Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Trojan-Downloader.Win32.Piker.cws Was tun?

Trojan-Downloader.Win32.Piker.cws Was tun?


Log-Analyse und Auswertung: Trojan-Downloader.Win32.Piker.cws Was tun?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 24.11.2010, 21:18   #1
sbk2010
Gast
 
Trojan-Downloader.Win32.Piker.cws Was tun? - Standard

Trojan-Downloader.Win32.Piker.cws Was tun?


Trojan-Downloader.Win32.Piker.cws

Das ist mein Problem
Ich habe HijackThis ausgeführt und folgenden Log bekommen

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:04:49, on 24.11.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\TeamSpeak 3 Client\ts3client_win32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtblfs.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\*******\Downloads\HiJackThis204.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
O9 - Extra button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe

--
End of file - 4989 bytes


Das Anti Viren Programm von mir (Kaspersky) zeigt mir folgende Meldug jedes mal. (siehe Anhang)

Habe das Problemunter Windows Vista gehabt (seit ca. 2-3 Tagen) und habe heute Windows 7 Installiert und C:/ Formatiert und hab gedacht dann wird auch der Trojaner weg sein aber der ist immernoch da . Was kann ich tun ??

Danke

MfG sbk
Angehängte Grafiken
Dateityp: png Unbenannt.png (10,5 KB, 130x aufgerufen)

Alt 24.11.2010, 22:09   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojan-Downloader.Win32.Piker.cws Was tun? - Standard

Trojan-Downloader.Win32.Piker.cws Was tun?


Hallo und

Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

Danach OTL:

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________

__________________
Alt 25.11.2010, 03:54   #3
sbk2010
Gast
 
Trojan-Downloader.Win32.Piker.cws Was tun? - Standard

Trojan-Downloader.Win32.Piker.cws Was tun?


Hier ist der Log vom Malwarebytes

Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Datenbank Version: 5184

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

25.11.2010 03:38:25
mbam-log-2010-11-25 (03-38-25).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|)
Durchsuchte Objekte: 433100
Laufzeit: 3 Stunde(n), 1 Minute(n), 0 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 1
Infizierte Dateien: 10

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
C:\akhdfiusdf.exe (Trojan.SpyEyes) -> No action taken.

Infizierte Dateien:
C:\Casino\Joyland Casino\_SetupCasino_ef42e7_de.exe (Adware.Casino) -> No action taken.
C:\Windows.old\Users\alijew\AppData\Roaming\Microsoft\Windows\Templates\memory.tmp (Spyware.Passwords.XGen) -> No action taken.
C:\Windows.old\Users\alijew\Desktop\TechSmith Camtasia Studio v7.0.1\Keymaker(ZWT)\keygen.exe (Backdoor.RBot) -> No action taken.
C:\Windows.old\Users\alijew\Desktop\Desktop1\TuneUp Utilities 2010 - v9.0.4400\KeyGen\keygen.exe (Trojan.Agent.CK) -> No action taken.
D:\Alte Downloads\GPsetup_710a.exe (Adware.Casino) -> No action taken.
D:\Alte Downloads\Photoshop_CS5_2010_Multilanguages_+KEY\PhotoshopCS5_german+key\keygen.exe (RiskWare.Tool.CK) -> No action taken.
D:\____SDX____\Games\Game-Fixid\Alte Spielesachen\Activision\Ultimate Spider-Man\asx-usm.exe (Malware.Packer.Gen) -> No action taken.
D:\____SDX____\Games\Game-Fixid\Alte Spielesachen\Activision\Ultimate Spider-Man\trainer.exe (Trojan.Downloader) -> No action taken.
E:\C&C 4\CNC4.exe (Hacktool.Gen) -> No action taken.
C:\akhdfiusdf.exe\config.bin (Trojan.SpyEyes) -> No action taken.



