Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
hallo lieber betreiber ich habe leider nun auch dieses blöde nation zoom

hallo lieber betreiber ich habe leider nun auch dieses blöde nation zoom


Plagegeister aller Art und deren Bekämpfung: hallo lieber betreiber ich habe leider nun auch dieses blöde nation zoom

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 03.01.2014, 09:58   #1
schrauber
/// the machine
/// TB-Ausbilder
 
hallo lieber betreiber ich habe leider nun auch dieses blöde nation zoom - Standard

hallo lieber betreiber ich habe leider nun auch dieses blöde nation zoom


Frisches FRST log fehlt
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 04.01.2014, 19:06   #2
gundi68
 
hallo lieber betreiber ich habe leider nun auch dieses blöde nation zoom - Standard

hallo lieber betreiber ich habe leider nun auch dieses blöde nation zoom


Zitat:
Zitat von schrauber Beitrag anzeigen
Frisches FRST log fehlt
was isn das?? hihi

Zitat:
Zitat von gundi68 Beitrag anzeigen
was isn das?? hihi
aaaaaaaaaah ok das meinst du hier ......
FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-01-2014
Ran by gundi (administrator) on GUNDI-PC on 04-01-2014 19:03:44
Running from C:\Users\gundi\Downloads
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Windows\System32\PSIService.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Tlapia) C:\Program Files\sysTPL\sysTPLMonitor.exe
(Tlapia) C:\Program Files\sysTPL\sysTPLService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(cyberlink) C:\Program Files\Cyberlink\Shared files\brs.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
() C:\Windows\vsnpstd3.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Piriform Ltd) C:\Program Files\Defraggler\Defraggler.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\gundi\Downloads\FRST (1).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [178712 2007-10-08] (Intel Corporation)
HKLM\...\Run: [BDRegion] - C:\Program Files\Cyberlink\Shared files\brs.exe [75048 2010-03-13] (cyberlink)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [6724128 2009-02-03] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] - C:\Program Files\Realtek\Audio\HDA\SkyTel.exe [1833504 2009-02-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [snpstd3] - C:\Windows\vsnpstd3.exe [827392 2006-09-19] ()
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] - RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [NeroFilterCheck] - C:\Windows\System32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-12] (Avira Operations GmbH & Co. KG)
HKLM\...\Runonce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll",DllRegisterServer
HKLM\...\Runonce: [B Register C:\Program Files\DivX\DivX Plus Player\DSEPlugins\Direct3DVideoOutput.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DSEPlugins\Direct3DVideoOutput.dll",DllRegisterServer
HKLM\...\Runonce: [B Register C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DivXPlaybackModule.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DivXPlaybackModule.dll",DllRegisterServer
HKLM\...\Runonce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll",DllRegisterServer
HKLM\...\Runonce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll",DllRegisterServer
HKLM\...\Runonce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll",DllRegisterServer
HKLM\...\Runonce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll",DllRegisterServer
HKCU\...\Run: [EPSON SX100 Series] - C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE /FU "C:\Windows\TEMP\E_S88DD.tmp" /EF "HKCU"
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\wmpnscfg.exe [202240 2008-01-21] (Microsoft Corporation)
HKCU\...0c966feabec1\InprocServer32: [Default-shell32]  ATTENTION! ====> ZeroAccess?
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Gast\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
AppInit_DLLs: c:\docume~1\ settings\all users\application [ ] ()

==================== Internet (Whitelisted) ====================

ProxyServer: http=127.0.0.1:8877;https=127.0.0.1:8877
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.facebook.de/
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - No Name - !{EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\gundi\AppData\Roaming\Mozilla\Firefox\Profiles\53jx5ozj.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Windows\system32\npdeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Microsoft .NET Framework Assistant - C:\Users\gundi\AppData\Roaming\Mozilla\Firefox\Profiles\53jx5ozj.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "https://www.facebook.com/logout.php"
CHR Plugin: (Shockwave Flash) - C:\Users\gundi\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.202\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll No File
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Unity Player) - C:\Users\gundi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll No File
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\gundi\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Google Wallet) - C:\Users\gundi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR HKLM\...\Chrome\Extension: [lbbbdmbjkgojacipgefbifkiebpcdjhn] - C:\Program Files\Movie2KDownloader.com\m2kDownloader10.crx

