps Electric Co., Ltd.) HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-02-12] (Intel Corporation) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [458844 2009-06-29] (IDT, Inc.) HKLM\...\Run: [PDVDDXSrv] => C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [140520 2010-01-07] (CyberLink Corp.) HKLM\...\Run: [ApplyEsf-eDocPrintPro] => C:\Program Files\Common Files\MAYComputer\eDocPrintPro\\ApplyEsf.exe [315392 2009-11-30] (May Software) HKLM\...\Run: [BrMfcWnd] => C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.) HKLM\...\Run: [ControlCenter3] => C:\Program Files\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [3825176 2012-11-13] (Safer-Networking Ltd.) HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe [1618488 2013-10-24] (Bitdefender) HKLM\...\Run: [NetWorx] => C:\Program Files\NetWorx\networx.exe [3430096 2013-10-23] (SoftPerfect Research) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X] HKU\S-1-5-21-3657568479-3030905945-1415747749-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [3713032 2012-11-13] (Safer-Networking Ltd.) HKU\S-1-5-21-3657568479-3030905945-1415747749-1000\...\MountPoints2: {90ba51e1-b5bf-11e1-81f5-904ce5f5ec24} - F:\setup.exe -a Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MCtlSvc.lnk ShortcutTarget: MCtlSvc.lnk -> C:\Program Files\congstar\Internetmanager\Bin\mcserver.exe (ZTE) ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender) ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender) ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender) ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender) BootExecute: autocheck autochk /p \??\F:autocheck autochk * ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm HKU\S-1-5-21-3657568479-3030905945-1415747749-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www1.euro.dell.com/content/default.aspx?c=uk&l=en&s=gen HKU\S-1-5-21-3657568479-3030905945-1415747749-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www1.euro.dell.com/content/default.aspx?c=uk&l=en&s=gen HKU\S-1-5-21-3657568479-3030905945-1415747749-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) DPF: {01FEB79E-A2DE-4F96-AB6A-B8A039826963} https://dw1.orhro.com/dicomWeb/viewer/ORDcmView.ocx Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 109.196.48.2 8.8.4.4 FireFox: ======== FF ProfilePath: C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll () FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @virtools.com/3DviaPlayer -> C:\Program Files\Virtools\3D Life Player\npvirtools.dll (Dassault Systèmes) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF user.js: detected! => C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\user.js FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Extension: Blur (Formerly DoNotTrackMe) - C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\Extensions\donottrackplus@abine.com [2014-11-22] FF Extension: Pocket - C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\Extensions\isreaditlater@ideashower.com [2015-01-12] FF Extension: Microsoft .NET Framework Assistant - C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-07-20] FF Extension: Adblock Plus Pop-up Addon - C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\Extensions\adblockpopups@jessehakanen.net.xpi [2013-04-09] FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\Extensions\elemhidehelper@adblockplus.org.xpi [2013-04-09] FF Extension: Webmail Ad Blocker - C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\Extensions\gmailnoads@mywebber.com.xpi [2013-04-09] FF Extension: YouTube to MP3 - C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\Extensions\youtube2mp3@mondayx.de.xpi [2013-04-09] FF Extension: All-in-One Sidebar - C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi [2012-08-07] FF Extension: Session Manager - C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2012-08-07] FF Extension: Capture & Print - C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\Extensions\{146f1820-2b0d-49ef-acbf-d85a6986e10c}.xpi [2013-04-09] FF Extension: Abduction! - C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\Extensions\{b0e1b4a6-2c6f-4e99-94f2-8e625d7ae255}.xpi [2012-08-07] FF Extension: RightToClick - C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\Extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi [2013-04-09] FF Extension: Adblock Plus - C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-08-22] FF Extension: Download Statusbar - C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\f0nrk8nm.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2013-04-09] FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011-07-29] FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-08-18] FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-04-11] FF HKLM\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\congstar\Internetmanager\Bin\addon FF Extension: Bytemobile Optimization Client - C:\Program Files\congstar\Internetmanager\Bin\addon [2011-04-22] FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext [2013-06-13] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 alssvc; C:\Program Files\Dell\Ambient Light Sensor\AlsSvc.exe [382232 2008-06-03] (Dell Inc.) S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe [62688 2013-10-24] (Bitdefender) R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) R2 DeviceMonitorService; C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe [87368 2011-09-19] (Nero AG) R2 hasplms; C:\Windows\system32\hasplms.exe [4180576 2010-09-27] (SafeNet Inc.) R2 MotoHelper; C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe [214896 2011-12-06] () R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [82824 2012-06-25] (Bitdefender) R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.) R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b8f542503f95f21b\STacSV.exe [221266 2009-06-29] (IDT, Inc.) R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe [54960 2013-10-24] (Bitdefender) R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe [1343472 2013-10-24] (Bitdefender) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aksfridge; C:\Windows\System32\DRIVERS\aksfridge.sys [356864 2009-08-20] (Aladdin Knowledge Systems Ltd.) S3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [238208 2010-09-27] (Aladdin Knowledge Systems Ltd.) S3 akshhl; C:\Windows\System32\DRIVERS\akshhl.sys [46336 2010-09-27] (Aladdin Knowledge Systems Ltd.) S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [16384 2010-09-27] (Aladdin Knowledge Systems Ltd.) R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [640560 2013-10-24] (BitDefender) R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [242504 2012-11-02] (BitDefender) R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [490144 2013-10-24] (BitDefender) R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [78144 2013-02-22] (BitDefender LLC) R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [90704 2011-11-14] (BitDefender LLC) S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [66832 2013-10-24] (BitDefender SRL) R1 bdselfpr; C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys [135600 2013-10-24] (BitDefender LLC) R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [72704 2012-04-17] (BitDefender) S3 Blfp; C:\Windows\System32\DRIVERS\basp.sys [82432 2008-10-31] (Broadcom Corporation) R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [13184 2009-12-15] (Bytemobile, Inc.) [File not signed] S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [77808 2014-01-27] (FTDI Ltd.) R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [165744 2013-10-24] (BitDefender LLC) R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [588800 2009-12-09] (SafeNet Inc.) S3 HSPADataCardusbmdm; C:\Windows\System32\DRIVERS\HSPADataCardusbmdm.sys [106880 2010-02-11] (HSPADataCard Incorporated) S3 HSPADataCardusbnmea; C:\Windows\System32\DRIVERS\HSPADataCardusbnmea.sys [106880 2010-02-11] (HSPADataCard Incorporated) S3 HSPADataCardusbser; C:\Windows\System32\DRIVERS\HSPADataCardusbser.sys [106880 2010-02-11] (HSPADataCard Incorporated) S3 KMWDFILTERx86; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [25088 2009-04-29] (Windows (R) Codename Longhorn DDK provider) S4 risdpcie; C:\Windows\system32\drivers\risdpe86.sys [48640 2009-04-03] (REDC) S4 rixdpcie; C:\Windows\system32\drivers\rixdpe86.sys [38400 2009-04-03] (REDC) S3 Ser2at; C:\Windows\System32\DRIVERS\ser2at.sys [76288 2007-06-08] (Prolific Technology Inc.) R1 tcpipBM; C:\Windows\system32\drivers\tcpipBM.sys [24192 2009-12-15] (Bytemobile, Inc.) [File not signed] R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [360376 2013-10-24] (BitDefender S.R.L.) S3 V0490Vid; C:\Windows\System32\DRIVERS\V0490Vid.sys [287328 2009-06-15] (Creative Technology Ltd.) R2 {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7}; C:\Program Files\CyberLink\PowerDVD DX\000.fcl [87536 2010-01-07] (CyberLink Corp.) U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-04 13:11 - 2015-03-04 13:13 - 00019232 _____ () C:\Users\Nina\Desktop\FRST.txt 2015-03-04 11:35 - 2015-03-04 11:35 - 02347384 _____ (ESET) C:\Users\Nina\Downloads\esetsmartinstaller_deu.exe 2015-03-04 11:01 - 2015-03-04 11:01 - 00000000 __SHD () C:\Users\Nina\AppData\Local\EmieBrowserModeList 2015-03-03 17:47 - 2015-03-03 18:35 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-03-03 17:47 - 2015-03-03 17:47 - 00001026 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-03-03 17:47 - 2015-03-03 17:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-03-03 17:47 - 2015-03-03 17:47 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-03-03 17:47 - 2015-03-03 17:47 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 2015-03-03 17:47 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-03-03 17:47 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-03-03 17:47 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-03-03 17:11 - 2015-03-03 17:11 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Nina\Downloads\mbam-setup-2.0.4.1028.exe 2015-03-03 15:26 - 2015-03-03 15:29 - 00000000 ____D () C:\Users\Nina\Documents\Hundebilder 2015-03-03 15:18 - 2015-03-04 13:11 - 00000000 ____D () C:\Users\Nina\Desktop\Virusalarm 2015-03-01 23:37 - 2015-03-04 13:11 - 00000000 ____D () C:\FRST 2015-03-01 23:34 - 2015-03-01 23:34 - 01132032 _____ (Farbar) C:\Users\Nina\Desktop\FRST.exe 2015-03-01 20:26 - 2015-03-01 20:34 - 00000000 ____D () C:\ProgramData\Dumps 2015-03-01 19:36 - 2015-03-03 18:30 - 00039580 _____ () C:\Windows\setupact.log 2015-02-28 18:23 - 2011-09-22 11:05 - 00364544 _____ () C:\Windows\system32\PropertyGrid.ocx 2015-02-28 18:23 - 2011-09-22 11:05 - 00208500 _____ () C:\Windows\system32\ReyXpBasics.tlb 2015-02-28 18:23 - 2011-09-22 11:05 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\MSCMCFR.DLL 2015-02-28 18:23 - 2011-09-22 11:05 - 00119568 _____ (Microsoft Corporation) C:\Windows\system32\VB6FR.DLL 2015-02-28 18:23 - 2011-09-22 11:05 - 00084512 _____ (Microsoft Corporation) C:\Windows\system32\PICCLP32.OCX 2015-02-28 18:23 - 2011-09-22 11:05 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\CMDLGFR.DLL 2015-02-28 18:23 - 2011-09-22 11:05 - 00024576 _____ () C:\Windows\system32\ControlSubX.ocx 2015-02-28 18:23 - 2011-09-22 11:05 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\PCCLPFR.DLL 2015-02-26 11:08 - 2015-02-26 11:16 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird 2015-02-26 03:01 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\system32\locale.nls 2015-02-17 18:53 - 2015-01-09 03:48 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll 2015-02-17 18:53 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll 2015-02-17 18:53 - 2015-01-09 03:48 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll 2015-02-16 14:37 - 2015-02-16 14:37 - 00043400 _____ () C:\Users\Nina\.recently-used.xbel 