Und hier der von OTL:
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 25.11.2010 03:44:54 - Run 1
OTL by OldTimer - Version 3.2.17.3     Folder = C:\Users\Blizz\Desktop
 Enterprise Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 64,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 191,57 Gb Total Space | 55,38 Gb Free Space | 28,91% Space Free | Partition Type: NTFS
Drive D: | 298,08 Gb Total Space | 93,88 Gb Free Space | 31,50% Space Free | Partition Type: NTFS
Drive E: | 94,80 Gb Total Space | 68,87 Gb Free Space | 72,64% Space Free | Partition Type: NTFS
 
Computer Name: BLIZZ-PC | User Name: Blizz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2010.11.24 22:19:59 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Blizz\Desktop\OTL.exe
PRC - [2010.11.05 17:53:56 | 000,327,000 | ---- | M] (Enigma Software Group USA, LLC.) -- C:\Programme\Enigma Software Group\SpyHunter\SH4Service.exe
PRC - [2010.11.05 17:53:52 | 004,098,904 | ---- | M] (Enigma Software Group USA, LLC.) -- C:\Programme\Enigma Software Group\SpyHunter\SpyHunter4.exe
PRC - [2010.11.05 14:27:18 | 007,168,768 | ---- | M] (TeamSpeak Systems GmbH) -- C:\Programme\TeamSpeak 3 Client\ts3client_win32.exe
PRC - [2010.10.19 13:29:03 | 002,011,944 | ---- | M] (TeamViewer GmbH) -- C:\Programme\TeamViewer\Version5\TeamViewer_Service.exe
PRC - [2010.07.01 21:34:46 | 000,129,720 | ---- | M] (Kaspersky Lab ZAO) -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\klwtblfs.exe
PRC - [2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.08.18 02:36:36 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009.08.18 02:36:08 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009.07.14 02:17:29 | 000,673,048 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\iexplore.exe
PRC - [2009.07.14 02:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2009.07.14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.07.14 02:14:38 | 001,173,504 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2009.07.14 02:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sppsvc.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2010.11.24 22:19:59 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Blizz\Desktop\OTL.exe
MOD - [2009.07.14 02:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009.07.14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009.07.14 02:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009.07.14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009.07.14 02:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009.07.14 02:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009.07.14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009.07.14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009.07.14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009.07.14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
MOD - [2009.07.14 02:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2010.11.24 17:49:50 | 000,352,976 | ---- | M] (Kaspersky Lab ZAO) [Auto | Stopped] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe -- (AVP)
SRV - [2010.11.05 17:53:56 | 000,327,000 | ---- | M] (Enigma Software Group USA, LLC.) [Auto | Running] -- C:\Programme\Enigma Software Group\SpyHunter\SH4Service.exe -- (SpyHunter 4 Service)
SRV - [2010.10.19 13:29:03 | 002,011,944 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Programme\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.08.18 02:36:08 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009.07.14 02:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009.07.14 02:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009.07.14 02:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009.07.14 02:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009.07.14 02:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009.07.14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 02:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009.07.14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009.07.14 02:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009.07.14 02:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.14 02:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009.07.14 02:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009.07.14 02:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009.07.14 02:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009.07.14 02:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009.07.14 02:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX-Installer (AxInstSV)