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440376 2013-12-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-19] (Avira Operations GmbH & Co. KG)
R2 EPSON_EB_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE [143872 2007-12-17] (SEIKO EPSON CORPORATION)
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [113664 2007-01-11] (SEIKO EPSON CORPORATION)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] ()
R2 sysTPLMonitor.exe; C:\Program Files\sysTPL\sysTPLMonitor.exe [395888 2013-11-27] (Tlapia)
R2 sysTPLService.exe; C:\Program Files\sysTPL\sysTPLService.exe [394352 2013-11-27] (Tlapia)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135648 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-10-07] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [554496 2007-09-21] (Ralink Technology Corp.)
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [506112 2006-11-20] (PixArt Imaging Inc.)
S3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10252544 2007-03-27] (Sonix Co. Ltd.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-02-09] (Avira GmbH)
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}; C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl [87536 2010-03-13] (CyberLink Corp.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-04 19:03 - 2014-01-04 19:03 - 01064761 _____ (Farbar) C:\Users\gundi\Downloads\FRST (1).exe
2014-01-04 15:19 - 2014-01-04 15:19 - 00001706 _____ C:\Users\Public\Desktop\Defraggler.lnk
2014-01-04 15:19 - 2014-01-04 15:19 - 00000000 ____D C:\Program Files\Defraggler
2014-01-04 15:18 - 2014-01-04 15:18 - 04208656 _____ (Piriform Ltd) C:\Users\gundi\Downloads\dfsetup216.exe
2014-01-02 13:08 - 2014-01-02 13:08 - 00891200 _____ C:\Users\gundi\Downloads\SecurityCheck.exe
2014-01-02 10:03 - 2014-01-02 10:03 - 02347384 _____ (ESET) C:\Users\gundi\Downloads\esetsmartinstaller_enu.exe
2013-12-31 16:07 - 2013-12-31 16:07 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\gundi\Downloads\sc-cleaner.exe
2013-12-31 16:07 - 2013-12-31 16:07 - 00001814 _____ C:\sc-cleaner.txt
2013-12-31 16:04 - 2013-12-31 16:04 - 00005540 _____ C:\Users\gundi\Desktop\JRT.txt
2013-12-31 16:01 - 2013-12-31 16:01 - 00000000 ____D C:\Windows\ERUNT
2013-12-31 16:00 - 2013-12-31 16:00 - 01034531 _____ (Thisisu) C:\Users\gundi\Downloads\JRT.exe
2013-12-31 15:31 - 2014-01-01 16:48 - 00000000 ____D C:\AdwCleaner
2013-12-31 15:31 - 2013-12-31 15:31 - 01233962 _____ C:\Users\gundi\Downloads\adwcleaner.exe
2013-12-31 15:31 - 2013-12-31 15:31 - 00000000 ____D C:\Users\gundi\AppData\Roaming\Malwarebytes
2013-12-31 15:30 - 2013-12-31 15:30 - 00000910 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-31 15:30 - 2013-12-31 15:30 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-31 15:30 - 2013-12-31 15:30 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-31 15:30 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-31 15:29 - 2013-12-31 15:29 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\gundi\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-31 14:34 - 2014-01-04 19:03 - 00016673 _____ C:\Users\gundi\Downloads\FRST.txt
