Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
"Polizei" Trojaner sperrt den PC

"Polizei" Trojaner sperrt den PC


Log-Analyse und Auswertung: "Polizei" Trojaner sperrt den PC

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 16.09.2012, 13:44   #1
HiT-Killer
 
"Polizei" Trojaner sperrt den PC - Standard

"Polizei" Trojaner sperrt den PC


Guten Tag Zusammen.

Ich habe mir einen Trojaner eingefangen der sagt dass ich auf einer Illegale Seite war und mir so den ganzen PC sperrt. Da ganze sei von der Schweizer-Polizei und sie wollen 100Fr/€ oder 150Fr/€. Wie bringe ich den weg?

Malwarebytes Anti-Malware komplett Suchlauf Log:
Code:
ATTFilter
Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Datenbank Version: v2012.09.15.06

Windows 7 Service Pack 1 x86 NTFS (Abgesichertenmodus/Netzwerkfähig)
Internet Explorer 9.0.8112.16421
HiT-Killer :: HIT-KILLER2 [Administrator]

16.09.2012 00:38:21
mbam-log-2012-09-16 (00-38-21).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|F:\|H:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 570542
Laufzeit: 39 Minute(n), 51 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 3
C:\$Recycle.Bin\S-1-5-21-777867402-264725896-1325189075-1000\$RMAPTG1\skyrim\coretemp10rc2_1236.exe (PUP.BundleOffers.IIQ) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_RU.dll (Malware.Packer.GenX) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\HiT-Killer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BK10V2GW\SplitCam_5414[1].exe (PUP.Adware.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
Hier noch der OTL Log.
Code:
ATTFilter
OTL logfile created on: 16.09.2012 17:16:26 - Run 1
OTL by OldTimer - Version 3.2.61.5     Folder = C:\Users\HiT-Killer\Downloads
 Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,50 Gb Total Physical Memory | 2,46 Gb Available Physical Memory | 70,27% Memory free
6,99 Gb Paging File | 6,01 Gb Available in Paging File | 85,87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931,41 Gb Total Space | 84,61 Gb Free Space | 9,08% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 135,27 Gb Free Space | 14,52% Space Free | Partition Type: NTFS
Drive F: | 931,51 Gb Total Space | 828,02 Gb Free Space | 88,89% Space Free | Partition Type: NTFS
Drive H: | 1863,01 Gb Total Space | 1862,87 Gb Free Space | 99,99% Space Free | Partition Type: NTFS
 
