Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
BKA Trojaner 1.13 auf Win7 Home 32Bit

BKA Trojaner 1.13 auf Win7 Home 32Bit


Log-Analyse und Auswertung: BKA Trojaner 1.13 auf Win7 Home 32Bit

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 16.08.2012, 12:19   #1
istruzioni
 
BKA Trojaner 1.13 auf Win7 Home 32Bit - Standard

BKA Trojaner 1.13 auf Win7 Home 32Bit


Hallo,

ein Bekannter hat sich den 1.13er eingefangen. Das System ist ein Win7 Home 32 Bit.

Ich habe wie vorgeschlagen das System im abgesicherten Modus gestartet
1) Defogger ausgeführt -> keine Probleme beim deaktivieren
2) OTL, musste manuell scannen da der Befall mehr als 30 Tage her ist und der Quickscan immer nur 30 Tage macht.
3) Gmer

Protokolle sind anbei, vielen Dank für eure Hilfe!!

Zitat:
OTL logfile created on: 8/16/2012 12:16:10 PM - Run 2
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\Samsung R730\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2.97 Gb Total Physical Memory | 2.44 Gb Available Physical Memory | 82.30% Memory free
5.93 Gb Paging File | 5.53 Gb Available in Paging File | 93.28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 141.49 Gb Total Space | 65.99 Gb Free Space | 46.64% Space Free | Partition Type: NTFS
Drive D: | 141.50 Gb Total Space | 55.68 Gb Free Space | 39.35% Space Free | Partition Type: NTFS
Drive F: | 479.73 Mb Total Space | 478.81 Mb Free Space | 99.81% Space Free | Partition Type: FAT

Computer Name: SAMSUNGR730-PC | User Name: Samsung R730 | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 90 Days

========== Processes (SafeList) ==========

PRC - [2012/08/16 10:18:46 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Samsung R730\Desktop\OTL.exe
PRC - [2011/08/12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2010/02/25 18:16:22 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\rarext.dll


========== Win32 Services (SafeList) ==========

SRV - [2012/05/10 14:10:42 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/05/10 14:10:41 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/05/08 13:21:24 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/10/21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/08/12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2009/08/13 22:58:10 | 000,044,312 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe -- (OberonGameConsoleService)
SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2009/03/31 09:39:36 | 000,233,472 | ---- | M] (Teruten) [Auto | Stopped] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2008/05/15 09:29:18 | 000,087,288 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2008/04/07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [Disabled | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)


========== Driver Services (SafeList) ==========

DRV - [2012/05/10 14:10:42 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012/05/10 14:10:42 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/09/30 14:22:32 | 000,279,712 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2011/09/30 12:50:28 | 000,025,888 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2011/09/16 16:08:07 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011/07/22 18:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2011/07/12 23:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/06/10 10:59:13 | 000,065,856 | ---- | M] (WinMount International Inc) [File_System | System | Stopped] -- C:\Windows\System32\drivers\WMDrive.sys -- (WMDrive)
DRV - [2010/11/20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/03/05 01:57:44 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2009/11/09 05:21:18 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Stopped] -- C:\windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009/11/06 22:53:58 | 001,227,776 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/11/06 06:07:10 | 009,923,624 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/10/08 16:55:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/09/28 11:22:00 | 000,315,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/06/27 16:55:12 | 000,066,080 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2009/03/31 09:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2008/02/25 11:59:12 | 000,101,504 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2096149

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F2 DC BA 4D 76 B6 CA 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF}: "URL" = hxxp://vshare.toolbarhome.com/search.aspx?q={searchTerms}&srch=dsp
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ADSA_deDE453
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{82E4F743-44AC-4E77-921F-F77482292EA4}: "URL" = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = hxxp://www.daemon-search.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2096149
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\Samsung R730\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1002170-0-npoctoshape.dll (Octoshape ApS)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Samsung R730\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/01/19 18:06:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/01/19 18:06:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/19 18:06:18 | 000,000,000 | ---D | M]

[2010/03/07 18:56:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Samsung R730\AppData\Roaming\mozilla\Extensions
[2010/03/07 18:56:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Samsung R730\AppData\Roaming\mozilla\Firefox\Profiles\a2o79jrq.default\extensions
[2012/01/04 15:06:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2011/05/12 12:14:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
[2011/06/16 00:21:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