2013-12-31 14:33 - 2013-12-31 14:33 - 01064333 _____ (Farbar) C:\Users\gundi\Downloads\FRST.exe
2013-12-31 14:33 - 2013-12-31 14:33 - 00000000 ____D C:\FRST
2013-12-31 14:32 - 2013-12-31 14:32 - 00000615 _____ C:\Users\Public\Desktop\iMesh-Installation fortsetzen.lnk
2013-12-31 13:54 - 2013-12-31 13:54 - 00000000 ____D C:\Users\gundi\AppData\Local\genienext
2013-12-31 13:54 - 2013-12-31 13:54 - 00000000 ____D C:\Users\gundi\AppData\Local\cache
2013-12-31 13:54 - 2013-12-31 13:54 - 00000000 ____D C:\Users\gundi\.android
2013-12-31 13:54 - 2013-12-31 13:54 - 00000000 _____ C:\Users\gundi\daemonprocess.txt
2013-12-27 14:34 - 2013-12-27 14:38 - 186446085 _____ C:\Users\gundi\Desktop\2127343972001_2854723499001_EV108893-KleineHaendeGrossePfoten-source-ST.mp4
2013-12-27 14:16 - 2013-12-27 14:28 - 901182774 _____ C:\Users\gundi\Desktop\2127343972001_2854993219001_EV114583-SophieUndShiba-source-ST.mp4
2013-12-11 12:37 - 2013-11-15 00:13 - 12344320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-11 12:37 - 2013-11-14 23:50 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-11 12:37 - 2013-11-14 23:50 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-11 12:37 - 2013-11-14 23:43 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-11 12:37 - 2013-11-14 23:42 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-11 12:37 - 2013-11-14 23:42 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-11 12:37 - 2013-11-14 23:41 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-11 12:37 - 2013-11-14 23:40 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-11 12:37 - 2013-11-14 23:38 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-11 12:37 - 2013-11-14 23:38 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-11 12:37 - 2013-11-14 23:38 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-11 12:37 - 2013-11-14 23:37 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-11 12:37 - 2013-11-14 23:36 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-11 12:37 - 2013-11-14 23:36 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-11 12:37 - 2013-11-14 23:35 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-11 12:37 - 2013-11-14 23:32 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-11 10:48 - 2013-10-30 03:12 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2013-12-11 10:48 - 2013-10-30 02:43 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 10:48 - 2013-10-30 01:43 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-11 10:48 - 2013-10-30 01:35 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 10:48 - 2013-10-22 08:19 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 10:48 - 2013-10-11 03:08 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 10:48 - 2013-10-11 03:08 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 10:48 - 2013-10-11 03:08 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wshcon.dll
2013-12-11 10:48 - 2013-10-11 01:35 - 00155648 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 10:48 - 2013-10-11 01:35 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe

==================== One Month Modified Files and Folders =======

2014-01-04 19:04 - 2013-12-31 14:34 - 00016673 _____ C:\Users\gundi\Downloads\FRST.txt
2014-01-04 19:03 - 2014-01-04 19:03 - 01064761 _____ (Farbar) C:\Users\gundi\Downloads\FRST (1).exe
2014-01-04 18:44 - 2006-11-02 13:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-04 18:44 - 2006-11-02 13:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-04 18:41 - 2012-06-25 11:43 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-04 18:27 - 2010-05-21 14:53 - 00001096 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-04 15:56 - 2011-10-13 13:50 - 00103115 _____ C:\Windows\WindowsUpdate.log
2014-01-04 15:19 - 2014-01-04 15:19 - 00001706 _____ C:\Users\Public\Desktop\Defraggler.lnk
2014-01-04 15:19 - 2014-01-04 15:19 - 00000000 ____D C:\Program Files\Defraggler
2014-01-04 15:18 - 2014-01-04 15:18 - 04208656 _____ (Piriform Ltd) C:\Users\gundi\Downloads\dfsetup216.exe
2014-01-04 14:44 - 2010-05-21 14:53 - 00001092 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-04 14:44 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-04 12:35 - 2006-11-02 14:01 - 00032530 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-02 13:08 - 2014-01-02 13:08 - 00891200 _____ C:\Users\gundi\Downloads\SecurityCheck.exe
2014-01-02 11:45 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\Microsoft.NET
2014-01-02 10:03 - 2014-01-02 10:03 - 02347384 _____ (ESET) C:\Users\gundi\Downloads\esetsmartinstaller_enu.exe
2014-01-01 16:48 - 2013-12-31 15:31 - 00000000 ____D C:\AdwCleaner
2014-01-01 14:03 - 2006-11-02 11:33 - 01539286 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-31 16:07 - 2013-12-31 16:07 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\gundi\Downloads\sc-cleaner.exe
2013-12-31 16:07 - 2013-12-31 16:07 - 00001814 _____ C:\sc-cleaner.txt
2013-12-31 16:04 - 2013-12-31 16:04 - 00005540 _____ C:\Users\gundi\Desktop\JRT.txt
2013-12-31 16:01 - 2013-12-31 16:01 - 00000000 ____D C:\Windows\ERUNT
2013-12-31 16:00 - 2013-12-31 16:00 - 01034531 _____ (Thisisu) C:\Users\gundi\Downloads\JRT.exe
2013-12-31 15:53 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\LiveKernelReports
2013-12-31 15:51 - 2013-06-28 13:42 - 00000979 _____ C:\Users\gundi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-31 15:51 - 2012-10-03 13:05 - 00001079 _____ C:\Users\gundi\Desktop\Google Chrome.lnk
2013-12-31 15:31 - 2013-12-31 15:31 - 01233962 _____ C:\Users\gundi\Downloads\adwcleaner.exe
2013-12-31 15:31 - 2013-12-31 15:31 - 00000000 ____D C:\Users\gundi\AppData\Roaming\Malwarebytes
2013-12-31 15:30 - 2013-12-31 15:30 - 00000910 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-31 15:30 - 2013-12-31 15:30 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-31 15:30 - 2013-12-31 15:30 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-31 15:29 - 2013-12-31 15:29 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\gundi\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-31 14:33 - 2013-12-31 14:33 - 01064333 _____ (Farbar) C:\Users\gundi\Downloads\FRST.exe
2013-12-31 14:33 - 2013-12-31 14:33 - 00000000 ____D C:\FRST
2013-12-31 14:32 - 2013-12-31 14:32 - 00000615 _____ C:\Users\Public\Desktop\iMesh-Installation fortsetzen.lnk
2013-12-31 13:54 - 2013-12-31 13:54 - 00000000 ____D C:\Users\gundi\AppData\Local\genienext
2013-12-31 13:54 - 2013-12-31 13:54 - 00000000 ____D C:\Users\gundi\AppData\Local\cache
2013-12-31 13:54 - 2013-12-31 13:54 - 00000000 ____D C:\Users\gundi\.android
2013-12-31 13:54 - 2013-12-31 13:54 - 00000000 _____ C:\Users\gundi\daemonprocess.txt
2013-12-31 13:54 - 2009-06-06 12:46 - 00000000 ____D C:\Users\gundi
2013-12-29 13:09 - 2010-10-20 20:12 - 00000000 ____D C:\Windows\Minidump
2013-12-27 14:38 - 2013-12-27 14:34 - 186446085 _____ C:\Users\gundi\Desktop\2127343972001_2854723499001_EV108893-KleineHaendeGrossePfoten-source-ST.mp4
2013-12-27 14:28 - 2013-12-27 14:16 - 901182774 _____ C:\Users\gundi\Desktop\2127343972001_2854993219001_EV114583-SophieUndShiba-source-ST.mp4
2013-12-21 15:10 - 2009-06-08 14:06 - 00007408 _____ C:\Users\gundi\AppData\Roaming\wklnhst.dat
2013-12-12 13:12 - 2013-02-09 23:04 - 00135648 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-12 13:12 - 2013-02-09 23:04 - 00090400 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-11 19:41 - 2012-06-25 11:43 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-12-11 19:41 - 2011-08-12 21:56 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-12-11 15:43 - 2006-11-02 13:47 - 00398720 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-11 15:40 - 2009-04-02 14:28 - 00000000 ____D C:\Windows\system32\RTCOM
2013-12-11 12:40 - 2013-08-14 10:55 - 00000000 ____D C:\Windows\system32\MRT
2013-12-11 12:38 - 2006-11-02 11:24 - 88123800 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

Some content of TEMP:
====================
C:\Users\gundi\AppData\Local\Temp\avgnt.exe
C:\Users\gundi\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-04 14:51