2015-02-15 19:26 - 2015-02-15 19:26 - 00000000 ____D () C:\Users\Nina\Desktop\Kuejlschrank 2015-02-12 09:13 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-02-12 09:13 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-02-11 09:28 - 2015-01-15 08:46 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-02-11 09:28 - 2015-01-15 08:46 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-02-11 09:28 - 2015-01-15 08:43 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-02-11 09:28 - 2015-01-15 08:43 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-02-11 09:28 - 2015-01-15 08:42 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-02-11 09:28 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-02-11 09:28 - 2015-01-15 08:42 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-02-11 09:28 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-02-11 09:28 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-02-11 09:28 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-02-11 09:28 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-02-11 09:28 - 2015-01-15 05:21 - 00369968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-02-11 09:28 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2015-02-11 09:28 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-02-11 09:28 - 2015-01-09 02:45 - 02380288 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-02-11 09:27 - 2015-02-04 03:54 - 00482304 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-02-11 09:27 - 2015-02-04 03:53 - 00767488 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-02-11 09:27 - 2015-02-04 03:53 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-02-11 09:27 - 2015-02-04 03:53 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-02-11 09:27 - 2015-02-04 03:53 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-02-11 09:27 - 2015-02-04 03:53 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2015-02-11 09:27 - 2015-02-04 03:49 - 00886784 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-02-11 09:27 - 2015-01-28 00:36 - 01167520 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2015-02-11 09:27 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-02-11 09:27 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-02-11 09:27 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-02-11 09:27 - 2015-01-12 03:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-02-11 09:27 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-02-11 09:27 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-02-11 09:27 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-02-11 09:27 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-02-11 09:27 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-02-11 09:27 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-02-11 09:27 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-02-11 09:27 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-02-11 09:27 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-02-11 09:27 - 2015-01-12 02:55 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-02-11 09:27 - 2015-01-12 02:48 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-02-11 09:27 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-02-11 09:27 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-02-11 09:27 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-02-11 09:27 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-02-11 09:27 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-02-11 09:27 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-02-11 09:27 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-02-11 09:27 - 2015-01-12 02:23 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-02-11 09:27 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-02-11 09:27 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-02-11 09:27 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-02-11 09:27 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-02-11 09:27 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-02-11 09:27 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-02-11 09:27 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-02-11 09:27 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-02-11 09:27 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-02-11 09:27 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-02-11 09:27 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-02-11 09:27 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-02-11 09:27 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2015-02-11 09:27 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2015-02-11 09:27 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2015-02-11 09:27 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2015-02-11 09:26 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2015-02-11 09:26 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-04 12:45 - 2014-01-07 11:41 - 00000000 ____D () C:\Program Files\NetWorx 2015-03-04 12:34 - 2012-11-25 20:26 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-03-04 11:17 - 2013-09-17 13:10 - 00000483 _____ () C:\Windows\system32\checkdnsid.xml 2015-03-04 10:46 - 2010-07-13 11:44 - 01357568 _____ () C:\Windows\WindowsUpdate.log 2015-03-03 18:38 - 2010-07-13 11:48 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-03-03 18:38 - 2010-07-13 11:32 - 00022304 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-03-03 18:38 - 2010-07-13 11:32 - 00022304 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-03-03 18:31 - 2010-07-20 20:20 - 00000000 ____D () C:\temp 2015-03-03 18:30 - 2010-07-13 11:37 - 00087102 _____ () C:\Windows\PFRO.log 2015-03-03 18:30 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-03-03 15:12 - 2013-06-10 14:30 - 00000000 ____D () C:\Users\Nina\Desktop\Laser 2015-03-02 22:42 - 2013-10-22 12:50 - 00000000 ____D () C:\Program Files\YTD Video Downloader 2015-03-01 12:42 - 