Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   TR/Patched.Ren.Gen2 immer von Avira gefunden - wie entferne ich diesen? (https://www.trojaner-board.de/167992-tr-patched-ren-gen2-immer-avira-gefunden-entferne-diesen.html)

Sundancer09 16.06.2015 19:13
TR/Patched.Ren.Gen2 immer von Avira gefunden - wie entferne ich diesen?
 
Hallo zusammen,

Avira meldet mir seit zwei Tagen im Echtzeit-Scanner immer einen Virenfund mit der Bezeichnung:
In der Datei 'C:\Windows\Temp\tmp00003f48\tmp00005bfc'
wurde ein Virus oder unerwünschtes Programm 'TR/Patched.Ren.Gen2' [trojan] gefunden.
Ausgeführte Aktion: Zugriff verweigern

Die Temp-Datei ändert sich dabei ständig!

Im System-Scanner von Avira taucht diese nicht auf, auch Bitdefender Total Security und Malwarebytes finden nichts! Bin jetzt doch etwas verunsichert.

FRST Log habe ich hier gepostet
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by (administrator) on PC on 16-06-2015 20:05:00
Running from C:\Users\Downloads
Loaded Profiles: (Available Profiles:)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7199448 2013-10-01] (Realtek Semiconductor)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1691112 2015-04-06] (Bitdefender)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-23] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [RemoteControl] => C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe [56928 2006-11-23] (Cyberlink Corp.)
HKLM-x32\...\Run: [LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe [54832 2006-12-05] ()
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2629632 2012-09-25] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [SfWinStartInfo] => C:\Program Files (x86)\SFirm\sfWinStartupInfo.exe [144544 2012-07-06] (Star Finanz - Software Entwicklung und Vertriebs GmbH)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [730416 2015-06-16] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [130864 2015-05-21] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-17448724-3892530395-2409476631-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [787592 2015-05-28] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-17448724-3892530395-2409476631-1001\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2015-02-24] (Bitdefender)
HKU\S-1-5-21-17448724-3892530395-2409476631-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-17448724-3892530395-2409476631-1001\...\Run: [BrowserChoice] => C:\Windows\BrowserChoice\browserchoice.exe [86816 2013-08-22] (Microsoft Corporation)
HKU\S-1-5-21-17448724-3892530395-2409476631-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\PhotoScreensaver.scr [589312 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-17448724-3892530395-2409476631-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [787592 2015-05-28] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-17448724-3892530395-2409476631-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Bitdefender-Geldbörse-Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2015-02-24] (Bitdefender)
HKU\S-1-5-21-17448724-3892530395-2409476631-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-17448724-3892530395-2409476631-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [BrowserChoice] => C:\Windows\BrowserChoice\browserchoice.exe [86816 2013-08-22] (Microsoft Corporation)
HKU\S-1-5-21-17448724-3892530395-2409476631-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\PhotoScreensaver.scr [589312 2014-10-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-09-09] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-09-09] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-09-09] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-09-09] (Bitdefender)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-17448724-3892530395-2409476631-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKU\S-1-5-21-17448724-3892530395-2409476631-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKU\S-1-5-21-17448724-3892530395-2409476631-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKU\S-1-5-21-17448724-3892530395-2409476631-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-10] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-10] (Oracle Corporation)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-02-24] (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-02-24] (Bitdefender)
Toolbar: HKU\S-1-5-21-17448724-3892530395-2409476631-1001 -> Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-02-24] (Bitdefender)
Toolbar: HKU\S-1-5-21-17448724-3892530395-2409476631-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-02-24] (Bitdefender)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\AppData\Roaming\Mozilla\Firefox\Profiles\l128r3tn.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_160.dll [2015-06-13] ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll [2013-10-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-10-10] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_160.dll [2015-06-13] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll [2013-11-12] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [2013-11-21] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2013-04-02] (Google, Inc.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-21] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2014-09-09]
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2014-09-09]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827184 2015-06-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [450808 2015-06-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [450808 2015-06-16] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1188360 2015-06-16] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [208632 2015-05-21] (Avira Operations GmbH & Co. KG)
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2015-01-21] (Bitdefender)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-23] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-23] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-23] (NVIDIA Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [167936 2005-08-08] () [File not signed]
