Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Bitdefender hat Variant.Aware.Graftor.159320 gefunden

Bitdefender hat Variant.Aware.Graftor.159320 gefunden


Plagegeister aller Art und deren Bekämpfung: Bitdefender hat Variant.Aware.Graftor.159320 gefunden

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 2 von 2 1 2
Alt 24.11.2014, 10:31   #16
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Bitdefender hat Variant.Aware.Graftor.159320 gefunden - Standard

Bitdefender hat Variant.Aware.Graftor.159320 gefunden


Deaktiviere Bitdefender mal, dann leeren wir erneut die Tempverzeichnisse mit FRST:

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
EmptyTemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 24.11.2014, 15:09   #17
amila
 
Bitdefender hat Variant.Aware.Graftor.159320 gefunden - Standard

Bitdefender hat Variant.Aware.Graftor.159320 gefunden


Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 23-11-2014 01
Ran by jolina at 2014-11-24 14:27:18 Run:2
Running from C:\Users\jolina\Desktop
Loaded Profiles: UpdatusUser & jolina (Available profiles: UpdatusUser & jolina)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
EmptyTemp:
*****************

EmptyTemp: => Removed 365.7 MB temporary data.


The system needed a reboot. 

==== End of Fixlog ====
__________________
Alt 24.11.2014, 15:12   #18
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Bitdefender hat Variant.Aware.Graftor.159320 gefunden - Standard

Bitdefender hat Variant.Aware.Graftor.159320 gefunden


Jetzt alles gut?
__________________
__________________
Alt 24.11.2014, 15:19   #19
amila
 
Bitdefender hat Variant.Aware.Graftor.159320 gefunden - Standard

Bitdefender hat Variant.Aware.Graftor.159320 gefunden


falls du das auch noch brauchst:


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-11-2014 01
Ran by jolina (administrator) on JANINE on 24-11-2014 15:12:39
Running from C:\Users\jolina\Desktop
Loaded Profiles: UpdatusUser & jolina (Available profiles: UpdatusUser & jolina)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-08-14] (IDT, Inc.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-05] (IvoSoft)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2874168 2012-09-14] (Synaptics Incorporated)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1626752 2014-11-24] (Bitdefender)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491632 2012-09-10] (CyberLink Corp.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [78352 2012-09-18] (cyberlink)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1342008 2012-09-14] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKU\S-1-5-21-1426944148-3536138314-972487538-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
HKU\S-1-5-21-1426944148-3536138314-972487538-1002\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790344 2014-11-24] (Bitdefender)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-10-27] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [168616 2013-10-27] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-10-27] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk
ShortcutTarget: Audible Download Manager.lnk -> C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1426944148-3536138314-972487538-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1426944148-3536138314-972487538-1002\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.uk.msn.com/HPNOT13/4
HKU\S-1-5-21-1426944148-3536138314-972487538-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com/?fr=hp-avast&type=avastbcl
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com/?fr=hp-avast&type=avastbcl
URLSearchHook: [S-1-5-21-1426944148-3536138314-972487538-1001] ATTENTION ==> Default URLSearchHook is missing.
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM -> {F4FB02E6-D448-4915-9B53-67D5766FFFFA} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {F4FB02E6-D448-4915-9B53-67D5766FFFFA} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-1426944148-3536138314-972487538-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-1426944148-3536138314-972487538-1002 -> {F4FB02E6-D448-4915-9B53-67D5766FFFFA} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll (Bitdefender)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll (Bitdefender)
Toolbar: HKU\S-1-5-21-1426944148-3536138314-972487538-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Tcpip\Parameters: [DhcpNameServer] 80.69.103.78 80.69.102.158