2012-12-20 13:25 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2015-03-01 09:31 - 2014-07-21 19:26 - 00000182 _____ () C:\Users\Nina\AppData\Roaming\Safer-Networking.log 2015-03-01 09:01 - 2012-12-20 13:25 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2 2015-02-27 09:51 - 2012-05-14 12:22 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2015-02-26 22:04 - 2013-07-02 12:59 - 00000000 ____D () C:\Users\Nina\Downloads\Bitdefender Safepay 2015-02-18 03:57 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache 2015-02-18 03:17 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\tracing 2015-02-16 14:37 - 2011-01-15 10:46 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\gtk-2.0 2015-02-16 14:37 - 2011-01-15 10:43 - 00000000 ____D () C:\Users\Nina\.gimp-2.6 2015-02-16 14:37 - 2010-07-13 11:32 - 00000000 ____D () C:\Users\Nina 2015-02-15 19:12 - 2015-01-19 09:39 - 00000000 ____D () C:\Users\Nina\Desktop\Software Update 2015-02-13 03:01 - 2010-12-19 19:02 - 00000000 ____D () C:\Users\Nina\AppData\Roaming\Skype 2015-02-12 03:36 - 2009-07-14 05:33 - 00301336 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-02-12 03:33 - 2014-12-11 21:28 - 00000000 ____D () C:\Windows\system32\appraiser 2015-02-12 03:33 - 2014-05-07 02:02 - 00000000 ___SD () C:\Windows\system32\CompatTel 2015-02-12 03:33 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE 2015-02-12 03:16 - 2013-07-22 12:11 - 00000000 ____D () C:\Windows\system32\MRT 2015-02-12 03:07 - 2010-07-14 09:07 - 113756392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-02-08 20:45 - 2010-12-19 19:02 - 00000000 ___RD () C:\Program Files\Skype 2015-02-08 20:45 - 2010-12-19 19:02 - 00000000 ____D () C:\ProgramData\Skype 2015-02-08 13:29 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF 2015-02-06 19:34 - 2012-06-17 14:29 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2015-02-06 19:34 - 2012-01-25 17:44 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl ==================== Files in the root of some directories ======= 2014-07-21 19:26 - 2015-03-01 09:31 - 0000182 _____ () C:\Users\Nina\AppData\Roaming\Safer-Networking.log 2010-07-13 12:03 - 2010-07-13 12:17 - 0001531 _____ () C:\Users\Nina\AppData\Local\Win7_tmp1.htm 2013-06-13 16:31 - 2013-06-13 16:31 - 1611100 _____ () C:\ProgramData\1371133435.bdinstall.bin 2010-12-19 19:04 - 2011-07-06 09:47 - 0000056 ____H () C:\ProgramData\ezsidmv.dat ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-02-23 10:31 ==================== End Of Log ============================ --- --- --- und addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 29-02-2015 Ran by Nina at 2015-03-04 13:13:28 Running from C:\Users\Nina\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Bitdefender Virenschutz (Enabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09} FW: Bitdefender Firewall (Enabled) {A364D236-8096-DCCF-EF3F-4E4DBCD170CF} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 3DVIA player 5.0 (HKLM\...\{4E868D3D-6EEB-4273-926C-2287236B5B79}) (Version: 5.0.0.15 - 3DVIA) Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.3.133 - Adobe Systems, Inc.) Ambient Light Sensor (HKLM\...\{5AF4F4C5-C71C-418F-B0B1-3903A345BD71}) (Version: 1.0.7 - Dell Inc.) Bitdefender Total Security 2013 (HKLM\...\Bitdefender) (Version: 16.30.0.1843 - Bitdefender) Broadcom NetXtreme-I Netlink Driver and Management Installer (HKLM\...\{75729BD7-F978-4C18-AF98-C0A682BF17D0}) (Version: 11.12.02 - Broadcom Corporation) Brother MFL-Pro Suite DCP-585CW (HKLM\...\{48D082B9-18F6-4426-AFAC-8B6A3E7021B1}) (Version: 1.0.1.0 - Brother Industries, Ltd.) congstar Internet-Manager (HKLM\...\{27D28586-BEF1-4E06-8787-3B1FC3A41489}) (Version: 1.0.0.4 - ) Creative Live! Cam Notebook Ultra (VF0490) Driver (1.02.04.00) (HKLM\...\Creative VF0490) (Version: - ) D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden Dell Driver Download Manager (HKU\S-1-5-21-3657568479-3030905945-1415747749-1000\...\f031ef6ac137efc5) (Version: 2.1.0.0 - Dell Inc.) Dell Edoc Viewer (HKLM\...\{3138EAD3-700B-4A10-B617-B3F8096EE30D}) (Version: 1.0.0 - Dell Inc) Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1002.101.102 - ALPS ELECTRIC CO., LTD.) DICOMViewer 1.7.0 (HKLM\...\DICOMViewer) (Version: 1.7.0 - COREWARE) eDocPrintPro v3.15.5 (HKLM\...\{B4007B15-35A1-44B2-A591-BCF387720BC4}) (Version: 3.15.5 - MAY-Computer) Extended Asian Language font pack for Adobe Reader XI (HKLM\...\{AC76BA86-7AD7-2530-0000-A00000000004}) (Version: 11.0.0 - Adobe Systems Incorporated) FastStone Photo Resizer 3.0 (HKLM\...\FastStone Photo Resizer) (Version: 3.0 - FastStone Soft.) Fotogalerie (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Gimnazjum klasa 1 - Planeta Nowa (HKLM\...\Gimnazjum klasa 1 - Planeta Nowa) (Version: - ) GIMP 2.6.11 (HKLM\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team) gs_x86 (HKLM\...\{E93FA0AE-24E0-4D5B-A6FF-1C46B4829776}) (Version: 8.71 - MAY-Computer) HeartScreen 60G-VET (HKLM\...\HeartScreen 60G-VET) (Version: - ) IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6217.0 - IDT) Innobase-Vet (HKLM\...\Innobase-Vet) (Version: - ) Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation) Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation) Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation) Language Editor (HKLM\...\Language Editor) (Version: - ) Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) MotoHelper 2.1.32 Driver 5.4.0 (HKLM\...\MotoHelper) (Version: 2.1.32 - Motorola) MotoHelper MergeModules (Version: 1.2.0 - Motorola) Hidden MOTOROLA MEDIA LINK (HKLM\...\{378397D6-FD32-4092-A854-6A75CB7EDA46}) (Version: 1.5.4090.2 - Motorola) Motorola Mobile Drivers Installation 5.4.0 (Version: 5.4.0 - Motorola Inc.) Hidden Movie Maker (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Mozilla Firefox 35.0.1 (x86 de) (HKLM\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) Mozilla Thunderbird 31.5.0 (x86 de) (HKLM\...