S4 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [176264 2015-05-28] (Sandboxie Holdings, LLC)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-11-25] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1547936 2015-04-06] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1306464 2015-02-24] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [262544 2015-02-24] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [677104 2015-02-24] (BitDefender)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [153256 2015-06-16] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132656 2015-06-16] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-03-17] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-17] (Avira Operations GmbH & Co. KG)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
R1 BdfNdisf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [98768 2015-02-24] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107008 2013-07-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2015-02-24] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [79192 2013-07-30] (BitDefender)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [160544 2015-04-06] (BitDefender LLC)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-16] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [188552 2015-05-28] (Sandboxie Holdings, LLC)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-11-25] (BitDefender S.R.L.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-16 20:00 - 2015-06-16 20:05 - 00018830 _____ C:\Users\Downloads\FRST.txt
2015-06-16 20:00 - 2015-06-16 20:05 - 00000000 ____D C:\FRST
2015-06-16 20:00 - 2015-06-16 20:00 - 02109952 _____ (Farbar) C:\Users\Downloads\FRST64.exe
2015-06-13 12:20 - 2015-06-13 12:20 - 00002182 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2015-06-13 08:26 - 2015-06-13 08:37 - 00000000 ____D C:\Users\AppData\Roaming\vlc
2015-06-13 08:26 - 2015-06-13 08:26 - 00001088 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-06-13 08:26 - 2015-06-13 08:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-06-13 08:25 - 2015-06-13 08:25 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2015-06-10 17:51 - 2015-06-10 17:52 - 00000000 ____D C:\Users\Downloads\Bitdefender Safepay
2015-06-10 17:20 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-06-10 17:20 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-06-10 17:20 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-06-10 17:20 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-06-10 17:20 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-06-10 17:20 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-06-10 17:20 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-06-10 17:20 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-06-10 17:20 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-06-10 17:20 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-06-10 17:20 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-06-10 17:20 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-06-10 17:20 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-06-10 17:20 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-06-10 17:20 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-06-10 17:20 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-06-10 17:20 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-06-10 17:20 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-06-10 17:20 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-06-10 17:20 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-06-10 17:20 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-06-10 17:20 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-06-10 17:20 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-06-10 17:20 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-06-10 17:20 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-06-10 17:20 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-06-10 17:20 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-06-10 17:20 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-06-10 17:20 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-06-10 17:20 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-06-10 17:20 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-06-10 17:20 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-06-10 17:20 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-06-10 17:20 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-06-10 17:20 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-06-10 17:20 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-06-10 17:20 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-06-10 17:20 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-06-10 17:20 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-06-10 17:20 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-06-10 17:20 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-06-10 17:20 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-06-10 17:20 - 2015-05-22 15:08 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-06-10 17:20 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-06-10 17:20 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-06-10 17:20 - 2015-05-21 15:08 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-06-10 17:20 - 2015-05-21 15:08 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-06-10 17:20 - 2015-05-21 15:08 - 00422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-06-10 17:20 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-06-10 17:20 - 2015-05-21 15:08 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-06-10 17:20 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-06-10 17:20 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-06-10 17:20 - 2015-04-17 00:07 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-06-10 17:20 - 2015-04-16 08:17 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-06-10 17:20 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2015-06-10 17:20 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2015-06-10 17:20 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-06-10 17:20 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-06-10 17:20 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