FireFox:
========
FF ProfilePath: C:\Users\jolina\AppData\Roaming\Mozilla\Firefox\Profiles\zmpu9f9w.default-1401362110083
FF DefaultSearchEngine: Yahoo! (Avast)
FF DefaultSearchUrl: https://de.search.yahoo.com/yhs/search
FF SearchEngineOrder.1: Yahoo! (Avast)
FF SelectedSearchEngine: Yahoo! (Avast)
FF Homepage: https://de.yahoo.com/?fr=hp-avast&type=avastbcl
FF Keyword.URL: https://de.search.yahoo.com/yhs/search
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @authentec.com/ffwloplugin -> C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll ( HP)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1426944148-3536138314-972487538-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\jolina\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF SearchPlugin: C:\Users\jolina\AppData\Roaming\Mozilla\Firefox\Profiles\zmpu9f9w.default-1401362110083\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\jolina\AppData\Roaming\Mozilla\Firefox\Profiles\zmpu9f9w.default-1401362110083\searchplugins\google-maps.xml
FF SearchPlugin: C:\Users\jolina\AppData\Roaming\Mozilla\Firefox\Profiles\zmpu9f9w.default-1401362110083\searchplugins\yahoo-avast.xml
FF Extension: Ghostery - C:\Users\jolina\AppData\Roaming\Mozilla\Firefox\Profiles\zmpu9f9w.default-1401362110083\Extensions\firefox@ghostery.com.xpi [2014-11-24]
FF Extension: Google™ Translator - C:\Users\jolina\AppData\Roaming\Mozilla\Firefox\Profiles\zmpu9f9w.default-1401362110083\Extensions\jid1-dgnIBwQga0SIBw@jetpack.xpi [2014-11-07]
FF Extension: Youtube Downloader - Media Downloader - C:\Users\jolina\AppData\Roaming\Mozilla\Firefox\Profiles\zmpu9f9w.default-1401362110083\Extensions\paulsaintuzb@gmail.com.xpi [2014-11-07]
FF Extension: Adblock Plus - C:\Users\jolina\AppData\Roaming\Mozilla\Firefox\Profiles\zmpu9f9w.default-1401362110083\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-05]
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\websitelogon@truesuite.com [2014-11-07]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2014-11-09]
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2014-11-09]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF HKU\S-1-5-21-1426944148-3536138314-972487538-1002\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\jolina\AppData\Roaming\Mozilla\Firefox\Profiles\zmpu9f9w.default-1401362110083\extensions\cliqz@cliqz.com
FF Extension: No Name - bdwteff@bitdefender.com [Not Found]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [fegekclkdhbnfdcmomlpegkkndgnmfmo] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2012-07-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4816568 2014-10-14] (Emsisoft GmbH)
S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2014-11-24] (Bitdefender)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [244752 2012-09-18] (CyberLink)
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641320 2012-08-10] (HP)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 HPConnectedRemote; C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [38712 2013-01-10] (Hewlett-Packard)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-20] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [143624 2013-01-09] (Stardock Software, Inc)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401256 2012-07-16] (AuthenTec, Inc.)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-11-24] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1527360 2014-11-24] (Bitdefender)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-10-09] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-09-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-09-24] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [71472 2014-05-12] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [23088 2014-05-12] (Emsisoft GmbH)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1288472 2014-11-24] (BitDefender)
S3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [263032 2014-11-24] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [647752 2014-05-16] (BitDefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
R1 BdfNdisf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [98768 2013-11-19] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107008 2013-07-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\WINDOWS\system32\drivers\bdsandbox.sys [82824 2013-11-04] (BitDefender SRL)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [857472 2012-08-29] (Motorola Solutions, Inc.)
R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-24] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-10-01] (Malwarebytes Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew00.sys [3345376 2013-10-08] (Intel Corporation)
S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [273040 2012-08-09] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-09-14] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-09-14] (Synaptics Incorporated)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-11-24] (BitDefender S.R.L.)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-09-24] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-24 15:10 - 2014-11-24 15:12 - 00000010 _____ () C:\Users\jolina\Desktop\Fixlist.txt
2014-11-24 14:26 - 2014-11-24 14:26 - 00000000 ____D () C:\Users\jolina\Desktop\FRST-OlderVersion
2014-11-24 14:17 - 2014-11-24 14:17 - 02118144 _____ (Farbar) C:\Users\jolina\Downloads\FRST64.exe