\Mozilla Thunderbird 31.5.0 (x86 de)) (Version: 31.5.0 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) NetSpeedMonitor 2.5.4.0 x86 (HKLM\...\{86501894-E722-4385-A792-B7C2F28FAE7B}) (Version: 2.5.4.0 - Florian Gilles) OpenOffice 4.1.0 (HKLM\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation) Poedit (HKLM\...\{68EB2C37-083A-4303-B5D8-41FA67E50B8F}_is1) (Version: 1.4.6 - Vaclav Slavik) PowerDVD DX (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.3.6107 - CyberLink Corp.) QuantorVet 1.0.90.266 (HKLM\...\QuantorVet) (Version: 1.0.90.266 - 3DISC) QuantorVetDemo 1.0.33.201 (HKLM\...\QuantorVetDemo) (Version: 1.0.33.201 - 3DISC) Roxio Creator DE 10.3 (HKLM\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.3 - Roxio) Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation) Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.0.12 - Safer-Networking Ltd.) swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Twinson Terrace Professional (HKLM\...\TTP_is1) (Version: 3.1.2 - OrbanSoft SRL) WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.100 - Broadcom Corporation) WinCASH 2.0 (HKLM\...\ST6UNST #1) (Version: - ) Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (01/18/2013 2.08.28) (HKLM\...\9E24492CE9279512BD465F61DB8523641BB7BBFC) (Version: 01/18/2013 2.08.28 - FTDI) Windows Driver Package - FTDI CDM Driver Package - VCP Driver (01/18/2013 2.08.28) (HKLM\...\E61B77ECE57113AE1CA028BC7A8AD6C137BD13DD) (Version: 01/18/2013 2.08.28 - FTDI) Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation) Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - ) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-3657568479-3030905945-1415747749-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-3657568479-3030905945-1415747749-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-3657568479-3030905945-1415747749-1000_Classes\CLSID\{cc5bbec3-db4a-4bed-828d-08d78ee3e1ed}\InprocServer32 -> C:\Windows\system32\jscript.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3657568479-3030905945-1415747749-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-3657568479-3030905945-1415747749-1000_Classes\CLSID\{f414c261-6ac0-11cf-b6d1-00aa00bbbb58}\InprocServer32 -> C:\Windows\system32\jscript.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3657568479-3030905945-1415747749-1000_Classes\CLSID\{f414c262-6ac0-11cf-b6d1-00aa00bbbb58}\InprocServer32 -> C:\Windows\system32\jscript.dll (Microsoft Corporation) ==================== Restore Points ========================= 13-02-2015 03:00:41 Windows Update 17-02-2015 12:02:32 Windows Update 18-02-2015 03:00:27 Windows Update 24-02-2015 09:59:08 Windows Update 26-02-2015 03:00:27 Windows Update 02-03-2015 22:43:15 Removed Java 7 Update 71 03-03-2015 15:21:07 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {155723BA-60E2-4354-93AF-84EAC8D3C2D8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs Task: {1F9DD11E-C05E-49DE-8F62-1C7CA614BC6D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {2AFCE0EC-28B1-4DC6-9714-A4055F72E0A9} - System32\Tasks\{4764FA9A-F73F-4A91-94E5-060631CD5D58} => C:\Program Files\Skype\\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.) Task: {3C23ED5B-3DFA-4FDB-A6D7-1B110591B19A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe Task: {3F2EC1E5-5717-4BF1-BEF6-651CC65FCB2B} - System32\Tasks\MotoHelper Routing => C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] () Task: {4BB46668-3F6B-409D-8DB3-94333546E251} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs Task: {5B6103E3-3BAB-4359-AAF1-F4F81C627AC4} - System32\Tasks\{3124C81E-BEE4-46D7-A3C4-DC8B3EFE2A76} => pcalua.exe -a E:\setup.txt.exe -d E:\ Task: {6038447E-9C64-4F25-BA06-3DF404DDA251} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-06] (Adobe Systems Incorporated) Task: {897D6FAE-7505-4A44-A965-3132810C9E75} - System32\Tasks\MotoHelper Update => C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] () Task: {9A2F47E7-B1F5-484D-8149-FE57AB014429} - System32\Tasks\MotoHelper Initial Update => C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] () Task: {AF8B0C29-6CF1-4389-96A2-12D8956F437B} - System32\Tasks\{B6D4A164-507A-44C8-9F77-85A5891B4956} => pcalua.exe -a F:\Install_Nokia_Ovi_Suite.exe -d F:\ Task: {BCE1FBEC-6227-4C04-97CA-390AA5D40EB5} - System32\Tasks\{1175BA3D-ACD2-4386-AB19-AA4D59133894} => pcalua.exe -a "C:\Users\Nina\Desktop\OpenOffice 4.1.0 (de) Installation Files\setup.exe" -d "C:\Users\Nina\Desktop\OpenOffice 4.1.0 (de) Installation Files" Task: {E2A2DBFD-60D1-436F-BF2B-C927F8C8D359} - System32\Tasks\{2C27DB0D-54A6-4B27-A5EB-DDB43A843808} => pcalua.exe -a C:\Windows\IsUn0415.exe -c -f"C:\Program Files\Gimnazjum klasa 1 - Planeta Nowa\Uninst.isu" -c"C:\Program Files\Gimnazjum klasa 1 - Planeta Nowa\UninstallProject.dll" Task: {E663D2C6-CA51-4990-99C9-73AB49489835} - System32\Tasks\MotoHelper MUM => C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] () Task: {EBEA2279-F3F6-4671-80D2-BC2204377DE9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe Task: {F7E3211C-32AE-41E1-ADA1-6F7CE2CA719D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============== 2013-06-13 16:28 - 2013-10-24 15:59 - 00204280 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\txmlutil.dll 2013-06-13 16:29 - 2013-10-24 16:01 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\UI\accessl.ui 2013-06-13 16:29 - 2011-11-14 19:17 - 00132176 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\bdfwcore.dll 2013-10-24 16:26 - 2013-10-24 16:26 - 00005120 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\UI\IMSecurityAL.ui 2015-02-06 19:10 - 2015-02-06 19:10 - 00678616 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\otengines_00042_022\ashttpbr.mdl 2015-02-06 19:10 - 2015-02-06 19:10 - 00493216 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\otengines_00042_022\ashttpdsp.mdl 2015-02-06 19:10 - 2015-02-06 19:10 - 02187048 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\otengines_00042_022\ashttpph.mdl 