==================== End Of Log ============================
--- --- ---

--- --- ---
__________________
Antwort

Themen zu hallo lieber betreiber ich habe leider nun auch dieses blöde nation zoom
4d36e972-e325-11ce-bfc1-08002be10318, applaus, lightning, mobogenie, newtab, nextlive, plug-in, pup.bundleinstaller.dw, pup.optional.1clickdownload.a, pup.optional.babylon.a, pup.optional.bandoo.a, pup.optional.browserprotect.a, pup.optional.bundleinstaller.a, pup.optional.datamngr.a, pup.optional.delta.a, pup.optional.domaiq.a, pup.optional.elex.a, pup.optional.gophoto.a, pup.optional.hdvidcodec.a, pup.optional.ibryte, pup.optional.iminent.a, pup.optional.installiq, pup.optional.nationzoom, pup.optional.nationzoom.a, pup.optional.nextlive.a, pup.optional.opencandy, pup.optional.pcspeedup.a, pup.optional.qone8, pup.optional.snapdo, pup.optional.sweetim.a, pup.optional.wajam.a, pup.optional.wpmanager.a, re-markit, wajam


« 1812 Bedrohungen lt. Spy Hunter 4, Kuang 2 Web Updater, Rogue.PCSpeed Maximizer, Malware.Generic, usw | HEU_CDPLC024 probleme beim entfernen »


Ähnliche Themen: hallo lieber betreiber ich habe leider nun auch dieses blöde nation zoom


  1. Hallo leider stürzen seit kurzer Zeit viele Programme einfach ab Vlc player ,Media Monkey win 7 64 bit Avira findet nichts deshalb habe ich
    Log-Analyse und Auswertung - 26.05.2014 (3)
  2. Nation Zoom
    Plagegeister aller Art und deren Bekämpfung - 16.03.2014 (1)
  3. hallo , habe mir heute ausversehen nation zoom runtergeladen , und bringe es nicht mehr weg .
    Plagegeister aller Art und deren Bekämpfung - 27.01.2014 (7)
  4. Nation Zoom
    Log-Analyse und Auswertung - 26.01.2014 (9)
  5. Habe mir gerade Nation Zoom eingefangen
    Plagegeister aller Art und deren Bekämpfung - 16.01.2014 (15)
  6. Nation Zoom entfernen
    Log-Analyse und Auswertung - 13.01.2014 (24)
  7. Nation Zoom
    Log-Analyse und Auswertung - 08.01.2014 (1)
  8. Windows 7: Nation Zoom
    Log-Analyse und Auswertung - 29.12.2013 (9)
  9. nation zoom
    Plagegeister aller Art und deren Bekämpfung - 22.12.2013 (6)
  10. nation zoom
    Plagegeister aller Art und deren Bekämpfung - 21.12.2013 (1)
  11. Ich habe das Problem das ich Nation Zoom nicht mehr aus Firefox herausbekomme!!
    Log-Analyse und Auswertung - 17.12.2013 (13)
  12. Nation Zoom Virus
    Plagegeister aller Art und deren Bekämpfung - 17.12.2013 (7)
  13. Hallo ich habe auch das Problem mit dem Nation Zoom.
    Plagegeister aller Art und deren Bekämpfung - 16.12.2013 (15)
  14. hallo habe den gvu Trojaner auf windows 7 leider englische version was soll ich tun?
    Plagegeister aller Art und deren Bekämpfung - 24.05.2013 (2)
  15. Habe leider auch den 20 Tan banker trojaner
    Plagegeister aller Art und deren Bekämpfung - 03.11.2010 (23)
  16. Hallo! Habe mir auch was eingefangen :-(
    Plagegeister aller Art und deren Bekämpfung - 26.11.2004 (8)
  17. Hilfe dieses blöde hotwebsearch
    Plagegeister aller Art und deren Bekämpfung - 13.03.2004 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema hallo lieber betreiber ich habe leider nun auch dieses blöde nation zoom - Frisches FRST log fehlt - hallo lieber betreiber ich habe leider nun auch dieses blöde nation zoom...
Archiv
Du betrachtest: hallo lieber betreiber ich habe leider nun auch dieses blöde nation zoom auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131