2015-06-10 17:20 - 2015-04-09 00:07 - 00410336 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-06-10 17:20 - 2015-04-02 00:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-06-10 17:20 - 2015-04-02 00:30 - 02483712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-06-10 17:20 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-06-10 17:20 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2015-06-10 17:20 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2015-06-10 17:20 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2015-06-10 17:20 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-06-10 17:20 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-06-10 17:20 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-06-10 17:20 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2015-06-10 17:20 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-06-10 17:20 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-06-10 17:20 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2015-06-10 17:20 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-06-10 17:20 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-06-10 17:20 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-06-10 17:20 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-06-10 17:20 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-06-10 17:20 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-06-10 17:20 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2015-06-10 17:20 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2015-06-04 08:04 - 2015-06-04 17:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-02 06:26 - 2015-06-02 06:26 - 00000000 ____D C:\Users\AppData\Local\GWX
2015-06-01 11:44 - 2015-06-01 11:44 - 00002155 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-06-01 11:44 - 2015-05-28 05:52 - 00571024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-06-01 11:42 - 2015-05-28 09:04 - 42719888 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-06-01 11:42 - 2015-05-28 09:04 - 37741712 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-06-01 11:42 - 2015-05-28 09:04 - 30480528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-06-01 11:42 - 2015-05-28 09:04 - 22946960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-06-01 11:42 - 2015-05-28 09:04 - 16185352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-06-01 11:42 - 2015-05-28 09:04 - 15864064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-06-01 11:42 - 2015-05-28 09:04 - 14495448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-06-01 11:42 - 2015-05-28 09:04 - 13304280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-06-01 11:42 - 2015-05-28 09:04 - 11830512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-06-01 11:42 - 2015-05-28 09:04 - 10995528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-06-01 11:42 - 2015-05-28 09:04 - 02986392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-06-01 11:42 - 2015-05-28 09:04 - 02932368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-06-01 11:42 - 2015-05-28 09:04 - 02599056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-06-01 11:42 - 2015-05-28 09:04 - 01898312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435306.dll
2015-06-01 11:42 - 2015-05-28 09:04 - 01557832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435306.dll
2015-06-01 11:42 - 2015-05-28 09:04 - 01099808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-06-01 11:42 - 2015-05-28 09:04 - 01059984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-06-01 11:42 - 2015-05-28 09:04 - 01050440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-06-01 11:42 - 2015-05-28 09:04 - 00982856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-06-01 11:42 - 2015-05-28 09:04 - 00974480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-06-01 11:42 - 2015-05-28 09:04 - 00939080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-06-01 11:42 - 2015-05-28 09:04 - 00878816 _____ C:\WINDOWS\system32\nvmcumd.dll
2015-06-01 11:42 - 2015-05-28 09:04 - 00503408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-06-01 11:42 - 2015-05-28 09:04 - 00408208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-06-01 11:42 - 2015-05-28 09:04 - 00407112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-06-01 11:42 - 2015-05-28 09:04 - 00364176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-06-01 11:42 - 2015-05-28 09:04 - 00175880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-06-01 11:42 - 2015-05-28 09:04 - 00154256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-06-01 11:42 - 2015-05-28 09:04 - 00150648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-06-01 11:42 - 2015-05-28 09:04 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-06-01 11:30 - 2015-06-01 11:30 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-01 11:30 - 2015-04-03 15:21 - 00048784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2015-06-01 11:30 - 2015-04-03 15:21 - 00038032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2015-05-31 10:12 - 2015-05-31 10:15 - 00000000 ____D C:\Users\Documents\RCT3
2015-05-31 10:12 - 2015-05-31 10:12 - 00043520 _____ C:\WINDOWS\SysWOW64\CmdLineExt03.dll
2015-05-31 10:12 - 2015-05-31 10:12 - 00000000 ____D C:\Users\AppData\Roaming\Atari
2015-05-31 10:10 - 2015-05-31 10:10 - 00001233 _____ C:\Users\Public\Desktop\RollerCoaster Tycoon 3.lnk
2015-05-31 10:10 - 2015-05-31 10:10 - 00000000 ____D C:\Users\AppData\Roaming\Leadertech
2015-05-31 10:10 - 2015-05-31 10:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari
2015-05-31 10:06 - 2015-05-31 10:06 - 00000000 ____D C:\Program Files (x86)\Atari
2015-05-29 07:26 - 2015-05-29 07:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2015-05-24 22:47 - 2015-05-24 22:47 - 00000000 ____D C:\Users\AppData\Roaming\NVIDIA
2015-05-19 07:47 - 2015-05-28 09:04 - 14987528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-05-19 07:47 - 2015-05-13 08:52 - 00195912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2015-05-19 07:47 - 2015-05-13 08:52 - 00031552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2015-05-19 07:47 - 2015-05-12 08:27 - 01898312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435286.dll
2015-05-19 07:47 - 2015-05-12 08:27 - 01557648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435286.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-16 20:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-06-16 19:57 - 2014-10-26 12:59 - 01165847 _____ C:\WINDOWS\WindowsUpdate.log