2014-11-23 18:38 - 2014-10-31 06:28 - 25110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-11-23 18:38 - 2014-10-31 04:42 - 19781632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-11-23 18:38 - 2014-10-07 07:28 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-11-23 18:38 - 2014-10-07 07:27 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-11-23 18:38 - 2014-10-07 07:27 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-11-23 18:38 - 2014-10-07 07:27 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-11-23 18:38 - 2014-10-07 07:27 - 00108432 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2014-11-23 18:38 - 2014-10-07 04:34 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-11-23 18:38 - 2014-10-07 04:34 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-11-23 18:38 - 2014-10-07 04:33 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-11-23 18:38 - 2014-10-07 02:54 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-11-23 18:38 - 2014-10-07 02:46 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-11-23 18:38 - 2014-08-23 06:18 - 02149376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-11-23 18:38 - 2014-08-23 06:03 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-11-23 18:37 - 2014-10-31 05:50 - 06040064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-11-23 18:37 - 2014-10-31 04:59 - 14390272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-11-23 18:37 - 2014-10-31 03:30 - 12819456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-11-23 18:36 - 2014-10-31 06:12 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe
2014-11-23 18:36 - 2014-10-31 06:12 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe
2014-11-23 18:36 - 2014-10-31 06:10 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe
2014-11-23 18:36 - 2014-10-31 06:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll
2014-11-23 18:36 - 2014-10-31 06:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2014-11-23 18:36 - 2014-10-31 06:06 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-11-23 18:36 - 2014-10-31 06:06 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2014-11-23 18:36 - 2014-10-31 06:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-11-23 18:36 - 2014-10-31 06:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-11-23 18:36 - 2014-10-31 06:05 - 02884096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-11-23 18:36 - 2014-10-31 06:05 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-11-23 18:36 - 2014-10-31 06:04 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-11-23 18:36 - 2014-10-31 05:57 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-11-23 18:36 - 2014-10-31 05:56 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-11-23 18:36 - 2014-10-31 05:54 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll
2014-11-23 18:36 - 2014-10-31 05:53 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2014-11-23 18:36 - 2014-10-31 05:52 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2014-11-23 18:36 - 2014-10-31 05:51 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-11-23 18:36 - 2014-10-31 05:51 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-11-23 18:36 - 2014-10-31 05:51 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-11-23 18:36 - 2014-10-31 05:50 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-11-23 18:36 - 2014-10-31 05:40 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2014-11-23 18:36 - 2014-10-31 05:38 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-11-23 18:36 - 2014-10-31 05:30 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-11-23 18:36 - 2014-10-31 05:29 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-11-23 18:36 - 2014-10-31 05:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2014-11-23 18:36 - 2014-10-31 05:28 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2014-11-23 18:36 - 2014-10-31 05:25 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-11-23 18:36 - 2014-10-31 05:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-11-23 18:36 - 2014-10-31 05:24 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2014-11-23 18:36 - 2014-10-31 05:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-11-23 18:36 - 2014-10-31 05:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-11-23 18:36 - 2014-10-31 05:19 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-11-23 18:36 - 2014-10-31 05:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-11-23 18:36 - 2014-10-31 05:08 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-11-23 18:36 - 2014-10-31 05:06 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-11-23 18:36 - 2014-10-31 05:05 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-11-23 18:36 - 2014-10-31 05:05 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-11-23 18:36 - 2014-10-31 05:03 - 02124288 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-11-23 18:36 - 2014-10-31 04:45 - 02365440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-11-23 18:36 - 2014-10-31 04:44 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-11-23 18:36 - 2014-10-31 04:42 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2014-11-23 18:36 - 2014-10-31 04:32 - 01550336 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-11-23 18:36 - 2014-10-31 04:28 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe
2014-11-23 18:36 - 2014-10-31 04:28 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe
2014-11-23 18:36 - 2014-10-31 04:27 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe
2014-11-23 18:36 - 2014-10-31 04:26 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll
2014-11-23 18:36 - 2014-10-31 04:25 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe
2014-11-23 18:36 - 2014-10-31 04:24 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-11-23 18:36 - 2014-10-31 04:24 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll
2014-11-23 18:36 - 2014-10-31 04:24 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-11-23 18:36 - 2014-10-31 04:23 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-11-23 18:36 - 2014-10-31 04:23 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-11-23 18:36 - 2014-10-31 04:22 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-11-23 18:36 - 2014-10-31 04:20 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-11-23 18:36 - 2014-10-31 04:18 - 02277376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-11-23 18:36 - 2014-10-31 04:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-11-23 18:36 - 2014-10-31 04:15 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-11-23 18:36 - 2014-10-31 04:14 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll
2014-11-23 18:36 - 2014-10-31 04:13 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2014-11-23 18:36 - 2014-10-31 04:13 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2014-11-23 18:36 - 2014-10-31 04:12 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-11-23 18:36 - 2014-10-31 04:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-11-23 18:36 - 2014-10-31 04:11 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-11-23 18:36 - 2014-10-31 04:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll
2014-11-23 18:36 - 2014-10-31 04:02 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-11-23 18:36 - 2014-10-31 03:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-23 18:36 - 2014-10-31 03:56 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll
2014-11-23 18:36 - 2014-10-31 03:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-11-23 18:36 - 2014-10-31 03:56 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2014-11-23 18:36 - 2014-10-31 03:53 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-11-23 18:36 - 2014-10-31 03:53 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2014-11-23 18:36 - 2014-10-31 03:52 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-11-23 18:36 - 2014-10-31 03:51 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-11-23 18:36 - 2014-10-31 03:50 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-11-23 18:36 - 2014-10-31 03:48 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2014-11-23 18:36 - 2014-10-31 03:46 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-11-23 18:36 - 2014-10-31 03:46 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-11-23 18:36 - 2014-10-31 03:42 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-11-23 18:36 - 2014-10-31 03:40 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-11-23 18:36 - 2014-10-31 03:40 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-11-23 18:36 - 2014-10-31 03:39 - 02051072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-11-23 18:36 - 2014-10-31 03:26 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-11-23 18:36 - 2014-10-31 03:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll
2014-11-23 18:36 - 2014-10-31 03:17 - 01892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-11-23 18:36 - 2014-10-31 03:13 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-11-23 18:36 - 2014-10-31 03:11 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-11-23 18:35 - 2014-11-10 00:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-11-23 18:35 - 2014-11-10 00:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-11-23 18:35 - 2014-11-10 00:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2014-11-23 18:35 - 2014-11-10 00:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2014-11-23 18:35 - 2014-10-23 06:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-11-23 18:35 - 2014-10-23 06:05 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-11-23 18:35 - 2014-10-17 08:01 - 00789184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-11-23 18:35 - 2014-10-17 07:58 - 00602768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-11-23 18:35 - 2014-10-10 02:58 - 00177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-11-23 18:35 - 2014-10-10 02:58 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2014-11-23 18:35 - 2014-10-10 02:44 - 00563976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-11-23 18:35 - 2014-10-08 08:37 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-11-23 18:35 - 2014-10-08 08:37 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2014-11-23 18:35 - 2014-10-08 08:34 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-11-23 18:35 - 2014-10-08 08:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2014-11-23 18:35 - 2014-10-08 07:56 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-11-23 18:35 - 2014-10-08 07:51 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-11-23 18:35 - 2014-10-08 07:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2014-11-23 18:35 - 2014-10-08 07:18 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-11-23 18:35 - 2014-10-08 07:17 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-11-23 18:35 - 2014-10-08 06:23 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-11-23 18:35 - 2014-10-07 04:30 - 04182016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-11-23 09:41 - 2014-11-23 09:41 - 02347384 _____ (ESET) C:\Users\jolina\Downloads\esetsmartinstaller_deu(1).exe
2014-11-23 09:41 - 2014-11-23 09:41 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-11-23 08:45 - 2014-11-23 08:45 - 00001189 _____ () C:\Users\jolina\Desktop\mbam.txt
2014-11-22 10:46 - 2014-11-22 10:46 - 02347384 _____ (ESET) C:\Users\jolina\Downloads\esetsmartinstaller_deu.exe
2014-11-22 08:25 - 2014-11-22 08:30 - 00004241 _____ () C:\WINDOWS\SysWOW64\jupdate-1.7.0_71-b14.log