========== Chrome ==========

CHR - homepage: hxxp://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\google\chrome\application\12.0.742.100\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Chrome NaCl (Disabled) = C:\Program Files\google\chrome\application\12.0.742.100\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\google\chrome\application\12.0.742.100\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Octoshape Streaming Services (Enabled) = C:\Users\Samsung R730\AppData\Roaming\Mozilla\plugins\npoctoshape.dll
CHR - plugin: Octoshape Streaming Services (Enabled) = C:\Users\Samsung R730\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1002170-0-npoctoshape.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files\Veetle\Player\npvlc.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files\Veetle\plugins\npVeetle.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

Hosts file not found
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent File not found
O4 - HKCU..\Run: [EPSON SX210 Series] C:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIFDE.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Samsung R730\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [zcqrjtvzpzeqgti] C:\ProgramData\zcqrjtvz.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe File not found
O9 - Extra Button: WPT Poker - {D85B4BE2-07C3-422f-ADE9-B1A2C7D25224} - C:\Users\Samsung R730\Desktop\WPT Poker.lnk ()
O9 - Extra 'Tools' menuitem : WPT Poker - {D85B4BE2-07C3-422f-ADE9-B1A2C7D25224} - C:\Users\Samsung R730\Desktop\WPT Poker.lnk ()
O9 - Extra Button: WPT Casino - {FA90ADE0-62BF-477b-96CF-BBFB5DB0D142} - C:\Users\Samsung R730\Desktop\WPT Casino.lnk ()
O9 - Extra 'Tools' menuitem : WPT Casino - {FA90ADE0-62BF-477b-96CF-BBFB5DB0D142} - C:\Users\Samsung R730\Desktop\WPT Casino.lnk ()
O13 - gopher Prefix: missing
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {2FD395CB-BD93-4BA9-AA4B-D725754E20D1} hxxp://player.portalarium.com/installers/win32/PortalariumPlayer.cab (Portalarium Player Web Plugin)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C8122B64-2378-4BCC-9B6A-731DF44F3264}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files\vShare\vshare_toolbar.dll ()
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{3e8926bc-05fa-11e1-99b3-002454420aa4}\Shell - "" = AutoRun
O33 - MountPoints2\{3e8926bc-05fa-11e1-99b3-002454420aa4}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{3e8926be-05fa-11e1-99b3-002454420aa4}\Shell - "" = AutoRun
O33 - MountPoints2\{3e8926be-05fa-11e1-99b3-002454420aa4}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{9530c165-9b0c-11e0-8d3f-002454420aa4}\Shell - "" = AutoRun
O33 - MountPoints2\{9530c165-9b0c-11e0-8d3f-002454420aa4}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{a9e7c0fa-fc79-11df-98ed-002454420aa4}\Shell - "" = AutoRun
O33 - MountPoints2\{a9e7c0fa-fc79-11df-98ed-002454420aa4}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{a9e7c0fc-fc79-11df-98ed-002454420aa4}\Shell - "" = AutoRun
O33 - MountPoints2\{a9e7c0fc-fc79-11df-98ed-002454420aa4}\Shell\AutoRun\command - "" = J:\AutoRun.exe
O33 - MountPoints2\{d2fc0647-7c1b-11e0-b536-002454420aa4}\Shell - "" = AutoRun
O33 - MountPoints2\{d2fc0647-7c1b-11e0-b536-002454420aa4}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{d2fc0649-7c1b-11e0-b536-002454420aa4}\Shell - "" = AutoRun
O33 - MountPoints2\{d2fc0649-7c1b-11e0-b536-002454420aa4}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{d58a30a3-bce9-11e0-b198-002454420aa4}\Shell - "" = AutoRun
O33 - MountPoints2\{d58a30a3-bce9-11e0-b198-002454420aa4}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{d58a30a5-bce9-11e0-b198-002454420aa4}\Shell - "" = AutoRun
O33 - MountPoints2\{d58a30a5-bce9-11e0-b198-002454420aa4}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{d58a30a7-bce9-11e0-b198-002454420aa4}\Shell - "" = AutoRun
O33 - MountPoints2\{d58a30a7-bce9-11e0-b198-002454420aa4}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{db644031-2229-11df-8ce9-002454420aa4}\Shell - "" = AutoRun
O33 - MountPoints2\{db644031-2229-11df-8ce9-002454420aa4}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{db644037-2229-11df-8ce9-002454420aa4}\Shell - "" = AutoRun
O33 - MountPoints2\{db644037-2229-11df-8ce9-002454420aa4}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{ed517d3e-27e9-11df-b7f6-002454420aa4}\Shell - "" = AutoRun
O33 - MountPoints2\{ed517d3e-27e9-11df-b7f6-002454420aa4}\Shell\AutoRun\command - "" = G:\autorun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 90 Days ==========