2015-06-16 19:56 - 2014-09-24 08:17 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-16 19:56 - 2014-09-24 07:43 - 00764340 _____ C:\WINDOWS\system32\perfh007.dat
2015-06-16 19:56 - 2014-09-24 07:43 - 00159160 _____ C:\WINDOWS\system32\perfc007.dat
2015-06-16 19:55 - 2014-06-27 07:53 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-06-16 19:55 - 2013-10-10 16:21 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-17448724-3892530395-2409476631-1001
2015-06-16 19:50 - 2014-10-26 12:59 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-16 19:50 - 2013-10-11 15:15 - 00001120 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-16 19:50 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-16 16:34 - 2013-10-10 16:41 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-06-16 16:18 - 2013-10-11 15:15 - 00001124 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-16 15:53 - 2015-02-07 08:55 - 00000000 ____D C:\ProgramData\TEMP
2015-06-16 15:53 - 2015-02-07 08:55 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2015-06-16 15:46 - 2015-04-11 14:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-06-16 15:45 - 2015-04-11 14:20 - 00153256 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-06-16 15:45 - 2015-04-11 14:20 - 00132656 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-06-16 15:37 - 2014-10-27 09:58 - 00003914 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A63683CB-EF68-417C-A251-554A36C13ED3}
2015-06-15 18:38 - 2014-11-15 06:59 - 00000000 __SHD C:\Users\AppData\Local\EmieBrowserModeList
2015-06-15 18:38 - 2014-10-27 09:57 - 00000000 __SHD C:\Users\AppData\Local\EmieUserList
2015-06-15 18:38 - 2014-10-27 09:57 - 00000000 __SHD C:\Users\AppData\Local\EmieSiteList
2015-06-15 06:57 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-06-14 08:58 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-06-13 12:20 - 2013-10-10 16:33 - 00000000 ____D C:\Program Files (x86)\Google
2015-06-13 11:24 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-06-13 10:35 - 2014-12-10 19:18 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-06-13 10:35 - 2014-09-24 09:43 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-06-13 10:35 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-06-13 10:35 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-06-13 07:58 - 2013-10-30 11:48 - 00000000 ____D C:\ProgramData\SFirm
2015-06-13 07:55 - 2013-10-30 11:48 - 00000000 ____D C:\Program Files (x86)\SFirm
2015-06-13 07:47 - 2013-10-10 17:25 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-06-13 07:47 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-06-13 07:44 - 2013-10-10 17:25 - 140135120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-06-13 06:48 - 2013-10-10 16:41 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-06-13 06:47 - 2013-10-16 17:29 - 00000000 ____D C:\Users\AppData\Local\Adobe
2015-06-12 14:48 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-06-12 14:39 - 2013-10-19 16:45 - 00002020 _____ C:\WINDOWS\Sandboxie.ini
2015-06-11 06:10 - 2015-04-11 14:20 - 00000000 ____D C:\ProgramData\Avira
2015-06-10 17:17 - 2015-04-11 14:21 - 00001142 _____ C:\Users\Public\Desktop\Avira.lnk
2015-06-10 17:17 - 2015-04-11 14:21 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-10 17:17 - 2015-04-11 14:20 - 00000000 ____D C:\Program Files (x86)\Avira
2015-06-05 18:17 - 2013-10-10 16:15 - 00000000 ____D C:\Users\AppData\Local\VirtualStore
2015-06-05 14:15 - 2013-10-12 15:16 - 00000000 ____D C:\Users\AppData\Local\PokerStars.EU
2015-06-04 17:44 - 2013-10-11 15:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-03 18:18 - 2014-09-24 09:46 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-06-03 18:18 - 2014-09-24 09:46 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-01 11:44 - 2015-04-14 21:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-06-01 11:44 - 2014-10-26 12:59 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-05-29 17:28 - 2014-07-11 13:18 - 00000000 ____D C:\Users\Documents\Flight Simulator X-Dateien
2015-05-28 09:04 - 2015-04-14 21:49 - 03379680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-05-28 09:04 - 2015-02-20 02:18 - 12852152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-05-28 09:04 - 2014-08-19 22:15 - 17486856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-05-28 09:04 - 2014-08-19 22:14 - 00030966 _____ C:\WINDOWS\system32\nvinfo.pb
2015-05-28 09:04 - 2013-10-10 16:23 - 00112968 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-05-28 09:04 - 2013-10-10 16:23 - 00105288 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-05-28 06:15 - 2014-10-26 12:59 - 06872904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-05-28 06:15 - 2014-10-26 12:59 - 03491984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-05-28 06:15 - 2014-10-26 12:59 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-05-28 06:15 - 2014-10-26 12:59 - 00937288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-05-28 06:15 - 2014-10-26 12:59 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-05-28 06:15 - 2014-10-26 12:59 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-05-27 12:48 - 2014-10-26 12:59 - 04408727 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-05-25 10:00 - 2015-04-04 18:10 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-05-25 10:00 - 2015-04-04 18:10 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-05-24 22:47 - 2013-10-12 15:16 - 00000000 ____D C:\Program Files (x86)\PokerStars.EU
2015-05-24 08:01 - 2014-07-11 20:23 - 00000000 ____D C:\Users\Desktop\WOAI
2015-05-23 03:47 - 2015-04-14 21:51 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-05-23 03:47 - 2015-04-14 21:51 - 01571696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-05-23 03:47 - 2015-04-14 21:51 - 01320304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-05-23 03:47 - 2015-04-14 21:51 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-05-21 16:13 - 2013-10-11 15:15 - 00004096 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-21 16:13 - 2013-10-11 15:15 - 00003860 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Files in the root of some directories =======