Computer Name: HIT-KILLER2 | User Name: HiT-Killer | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\HiT-Killer\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Games\Steam\Steam.exe (Valve Corporation)
PRC - C:\Programme\ESET\ESET Online Scanner\OnlineScannerApp.exe (ESET)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\HelpPane.exe (Microsoft Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Games\Steam\bin\libcef.dll ()
MOD - C:\Games\Steam\bin\avcodec-53.dll ()
MOD - C:\Games\Steam\bin\chromehtml.dll ()
MOD - C:\Games\Steam\bin\avformat-53.dll ()
MOD - C:\Games\Steam\bin\avutil-51.dll ()
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (rpcapd) -- %ProgramFiles%\WinPcap\rpcapd.exe File not found
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Browser Manager) -- C:\ProgramData\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe ()
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (HiPatchService) -- C:\Games\Tribes\HiPatchService.exe (Hi-Rez Studios)
SRV - (Futuremark SystemInfo Service) -- C:\Programme\Futuremark\Futuremark SystemInfo\FMSISvc.exe (Futuremark Corporation)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (57xx SteelVine Manager) -- C:\Programme\ASUS\Drive Xpert\SteelVine.exe ()
SRV - (SandraAgentSrv) -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP1\RpcAgentSrv.exe (SiSoftware)
SRV - (StarWindServiceAE) -- C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (VLAN) -- system32\DRIVERS\RtVLAN60.sys File not found
DRV - (VGPU) -- System32\drivers\rdvgkmd.sys File not found
DRV - (TEAM) -- system32\DRIVERS\RtTeam60.sys File not found
DRV - (nvlddmkm) -- system32\DRIVERS\nvlddmkm.sys File not found
DRV - (L1E) -- system32\DRIVERS\L1E62x86.sys File not found
DRV - (GPU-Z) -- C:\Users\HIT-KI~1\AppData\Local\Temp\GPU-Z.sys File not found
DRV - (cpuz135) -- C:\Users\HIT-KI~1\AppData\Local\Temp\cpuz135\cpuz135_x32.sys File not found
DRV - (ALSysIO) -- C:\Users\HIT-KI~1\AppData\Local\Temp\ALSysIO.sys File not found
DRV - (a9hav01n) --  File not found
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys ()
DRV - (ssudmdm) -- C:\Windows\System32\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV - (dg_ssudbus) -- C:\Windows\System32\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (AtiHDAudioService) -- C:\Windows\System32\drivers\AtihdW73.sys (Advanced Micro Devices)
DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) 2000 DDK provider)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (RTCore32) -- C:\Programme\MSI Afterburner\RTCore32.sys ()
DRV - (speedfan) -- C:\Windows\System32\speedfan.sys (Almico Software)
DRV - (NPF) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (tsusbhub) -- C:\Windows\System32\drivers\tsusbhub.sys (Microsoft Corporation)
DRV - (Synth3dVsc) -- C:\Windows\System32\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV - (dmvsc) -- C:\Windows\System32\drivers\dmvsc.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (TsUsbGD) -- C:\Windows\System32\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV - (terminpt) -- C:\Windows\System32\drivers\terminpt.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (VIAHdAudAddService) -- C:\Windows\System32\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (RivaTuner32) -- C:\Programme\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner32.sys ()
DRV - (SANDRA) -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP1\WNt500x86\sandra.sys (SiSoftware)
DRV - (ATITool) -- C:\Windows\System32\drivers\ATITool.sys ()
DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys ()
DRV - (giveio) -- C:\Windows\System32\giveio.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = hxxp://search.babylon.com/?affID=111304&tt=120812_bandext_3212_4&babsrc=HP_ss&mntrId=522f7d9c000000000000002618ac67c3
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?affID=111304&tt=120812_bandext_3212_4&babsrc=HP_ss&mntrId=522f7d9c000000000000002618ac67c3
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = FB 0E EA 38 FD 74 CD 01  [binary data]
IE - HKCU\..\SearchScopes,BrowserMngrDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=111304&tt=120812_bandext_3212_4&babsrc=SP_ss&mntrId=522f7d9c000000000000002618ac67c3
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Google.de"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://search.babylon.com/?affID=111304&tt=120812_bandext_3212_4&babsrc=HP_ss&mntrId=522f7d9c000000000000002618ac67c3"
FF - prefs.js..extensions.enabledAddons: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.126
FF - prefs.js..extensions.enabledAddons: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.119
FF - prefs.js..network.proxy.http: "46.4.208.46"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Search the web (Babylon)"
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.102.0: C:\Program Files\Battlelog Web Plugins\1.102.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.110.0: C:\Program Files\Battlelog Web Plugins\1.110.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files\Battlelog Web Plugins\1.118.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.10.30 22:05:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.15 12:30:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.12.20 11:20:53 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension [2012.09.13 20:33:05 | 000,000,000 | ---D | M]
 