2014-11-22 07:58 - 2014-11-22 07:59 - 00027042 _____ () C:\Users\jolina\Desktop\Addition.txt
2014-11-22 07:57 - 2014-11-24 15:12 - 00025259 _____ () C:\Users\jolina\Desktop\FRST.txt
2014-11-22 07:52 - 2014-11-22 07:52 - 00000000 ____D () C:\Users\jolina\Downloads\FRST-OlderVersion
2014-11-21 20:37 - 2014-11-24 08:51 - 00003926 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{3DE2D161-0869-4B0A-9BDD-A931A093C6B5}
2014-11-21 20:37 - 2014-11-21 20:37 - 00000615 _____ () C:\Users\jolina\Desktop\JRT.txt
2014-11-21 20:37 - 2014-11-21 20:37 - 00000000 __SHD () C:\Users\jolina\AppData\Local\EmieUserList
2014-11-21 20:37 - 2014-11-21 20:37 - 00000000 __SHD () C:\Users\jolina\AppData\Local\EmieSiteList
2014-11-21 17:30 - 2014-11-21 17:30 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-11-21 17:27 - 2014-11-21 17:27 - 01707532 _____ (Thisisu) C:\Users\jolina\Downloads\JRT.exe
2014-11-21 16:36 - 2014-11-21 16:36 - 02140160 _____ () C:\Users\jolina\Downloads\AdwCleaner_4.101.exe
2014-11-21 06:17 - 2014-11-21 06:17 - 00001478 _____ () C:\Users\jolina\Documents\malwarebytesergebnis.txt
2014-11-21 05:52 - 2014-11-21 05:52 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\jolina\Downloads\mbam-setup-2.0.3.1025.exe
2014-11-20 15:02 - 2014-11-22 07:35 - 00025761 _____ () C:\Users\jolina\Downloads\Addition.txt
2014-11-20 15:02 - 2014-11-20 15:02 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\jolina\Downloads\revosetup95.exe
2014-11-20 15:02 - 2014-11-20 15:02 - 00001280 _____ () C:\Users\jolina\Desktop\Revo Uninstaller.lnk
2014-11-20 15:02 - 2014-11-20 15:02 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-11-20 15:00 - 2014-11-24 14:20 - 00049718 _____ () C:\Users\jolina\Downloads\FRST.txt
2014-11-20 14:59 - 2014-11-24 15:12 - 00000000 ____D () C:\FRST
2014-11-20 14:59 - 2014-11-24 14:26 - 02118144 _____ (Farbar) C:\Users\jolina\Desktop\FRST64.exe
2014-11-17 17:01 - 2014-11-17 17:02 - 34558060 _____ () C:\Users\jolina\Downloads\ToeiPi0101.part4.rar
2014-11-17 17:01 - 2014-11-17 17:02 - 104857600 _____ () C:\Users\jolina\Downloads\ToeiPi0101.part3.rar
2014-11-17 17:01 - 2014-11-17 17:02 - 104857600 _____ () C:\Users\jolina\Downloads\ToeiPi0101.part2.rar
2014-11-17 17:01 - 2014-11-17 17:02 - 104857600 _____ () C:\Users\jolina\Downloads\ToeiPi0101.part1.rar
2014-11-15 20:00 - 2014-11-16 05:55 - 00000000 ____D () C:\Users\jolina\Downloads\Die.Hoehle.2014.BDRip.AC3.German.XviD-FND
2014-11-15 17:02 - 2014-11-15 17:09 - 1927075903 _____ () C:\Users\jolina\Downloads\1. Was wirklich auf der Welt geschieht, und 2. NIEMAND WISSEN SOLL (HD).mp4
2014-11-15 17:02 - 2014-11-15 17:03 - 76100419 _____ () C:\Users\jolina\Downloads\3. Weltkrieg 2020 Bereiten Sie sich rechtzeitig vor 1  2 (Low).mp4
2014-11-15 16:40 - 2014-11-15 16:41 - 114990702 _____ () C:\Users\jolina\Downloads\N23 - Die Lügen der Bundesrepublik (Was die Medien uns verschweigen) (Low).mp4
2014-11-15 16:39 - 2014-11-15 16:40 - 143571988 _____ () C:\Users\jolina\Downloads\Die großen Schlachten- Teil 14 1529- Die Türken vor Wien [Doku German] (Low).mp4
2014-11-15 09:34 - 2014-11-15 09:35 - 184972438 _____ () C:\Users\jolina\Downloads\Stolze Löwen im Kampf [Doku deutsch] (Low).mp4
2014-11-15 07:50 - 2014-11-15 07:53 - 336623888 _____ () C:\Users\jolina\Downloads\Birkenfällung mit Seilklettertechnik SKT Arborist (HD).mp4
2014-11-15 07:49 - 2014-11-15 07:51 - 269009673 _____ () C:\Users\jolina\Downloads\Abbau einer Eiche mittels SKT (HD).mp4
2014-11-15 07:48 - 2014-11-15 07:54 - 299864620 _____ () C:\Users\jolina\Downloads\Baumklettern mit Seilklettertechnik in der alten 25 Meter hohen Birke zum Mistel schneiden (3D HD).mp4
2014-11-15 07:48 - 2014-11-15 07:49 - 113716517 _____ () C:\Users\jolina\Downloads\Baumfällung per Seilklettertechnik (SKT) auf engstem Raum (HD).mp4
2014-11-15 07:14 - 2014-11-15 07:14 - 51471413 _____ () C:\Users\jolina\Downloads\Die Türken vor Wien 1529 - Teil 1 (Low).webm
2014-11-15 07:13 - 2014-11-15 07:14 - 165875748 _____ () C:\Users\jolina\Downloads\Die großen Schlachten- Teil 14 1529- Die Türken vor Wien [Doku German] (Low).webm
2014-11-13 07:26 - 2014-11-13 07:27 - 82386745 _____ () C:\Users\jolina\Downloads\Stefan Eble - Kombination Handsäge  Motorsäge - Holzfällerwettbewerb - Widdern 28.05.12 (HD).mp4
2014-11-10 08:45 - 2014-11-10 08:47 - 158596177 _____ () C:\Users\jolina\Downloads\Die Reportage - 7 Tage auf dem Bauernhof  NDR Fernsehen (Low).webm
2014-11-10 07:57 - 2014-11-10 08:02 - 719377170 _____ () C:\Users\jolina\Downloads\Stadtbahn Bielefeld (HD).mp4
2014-11-10 07:24 - 2014-08-29 17:32 - 00000000 ____D () C:\Users\jolina\Downloads\Protectors.S01E05.German.WS.DVDRip.XviD-GTVG
2014-11-10 07:23 - 2014-10-15 02:08 - 00015890 _____ () C:\Users\jolina\Downloads\Godzilla.2014.German.AC3.5.1.BDRiP.x264-PANDA.nfo
2014-11-10 07:23 - 2014-10-11 13:41 - 923966283 _____ () C:\Users\jolina\Downloads\panda-godzilla.mkv
2014-11-10 07:08 - 2014-08-29 15:58 - 00000000 ____D () C:\Users\jolina\Downloads\Protectors.Auf.Leben.und.Tod.S02E03.German.BDRiP.XViD-GTVG
2014-11-10 07:01 - 2014-08-29 16:02 - 00000000 ____D () C:\Users\jolina\Downloads\Protectors.Auf.Leben.und.Tod.S02E05.German.BDRiP.XViD-GTVG
2014-11-10 06:54 - 2014-08-29 16:00 - 00000000 ____D () C:\Users\jolina\Downloads\Protectors.Auf.Leben.und.Tod.S02E04.German.BDRiP.XViD-GTVG
2014-11-09 17:40 - 2014-11-09 17:40 - 00079192 _____ (BitDefender) C:\WINDOWS\system32\Drivers\bdvedisk.sys
2014-11-09 17:40 - 2014-11-09 17:40 - 00074512 _____ (BitDefender SRL) C:\WINDOWS\system32\bdsandboxuiskin32.dll
2014-11-09 14:00 - 2014-11-09 14:00 - 00717475 _____ () C:\ProgramData\1415537391.bdinstall.bin