2015-02-06 19:10 - 2015-02-06 19:10 - 01135424 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\otengines_00042_022\ashttprbl.mdl 2011-09-19 14:57 - 2011-09-19 14:57 - 00128336 _____ () C:\Program Files\Motorola Media Link\Lite\liveupdatetactics.dll 2011-09-19 14:57 - 2011-09-19 14:57 - 00023872 _____ () C:\Program Files\Motorola Media Link\Lite\DbAccess.dll 2011-09-19 14:59 - 2011-09-19 14:59 - 00465632 _____ () C:\Program Files\Motorola Media Link\Lite\sqlite3.dll 2011-09-19 14:57 - 2011-09-19 14:57 - 00045368 _____ () C:\Program Files\Motorola Media Link\Lite\NAdvLog.dll 2011-09-19 14:57 - 2011-09-19 14:57 - 00034128 _____ () C:\Program Files\Motorola Media Link\Lite\NFileCacheDBAccess.dll 2011-12-06 22:00 - 2011-12-06 22:00 - 00214896 _____ () C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe 2012-12-20 13:25 - 2012-11-13 14:06 - 00108960 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2012-12-20 13:25 - 2012-11-13 14:06 - 00416160 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl 2012-12-20 13:25 - 2012-11-13 14:06 - 00158624 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2012-12-20 13:25 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll 2012-12-20 13:25 - 2012-11-13 14:06 - 00528288 _____ () C:\Program Files\Spybot - Search & Destroy 2\JSDialogPack150.bpl 2011-03-20 17:10 - 2008-09-16 20:18 - 00132608 _____ () C:\Program Files\WinRAR\rarext.dll 2009-08-11 23:10 - 2009-08-11 23:10 - 00132384 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll 2012-12-20 13:25 - 2012-11-13 14:06 - 00554400 _____ () C:\Program Files\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl 2011-12-06 22:00 - 2011-12-06 22:00 - 00784240 _____ () C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe 2013-06-13 16:29 - 2012-06-21 13:01 - 00918696 _____ () C:\Program Files\Bitdefender\Bitdefender SafeBox\System.Data.SQLite.dll 2010-10-19 17:01 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files\Brother\BrUtilities\BrLogAPI.dll 2013-06-13 16:28 - 2013-10-24 15:53 - 00093040 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\bdmetrics.dll 2014-01-07 11:41 - 2013-10-05 09:00 - 00547328 _____ () C:\Program Files\NetWorx\sqlite.dll 2011-04-22 10:02 - 2010-01-26 11:35 - 00594432 _____ () C:\Program Files\congstar\Internetmanager\Bin\dbus-1.dll 2011-04-22 10:02 - 2010-01-26 11:35 - 00157696 _____ () C:\Program Files\congstar\Internetmanager\Bin\libgconf-2.dll 2011-04-22 10:02 - 2010-02-28 08:28 - 00089600 _____ () C:\Program Files\congstar\Internetmanager\Bin\itapi.dll 2011-04-22 10:02 - 2008-05-06 12:50 - 00971776 _____ () C:\Program Files\congstar\Internetmanager\Bin\libxml2.dll 2011-04-22 10:02 - 2009-03-28 08:19 - 00080688 _____ () C:\Program Files\congstar\Internetmanager\Bin\zlib1.dll 2011-04-22 10:02 - 2010-02-28 08:28 - 00054272 _____ () C:\Program Files\congstar\Internetmanager\Bin\coder.dll 2011-04-22 10:02 - 2010-02-28 08:28 - 00025088 _____ () C:\Program Files\congstar\Internetmanager\Bin\log.dll 2011-04-22 10:02 - 2010-02-28 08:28 - 00043008 _____ () C:\Program Files\congstar\Internetmanager\Bin\audio.dll 2011-04-22 10:02 - 2010-02-24 11:41 - 00034304 _____ () C:\Program Files\congstar\Internetmanager\Bin\libctlsvr.dll 2011-04-22 10:02 - 2010-01-26 11:35 - 00215552 _____ () C:\Program Files\congstar\Internetmanager\Bin\dbus-daemon.exe 2011-04-22 10:02 - 2007-09-09 16:07 - 00151552 _____ () C:\Program Files\congstar\Internetmanager\Bin\libexpat.dll 2011-04-22 10:02 - 2010-01-26 11:35 - 00043008 _____ () C:\Program Files\congstar\Internetmanager\Bin\gconfd-2.exe 2011-04-22 10:02 - 2010-01-26 11:35 - 00055808 _____ () C:\Program Files\congstar\Internetmanager\Bin\libgconfbackend-xml.dll 2011-04-22 10:02 - 2010-01-26 11:35 - 00031232 _____ () C:\Program Files\congstar\Internetmanager\Bin\db_daemon.exe 2011-04-22 10:02 - 2010-01-26 11:34 - 00341504 _____ () C:\Program Files\congstar\Internetmanager\Bin\sqlite3.dll 2013-10-24 16:25 - 2013-10-24 16:25 - 00394824 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\bdidntconp.dll 2013-06-13 16:29 - 2013-10-24 15:54 - 00164352 _____ () C:\Program Files\Bitdefender\Bitdefender 2013\UI\bdidntconp.ui ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\Nina\Desktop\FRST.exe:BDU AlternateDataStreams: C:\Users\Nina\Desktop\Innobase_Pico_1_3_setup.exe:BDU AlternateDataStreams: C:\Users\Nina\Downloads\esetsmartinstaller_deu.exe:BDU AlternateDataStreams: C:\Users\Nina\Downloads\mbam-setup-2.0.4.1028.exe:BDU AlternateDataStreams: C:\Users\Nina\Downloads\wmpfirefoxplugin.exe:BDU ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3657568479-3030905945-1415747749-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Nina\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 109.196.48.2 - 8.8.4.4 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== Accounts: ============================= Administrator (S-1-5-21-3657568479-3030905945-1415747749-500 - Administrator - Disabled) Guest (S-1-5-21-3657568479-3030905945-1415747749-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3657568479-3030905945-1415747749-1015 - Limited - Enabled) Nina (S-1-5-21-3657568479-3030905945-1415747749-1000 - Administrator - Enabled) => C:\Users\Nina ==================== Faulty Device Manager Devices ============= Name: Bluetooth-Peripheriegerät Description: Bluetooth-Peripheriegerät Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (03/03/2015 06:31:05 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/03/2015 11:28:55 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/03/2015 08:35:12 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/02/2015 11:13:31 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/01/2015 11:29:00 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/01/2015 07:33:54 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm SDFiles.exe, Version 2.0.12.135 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: e78 Startzeit: 01d053fd11110772 