2013-10-10 16:29 - 2013-10-10 16:29 - 0383774 _____ () C:\ProgramData\1381415084.bdinstall.bin
2014-09-09 15:08 - 2014-09-09 15:09 - 0050833 _____ () C:\ProgramData\1410268138.2492.bin
2014-09-09 15:09 - 2014-09-09 15:09 - 0213840 _____ () C:\ProgramData\1410268138.bdinstall.bin
2014-09-09 15:17 - 2014-09-09 15:17 - 1982348 _____ () C:\ProgramData\1410268377.bdinstall.bin
2014-10-26 12:59 - 2014-10-26 12:59 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-15 19:56

==================== End of log ============================
Und die Addition:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran at 2015-06-16 20:05:26
Running from C:\Users\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-17448724-3892530395-2409476631-500 - Administrator - Disabled)
Gast (S-1-5-21-17448724-3892530395-2409476631-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-17448724-3892530395-2409476631-1003 - Limited - Enabled)
(S-1-5-21-17448724-3892530395-2409476631-1001 - Administrator - Enabled) => C:\Users\

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.160 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.4 (HKLM-x32\...\Audacity_is1) (Version: 2.0.4 - Audacity Team)
Avira (HKLM-x32\...\{0696cc37-db90-4000-be99-4a173ca7c8af}) (Version: 1.1.39.17987 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.39.17987 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.11.574 - Avira Operations GmbH & Co. KG)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
Bitdefender Total Security 2015 (HKLM\...\Bitdefender) (Version: 18.11.0.872 - Bitdefender)
Brother MFL-Pro Suite MFC-J220 (HKLM-x32\...\{FB83EAC4-E3F6-4666-B45B-44522F2344B6}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
FUSSBALL MANAGER 13 (HKLM-x32\...\{80AF0300-866F-400F-A350-D53E3C3E34E0}) (Version: 1.0.0.0 - Electronic Arts)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Java 7 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417025FF}) (Version: 7.0.250 - Oracle)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
MeatWater FO Altitude Callouts v1.0 (HKLM-x32\...\MeatWater FO Altitude Callouts v1.0) (Version:  - )
Microsoft Flight Simulator X (HKLM-x32\...\InstallShield_{F535B2CF-C9BB-4162-B03A-02D6971F32CC}) (Version: 10.0.60905 - Microsoft Game Studios)
Microsoft Office Standard 2007 (HKLM-x32\...\STANDARD) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (HKLM-x32\...\{90120000-00B2-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.06 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.28 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.06 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 353.06 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 8.5.0.4518 - Electronic Arts, Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version:  - PokerStars.eu)
PowerDVD (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.2414.0 - CyberLink Corporation)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7050 - Realtek Semiconductor Corp.)
RollerCoaster Tycoon 3 (HKLM-x32\...\RollerCoaster Tycoon 3_is1) (Version:  - Atari)
Sandboxie 4.18 (64-bit) (HKLM\...\Sandboxie) (Version: 4.18 - Sandboxie Holdings, LLC)
SFirm (HKLM-x32\...\{A600A500-6AAC-48AB-B29C-145483B3A127}) (Version: 2.39.10.250.0 - Star Finanz GmbH)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.28 - NVIDIA Corporation) Hidden
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WAV To MP3 V2 (HKLM-x32\...\WAV To MP3_is1) (Version:  - hxxp://www.WAVMP3.net)
Winamp (HKLM-x32\...\Winamp) (Version: 5.65  - Nullsoft, Inc)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {230B6BD4-DA5B-4537-8940-331F9FCA5898} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {2CD5F1BA-C181-4688-A14F-7414C8D31910} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {4375D8BE-D583-493D-85FD-818695EAD17D} - System32\Tasks\Bitdefender Autoscan => C:\Program Files\Bitdefender\Bitdefender 2013\mtasklaunch.exe
Task: {46F776F1-DFBC-40D7-852E-5267ABEE1E05} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {4E1A4979-D125-4C91-A4DD-57847DCBB0CC} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {662E3C54-C446-4A6A-8310-F2D167B834E0} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {8217B3FE-CCF6-462F-AB07-E0C8AD5D060A} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {875087B8-88DA-416C-82D3-2EC95E629B82} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-06-13] (Microsoft Corporation)
Task: {A0E7C5DF-5FF9-40CB-94E8-3D701B48822F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-11] (Google Inc.)
Task: {A73D6D5D-7818-486B-9BD2-BEDA3ED52B84} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {B1BB4ABD-1687-4412-8A19-F137417AA2A0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-13] (Adobe Systems Incorporated)
Task: {C538A01A-E845-441F-9ACA-3900541CC2AE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-11] (Google Inc.)
Task: {E3C9D1DD-EA11-4953-BAA7-83B7EBEAD1B5} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: {F6120730-0E07-47B5-8DC4-0DF2440FE4E3} - System32\Tasks\{60648D8B-B897-4230-8BEE-5B03BDFED2EC} => pcalua.exe -a F:\PC-Suite.exe -d F:\
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2014-09-09 15:16 - 2014-10-02 20:13 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll
2014-09-09 15:16 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll
2014-09-09 15:16 - 2014-06-30 13:26 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui
2014-09-09 15:16 - 2012-10-29 15:22 - 00152816 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdfwcore.dll
2015-05-06 16:32 - 2015-05-06 16:32 - 00790368 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00350_006\ashttpbr.mdl
2015-05-06 16:32 - 2015-05-06 16:32 - 00711064 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00350_006\ashttpdsp.mdl
2015-05-06 16:32 - 2015-05-06 16:32 - 02683520 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00350_006\ashttpph.mdl
2015-05-06 16:32 - 2015-05-06 16:32 - 01326504 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00350_006\ashttprbl.mdl
2014-10-26 12:59 - 2015-05-28 06:15 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-10-10 16:44 - 2005-08-08 07:54 - 00167936 ____N () C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
2015-04-08 21:53 - 2015-04-08 21:53 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-04-14 21:51 - 2015-05-23 03:48 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2013-10-18 16:07 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-17448724-3892530395-2409476631-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-17448724-3892530395-2409476631-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-17448724-3892530395-2409476631-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-17448724-3892530395-2409476631-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-17448724-3892530395-2409476631-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-17448724-3892530395-2409476631-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-17448724-3892530395-2409476631-1001\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-17448724-3892530395-2409476631-1001\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-17448724-3892530395-2409476631-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-17448724-3892530395-2409476631-1001\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-17448724-3892530395-2409476631-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-17448724-3892530395-2409476631-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-17448724-3892530395-2409476631-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-17448724-3892530395-2409476631-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-17448724-3892530395-2409476631-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-17448724-3892530395-2409476631-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-17448724-3892530395-2409476631-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-17448724-3892530395-2409476631-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-17448724-3892530395-2409476631-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-17448724-3892530395-2409476631-1001\...\1001movie.com -> 1001movie.com