[2012/08/16 11:48:50 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\Samsung R730\Desktop\OTL.exe
[2012/06/13 11:38:56 | 000,000,000 | ---D | C] -- C:\ProgramData\kjmdtbeeouxxqui

========== Files - Modified Within 90 Days ==========

[2012/08/16 11:49:45 | 000,000,176 | ---- | M] () -- C:\Users\Samsung R730\defogger_reenable
[2012/08/16 11:08:17 | 000,065,536 | ---- | M] () -- C:\windows\System32\Ikeext.etl
[2012/08/16 11:08:12 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/08/16 11:07:28 | 2388,086,784 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/16 10:30:58 | 000,653,928 | ---- | M] () -- C:\windows\System32\perfh007.dat
[2012/08/16 10:30:58 | 000,615,810 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2012/08/16 10:30:58 | 000,129,800 | ---- | M] () -- C:\windows\System32\perfc007.dat
[2012/08/16 10:30:58 | 000,106,190 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2012/08/16 10:27:48 | 000,050,477 | ---- | M] () -- C:\Users\Samsung R730\Desktop\Defogger.exe
[2012/08/16 10:26:54 | 000,302,592 | ---- | M] () -- C:\Users\Samsung R730\Desktop\ngfy9vzj.exe
[2012/08/16 10:18:46 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Samsung R730\Desktop\OTL.exe
[2012/08/16 10:17:58 | 000,014,512 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/16 10:17:58 | 000,014,512 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/16 10:13:01 | 000,001,098 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/16 10:13:00 | 000,002,290 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/08/16 10:12:01 | 000,001,166 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1072828290-3828818215-1948454868-1000UA.job
[2012/08/16 10:12:01 | 000,001,144 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1072828290-3828818215-1948454868-1000Core.job
[2012/08/16 10:12:00 | 000,001,094 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/07 13:24:09 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012/06/13 11:39:53 | 000,000,052 | ---- | M] () -- C:\ProgramData\qzmkqbbvwejgcew
[2012/06/13 11:38:52 | 000,053,248 | ---- | M] () -- C:\ProgramData\zcqrjtvz.exe
[2012/06/13 11:38:52 | 000,053,248 | ---- | M] () -- C:\ProgramData\swvmgsuh.exe
[2012/06/13 11:38:52 | 000,053,248 | ---- | M] () -- C:\Users\Samsung R730\ms.exe
[2012/06/13 11:38:52 | 000,053,248 | ---- | M] () -- C:\ProgramData\cnaaposi.exe
[2012/06/13 09:23:10 | 000,350,288 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2012/05/18 13:41:53 | 000,166,400 | --S- | M] () -- C:\ProgramData\jmquihsd124.dat

========== Files Created - No Company Name ==========

[2012/08/16 11:49:27 | 000,000,176 | ---- | C] () -- C:\Users\Samsung R730\defogger_reenable
[2012/08/16 11:48:50 | 000,302,592 | ---- | C] () -- C:\Users\Samsung R730\Desktop\ngfy9vzj.exe
[2012/08/16 11:48:50 | 000,050,477 | ---- | C] () -- C:\Users\Samsung R730\Desktop\Defogger.exe
[2012/06/13 11:39:53 | 000,053,248 | ---- | C] () -- C:\ProgramData\zcqrjtvz.exe
[2012/06/13 11:39:53 | 000,053,248 | ---- | C] () -- C:\ProgramData\cnaaposi.exe
[2012/06/13 11:38:53 | 000,053,248 | ---- | C] () -- C:\ProgramData\swvmgsuh.exe
[2012/06/13 11:38:53 | 000,000,052 | ---- | C] () -- C:\ProgramData\qzmkqbbvwejgcew
[2012/06/13 11:38:51 | 000,053,248 | ---- | C] () -- C:\Users\Samsung R730\ms.exe
[2012/05/18 13:41:51 | 000,166,400 | --S- | C] () -- C:\ProgramData\jmquihsd124.dat
[2011/12/26 14:16:10 | 000,012,096 | -HS- | C] () -- C:\Users\Samsung R730\AppData\Local\e0ec0vo35i4mf038dugmi02h2j6r0387o0ua3v3g7
[2011/12/26 14:16:10 | 000,012,096 | -HS- | C] () -- C:\ProgramData\e0ec0vo35i4mf038dugmi02h2j6r0387o0ua3v3g7
[2011/09/30 12:50:28 | 000,279,712 | ---- | C] () -- C:\windows\System32\drivers\atksgt.sys
[2011/09/30 12:50:28 | 000,025,888 | ---- | C] () -- C:\windows\System32\drivers\lirsgt.sys
[2011/08/21 21:50:04 | 000,010,752 | ---- | C] () -- C:\Users\Samsung R730\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/12 11:45:27 | 000,175,616 | ---- | C] () -- C:\windows\System32\unrar.dll
[2010/06/06 16:16:48 | 000,001,662 | ---- | C] () -- C:\Users\Samsung R730\AppData\Roaming\wklnhst.dat
[2010/02/17 20:13:05 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe

========== Alternate Data Streams ==========

@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:ABE89FFE
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:E1F04E8D
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:A42A9F39
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:91EA783C

< End of report >

 

Themen zu BKA Trojaner 1.13 auf Win7 Home 32Bit
2.0.7, adobe, antivir, autorun, avira, bho, bingbar, defender, error, explorer, firefox, flash player, format, google earth, helper, home, homepage, langs, limited.com/facebook, logfile, nvidia, opera, plug-in, poweriso, registry, scan, senden, software, system, trojaner, windows


« Facebook-Trojaner: ZeroAccess (C:\\Windows\assembly\GAC_64\Desktop.ini) | Trojaner info@online-cyber-police.com »


Ähnliche Themen: BKA Trojaner 1.13 auf Win7 Home 32Bit


  1. Bluescreen während Windows-Leistungsindex Win7 32Bit Home Premium
    Alles rund um Windows - 16.02.2015 (2)
  2. Win7 32Bit Home Premium - Windows Befehlsprozessor will ...\Shuka\PackerV2.exe starten
    Plagegeister aller Art und deren Bekämpfung - 31.01.2015 (21)
  3. Windows 7 32bit Home, schwarzer Bildschim auch im abgesicherten Modus
    Log-Analyse und Auswertung - 15.12.2013 (9)
  4. Win7-32bit: (GVU?) Trojaner inkl. Foto via WebCam
    Plagegeister aller Art und deren Bekämpfung - 16.10.2013 (7)
  5. BKA/GVU Trojaner Win7 32bit
    Plagegeister aller Art und deren Bekämpfung - 18.06.2013 (21)
  6. GVU-Trojaner Win7 32Bit (Abgesicherter Modus geht nicht)
    Plagegeister aller Art und deren Bekämpfung - 17.06.2013 (49)
  7. [Win7 Home 64bit] GVU Trojaner eingefangen und entfernt?
    Plagegeister aller Art und deren Bekämpfung - 12.05.2013 (27)
  8. [Win7]32Bit Bka-Trojaner 1.13
    Plagegeister aller Art und deren Bekämpfung - 18.10.2012 (2)
  9. Win7 32bit GVU Trojaner
    Plagegeister aller Art und deren Bekämpfung - 17.10.2012 (3)
  10. BKA / Ucash-Trojaner, Win7 Home, Laptop
    Log-Analyse und Auswertung - 25.09.2012 (20)
  11. GVU-Trojaner Win7 64Bit Home Premium
    Log-Analyse und Auswertung - 19.09.2012 (13)
  12. GVU Trojaner auf Win7 32bit
    Log-Analyse und Auswertung - 11.09.2012 (7)
  13. Befall mit BKA Trojaner, Win7 32bit
    Log-Analyse und Auswertung - 10.08.2012 (12)
  14. Win7 home pre 64bit mit gvu trojaner mit webcam
    Log-Analyse und Auswertung - 31.07.2012 (4)
  15. #GEMA-Virus 100€ zahlen // Windows7 Home 32bit
    Plagegeister aller Art und deren Bekämpfung - 05.04.2012 (14)
  16. Windows 7 home 32bit auf 64 bit upgraden?
    Alles rund um Windows - 18.11.2010 (4)
  17. Probleme mit neuer Grafikkarte unter Vista Home Basic 32bit
    Alles rund um Windows - 11.01.2010 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema BKA Trojaner 1.13 auf Win7 Home 32Bit - Hallo, ein Bekannter hat sich den 1.13er eingefangen. Das System ist ein Win7 Home 32 Bit. Ich habe wie vorgeschlagen das System im abgesicherten Modus gestartet 1) Defogger ausgeführt -> - BKA Trojaner 1.13 auf Win7 Home 32Bit...
Archiv
Du betrachtest: BKA Trojaner 1.13 auf Win7 Home 32Bit auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19