Endzeit: 0 Anwendungspfad: C:\Program Files\Spybot - Search & Destroy 2\SDFiles.exe Berichts-ID: 7f0bbf58-c041-11e4-bdc8-904ce5f5ec24 Error: (03/01/2015 07:25:21 PM) (Source: Windows Backup) (EventID: 4103) (User: ) Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "F:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)" Error: (03/01/2015 01:06:49 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: SDTools.exe, Version: 2.0.12.150, Zeitstempel: 0x50a24631 Name des fehlerhaften Moduls: rtl150.bpl, Version: 15.0.3953.35171, Zeitstempel: 0x4cca139f Ausnahmecode: 0xc0000005 Fehleroffset: 0x00005ebb ID des fehlerhaften Prozesses: 0xd0c Startzeit der fehlerhaften Anwendung: 0xSDTools.exe0 Pfad der fehlerhaften Anwendung: SDTools.exe1 Pfad des fehlerhaften Moduls: SDTools.exe2 Berichtskennung: SDTools.exe3 Error: (02/28/2015 07:28:45 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/28/2015 06:47:18 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (03/04/2015 01:13:04 PM) (Source: DCOM) (EventID: 10016) (User: Nina-PC) Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Nina-PCNinaS-1-5-21-3657568479-3030905945-1415747749-1000LocalHost (unter Verwendung von LRPC) Error: (03/04/2015 01:11:19 PM) (Source: DCOM) (EventID: 10016) (User: Nina-PC) Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Nina-PCNinaS-1-5-21-3657568479-3030905945-1415747749-1000LocalHost (unter Verwendung von LRPC) Error: (03/04/2015 01:11:17 PM) (Source: DCOM) (EventID: 10016) (User: Nina-PC) Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Nina-PCNinaS-1-5-21-3657568479-3030905945-1415747749-1000LocalHost (unter Verwendung von LRPC) Error: (03/04/2015 01:11:05 PM) (Source: DCOM) (EventID: 10016) (User: Nina-PC) Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Nina-PCNinaS-1-5-21-3657568479-3030905945-1415747749-1000LocalHost (unter Verwendung von LRPC) Error: (03/04/2015 01:04:20 PM) (Source: DCOM) (EventID: 10016) (User: Nina-PC) Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Nina-PCNinaS-1-5-21-3657568479-3030905945-1415747749-1000LocalHost (unter Verwendung von LRPC) Error: (03/04/2015 01:02:49 PM) (Source: DCOM) (EventID: 10016) (User: Nina-PC) Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Nina-PCNinaS-1-5-21-3657568479-3030905945-1415747749-1000LocalHost (unter Verwendung von LRPC) Error: (03/04/2015 01:01:49 PM) (Source: DCOM) (EventID: 10016) (User: Nina-PC) Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Nina-PCNinaS-1-5-21-3657568479-3030905945-1415747749-1000LocalHost (unter Verwendung von LRPC) Error: (03/04/2015 00:57:01 PM) (Source: DCOM) (EventID: 10016) (User: Nina-PC) Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Nina-PCNinaS-1-5-21-3657568479-3030905945-1415747749-1000LocalHost (unter Verwendung von LRPC) Error: (03/04/2015 00:55:37 PM) (Source: DCOM) (EventID: 10016) (User: Nina-PC) Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Nina-PCNinaS-1-5-21-3657568479-3030905945-1415747749-1000LocalHost (unter Verwendung von LRPC) Error: (03/04/2015 00:50:50 PM) (Source: DCOM) (EventID: 10016) (User: Nina-PC) Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Nina-PCNinaS-1-5-21-3657568479-3030905945-1415747749-1000LocalHost (unter Verwendung von LRPC) Microsoft Office Sessions: ========================= Error: (03/03/2015 06:31:05 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/03/2015 11:28:55 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/03/2015 08:35:12 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/02/2015 11:13:31 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/01/2015 11:29:00 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/01/2015 07:33:54 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: SDFiles.exe2.0.12.135e7801d053fd111107720C:\Program Files\Spybot - Search & Destroy 2\SDFiles.exe7f0bbf58-c041-11e4-bdc8-904ce5f5ec24 Error: (03/01/2015 07:25:21 PM) (Source: Windows Backup) (EventID: 4103) (User: ) Description: F:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006) Error: (03/01/2015 01:06:49 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: SDTools.exe2.0.12.15050a24631rtl150.bpl15.0.3953.351714cca139fc000000500005ebbd0c01d054164f42d1acC:\Program Files\Spybot - Search & Destroy 2\SDTools.exeC:\Program Files\Spybot - Search & Destroy 2\rtl150.bpl70134b87-c00b-11e4-bdc8-904ce5f5ec24 Error: (02/28/2015 07:28:45 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/28/2015 06:47:18 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 ==================== Memory info =========================== Processor: Intel(R) Core(TM)2 Duo CPU P8800 @ 2.66GHz Percentage of memory in use: 42% Total physical RAM: 3539.17 MB Available physical RAM: 2025.8 MB Total Pagefile: 7076.63 MB Available Pagefile: 5102.86 MB Total Virtual: 2047.88 MB Available Virtual: 1900.65 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:220.88 GB) (Free:133.29 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:1.54 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: C73027D1) Partition 1: (Not Active) - (Size=2 GB) - (Type=DE) Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS) Partition 3: (Active) - (Size=220.9 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
05.03.2015, 01:39 | #8 | |
Ruhe in Frieden † 2019 | Trojan.Generic 12056736 / Bitdefender Scan / flv converter von chip.de Hallo, Zitat:
Du hast immer noch drei Antispylösungen an Board. OK So wie ich es sehe, haben wir damit alles Schadhafte entfernt. Deine Logs sind sauber. Abschließend räumen wir noch etwas auf, führen Updates durch und dann bekommst du noch etwas Lesestoff von mir. Schritt 1 Falls Du Malwarebytes-Antimalware und den ESET-Onlinescan nicht mehr benötigst, kannst Du beide Programme einfach über die Programmdeinstallation deinstallieren. Ich empfehle Dir aber zumindest Malwarebytes zu behalten, und damit einmal die Woche einen Kontrollscan zu machen. Schritt 2 Downloade dir bitte delfix auf deinen Desktop.