There are 6091 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-17448724-3892530395-2409476631-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
HKU\S-1-5-21-17448724-3892530395-2409476631-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "LanguageShortcut"
HKLM\...\StartupApproved\Run32: => "RemoteControl"
HKLM\...\StartupApproved\Run32: => "SfWinStartInfo"
HKU\S-1-5-21-17448724-3892530395-2409476631-1001\...\StartupApproved\Run: => "BrowserChoice"
HKU\S-1-5-21-17448724-3892530395-2409476631-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "BrowserChoice"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{FB8D56C7-097A-4DA7-AACE-967A6726BDB6}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{79C19162-EDBA-4D75-9FB9-3581265907A6}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA Manager 13\Manager13.exe
FirewallRules: [{A9F3A466-5B5C-4DE2-952D-3565C5BFDC5A}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA Manager 13\Manager13.exe
FirewallRules: [{60BA1D78-EC20-4ABA-A116-6DB34D3B0E43}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{7B971C34-4DD8-4E42-8882-0224312B3B06}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{76E2CF35-F40B-469B-9FDD-3DAA0B677A61}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{3A242663-C36B-47B5-AF7F-9531F89E9EF8}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{D9E25566-7F8C-4AE2-BC7B-100B93F5D4D2}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{04E5BBCC-B60E-454B-868B-B863201DA4ED}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{DF9694ED-104A-4402-9436-5FC1732221B5}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{F8A5FB14-E844-4363-A21D-49B1C1DF09DB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D61E6684-11EF-4E72-920A-DEA0E4277E30}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{8470AC55-6834-4E4E-AC4D-136896A999EC}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{48EC401E-4C66-4FCE-B3AA-6603EBF6EA72}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{96CDD73F-2C52-4758-8487-085711A9EA4F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{7C5BB953-7303-4A08-94D4-13C68AA046F3}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{35F66A83-5455-468A-AA38-062E2C1DD341}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{855EB0D6-3CC7-43A7-9034-0A15B219D464}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C88A7334-55D2-48F3-B4B4-CFE9D9C6D101}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{86545365-0564-4F36-91A8-A455EFED0AEA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{67005B92-B0D2-455E-98A8-B78CDD2DB00F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{1A07E6A8-A527-4F41-ACD6-9039C3DE8AAD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{26A97DBA-AAEA-4EDB-B92F-1B94731D06BB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office:
=========================