SRV - [2009.07.14 02:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009.07.14 02:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2010.11.24 17:49:50 | 000,488,024 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2010.11.24 17:24:46 | 000,231,248 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\System32\drivers\truecrypt.sys -- (truecrypt)
DRV - [2010.06.09 17:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl2.sys -- (kl2)
DRV - [2010.06.09 17:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\kl1.sys -- (KL1)
DRV - [2010.04.22 19:07:34 | 000,022,104 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2010.01.27 17:10:44 | 000,005,248 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Programme\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV - [2009.12.11 08:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009.11.02 20:27:16 | 000,019,984 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009.08.18 03:48:06 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009.07.14 02:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009.07.14 02:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009.07.14 02:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009.07.14 02:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009.07.14 02:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009.07.14 02:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009.07.14 02:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009.07.14 02:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009.07.14 02:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009.07.14 02:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009.07.14 02:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009.07.14 02:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009.07.14 02:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009.07.14 02:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009.07.14 02:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009.07.14 02:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009.07.14 02:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009.07.14 02:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009.07.14 02:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009.07.14 02:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009.07.14 02:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009.07.14 02:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009.07.14 02:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009.07.14 02:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009.07.14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009.07.14 02:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009.07.14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 02:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009.07.14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.14 02:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009.07.14 02:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009.07.14 02:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009.07.14 02:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009.07.14 02:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009.07.14 02:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009.07.14 02:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009.07.14 02:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009.07.14 02:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009.07.14 01:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC-Seriellschnittstellentreiber (WDM)
DRV - [2009.07.14 01:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus)
DRV - [2009.07.14 01:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009.07.14 00:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009.07.14 00:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009.07.14 00:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009.07.14 00:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009.07.14 00:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\1394ohci.sys -- (1394ohci)
DRV - [2009.07.14 00:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009.07.14 00:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009.07.14 00:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009.07.14 00:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009.07.14 00:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009.07.14 00:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009.07.14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009.07.14 00:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009.07.14 00:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009.07.14 00:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)