[2011.10.21 18:11:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\HiT-Killer\AppData\Roaming\mozilla\Extensions
[2012.09.16 00:21:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\HiT-Killer\AppData\Roaming\mozilla\Firefox\Profiles\lmoesvsu.default\extensions
[2012.09.16 00:21:05 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Users\HiT-Killer\AppData\Roaming\mozilla\Firefox\Profiles\lmoesvsu.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2012.09.15 13:30:30 | 000,000,000 | ---D | M] ("Flash Video Downloader Youtube Downloader") -- C:\Users\HiT-Killer\AppData\Roaming\mozilla\Firefox\Profiles\lmoesvsu.default\extensions\artur.dubovoy@gmail.com
[2012.09.15 13:30:29 | 000,213,038 | ---- | M] () (No name found) -- C:\Users\HiT-Killer\AppData\Roaming\mozilla\firefox\profiles\lmoesvsu.default\extensions\artur.dubovoy@gmail.com.xpi
[2012.09.14 22:26:25 | 000,002,101 | ---- | M] () -- C:\Users\HiT-Killer\AppData\Roaming\mozilla\firefox\profiles\lmoesvsu.default\searchplugins\googlede.xml
[2012.07.06 00:30:27 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.07.06 00:30:28 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011.10.30 22:05:13 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2012.09.15 12:30:41 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.07.09 02:10:11 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.12 22:22:30 | 000,002,364 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012.09.15 12:30:40 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.07.09 02:10:11 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.09 02:10:11 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.09 02:10:11 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.09 02:10:11 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2012.02.18 14:04:10 | 000,000,754 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Programme\BabylonToolbar\BabylonToolbar\1.6.4.6\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Programme\BabylonToolbar\BabylonToolbar\1.6.4.6\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AMD AVT] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe ({StringFileInfo_CompanyName})
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Drive Xpert] C:\Programme\ASUS\Drive Xpert\DriveXpert.exe (Silicon Image, Inc.)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Programme\SAMSUNG\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WABSyncProvider] C:\Users\HiT-Killer\AppData\Local\Microsoft\Windows\440\WABSyncProvider.exe ()
O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe (Alcohol Soft Development Team)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup File not found
O4 - HKCU..\Run: [KiesPDLR] C:\Programme\SAMSUNG\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O4 - Startup: C:\Users\HiT-Killer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{38175BE7-64BE-4D20-B0E9-D078A2EAD8A5}: DhcpNameServer = 212.60.61.246 212.60.63.246
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{93F3D002-047F-4A8A-8B42-073F8DF9A9BC}: DhcpNameServer = 192.168.10.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~2\browse~1\22643~1.41\{16cdf~1\browse~1.dll) - c:\ProgramData\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{82427f10-0d1a-11e1-ae58-001fd022c82f}\Shell - "" = AutoRun
O33 - MountPoints2\{82427f10-0d1a-11e1-ae58-001fd022c82f}\Shell\AutoRun\command - "" = E:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.09.16 15:22:39 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.09.16 15:14:52 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012.09.16 00:32:38 | 000,000,000 | ---D | C] -- C:\Users\HiT-Killer\AppData\Roaming\Malwarebytes
[2012.09.16 00:32:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.09.16 00:32:30 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.09.16 00:32:30 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.09.16 00:32:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.09.16 00:21:07 | 000,000,000 | ---D | C] -- C:\Users\HiT-Killer\AppData\Roaming\QuickScan
[2012.09.15 23:54:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2012.09.15 23:54:39 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Aware Antivirus
[2012.09.15 23:54:12 | 000,000,000 | ---D | C] -- C:\Users\HiT-Killer\AppData\Roaming\Ad-Aware Antivirus
[2012.09.13 01:36:55 | 000,000,000 | ---D | C] -- C:\Users\HiT-Killer\Documents\Firstload
[2012.09.13 01:36:55 | 000,000,000 | ---D | C] -- C:\Users\HiT-Killer\AppData\Roaming\Firstload
[2012.09.13 01:36:34 | 000,000,000 | ---D | C] -- C:\Program Files\Firstload
[2012.09.12 18:52:00 | 000,240,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2012.09.12 18:52:00 | 000,187,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2012.09.12 12:48:34 | 000,000,000 | ---D | C] -- C:\Users\HiT-Killer\AppData\Roaming\OpenOffice.org
[2012.09.12 12:36:27 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1
[2012.09.12 12:36:02 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2012.09.12 12:35:27 | 000,000,000 | ---D | C] -- C:\Users\HiT-Killer\Desktop\OpenOffice.org 3.4.1 (de) Installation Files
[2012.09.01 17:52:32 | 000,000,000 | ---D | C] -- C:\Users\HiT-Killer\Documents\Guild Wars 2
[2012.08.25 17:59:44 | 000,000,000 | ---D | C] -- C:\Users\HiT-Killer\AppData\Roaming\The Creative Assembly
[2012.08.25 17:53:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEGA
[2011.10.29 13:52:41 | 003,874,871 | ---- | C] (Johnny Lee) -- C:\Users\HiT-Killer\ORTHOS.exe
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.09.16 15:14:52 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012.09.16 14:24:24 | 000,696,620 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.09.16 14:24:24 | 000,651,938 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.09.16 14:24:24 | 000,147,916 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.09.16 14:24:24 | 000,120,870 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.09.16 14:20:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.16 14:20:02 | 2817,040,384 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.16 01:26:07 | 121,432,402 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.09.16 00:32:31 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.15 20:32:13 | 000,017,264 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.15 20:32:13 | 000,017,264 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.13 13:32:41 | 000,294,624 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.09.13 01:36:35 | 000,001,007 | ---- | M] () -- C:\Users\Public\Desktop\Firstload.lnk
[2012.09.12 12:48:42 | 000,001,193 | ---- | M] () -- C:\Users\HiT-Killer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
[2012.09.12 12:36:27 | 000,001,130 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk
[2012.09.07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.08.26 12:53:18 | 000,139,048 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2012.08.26 12:53:00 | 000,282,296 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2012.08.26 12:51:45 | 000,215,128 | ---- | M] () -- C:\Windows\System32\PnkBstrB.ex0
[2012.08.22 19:16:46 | 000,240,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2012.08.22 19:16:36 | 000,187,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.09.16 00:32:31 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.13 01:36:35 | 000,001,023 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firstload.lnk
[2012.09.13 01:36:35 | 000,001,007 | ---- | C] () -- C:\Users\Public\Desktop\Firstload.lnk
[2012.09.12 12:48:42 | 000,001,193 | ---- | C] () -- C:\Users\HiT-Killer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
[2012.09.12 12:36:27 | 000,001,130 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk
[2012.08.16 22:54:05 | 000,089,048 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2012.08.14 15:43:31 | 000,000,038 | ---- | C] () -- C:\Users\HiT-Killer\AppData\Local\CrystalDiskMark30.ini
[2012.08.12 22:30:20 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2012.08.12 22:22:40 | 000,810,496 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2012.08.12 22:22:40 | 000,183,808 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2012.08.12 22:22:40 | 000,080,896 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2012.06.26 16:02:40 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.06.26 16:02:38 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2012.06.26 16:02:38 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2012.06.26 16:02:38 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2012.06.26 16:02:38 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2012.05.17 16:37:07 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.04.06 03:21:42 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat
[2012.04.06 03:21:42 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat
[2012.04.05 22:34:22 | 000,159,232 | ---- | C] () -- C:\Windows\System32\clinfo.exe
[2012.03.09 14:06:14 | 000,024,576 | ---- | C] () -- C:\Windows\System32\kdbsdk32.dll
[2012.02.09 20:05:44 | 000,416,064 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2012.01.10 23:10:08 | 000,601,728 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2012.01.05 17:08:11 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012.01.04 15:57:44 | 011,386,880 | ---- | C] () -- C:\Users\HiT-Killer\AppData\Roaming\Sandra.mdb
[2012.01.04 15:57:44 | 000,000,128 | ---- | C] () -- C:\Users\HiT-Killer\AppData\Roaming\Sandra.ldb
[2011.10.27 23:22:48 | 000,139,048 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011.10.27 23:22:48 | 000,138,056 | ---- | C] () -- C:\Users\HiT-Killer\AppData\Roaming\PnkBstrK.sys
[2011.10.27 23:22:21 | 000,282,296 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2011.10.27 23:22:19 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2011.10.21 18:08:48 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2011.09.19 15:03:40 | 000,045,056 | ---- | C] () -- C:\Windows\System32\rtvcvfw32.dll
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2010.11.21 02:30:51 | 000,696,620 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2010.11.21 02:30:51 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2010.11.21 02:30:51 | 000,147,916 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2010.11.21 02:30:51 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2010.11.20 23:29:34 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2010.11.20 23:29:26 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe

< End of report >
Und hier die ESET funde:
Code:
ATTFilter
C:\Program Files\BabylonToolbar\BabylonToolbar\1.6.4.6\BabylonToolbarApp.dll	a variant of Win32/Toolbar.Babylon application
C:\Program Files\BabylonToolbar\BabylonToolbar\1.6.4.6\BabylonToolbarsrv.exe	probably a variant of Win32/Toolbar.Babylon application
C:\Users\HiT-Killer\AppData\Local\Microsoft\Windows\440\WABSyncProvider.exe	Win32/TrojanDownloader.Retacino.A trojan
C:\Users\HiT-Killer\AppData\Local\Mozilla\Firefox\Profiles\lmoesvsu.default\Cache\7\58\ABCA4d01	JS/Exploit.Pdfka.PRD trojan
C:\Users\HiT-Killer\Downloads\SoftonicDownloader_fuer_stream-catcher.exe	a variant of Win32/SoftonicDownloader.D application
D:\recovery\recup_dir.171\f138859048.dll	a variant of Win32/Conficker.Y worm
D:\recovery\recup_dir.235\f247608824.dll	a variant of Win32/Kryptik.AY trojan
D:\recovery\recup_dir.56\f19027712_freeJig_alaeNth.pdf	PDF/Exploit.Pidief.PBK.Gen trojan
Geändert von HiT-Killer (16.09.2012 um 14:20 Uhr)