CodeIntegrity Errors:
===================================
  Date: 2013-10-10 16:40:39.321
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00209_002\avcuf64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-10-10 16:30:36.653
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2013\active virus control\avc3_000_001\avcuf64.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: AMD FX(tm)-4300 Quad-Core Processor
Percentage of memory in use: 31%
Total physical RAM: 8174.11 MB
Available physical RAM: 5580.98 MB
Total Pagefile: 9454.11 MB
Available Pagefile: 6869.13 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:107.08 GB) (Free:10.54 GB) NTFS
Drive d: (Sicherung) (Fixed) (Total:931.51 GB) (Free:300.77 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 0AFB6CF4)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=107.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0AFB6CEF)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of log ============================
Bitte um schnelle Hilfe, benötige den Rechner zum Arbeiten. Vielen Dank an euch,

Sundancer09

schrauber 16.06.2015 19:24
hi,

Logfile von Avira bitte.

Sundancer09 16.06.2015 19:28
Wie erstelle ich das?

Code:
16.06.2015,19:50:42 [INFO] Online-Dienste stehen zur Verfügung.
16.06.2015,19:54:31 [FUND] Ist das Trojanische Pferd TR/Patched.Ren.Gen2!
  C:\Windows\Temp\tmp00003f48\tmp00005bfc
16.06.2015,20:00:41 [INFO] Update-Auftrag gestartet!
16.06.2015,20:00:46 [INFO] ---------------------------------------------------------
16.06.2015,20:00:46 [INFO] Engine-Version:  8.3.30.48
16.06.2015,20:00:46 [INFO] VDF-Version:  8.11.241.36
16.06.2015,20:00:46 [INFO] APC-Version:  2.7.1.3
16.06.2015,20:00:46 [INFO] RDF-Version:  14.0.4.70
16.06.2015,20:00:46 [INFO] Echtzeit-Scanner-Version: 15.00.11.572
16.06.2015,20:09:15 [FUND] Ist das Trojanische Pferd TR/Patched.Ren.Gen2!
  C:\Windows\Temp\tmp00004363\tmp0000ea58

schrauber 17.06.2015 16:13
lass die Datei bitte bei Virustotal scannen:
Dateien online auf Viren prüfen - so geht's - Anleitungen

Sundancer09 17.06.2015 16:39
Okay ich versuche es. Aber das Temp-Verzeichnis ist ja ständig ein anderes! Das ist bei jedem Echtzeit-Scan ein anderes. Warum finde ich,wenn uch Avira , Malwarebytes oder Bitdefender laufen lasse keine verdächtige Datei? Nur der Echtzeit -San von Avira findet den

Nachtrag: Wenn ich die Datei aufrufen möchte, finde ich nur eine Datei mit der Bezeichung temp00000000 (0 kb), die ich nicht löschen kann und die auf das Datum des letzten Fundes (16.6. 19.55Uhr) beziffert ist. Ich kann sie bei virus-total nicht prüfen lassen, da es heißt, ich hätte keine Berechtigung :-( Bin langsam echt ein wenig am Verzweifeln....

schrauber 18.06.2015 06:45
Kopier die Datei aus dem Temp auf den Desktop, dann scannen. Ich denke das ist ein Fehlalarm von Avira.

Sundancer09 19.06.2015 15:16
Also ich habe die Datei gescannt, allerdings ist sie ja 0kb groß gewesen. Der Verzeichnis-Ordner in C:\Windows\Temp ändert sich von Tag zu Tag und beinhaltet immer nur diese eine Datei "temp00000000" (0 kb). Avira hat jetzt seit 3 Tagen keine Funde mehr angezeigt. Habe in einem früheren Log gesehen, dass Mitte Mai schonmal ein "Fund" da war, und dann aber bis Montag nichts mehr.
Außerdem surfe ich fast immer nur mit der SandBoxie..... verhindert die nicht, dass ein Trojaner auf den Rechner kommt?