2014-11-09 14:00 - 2014-11-09 14:00 - 00000385 _____ () C:\WINDOWS\system32\user_gensett.xml
2014-11-09 14:00 - 2014-11-09 14:00 - 00000385 _____ () C:\Users\jolina\AppData\Roaminguser_gensett.xml
2014-11-09 13:59 - 2014-11-09 13:59 - 00002213 _____ () C:\Users\Public\Desktop\Bitdefender Internet Security 2015.lnk
2014-11-09 13:59 - 2014-11-09 13:59 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2014-11-09 13:59 - 2014-11-09 13:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
2014-11-09 13:59 - 2014-11-09 13:59 - 00000000 ____D () C:\ProgramData\BDLogging
2014-11-09 13:59 - 2013-09-08 20:04 - 00023568 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys
2014-11-09 13:58 - 2014-11-24 12:43 - 01288472 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
2014-11-09 13:58 - 2014-11-24 12:43 - 00263032 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avchv.sys
2014-11-09 13:58 - 2014-05-16 13:04 - 00647752 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avckf.sys
2014-11-09 13:58 - 2013-11-19 14:44 - 00098768 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\bdfndisf6.sys
2014-11-09 13:58 - 2013-11-04 15:47 - 00082824 _____ (BitDefender SRL) C:\WINDOWS\system32\Drivers\bdsandbox.sys
2014-11-09 13:58 - 2013-11-04 15:47 - 00074512 _____ (BitDefender SRL) C:\WINDOWS\SysWOW64\bdsandboxuiskin32.dll
2014-11-09 13:58 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\capicom.dll
2014-11-09 13:56 - 2014-11-09 14:05 - 00000000 ____D () C:\Users\jolina\AppData\Roaming\Bitdefender
2014-11-09 13:50 - 2014-11-24 12:43 - 00452040 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2014-11-09 13:50 - 2014-11-09 14:00 - 00000000 ____D () C:\ProgramData\Bitdefender
2014-11-09 13:50 - 2014-11-09 13:50 - 00000000 ____D () C:\Program Files\Bitdefender
2014-11-09 13:50 - 2013-11-04 15:47 - 00084848 _____ (BitDefender SRL) C:\WINDOWS\system32\BDSandBoxUISkin.dll
2014-11-09 13:50 - 2013-11-04 15:46 - 00034384 _____ (BitDefender SRL) C:\WINDOWS\system32\BDSandBoxUH.dll
2014-11-09 13:50 - 2013-08-23 12:48 - 00150256 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2014-11-09 13:49 - 2014-11-09 13:49 - 00000000 ____D () C:\Users\jolina\AppData\Roaming\QuickScan
2014-11-09 12:54 - 2014-11-09 13:50 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-11-08 08:35 - 2014-11-08 08:35 - 06276691 _____ () C:\Users\jolina\Downloads\Deutschland ist pleite die wahre Verschuldung beträgt 8 Billionen Euro (Low).mp4
2014-11-08 08:31 - 2014-11-08 08:31 - 35789163 _____ () C:\Users\jolina\Downloads\Schockierende Rede von Sahra Wagenknecht (Die Linke) Über den Umgang mit unserem Geld (Low).mp4
2014-11-08 08:30 - 2014-11-08 08:30 - 49964436 _____ () C:\Users\jolina\Downloads\Wie die Weltbank die Welt versklavt. Ein ehemaliger Mitarbeiter packt aus. (Low).mp4
2014-11-08 08:28 - 2014-11-08 08:29 - 131278340 _____ () C:\Users\jolina\Downloads\Wohnungscheck Dubai  taff (HD).mp4
2014-11-07 14:59 - 2014-11-07 15:00 - 74889114 _____ () C:\Users\jolina\Downloads\Kleine Bauarbeiter App - Baustellen Spiel für Kinder mit Bagger & Kran (HD).mp4
2014-11-07 14:55 - 2014-11-07 14:58 - 15987522 _____ () C:\Users\jolina\Downloads\Indien - Rajasthan - Die Heiligen Ratten im Karni Mata Tempel - Deshnoke (Low).flv
2014-11-07 14:54 - 2014-11-07 14:54 - 00001348 _____ () C:\Users\Public\Desktop\Freemake Video Downloader.lnk
2014-11-07 14:48 - 2014-07-17 13:01 - 00094096 _____ () C:\Users\jolina\Desktop\fast_video_download-5.0.1.48-fx.xpi
2014-11-07 10:20 - 2014-11-21 06:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-04 19:26 - 2014-11-09 13:45 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-11-04 19:18 - 2014-11-04 19:19 - 131078000 _____ (AVAST Software) C:\Users\jolina\Downloads\avast_free_antivirus_setup_10.exe
2014-11-04 12:20 - 2014-11-04 20:06 - 00002490 _____ () C:\EamClean.log
2014-11-04 07:04 - 2014-11-04 07:04 - 00022528 _____ () C:\Users\jolina\AppData\Local\1580453dsisetup15878122.exe
2014-11-04 07:04 - 2014-11-04 07:04 - 00000001 _____ () C:\Users\jolina\AppData\Local\DSI.DAT
2014-11-04 06:40 - 2014-11-22 08:08 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-11-03 16:28 - 2014-11-03 16:28 - 00000000 ____D () C:\ProgramData\Emsisoft
2014-11-03 13:25 - 2014-11-03 13:25 - 00001103 _____ () C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2014-11-03 13:25 - 2014-11-03 13:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2014-11-03 13:24 - 2014-11-24 15:09 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-11-03 13:13 - 2014-11-03 13:14 - 01125200 _____ () C:\Users\jolina\Downloads\Emsisoft Anti Malware - CHIP-Installer.exe
2014-11-02 19:44 - 2014-11-02 19:45 - 03381360 _____ () C:\Users\jolina\Downloads\tvs-real-humans-hdtv-x264-204.part2(1).rar.part
2014-11-02 12:04 - 2014-11-04 07:04 - 00000129 _____ () C:\Users\jolina\AppData\Roaming\WB.CFG
2014-11-02 12:01 - 2014-11-21 06:00 - 00000000 ____D () C:\ProgramData\7bb6df21-8ca8-4eec-965d-8cd2261544c7
2014-11-02 10:05 - 2014-11-02 10:05 - 00002131 _____ () C:\Users\jolina\Desktop\JDownloader 2.lnk
2014-11-02 10:05 - 2014-11-02 10:05 - 00000000 ____D () C:\Users\jolina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2014-11-02 10:04 - 2014-11-02 10:04 - 00000269 _____ () C:\Users\jolina\Desktop\Cut the Rope.url
2014-11-02 10:03 - 2014-11-04 06:35 - 00000000 ____D () C:\Users\jolina\AppData\Local\JDownloader v2.0
2014-11-01 19:02 - 2014-08-29 15:56 - 00000000 ____D () C:\Users\jolina\Downloads\Protectors.Auf.Leben.und.Tod.S02E02.German.BDRiP.XViD-GTVG
2014-11-01 18:55 - 2014-08-29 15:54 - 00000000 ____D () C:\Users\jolina\Downloads\Protectors.Auf.Leben.und.Tod.S02E01.German.BDRiP.XViD-GTVG