 

Themen zu "Polizei" Trojaner sperrt den PC
anti-malware, avira searchfree toolbar, babylon toolbar, babylontoolbar, blue, bringe, browser manager, c:\windows\system32\cmd.exe, eingefangen, funde, gefangen, gelöscht, gen, guten, illegale, launch, malware.packer.genx, malwarebytes, malwarebytes anti-malware, plug-in, polizei, pup.adware.agent, pup.bundleoffers.iiq, recycle.bin, search the web, seite, sperrt, splitcam, troja, trojaner, trojaner eingefangen, vdeck.exe, win32/conficker.y, youtube downloader


« Dieses Programm kann die Webseite nicht anzeigen - Win 7, 32 Bit | wgsdgsdgdsgsd.exe - m2w7sTaW.exe - und mehr »


Ähnliche Themen: "Polizei" Trojaner sperrt den PC


  1. Trojaner/Virus "Polizei Warnung" auf meinem Smartphone + Lösung
    Smartphone, Tablet & Handy Security - 10.05.2017 (3)
  2. Trojaner/Virus "Polizei Warnung" auf meinem Tablet Samsung Galaxy4
    Smartphone, Tablet & Handy Security - 08.05.2015 (3)
  3. Diverse Malware ("CoolSaleCoupon", "ddownlloaditkeep", "omiga-plus", "SaveSense", "SaleItCoupon"); lahmer PC & viel Werbung!
    Plagegeister aller Art und deren Bekämpfung - 11.01.2015 (16)
  4. Trojaner "Bundespolizei " sperrt Firefox
    Plagegeister aller Art und deren Bekämpfung - 13.12.2013 (1)
  5. Bundespolizei-Trojaner "Light" - sperrt nur Browser, aber wie?
    Alles rund um Windows - 22.09.2013 (9)
  6. Computer wurde gesperrt - "Polizei" Trojaner/Virus
    Plagegeister aller Art und deren Bekämpfung - 09.05.2013 (15)
  7. "BKA"-Trojaner sperrt PC und fordert auf, 100Euro zu überweisen
    Plagegeister aller Art und deren Bekämpfung - 21.03.2013 (7)
  8. Trojaner "Polizei Cyber Crime Investignation Department" eingefangen
    Log-Analyse und Auswertung - 07.12.2012 (2)
  9. "Polizei: Cyber Crime Investigation Department" Trojaner: habe bereits OTL.Txt und Extras.Txt. erstellt
    Plagegeister aller Art und deren Bekämpfung - 13.11.2012 (16)
  10. "Polizei Safety Department Trojaner" entfernen
    Plagegeister aller Art und deren Bekämpfung - 31.10.2012 (11)
  11. Diverse Fehlermeldungen bei Start des Systems nach "Entfernen" des "Polizei-Virus"
    Log-Analyse und Auswertung - 27.10.2012 (10)
  12. "Öst. Polizei-Virus bzw. Trojaner" auf meinem WIN7 Rechner
    Plagegeister aller Art und deren Bekämpfung - 18.10.2012 (14)
  13. "Polizei Trojaner" (Österreich)
    Plagegeister aller Art und deren Bekämpfung - 02.09.2012 (13)
  14. "Polizei-Trojaner" Österreich (100€ Ukash-"Bußgeld")
    Plagegeister aller Art und deren Bekämpfung - 02.09.2012 (10)
  15. "Polizei Einheit 5.2" Trojaner
    Log-Analyse und Auswertung - 30.07.2012 (2)
  16. Bin Opfer von "Polizei einheit 5.2" Trojaner
    Log-Analyse und Auswertung - 28.07.2012 (23)
  17. "Polizei-Trojaner - österr. Variante" - Ist mein PC wieder "sauber"?
    Plagegeister aller Art und deren Bekämpfung - 11.07.2012 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema "Polizei" Trojaner sperrt den PC - Guten Tag Zusammen. Ich habe mir einen Trojaner eingefangen der sagt dass ich auf einer Illegale Seite war und mir so den ganzen PC sperrt. Da ganze sei von der - "Polizei" Trojaner sperrt den PC...
Archiv
Du betrachtest: "Polizei" Trojaner sperrt den PC auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131