PS: Eine Frage hätte ich noch an die Experten hier im Board. Ich sehe immer wieder, dass die Speichergröße meiner Festplatte, auf der auch das Betriebssystem drauf ist, teilweise um 500mb schwankt und auch kleienr geworden ist, obwohl ich keine neuen/zusätzlichen Dateien auf der Platte gespeichert habe. Und dann steigt der freie Speicherplatz plötzlich wieder um mehrere hundert mb. Wie kann das sein? Ist das ein Hinweis, dass da jemand unbemerkt Dateien aufspielt/runter nimmt? Entschuldigt, vielleicht ist das eine total doofe Frage, aber ich bin eher Laie auf dem Gebiet der PC-Technik!

schrauber 20.06.2015 07:21
TreeSize Free Download
Bitte TreeSize laden und laufen lassen. Wenn das Tool mit der Analyse fertig ist bitte einen Screenshot davon machen und hier posten.

Dann sehen wir genau was abgeht in Sachen Speicherplatz, ich tippe auf SWH. :)

Avira ist bekannt für Fehlalarme.

Sundancer09 22.06.2015 17:23
Liste der Anhänge anzeigen (Anzahl: 1)
Anhang 74682

schrauber 23.06.2015 09:34
Order Windows und Program Files mit dem Pluszeichen aufklappen, bis man den tiefsten Punkt sieht der Speicher frisst, dann nochmal nen Screenshot bitte.

Sundancer09 23.06.2015 15:35
Liste der Anhänge anzeigen (Anzahl: 2)
Hier die beiden Screenshots! Danke!

Anhang 74704
Anhang 74705

schrauber 24.06.2015 07:11
Der Ordner Programme ist ja selbsterklärend ne? :)

Der winsxs ordner ist ein wenig groß, den zu verkleinern ist aber auch ein marathon, es gibt im netz 1000 Lösungen, nie kann man sagen welche klappt. Einfach mal googlen und probieren.

Sundancer09 24.06.2015 15:36
Okay, also für mich als Laien lese ich heraus, dass ich halt viele Programme drauf habe und der Ordner daher recht viel Platz benötigt. Die winsys ist ein wenig groß, dass ist ungewöhnlich und deutet auf eine Schadsoftware hin!? Würde einfach gerne wissen, ob ich den PC neu aufsetzen muss. Avira hat mir zumindest bis heute keine Fehlermeldung oder Trojaner-Meldung mehr gebracht..... ist mein System jetzt sauber?

Gruß und danke

schrauber 25.06.2015 09:05
Der Programme Ordner ist so voll wegen den Games. Der winsxs Ordner wird manchmal groß, ist aber keine Malware, sondern ein Windows-Problem. Neuaufsetzen braucht man da nicht, man braucht nur Geduld um die zig Lösungsvorschläge im Netz durch zu ackern, um winsxs wieder zu verkleinern.

Sundancer09 11.08.2015 10:54
Schon wieder...!!!
 
Liste der Anhänge anzeigen (Anzahl: 1)
Hilfe, ich bin es schon wieder....jetzt war mit diesen TR/Patched.Ren.Gen2 Geschichten wochenlang Ruhe und vor 2 Tagen meldete Avira zwei Funde und seit heute im Minutentakt. Als ich den Rechner vom Internet genommen und neu gestartet habe kam keine Meldung, doch dann erneut, obwohl ich nicht im Netz war. Die Temp-Datei ist bei jeder Meldung eine andere (also hinten immer eine andere Zahlenkombination!), Wenn ich diese mit Bitdefender schreddere oder mit der von Avira angebotenen Option "Datei entfernen", dann kommt kurz darauf wieder eine neue Temp-Datei und Avira meldet wieder einen Fund....so geht das wie gesagt im Minutentakt. Habe eben nochmal Bitdefender Systemscan und Malwarebytes laufen lassen. Beide melden keine Probleme, nur Avira überschlägt sich...
Ich habe mal ein paar Beispiel-Screenshots angehängt.

Zur Absicherung meines PC nutze ich neben der gekauften Version von Bitdefener Total Security 2015, das immer up to date ist, den Avira Virenscanner, Malwarebytes und den AdwareCleaner. Außerdem nutze ich nach jedem Internetgang den CCleaner und surfe mit der Sandboxie. Betriebssystem Win8.

Bitte helft mir mit dem Käse. Bin drauf und dran das System formatieren zu lassen und neu aufzusetzen. :schrei:

Eine der Dateien habe ich bei VirusTotal gescannt. 3/55 faden sie als Virus (siehe Screenshot). Seltsamerweise habe ich die selbe Datei auch einzeln mit Avira gescannt und sie wurde als "sauber" angesehen. Trotzdem, ich traue gerade überhaupt nicht mehr...

Danke und Gruß

Anhang 75478Anhang 75477Anhang 75479


Alle Zeitangaben in WEZ +1. Es ist jetzt 08:25 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131