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-24 15:10 - 2014-04-08 14:13 - 00000000 ____D () C:\Users\jolina\AppData\Roaming\ClassicShell
2014-11-24 15:05 - 2014-07-06 16:15 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1426944148-3536138314-972487538-1002
2014-11-24 15:02 - 2014-10-09 18:02 - 01871540 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-24 15:00 - 2014-01-24 12:33 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-11-24 15:00 - 2014-01-24 12:31 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-24 15:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-11-24 14:59 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-11-24 14:56 - 2012-07-26 06:26 - 00000269 _____ () C:\WINDOWS\win.ini
2014-11-24 14:47 - 2013-12-15 15:56 - 00868352 ___SH () C:\Users\jolina\Desktop\Thumbs.db
2014-11-24 14:46 - 2014-05-29 12:45 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-11-24 14:46 - 2013-12-17 15:34 - 00001128 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-24 14:44 - 2013-12-17 15:34 - 00001132 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-24 14:35 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-11-24 14:33 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-24 14:31 - 2013-08-22 15:44 - 05072920 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-11-24 14:30 - 2014-09-23 22:06 - 00996794 _____ () C:\WINDOWS\PFRO.log
2014-11-24 10:06 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-11-24 02:00 - 2014-09-02 03:59 - 00000000 ____D () C:\Users\jolina\AppData\Local\Adobe
2014-11-23 19:19 - 2013-12-15 11:56 - 00000000 ____D () C:\Users\jolina\AppData\Roaming\vlc
2014-11-22 10:15 - 2013-12-16 10:50 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-11-22 08:25 - 2014-03-07 14:21 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-22 08:01 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\GroupPolicy
2014-11-21 20:37 - 2013-12-17 15:34 - 00000000 ____D () C:\Users\jolina\AppData\Local\Google
2014-11-21 20:37 - 2013-12-17 15:34 - 00000000 ____D () C:\Program Files (x86)\Google
2014-11-21 19:41 - 2014-09-24 07:17 - 01984420 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-21 19:41 - 2014-09-24 06:43 - 00843606 _____ () C:\WINDOWS\system32\perfh007.dat
2014-11-21 19:41 - 2014-09-24 06:43 - 00192300 _____ () C:\WINDOWS\system32\perfc007.dat
2014-11-21 17:19 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-11-21 17:18 - 2014-05-29 12:22 - 00000000 ____D () C:\AdwCleaner
2014-11-21 06:21 - 2013-12-15 10:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-21 06:21 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\InputMethod
2014-11-21 05:54 - 2014-05-29 12:44 - 00001114 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-11-21 05:54 - 2014-05-29 12:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-11-21 05:54 - 2014-05-29 12:44 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-11-20 10:11 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-11-18 19:35 - 2014-04-09 13:59 - 00000000 ___RD () C:\Users\jolina\Desktop\SERIEN
2014-11-15 16:50 - 2014-04-08 15:43 - 00410112 ___SH () C:\Users\jolina\Downloads\Thumbs.db
2014-11-15 07:39 - 2014-10-18 15:09 - 00004104 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-15 07:39 - 2014-10-18 15:09 - 00003868 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-12 08:15 - 2013-12-16 10:50 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-11-09 18:33 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\Offline Web Pages
2014-11-09 13:59 - 2013-08-22 15:46 - 00340386 _____ () C:\WINDOWS\setupact.log
2014-11-09 13:21 - 2014-06-01 10:04 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-11-09 13:21 - 2014-06-01 10:00 - 00000000 ____D () C:\ProgramData\Panda Security
2014-11-09 13:20 - 2014-06-01 10:04 - 00000000 ____D () C:\Users\jolina\AppData\Roaming\Panda Security
2014-11-09 13:10 - 2013-04-21 15:00 - 00000000 ____D () C:\ProgramData\Norton
2014-11-07 18:57 - 2013-12-23 11:47 - 00000000 ____D () C:\Users\jolina\Documents\Freemake
2014-11-07 17:47 - 2013-12-23 11:47 - 00000000 ____D () C:\ProgramData\Freemake
2014-11-07 14:54 - 2013-12-23 11:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2014-11-07 14:54 - 2013-12-23 11:46 - 00000000 ____D () C:\Program Files (x86)\Freemake
2014-11-04 19:39 - 2013-12-15 10:21 - 00001135 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-11-04 19:39 - 2013-12-15 10:21 - 00001135 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-11-03 19:34 - 2014-03-12 15:15 - 00000000 ___RD () C:\Users\jolina\Desktop\FILME
2014-11-01 17:49 - 2014-03-07 13:07 - 00000000 ____D () C:\JDownloader
2014-10-25 15:56 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2014-10-25 08:24 - 2014-05-04 07:08 - 00000000 ____D () C:\Users\jolina\Desktop\Melvin#