DRV - [2009.07.13 23:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.13 23:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm) Brother MFC-nur-Fax-Modem (USB)
DRV - [2009.07.13 23:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer) Brother MFC-WDM-Treiber (USB,seriell)
DRV - [2009.07.13 23:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm) Brother WDM-Treiber (seriell)
DRV - [2009.07.13 23:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009.07.13 23:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009.07.13 23:13:45 | 001,068,032 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2009.07.13 23:02:52 | 000,139,776 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rt86win7.sys -- (RTL8167)
DRV - [2009.07.13 23:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel(R)
DRV - [2009.07.13 23:02:50 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2009.07.13 23:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009.07.13 23:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009.07.13 23:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
DRV - [2007.06.13 22:47:12 | 000,048,256 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\jraid.sys -- (JRAID)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 64 D1 8C E7 EE 8B CB 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\THBExt [2010.11.24 17:15:21 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\mzvkbd3.dll (Kaspersky Lab ZAO)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2011\kloehk.dll (Kaspersky Lab ZAO)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009.05.03 14:38:57 | 000,000,000 | RHS- | M] () - E:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.11.24 22:38:47 | 000,000,000 | ---D | C] -- C:\Users\Blizz\AppData\Roaming\Malwarebytes
[2010.11.24 22:38:27 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.11.24 22:38:25 | 000,020,824 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.11.24 22:38:25 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.11.24 22:38:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.11.24 22:34:06 | 016,409,960 | ---- | C] (Safer Networking Limited                                    ) -- C:\Users\Blizz\Desktop\spybotsd162.exe
[2010.11.24 22:29:00 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2010.11.24 22:29:00 | 000,000,000 | ---D | C] -- C:\Programme\Enigma Software Group
[2010.11.24 22:28:56 | 005,918,720 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Blizz\Desktop\mbam-setup-1.45.exe
[2010.11.24 22:28:18 | 000,000,000 | ---D | C] -- C:\Windows\3636C9237AD64DE3978A09609AEE8ECF.TMP
[2010.11.24 22:28:13 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Wise Installation Wizard
[2010.11.24 22:26:33 | 000,668,056 | ---- | C] (Enigma Software Group USA, LLC.) -- C:\Users\Blizz\Desktop\SpyHunter-Installer.exe
[2010.11.24 22:19:57 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Blizz\Desktop\OTL.exe
[2010.11.24 20:17:30 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010.11.24 19:24:11 | 000,000,000 | ---D | C] -- C:\Users\Blizz\AppData\Roaming\Macromedia
[2010.11.24 19:24:00 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2010.11.24 18:54:04 | 000,000,000 | ---D | C] -- C:\Users\Blizz\AppData\Roaming\TeamViewer
[2010.11.24 18:53:56 | 000,000,000 | ---D | C] -- C:\Programme\TeamViewer
[2010.11.24 17:43:22 | 000,000,000 | ---D | C] -- C:\Users\Blizz\AppData\Roaming\.minecraft
[2010.11.24 17:38:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010.11.24 17:38:32 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Java
[2010.11.24 17:38:16 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010.11.24 17:38:16 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.11.24 17:38:16 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.11.24 17:38:16 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.11.24 17:38:05 | 000,000,000 | ---D | C] -- C:\Programme\Java
[2010.11.24 17:29:11 | 000,000,000 | ---D | C] -- C:\Users\Blizz\AppData\Roaming\TrueCrypt
[2010.11.24 17:28:00 | 000,000,000 | ---D | C] -- C:\Users\Blizz\AppData\Roaming\WinRAR
[2010.11.24 17:27:50 | 000,000,000 | ---D | C] -- C:\Programme\WinRAR
[2010.11.24 17:24:46 | 000,231,248 | ---- | C] (TrueCrypt Foundation) -- C:\Windows\System32\drivers\truecrypt.sys