Updates / Programme aktualisieren
Lade dir bitte von hier den aktuellen Firefox herunter. Nun zum Schluss noch ein paar Tipps zur Absicherung deines Systems. Ändere regelmäßig alle deine Passwörter, jetzt, nach der Bereinigung ist ein idealer Zeitpunkt dafür
Aktualität des Systems Es ist extrem wichtig, dass sowohl dein System als auch die darauf installierte sicherheitsrelevante Software (Flash Player, PDF-Reader und besonders Java, sofern vorhanden) aktuell sind.
Falls du Java doch unbedingt benötigst, dann
Dazu:
Hier findest du eine Anleitung dazu. Antivirensoftware
Zusätzlicher Schutz
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der Internet Explorer, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Systemleistung Lösche regelmäßig deine temporären Dateien. Ich empfehle hierzu die Datenträgerbereinigung von Windows. Windows Vista
Windows 7
Windows 8
Halte dich fern von jeglichen Registry Cleanern. Diese schaden deinem System mehr als dass sie es schneller machen. Verhaltensregeln zum sichereren Surfen
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen. Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind. Falls Du Lob oder Kritik abgeben möchtest, kannst Du das sehr gerne hier tun. Wenn Du etwas für das Forum und unsere Arbeit spenden möchtest, so kannst Du das hier tun. |
05.03.2015, 11:13 | #9 |
| Trojan.Generic 12056736 / Bitdefender Scan / flv converter von chip.de Hallo Sandra, Muss ich was machen um die drei Datein aus der Quarataene loszuwerden oder sind die weg? Code:
ATTFilter sh=C50487144178E0A7410D49A343165E8CD9FF1C11 ft=1 fh=802ebf415100c1cf vn="Variante von Win32/NetFilter.A potenziell unsichere Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files\NetWorx\nfapi.dll" sh=B5B41E946960F17050C00A4891CFF46B08486A4D ft=1 fh=79895fd74f1827db vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Windows\System32\Adobe\Shockwave 12\gt.exe" sh=807B4449DC15703408489571F83ED7EA514017D0 ft=1 fh=10b3fce32f91bcff vn="Variante von Win32/NetFilter.A potenziell unsichere Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Windows\System32\drivers\networx.sys" |
05.03.2015, 23:12 | #10 |
Ruhe in Frieden † 2019 | Trojan.Generic 12056736 / Bitdefender Scan / flv converter von chip.de Hallo, hast du ESET gelöscht? Wenn ja ist auch die Quarantäne weg, wenn nein, dann ist das auch nicht so wild, denn sie sind ja in der Quarantäne und da tun sie nix. Die waren eh nicht so spektakulär. |
06.03.2015, 19:57 | #11 |
| Trojan.Generic 12056736 / Bitdefender Scan / flv converter von chip.de Hallo Sandra, ESET habe ich geloescht, dann ist ja alles in Ordnung. Spybot und Defender habe ich auch eleminiert, dafuer werde ich Malbytes woechentlich laufen lassen. Vielen Dank fuer deine Ratschlaege. Es war super sich mit diesem Problem nicht alleine rumschlagen zu muessen, sondern nur Schritt fuer Schritt deinen Anweisungen folgen zu muessen, obwohl ich zugeben muss, manchmal hatte ich schon ein mulmiges Gefuehl. Auf jedenfall hat mich das ganze ordentlich aufgeruettelt. Vielen Dank nochmal und viele Gruesse Nina |
09.03.2015, 20:12 | #13 |
| Trojan.Generic 12056736 / Bitdefender Scan / flv converter von chip.de Hallo Sandra, Sorry fuer die verspaetete Antwort, aber ich habe den Computer dieses Wochende unbeachtet In der Ecke stehen gelassen. Mulmiges Gefuehl, ganz einfach, da ich ja nun gerade unerwuenschte Software auf meinem Computer hatte, war ich mir beim Auschalten des Antivirus Programmes und beim Starten von Delfix halt etwas unsicher. Wenn ich mir freeware downloaden moechte, wuerdest Du immer Filepony empfehlen? Ich braeuchte naemlich immer noch einen flv converter. Viele Gruesse Nina |
Themen zu Trojan.Generic 12056736 / Bitdefender Scan / flv converter von chip.de |
appdata, bitdefender, computer, converter, datei, defender, falsch, folge, forum, frage, free, gen, infiziert, infizierte, scan, security, spybot, system, system32, temp, trojan.generic, trojaner, virus, voll, windows |