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-24 14:43

==================== End Of Log ============================
--- --- ---

--- --- ---


soll ich bitdefender wieder anmachen? sehe ich dann erst ob der was findet cosinus.
wodurch wurde das denn verursacht das ich bescheid weiss worauf ich achten sollte demnächst...

Alt 24.11.2014, 15:20   #20
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Bitdefender hat Variant.Aware.Graftor.159320 gefunden - Standard

Bitdefender hat Variant.Aware.Graftor.159320 gefunden


Ja, mach BD mal wieder an

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 24.11.2014, 15:24   #21
amila
 
Bitdefender hat Variant.Aware.Graftor.159320 gefunden - Standard

Bitdefender hat Variant.Aware.Graftor.159320 gefunden


ja gut, lasse dann mal den virenscann von BD laufen....melde mich dann!

Alt 24.11.2014, 23:49   #22
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Bitdefender hat Variant.Aware.Graftor.159320 gefunden - Standard

Bitdefender hat Variant.Aware.Graftor.159320 gefunden


Ich geh mal davon aus, dass alles wieder gut ist

Dann wären wir durch!


Falls du noch Lob oder Kritik loswerden möchtest => Lob, Kritik und Wünsche - Trojaner-Board

Die Programme, die hier zum Einsatz kamen, können alle deinstalliert werden. Es empfiehlt sich Malwarebytes Anti-Malware zu behalten und damit wöchentlich nach Malware zu scannen.

Helfen kann dir dabei delfix:


Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.






Bitte abschließend noch die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden.
Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern.


Microsoftupdate
Windows XP:Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren.
Windows Vista/7: Start, Systemsteuerung, Windows-Update


PDF-Reader aktualisieren
Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast)

Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader.

Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers:
Prüfen => Adobe - Flash Player
Downloadlinks findest du hier => Browsers and Plugins - FilePony.de

Alle Plugins im Firefox-Browser kannst du auch ganz einfach hier auf Aktualität prüfen => https://www.mozilla.org/de/plugincheck

Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind.


Java-Update
Veraltete Java-Installationen sind ein großes Sicherheitsrisiko, daher solltest Du die alten Versionen deinstallieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software (bzw. Programme und Funktionen) und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort
Seite 2 von 2 1 2

Themen zu Bitdefender hat Variant.Aware.Graftor.159320 gefunden
adware, antivirus, autokms, bitdefender 2015, bonjour, browser, cpu, device driver, downloader, dvdvideosoft ltd., euro, failed, firefox, firefox 33.1, flash player, google, home, homepage, iexplore.exe, launch, lightning, mozilla, mp3, onedrive, realtek, registry, rundll, scan, software, svchost.exe, system, usb, windows


« DETEKT scan hat blackshades rat , xtreme rat, darkcomet rat auf win7 gefunden | Fehlercode: DNS_PROBE_FINISHED_NXDOMAIN »


Ähnliche Themen: Bitdefender hat Variant.Aware.Graftor.159320 gefunden


  1. Windows 8.1:Variant.Adware.Graftor.159320+Adware.Generic.1133960-Virenbefall?
    Log-Analyse und Auswertung - 13.01.2015 (32)
  2. Variant.Adware.Graftor.159320 (Engine A)
    Plagegeister aller Art und deren Bekämpfung - 30.10.2014 (9)
  3. Adware/Graftor.151675.8 von Avira gefunden und in Quarantäne verschoben (Windows 8), Probleme verschwunden, weitere Schritte?
    Log-Analyse und Auswertung - 15.10.2014 (9)
  4. TR/Crypt.ZPACK.41929 und TR/Graftor.142549 gefunden
    Log-Analyse und Auswertung - 11.06.2014 (11)
  5. Win8.1x64 UEFI SecureBoot infiziert mit Gen:Trojan.Heur.Fu.ku0 und Gen:Variant.Graftor.6958 . Suche Backdoor!
    Log-Analyse und Auswertung - 10.04.2014 (13)
  6. Windows 8.1: Bitdefender Fund "gen.variant.symmi.[NUMMER]" Kann nicht entfernt werden.
    Log-Analyse und Auswertung - 16.02.2014 (2)
  7. Gen:Variant.Adware.Graftor.108504 im Temp Ordner entdeckt
    Plagegeister aller Art und deren Bekämpfung - 07.09.2013 (8)
  8. Virus Gen:Variant.Symmi21391 gefunden und mit F-Secure eliminert
    Log-Analyse und Auswertung - 28.07.2013 (2)
  9. Virus Gen:Variant.Symmi.10389 und Gen:Variant.Graftor.Elzob.23242 eingefangen
    Plagegeister aller Art und deren Bekämpfung - 14.02.2013 (29)
  10. TR/Graftor.39522.2 von Avira AntiVir gefunden
    Log-Analyse und Auswertung - 30.08.2012 (3)
  11. GData meldet Gen:Variant.Graftor.Elzob.1354 (Fehlalarm ?)
    Antiviren-, Firewall- und andere Schutzprogramme - 12.05.2012 (2)
  12. Gen:Variant.Graftor.7553
    Log-Analyse und Auswertung - 19.04.2012 (11)
  13. Trojaner Sirefef.BP, Gen:Barys.368 und Gen:Variant.Graftor.7741 in XP beseitigen
    Log-Analyse und Auswertung - 16.04.2012 (15)
  14. mehrere Trojaner gefunden: Spy.Agent.OGS, Spy.Banker.Gen2, Graftor.9201.6, Agent.237568.6
    Log-Analyse und Auswertung - 20.12.2011 (23)
  15. TR/Graftor.1346; TR/Dldr.Unruy.H.12; TR/Dropper.Gen gefunden; Facebook Link
    Plagegeister aller Art und deren Bekämpfung - 11.10.2011 (9)
  16. Trojaner Downloader.Win32.Agent variant gefunden
    Mülltonne - 30.10.2008 (0)
  17. Virtumonde (von Ad-Aware gefunden)
    Log-Analyse und Auswertung - 14.09.2007 (6)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Bitdefender hat Variant.Aware.Graftor.159320 gefunden - Deaktiviere Bitdefender mal, dann leeren wir erneut die Tempverzeichnisse mit FRST: Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus - Bitdefender hat Variant.Aware.Graftor.159320 gefunden...
Archiv
Du betrachtest: Bitdefender hat Variant.Aware.Graftor.159320 gefunden auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129