[2010.11.24 17:24:37 | 000,000,000 | ---D | C] -- C:\Programme\TrueCrypt
[2010.11.24 17:23:03 | 000,000,000 | ---D | C] -- C:\Users\Blizz\AppData\Roaming\Adobe
[2010.11.24 17:23:03 | 000,000,000 | ---D | C] -- C:\Users\Blizz\AppData\Local\Adobe
[2010.11.24 17:15:10 | 000,000,000 | ---D | C] -- C:\Programme\Kaspersky Lab
[2010.11.24 17:15:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010.11.24 17:15:03 | 000,488,024 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2010.11.24 17:07:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2010.11.24 17:02:54 | 000,000,000 | ---D | C] -- C:\Users\Blizz\AppData\Roaming\TS3Client
[2010.11.24 17:01:57 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Adobe
[2010.11.24 17:01:57 | 000,000,000 | ---D | C] -- C:\Programme\Adobe
[2010.11.24 17:01:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010.11.24 17:01:26 | 000,000,000 | ---D | C] -- C:\Programme\TeamSpeak 3 Client
[2010.11.24 16:52:12 | 000,000,000 | ---D | C] -- C:\Users\Blizz\AppData\Roaming\skypePM
[2010.11.24 16:51:14 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Skype
[2010.11.24 16:51:13 | 000,000,000 | R--D | C] -- C:\Programme\Skype
[2010.11.24 16:51:13 | 000,000,000 | ---D | C] -- C:\Users\Blizz\AppData\Roaming\Skype
[2010.11.24 16:51:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010.11.24 16:45:31 | 000,000,000 | ---D | C] -- C:\Users\Blizz\AppData\Local\Diagnostics
[2010.11.24 16:39:57 | 000,000,000 | R--D | C] -- C:\Users\Blizz\Searches
[2010.11.24 16:39:40 | 000,000,000 | ---D | C] -- C:\Users\Blizz\AppData\Roaming\Identities
[2010.11.24 16:39:33 | 000,000,000 | R--D | C] -- C:\Users\Blizz\Contacts
[2010.11.24 16:39:11 | 000,000,000 | ---D | C] -- C:\Users\Blizz\AppData\Local\VirtualStore
[2010.11.24 16:39:08 | 000,000,000 | -HSD | C] -- C:\Users\Blizz\Vorlagen
[2010.11.24 16:39:08 | 000,000,000 | -HSD | C] -- C:\Users\Blizz\AppData\Local\Verlauf
[2010.11.24 16:39:08 | 000,000,000 | -HSD | C] -- C:\Users\Blizz\AppData\Local\Temporary Internet Files
[2010.11.24 16:39:08 | 000,000,000 | -HSD | C] -- C:\Users\Blizz\Startmenü
[2010.11.24 16:39:08 | 000,000,000 | -HSD | C] -- C:\Users\Blizz\SendTo
[2010.11.24 16:39:08 | 000,000,000 | -HSD | C] -- C:\Users\Blizz\Recent
[2010.11.24 16:39:08 | 000,000,000 | -HSD | C] -- C:\Users\Blizz\Netzwerkumgebung
[2010.11.24 16:39:08 | 000,000,000 | -HSD | C] -- C:\Users\Blizz\Lokale Einstellungen
[2010.11.24 16:39:08 | 000,000,000 | -HSD | C] -- C:\Users\Blizz\Documents\Eigene Videos
[2010.11.24 16:39:08 | 000,000,000 | -HSD | C] -- C:\Users\Blizz\Documents\Eigene Musik
[2010.11.24 16:39:08 | 000,000,000 | -HSD | C] -- C:\Users\Blizz\Eigene Dateien
[2010.11.24 16:39:08 | 000,000,000 | -HSD | C] -- C:\Users\Blizz\Documents\Eigene Bilder
[2010.11.24 16:39:08 | 000,000,000 | -HSD | C] -- C:\Users\Blizz\Druckumgebung
[2010.11.24 16:39:08 | 000,000,000 | -HSD | C] -- C:\Users\Blizz\Cookies
[2010.11.24 16:39:08 | 000,000,000 | -HSD | C] -- C:\Users\Blizz\AppData\Local\Anwendungsdaten
[2010.11.24 16:39:08 | 000,000,000 | -HSD | C] -- C:\Users\Blizz\Anwendungsdaten
[2010.11.24 16:39:07 | 000,000,000 | --SD | C] -- C:\Users\Blizz\AppData\Roaming\Microsoft
[2010.11.24 16:39:07 | 000,000,000 | R--D | C] -- C:\Users\Blizz\Videos
[2010.11.24 16:39:07 | 000,000,000 | R--D | C] -- C:\Users\Blizz\Saved Games
[2010.11.24 16:39:07 | 000,000,000 | R--D | C] -- C:\Users\Blizz\Pictures
[2010.11.24 16:39:07 | 000,000,000 | R--D | C] -- C:\Users\Blizz\Music
[2010.11.24 16:39:07 | 000,000,000 | R--D | C] -- C:\Users\Blizz\Links
[2010.11.24 16:39:07 | 000,000,000 | R--D | C] -- C:\Users\Blizz\Favorites
[2010.11.24 16:39:07 | 000,000,000 | R--D | C] -- C:\Users\Blizz\Downloads
[2010.11.24 16:39:07 | 000,000,000 | R--D | C] -- C:\Users\Blizz\Documents
[2010.11.24 16:39:07 | 000,000,000 | R--D | C] -- C:\Users\Blizz\Desktop
[2010.11.24 16:39:07 | 000,000,000 | -H-D | C] -- C:\Users\Blizz\AppData
[2010.11.24 16:39:07 | 000,000,000 | ---D | C] -- C:\Users\Blizz\AppData\Local\Temp
[2010.11.24 16:39:07 | 000,000,000 | ---D | C] -- C:\Users\Blizz\AppData\Local\Microsoft
[2010.11.24 16:39:07 | 000,000,000 | ---D | C] -- C:\Users\Blizz\AppData\Roaming\Media Center Programs
[2010.11.24 16:38:47 | 000,000,000 | -HSD | C] -- C:\Recovery
[2010.11.24 16:38:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2010.11.24 16:38:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2010.11.24 16:38:46 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien
[2010.11.24 16:38:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2010.11.24 16:38:46 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2010.11.24 16:38:46 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2010.11.24 16:38:46 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2010.11.24 16:38:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2010.11.24 16:38:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop
[2010.11.24 16:38:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2010.11.24 16:34:57 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010.11.24 16:30:49 | 000,000,000 | ---D | C] -- C:\Windows\CSC
[2010.11.24 16:15:30 | 000,000,000 | ---D | C] -- C:\Windows.old.000
[2010.11.24 16:14:38 | 000,048,256 | ---- | C] (JMicron Technology Corp.) -- C:\Windows\System32\drivers\jraid.sys
[2010.11.24 15:15:48 | 000,000,000 | ---D | C] -- C:\Windows.old
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.11.25 02:20:04 | 000,009,984 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.11.25 02:20:04 | 000,009,984 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.11.25 01:13:21 | 000,069,022 | -HS- | M] () -- C:\Windows\KLIF.spi
[2010.11.24 23:49:07 | 018,437,972 | ---- | M] () -- C:\Users\Blizz\Desktop\SpyHunter.4.1.11.0.cracked-SND.rar
[2010.11.24 22:38:31 | 000,000,985 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.11.24 22:34:07 | 016,409,960 | ---- | M] (Safer Networking Limited                                    ) -- C:\Users\Blizz\Desktop\spybotsd162.exe
[2010.11.24 22:29:01 | 000,002,248 | ---- | M] () -- C:\Users\Blizz\Desktop\SpyHunter.lnk
[2010.11.24 22:28:56 | 005,918,720 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Blizz\Desktop\mbam-setup-1.45.exe
[2010.11.24 22:26:42 | 000,668,056 | ---- | M] (Enigma Software Group USA, LLC.) -- C:\Users\Blizz\Desktop\SpyHunter-Installer.exe
[2010.11.24 22:19:59 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Blizz\Desktop\OTL.exe
[2010.11.24 21:25:41 | 000,000,056 | -H-- | M] () -- C:\Windows\System32\ezsidmv.dat
[2010.11.24 20:22:03 | 000,654,166 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.11.24 20:22:03 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.11.24 20:22:03 | 000,130,006 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.11.24 20:22:03 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.11.24 20:17:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.11.24 20:17:15 | 2414,682,112 | -HS- | M] () -- C:\hiberfil.sys
[2010.11.24 18:35:23 | 000,265,640 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.11.24 17:56:14 | 000,002,505 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.11.24 17:49:50 | 000,488,024 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2010.11.24 17:49:47 | 000,115,465 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat
[2010.11.24 17:49:47 | 000,097,545 | ---- | M] () -- C:\Windows\System32\drivers\klick.dat
[2010.11.24 17:38:07 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010.11.24 17:38:07 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.11.24 17:38:07 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.11.24 17:38:07 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.11.24 17:24:46 | 000,231,248 | ---- | M] (TrueCrypt Foundation) -- C:\Windows\System32\drivers\truecrypt.sys
[2010.11.24 17:02:05 | 000,001,995 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2010.11.24 17:01:26 | 000,001,126 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2010.11.24 16:32:50 | 000,000,751 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010.11.24 16:32:12 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2010.11.24 16:28:53 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.11.24 23:49:07 | 018,437,972 | ---- | C] () -- C:\Users\Blizz\Desktop\SpyHunter.4.1.11.0.cracked-SND.rar
[2010.11.24 22:38:31 | 000,000,985 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.11.24 22:29:01 | 000,002,248 | ---- | C] () -- C:\Users\Blizz\Desktop\SpyHunter.lnk
[2010.11.24 21:25:41 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010.11.24 20:54:42 | 000,069,022 | -HS- | C] () -- C:\Windows\KLIF.spi
[2010.11.24 17:15:42 | 000,115,465 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2010.11.24 17:15:42 | 000,097,545 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2010.11.24 17:02:05 | 000,001,995 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2010.11.24 17:01:26 | 000,001,126 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2010.11.24 16:51:14 | 000,002,505 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.11.24 16:32:12 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll

< End of report >
--- --- ---
__________________
Alt 25.11.2010, 13:22   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojan-Downloader.Win32.Piker.cws Was tun? - Standard

Trojan-Downloader.Win32.Piker.cws Was tun?


Zitat:
C:\Windows.old\Users\alijew\Desktop\TechSmith Camtasia Studio v7.0.1\Keymaker(ZWT)\keygen.exe (Backdoor.RBot) -> No action taken.
C:\Windows.old\Users\alijew\Desktop\Desktop1\TuneUp Utilities 2010 - v9.0.4400\KeyGen\keygen.exe (Trojan.Agent.CK) -> No action taken.
E:\C&C 4\CNC4.exe (Hacktool.Gen) -> No action taken.
keygens/cracks sind einfach nur scheiße!

Die (Be)nutzung von Cracks, Serials und Keygens ist illegal, somit gibt es im Trojaner-Board keinen weiteren Support mehr.

Für Dich geht es hier weiter => Neuaufsetzen des Systems
Bitte auch alle Passwörter abändern (für E-Mail-Konten, StudiVZ, Ebay...einfach alles!) da nicht selten in dieser dubiosen Software auch Keylogger und Backdoorfunktionen stecken.

Danach nie wieder sowas anrühren!
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu Trojan-Downloader.Win32.Piker.cws Was tun?
acrobat, adobe, bho, button, explorer, hijack, hijackthis, internet, internet explorer, internet security 2011, kaspersky, log, micro, microsoft, plug-in, programm, security, software, system, system32, tastatur, teamspeak, trojaner, update, viren, vista, was tun, windows


« Notebook wird immer langsamer! Trojan.ZbotR.Gen gefunden! | Viren wie runDlll.exe, AvProtector.exe usw.Taskmanager startet nicht, Firewall nach neustart inaktiv »


Ähnliche Themen: Trojan-Downloader.Win32.Piker.cws Was tun?


  1. Desinfizierung durch Kaspersky nicht möglich: Trojan.Win32.Bromngr.k, HEUR:Trojan.Win32.Generic, Trojan-Downloader.Win32.MultiDL.I
    Plagegeister aller Art und deren Bekämpfung - 28.11.2013 (1)
  2. Windows7:Kapersky findet HEUR:Trojan.Win32.generic und Trojan.Downloader.Win32MultiDL (Arbeitspc!)
    Log-Analyse und Auswertung - 15.11.2013 (9)
  3. SDRA64.exe, Trojan-Downloader.Win32.Piker.ciq
    Plagegeister aller Art und deren Bekämpfung - 26.07.2010 (10)
  4. Trojan.Win32.Agent.delx ; Trojan-Downloader.Win32.Agent.bvst; HackTool.Win32.Kiser.fb
    Plagegeister aller Art und deren Bekämpfung - 05.01.2010 (3)
  5. virus 'TR/Dldr.Piker.IV' [trojan] in C:\WINDOWS\system32\nkqpursl.exe'
    Antiviren-, Firewall- und andere Schutzprogramme - 09.12.2009 (1)
  6. Trojan-Downloader.Win32.BHO.ape
    Mülltonne - 11.01.2009 (1)
  7. Win32.Trojan.Downloader
    Plagegeister aller Art und deren Bekämpfung - 03.12.2008 (0)
  8. Trojan.Win32.Agent.acra, Trojan-Downloader.JS.gen und noch ein paar weitere
    Log-Analyse und Auswertung - 09.09.2008 (3)
  9. Trojan-Downloader.Win32.Agent.vur
    Log-Analyse und Auswertung - 11.07.2008 (1)
  10. trojan-downloader.win32.zlob.lps
    Plagegeister aller Art und deren Bekämpfung - 10.05.2008 (1)
  11. Trojan-Downloader.Win32.Agent.jde
    Mülltonne - 16.03.2008 (0)
  12. win32.trojan.downloader
    Plagegeister aller Art und deren Bekämpfung - 22.03.2006 (3)
  13. Trojan-Downloader.Win32.Small.yh
    Plagegeister aller Art und deren Bekämpfung - 25.03.2005 (2)
  14. Trojan-Downloader.Win32.Keenval.j
    Plagegeister aller Art und deren Bekämpfung - 16.03.2005 (1)
  15. Trojan-Downloader.Win32.Swizzor.ca
    Plagegeister aller Art und deren Bekämpfung - 12.03.2005 (1)
  16. Trojan-Downloader.Win32.Dluca.gen
    Plagegeister aller Art und deren Bekämpfung - 12.03.2005 (2)
  17. HackTool.Win32.Hidd.c / TrojanSpy.Win32.Agent.w / Trojan-Downloader.Win32.Agent.fy
    Plagegeister aller Art und deren Bekämpfung - 21.12.2004 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Trojan-Downloader.Win32.Piker.cws Was tun? - Trojan-Downloader.Win32.Piker.cws Das ist mein Problem Ich habe HijackThis ausgeführt und folgenden Log bekommen Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:04:49, on 24.11.2010 Platform: Windows 7 (WinNT 6.00.3504) - Trojan-Downloader.Win32.Piker.cws Was tun?...
Archiv
Du betrachtest: Trojan-Downloader.Win32.Piker.cws Was tun? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130